XoloX file sharing application installed
Description
The XoloX file sharing application is installed. XoloX is a peer-to-peer file sharing program that uses the Gnutella protocol.
File sharing programs are a security risk for the following reasons:
- File sharing programs are often configured to share entire hard drives, which means that sensitive data (including passwords, email, and confidential documents) can be leaked to the outside world.
- File sharing programs are often used to download additional software that may pose its own security risks (due to viruses and trojan horses). Many file sharing applications install additional "promotional" 3rd-party software that monitors users' actions (so-called "spyware").
- File sharing programs are often used to share or obtain copyrighted material. This can expose you to legal action.
- There have widespread incidents involving file sharing programs rigged with trojan horses which allow any remote user complete control of the infected computer.
XoloX is particularly dangerous because it searches the entire hard drive for files to share. XoloX can also be configured to use a web proxy. The username and password for the web proxy are stored in cleartext in the registry (for anyone to read).
In addition to these security risks, peer-to-peer programs can use an inordinate amount of bandwith, degrading network services.
Solution(s)
- windows-xolox-installed
- Lightweight Endpoint Agent
- Live Dashboards
- Real Risk Prioritization
- IT-Integrated Remediation Projects
- Cloud, Virtual, and Container Assessment
- Integrated Threat Feeds
- Easy-to-Use RESTful API
- Automation-Assisted Patching
- Automated Containment
With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.
– Scott Cheney, Manager of Information Security, Sierra View Medical Center