Peer-to-peer (P2P) file-sharing allows users to share files online
through an informal network of computers running the same software.
File-sharing can give you access to a wealth of information, but it
also has a number of risks. You could download copyright-protected
material, pornography, or viruses without meaning to. Or you could
mistakenly allow other people to copy files you don’t mean to
share.
Peer-to-peer architecture is a type of network in which
each workstation has equivalent capabilities and
responsibilities. (Techniques will continue to be used to lure
users to download what appears to be music and other media
files.)
P2P is often used as as a term to describe one user linking with
another user to transfer information and files through the use
of a common P2P client to download MP3s, videos, images, games
and other software. P2P networks can also mean Grid Computing or
Instant messaging. Every day, millions of computer users share files online. Whether
it is music, games, or software, file-sharing can give people access
to a wealth of information. You simply download special software that
connects your computer to an informal network of other computers
running the same software. Millions of users could be connected to
each other through this software at one time. The software often is
free and easily accessible.
How Peer-to-peer File-sharing Clients Work
Once you have downloaded and installed a P2P client, if you are
connected to the Internet you can launch the utility and you are
then logged into a central indexing server. This central server
indexes all users who are currently online connected to the
server. This server does not host any files for downloading. The
P2P client will contain an area where you can search for a
specific file. The utility queries the index server to find
other connected users with the file you are looking for. When a
match is found the central server will tell you where to find
the requested file. You can then choose a result from the search
query and your utility when then attempt to establish a
connection with the computer hosting the file you have
requested. If a successful connection is made, you will begin
downloading the file. Once the file download is complete the
connection will be broken.
Here is a list of some of the more popular file-sharing
programs. You may want to look to see if any of these are
installed on your computer.
| Windows Programs |
|
Mac Programs |
|
Aimster
Audio Galaxy
Bearshare
Gnotella
Gnucleus
Grokster
|
iMesh
KaZaa
Limewire
Morpheus
SwapNut
WinMX
|
Aimster
Limewire
Mactella
|
A second model of P2P clients works in the same way but
without a central indexing server. In this scenario the P2P
software simply seeks out other Internet users using the same
program and informs them of your presence online, building a
large network of computers as more users install and use the
software.
P2P File-Sharing: Evaluate the Risks
File-sharing can have a
number of risks. For example, when you are connected to file-sharing
programs, you may unknowingly allow others to copy private files you
never intended to share. You may download material that is protected
by the copyright laws and find yourself mired in legal issues. You may
download a virus or facilitate a security breach. Or you may
unwittingly download pornography labeled as something else.
To secure the personal information stored on your computer, we suggest that you:
Set up the file-sharing software very
carefully. If you don’t check the proper settings
when you install the software, you could open access not just to
the files you intend to share, but also to other information on
your hard drive, like your tax returns, email messages, medical
records, photos, or other personal documents.
Be aware of spyware. Some file-sharing
programs install other software known as spyware. Spyware monitors
a user’s browsing habits and then sends that data to third
parties. Sometimes the user gets ads based on the information that
the spyware has collected and disseminated. Spyware can be
difficult to detect and remove. Before you use any file-sharing
program, you may want to buy software that can prevent the
downloading of spyware or help detect it on your hard drive.
Close your connection. In some instances,
closing the file-sharing program window does not actually close
your connection to the network. That allows file-sharing to
continue and could increase your security risk. If you have a
high-speed or “broadband” connection to the Internet,
you stay connected to the Internet unless you turn off the
computer or disconnect your Internet service. These “always
on” connections may allow others to copy your shared files
at any time. What’s more, some file-sharing programs
automatically open every time you turn on your computer. As a
preventive measure, you may want to adjust the file-sharing
program’s controls to prevent the file-sharing program from
automatically opening.
Use an effective anti-virus program and update it
regularly. Files you download could be mislabeled, hiding
a virus or other unwanted content. Use anti-virus software to
protect your computer from viruses you might pick up from other
users through the file-sharing program. Not all anti-virus
programs block files downloaded through file-sharing, so check
your program’s capabilities and settings. In addition, avoid
downloading files with extensions like .exe, .scr,
.lnk, .bat, .vbs, .dll,
.bin, and .cmd.
Talk with your family about file-sharing.
Parents may not be aware that their children have downloaded
file-sharing software on the family computer and that they may
have exchanged games, videos, music, pornography, or other
material that may be inappropriate for them. Also, because other
peoples’ files sometimes are mislabeled, kids
unintentionally may download these files. In addition, kids may
not understand the security and other risks involved with
file-sharing and may install the software incorrectly, giving
anyone on the Internet access to the family’s private
computer files.
Types of P2P Networks
Collaborative Computing
Also referred to as distributed computing, it combines the
idle or unused CPU processing power and/or free disk space
of many computers in the network. Collaborative computing is
most popular with science and biotech organizations where
intense computer processing is required. Examples of
distributed computing can be found at GRID.ORG where United
Devices is hosting virtual screening for cancer research on
the Grid MP platform. This project has evolved into the
largest computational chemistry project in history. United
Devices has harnessed the power of more than 2,000,000 PCs
around the world to generate more than 100 teraflops of
power. Most distributed computing networks are created by
users volunteering their unused computing resources to
contribute to public interest research projects.
Instant Messaging
One very common form of P2P networking is Instant Messaging
(IM) where software applications, such as MSN Messenger or
AOL Instant Messenger, for example, allow users to chat via
text messages in real-time. While most vendors offer a free
version of their IM software others have begun to focus on
enterprise versions of IM software as business and
corporations have moved towards implementing IM as a
standard communications tool for business.
Affinity Communities
Affinity communities is the group of P2P networks that is
based around file-sharing and became widely known and talked
about due to the public legal issues surrounding the direct
file sharing group, Napster. Affinity Communities are based
on users collaborating and searching other user's computers
for information and files.
P2P at Work
P2P is not only popular with home users but many small business
have come to rely on this cost-effective solution for sharing
files with co-workers and clients. P2P promotes the ease of
working together when you're not physically located in the same
office. In just seconds updated files and data can be shared
with peers and confidential files can be blocked for security.
Additionally, companies can also block access to Internet music
and video files to assist in maintaining a work-oriented P2P
network. Not only does this keep the company free and clear from
legal issues regarding music downloading and sharing but it also
keeps the corporate bandwidth usage down.
P2P Security Concerns
One major concern of using P2P architecture in the workplace is,
of course, network security. Security concerns stem from the
architecture itself. Today we find most blocking and routing
handles by a specific server within network, but the P2P
architecture has no single fixed server responsible for routing
and requests. The first step in securing your P2P network is to
adopt a strict usage policy within the workplace. In securing
your network against attacks and viruses there are two main
strategies where focus is on controlling the network access or
the focus is put on controlling the files. A protocol-based
approach is where system administrators use a software or
hardware solution to watch for and block intrusive network
traffic being received through the P2P clients. A second method
of protection is a software solution which would provide file
surveillance to actively search for files based on their type,
their name, their signature or even their content.
Overriding Page Content
Several methods exist for Phishers to override displayed content. One of
the most popular methods of inserting fake content within a page is to
use the DHTML function - DIV. The DIV function allows an attacker to
place content into a ?virtual container? that, when given an absolute
position and size through the STYLE method, can be positioned to hide or
replace (by ?sitting on top?) underlying content. This malicious content
may be delivered as a very long URL or by referencing a stored script.
This method allows an attacker to build a complete page (including
graphics and auxiliary scripting code elements) on top of the real page.
Graphical Substitution
While it is possible to overwrite page content easily through multiple
methods, one problem facing Phishers is that of browser specific visual
clues to the source of an attack. These clues include the URL presented
within the browsers URL field, the secure padlock representing an HTTPS
encrypted connection, and the Zone of the page source.
A common method used to overcome these visual clues is through the
use of browser scripting languages (such as JavaScript, VBScript and
Java) to position specially created graphics over these key areas with
fake information.
While the Phisher must use graphics that are appropriate to the
manufacturer of the browser software, it is a trivial exercise for the
attackers fake web site to determine the browser type and exact version
through simple code queries. Therefore the attacker may prepare images
for a range of common browsers and code their page in such a way that
the appropriate images are always used.
It is important to note that Phishing attacks in the past have combined
graphical substitution
with additional scripting code to fake other browser functionality.
Examples include:
Implementing "right-click" functionality and
menu access,
Presenting false popup messages just as the real
browser or web application would,
Displaying fake SSL certificate details when
reviewing page properties or security settings -
through the use of images.
