• Home

  • Documents

  • Peer-to-peer sharing David Duke, Cryptic Software
1
4 The reality Recent Cryptic research shows that 11% of Internet connected machines are using the popular Gnutella peer-to-peer protocol. Typically there are over two million users connected at any one time to this network and they have the ability to search and retrieve files on local machines. Our research also shows that 90% of queries on the GNUTELLA network are searching for pirated or copyrighted material, which seems to be the common use of these tools and therefore provides an incentive for users to download on a fast corporate network. There are many P2P applications in use worldwide, which enable the shar- ing of local files to remote users. Using a hierarchy of interconnected clients it makes it easy for users to search millions of machines for any file in seconds. These tools use a ‘push’ technique so that remote users who request files from internal networks can access them by sending a request for the client to ‘push’ the files out from the network. This potentially enables files from within the firewall environments to be shared with those outside the secure part of the net- work. The issues are two fold: Someone may innocently be installing and running this software and could effectively share all their PC and Network Mapped connected drive with the outside world! If this isn’t bad enough the problem then becomes worse, once remote users have the downloaded files, they them- selves share the file with the rest of the P2P community. Even if you discover the presence of P2P software and remove it some of your corporate files may be out there in cyberspace for all to see. Someone may be trying to get the lat- est Spiderman film and whilst doing this inadvertently download a Virus or Trojan. The solution Make sure your security policies include rules for P2P networking Network monitoring software can easily detect this by searching for the‘GNUTELLA CONNECT’ string within incoming or outgoing connec- tions. The most common port for these connections is 1214 and 6348, although these are user configurable most users do not change the default settings. You may also consider blocking access to the top-level host cache websites where P2P clients request a group of IP addresses for initial connection to the P2P network. The good news Cryptic Software are not currently aware of any hacking tools, which use this technique to remotely anonymously access restricted content or even add other files or directories to existing P2P software, but it’s just a matter of time. For the moment be aware of the prob- lem and be wary of any P2P protocol moving around your network. Peer-to-Peer effects felt everywhere This advice from Cryptic Software, can be reflected in the actions of the US Senate who has banned lawmakers and their employees from using peer-to- peer networks as reported in the Los Angeles Times. The Senate’s Sergeant at Arms justified his ban by pointing out how many vulnerabilities have been reported by peer-to-peer network users including Kazaa, Morpheus and Gnutella. The Senate also referred to how the networks are also used to share pirate software and concluded by say- ing that “our security evaluation con- cluded that continued use of peer-to-peer client software and net- works is an unacceptable operational risk to the Senate and can impact the ability of the Senate communication to carry out its core missons.” Silicon Valley vs Hollywood The music industry and technology enthusiasts are head to head in a battle of conflicting interests with regards to peer-to-peer networks and the conse- quences of this technology. The Motion Picture Assocation of America and computer executives are beginning the process of discussing the issue of Internet pircacy. As reported in the Daily Variety, recently computer CEO’s from companies including HP, Microsoft, Intel, Dell and IBM have been exchanging letters with the Motion Picture Association of America. Studio representatives would prefer if technology was available to block all peer-to-peer networks. In a letter from the computer executives to the Motion Picture Association of America, the computer executives made the point that peer-to-peer networks are a vital part of the economy and shouldn’t be blocked. Peer-to-peer sharing David Duke, Cryptic Software Peer-to-peer (P2P) sharing is a rapidly growing technology and as security experts it is important that we remain aware of the implications of the wide- spread distribution of this technology. hack of the month

Peer-to-peer sharing David Duke, Cryptic Software

  • View
    215

  • Download
    1

Embed Size (px)

Citation preview

Page 1: Peer-to-peer sharing David Duke, Cryptic Software

4

The realityRecent Cryptic research shows that 11%of Internet connected machines areusing the popular Gnutella peer-to-peerprotocol. Typically there are over twomillion users connected at any one timeto this network and they have the abilityto search and retrieve files on localmachines.

Our research also shows that 90% ofqueries on the GNUTELLA network aresearching for pirated or copyrightedmaterial, which seems to be the commonuse of these tools and therefore providesan incentive for users to download on afast corporate network.

There are many P2P applications inuse worldwide, which enable the shar-ing of local files to remote users. Usinga hierarchy of interconnected clients it makes it easy for users to search millions of machines for any file in seconds.

These tools use a ‘push’ technique sothat remote users who request files frominternal networks can access them bysending a request for the client to ‘push’the files out from the network. Thispotentially enables files from within thefirewall environments to be shared withthose outside the secure part of the net-work.

The issues are two fold:• Someone may innocently be installing

and running this software and couldeffectively share all their PC andNetwork Mapped connected drivewith the outside world! If this isn’tbad enough the problem thenbecomes worse, once remote usershave the downloaded files, they them-selves share the file with the rest of theP2P community. Even if you discover

the presence of P2P software andremove it some of your corporate filesmay be out there in cyberspace for allto see.

• Someone may be trying to get the lat-est Spiderman film and whilst doingthis inadvertently download a Virusor Trojan.

The solution• Make sure your security policies

include rules for P2P networking• Network monitoring software can

easily detect this by searching forthe‘GNUTELLA CONNECT’ stringwithin incoming or outgoing connec-tions. The most common port forthese connections is 1214 and 6348,although these are user configurablemost users do not change the defaultsettings.

• You may also consider blocking accessto the top-level host cache websiteswhere P2P clients request a group ofIP addresses for initial connection tothe P2P network.

The good newsCryptic Software are not currently aware of any hacking tools, which usethis technique to remotely anonymouslyaccess restricted content or even addother files or directories to existing P2Psoftware, but it’s just a matter of time.For the moment be aware of the prob-lem and be wary of any P2P protocolmoving around your network.

Peer-to-Peer effects felteverywhere

This advice from Cryptic Software, canbe reflected in the actions of the US

Senate who has banned lawmakers andtheir employees from using peer-to-peer networks as reported in the LosAngeles Times. The Senate’s Sergeant atArms justified his ban by pointing outhow many vulnerabilities have beenreported by peer-to-peer network usersincluding Kazaa, Morpheus andGnutella. The Senate also referred tohow the networks are also used to sharepirate software and concluded by say-ing that “our security evaluation con-cluded that continued use ofpeer-to-peer client software and net-works is an unacceptable operationalrisk to the Senate and can impact theability of the Senate communication tocarry out its core missons.”

Silicon Valley vs Hollywood

The music industry and technologyenthusiasts are head to head in a battleof conflicting interests with regards topeer-to-peer networks and the conse-quences of this technology.

The Motion Picture Assocation ofAmerica and computer executives arebeginning the process of discussing theissue of Internet pircacy. As reported inthe Daily Variety, recently computerCEO’s from companies including HP,Microsoft, Intel, Dell and IBM havebeen exchanging letters with theMotion Picture Association of America.Studio representatives would prefer if technology was available to block allpeer-to-peer networks. In a letter fromthe computer executives to the MotionPicture Association of America, thecomputer executives made the pointthat peer-to-peer networks are a vitalpart of the economy and shouldn’t beblocked.

Peer-to-peer sharingDavid Duke, Cryptic Software

Peer-to-peer (P2P) sharing is a rapidly growing technology and as securityexperts it is important that we remain aware of the implications of the wide-spread distribution of this technology.

hack of the month

nesejulymayfield.qxd 7/25/02 3:53 PM Page 4

Amadeus - Cryptic entries.doc

Amadeus - Cryptic entries.doc

Documents
Megadeth - cryptic writings

Megadeth - cryptic writings

Education
SMDIHS Teac19100908270 · 2019-10-09 · SIR DUKE SIR DUKE --iii iiiii . SIR DUKE SIR DUKE iiii— i-ii- iiiii . SIR DUKE SIR DUKE . SIR DUKE SIR DUKE . SIR DUKE SIR DUKE . SIR DUKE

SMDIHS Teac19100908270 · 2019-10-09 · SIR DUKE SIR DUKE --iii iiiii . SIR DUKE SIR DUKE iiii— i-ii- iiiii . SIR DUKE SIR DUKE . SIR DUKE SIR DUKE . SIR DUKE SIR DUKE . SIR DUKE

Documents
CRYPTIC SPECIES WITHIN THE DENDROPHIDION VINITOR COMPLEX ...mcz.harvard.edu/Publications/pubs/Bulletin_2012_1604_2506.pdf · CRYPTIC SPECIES WITHIN THE DENDROPHIDION VINITOR ... del

CRYPTIC SPECIES WITHIN THE DENDROPHIDION VINITOR COMPLEX ...mcz.harvard.edu/Publications/pubs/Bulletin_2012_1604_2506.pdf · CRYPTIC SPECIES WITHIN THE DENDROPHIDION VINITOR ... del

Documents
Cryptic Seed Orchard Dysfunctions

Cryptic Seed Orchard Dysfunctions

Documents
Inflorescence QTL, Canalization, and Selectable Cryptic ...imbgl.cropsci.illinois.edu/school/2011/Patrick_Brown.pdfInflorescence QTL, Canalization, and Selectable Cryptic Variation

Inflorescence QTL, Canalization, and Selectable Cryptic ...imbgl.cropsci.illinois.edu/school/2011/Patrick_Brown.pdfInflorescence QTL, Canalization, and Selectable Cryptic Variation

Documents
Ralf Michaels - Duke University School of Law · PDF fileMercantile Law Review; ... Maastricht European Private Law Institute Peer Reviewer / Outside Evaluator ... Ralf Michaels Duke

Ralf Michaels - Duke University School of Law · PDF fileMercantile Law Review; ... Maastricht European Private Law Institute Peer Reviewer / Outside Evaluator ... Ralf Michaels Duke

Documents
Cryptic Quiz

Cryptic Quiz

Documents
Cryptic Violet

Cryptic Violet

Documents
Cryptic Crosswords Explained

Cryptic Crosswords Explained

Documents
Cryptic Writing 5

Cryptic Writing 5

Documents
Cryptic and not-so-cryptic species in sea cucumbers

Cryptic and not-so-cryptic species in sea cucumbers

Science
Cryptic and non-cryptic diversity in New Guinea ground

Cryptic and non-cryptic diversity in New Guinea ground

Documents
Cryptic eco‐evolutionary dynamics - McGill Universityredpath-staff.mcgill.ca/hendry/Kinnison2015ANYAS1360,120.pdf · 2016. 1. 25. · Cryptic eco-evolutionary dynamics Kinnison

Cryptic eco‐evolutionary dynamics - McGill Universityredpath-staff.mcgill.ca/hendry/Kinnison2015ANYAS1360,120.pdf · 2016. 1. 25. · Cryptic eco-evolutionary dynamics Kinnison

Documents
Cryptic species within cryptic moths: new species of Dunama Schaus

Cryptic species within cryptic moths: new species of Dunama Schaus

Documents
An Introduction To Cryptic Masonry

An Introduction To Cryptic Masonry

Documents
A Cryptic Tale

A Cryptic Tale

Documents
Cryptic Magazine

Cryptic Magazine

Documents
MICROBIAL DEATH, LVSIS AND •CRYPTIC• GROWTH: …

MICROBIAL DEATH, LVSIS AND •CRYPTIC• GROWTH: …

Documents
Solving Cryptic Crosswords

Solving Cryptic Crosswords

Documents
Amadeus Cryptic Entries Reference Guide

Amadeus Cryptic Entries Reference Guide

Documents
Cryptic clue glacier key terms

Cryptic clue glacier key terms

Education
A brief guide to the construction of cryptic crossword cluescrypticcrosswords.net/wp-content/uploads/2015/06/Cryptic-Crosswor… · A brief guide to the construction of cryptic crossword

A brief guide to the construction of cryptic crossword cluescrypticcrosswords.net/wp-content/uploads/2015/06/Cryptic-Crosswor… · A brief guide to the construction of cryptic crossword

Documents
Biosynthetic Pathway Connects Cryptic Ribosomally ... · Biosynthetic Pathway Connects Cryptic Ribosomally Synthesized Posttranslationally Modified Peptide ... LCMS analysis of (A)

Biosynthetic Pathway Connects Cryptic Ribosomally ... · Biosynthetic Pathway Connects Cryptic Ribosomally Synthesized Posttranslationally Modified Peptide ... LCMS analysis of (A)

Documents
Cryptic Crosswords & How to Solve Them

Cryptic Crosswords & How to Solve Them

Documents
S to the Cryptic Planet EXPRES

S to the Cryptic Planet EXPRES

Documents
How to do Cryptic Crosswords

How to do Cryptic Crosswords

Documents
Cryptic Chain Collar

Cryptic Chain Collar

Sales
8 Cryptic Cravings - Fushion Mag

8 Cryptic Cravings - Fushion Mag

Documents
Manual - PDF - Cryptic Comet

Manual - PDF - Cryptic Comet

Documents