View
215
Download
1
Embed Size (px)
Citation preview
4
The realityRecent Cryptic research shows that 11%of Internet connected machines areusing the popular Gnutella peer-to-peerprotocol. Typically there are over twomillion users connected at any one timeto this network and they have the abilityto search and retrieve files on localmachines.
Our research also shows that 90% ofqueries on the GNUTELLA network aresearching for pirated or copyrightedmaterial, which seems to be the commonuse of these tools and therefore providesan incentive for users to download on afast corporate network.
There are many P2P applications inuse worldwide, which enable the shar-ing of local files to remote users. Usinga hierarchy of interconnected clients it makes it easy for users to search millions of machines for any file in seconds.
These tools use a ‘push’ technique sothat remote users who request files frominternal networks can access them bysending a request for the client to ‘push’the files out from the network. Thispotentially enables files from within thefirewall environments to be shared withthose outside the secure part of the net-work.
The issues are two fold:• Someone may innocently be installing
and running this software and couldeffectively share all their PC andNetwork Mapped connected drivewith the outside world! If this isn’tbad enough the problem thenbecomes worse, once remote usershave the downloaded files, they them-selves share the file with the rest of theP2P community. Even if you discover
the presence of P2P software andremove it some of your corporate filesmay be out there in cyberspace for allto see.
• Someone may be trying to get the lat-est Spiderman film and whilst doingthis inadvertently download a Virusor Trojan.
The solution• Make sure your security policies
include rules for P2P networking• Network monitoring software can
easily detect this by searching forthe‘GNUTELLA CONNECT’ stringwithin incoming or outgoing connec-tions. The most common port forthese connections is 1214 and 6348,although these are user configurablemost users do not change the defaultsettings.
• You may also consider blocking accessto the top-level host cache websiteswhere P2P clients request a group ofIP addresses for initial connection tothe P2P network.
The good newsCryptic Software are not currently aware of any hacking tools, which usethis technique to remotely anonymouslyaccess restricted content or even addother files or directories to existing P2Psoftware, but it’s just a matter of time.For the moment be aware of the prob-lem and be wary of any P2P protocolmoving around your network.
Peer-to-Peer effects felteverywhere
This advice from Cryptic Software, canbe reflected in the actions of the US
Senate who has banned lawmakers andtheir employees from using peer-to-peer networks as reported in the LosAngeles Times. The Senate’s Sergeant atArms justified his ban by pointing outhow many vulnerabilities have beenreported by peer-to-peer network usersincluding Kazaa, Morpheus andGnutella. The Senate also referred tohow the networks are also used to sharepirate software and concluded by say-ing that “our security evaluation con-cluded that continued use ofpeer-to-peer client software and net-works is an unacceptable operationalrisk to the Senate and can impact theability of the Senate communication tocarry out its core missons.”
Silicon Valley vs Hollywood
The music industry and technologyenthusiasts are head to head in a battleof conflicting interests with regards topeer-to-peer networks and the conse-quences of this technology.
The Motion Picture Assocation ofAmerica and computer executives arebeginning the process of discussing theissue of Internet pircacy. As reported inthe Daily Variety, recently computerCEO’s from companies including HP,Microsoft, Intel, Dell and IBM havebeen exchanging letters with theMotion Picture Association of America.Studio representatives would prefer if technology was available to block allpeer-to-peer networks. In a letter fromthe computer executives to the MotionPicture Association of America, thecomputer executives made the pointthat peer-to-peer networks are a vitalpart of the economy and shouldn’t beblocked.
Peer-to-peer sharingDavid Duke, Cryptic Software
Peer-to-peer (P2P) sharing is a rapidly growing technology and as securityexperts it is important that we remain aware of the implications of the wide-spread distribution of this technology.
hack of the month
nesejulymayfield.qxd 7/25/02 3:53 PM Page 4