Peer-To-Peer File Sharing Is Here To Stay: Napster’s definitive shift to a pay service means more problems for system administrators. Meanwhile, other similar systems are gaining a foothold.
✍ Scribed by Dario Forte
- Publisher
- Elsevier Science
- Year
- 2001
- Tongue
- English
- Weight
- 191 KB
- Volume
- 2001
- Category
- Article
- ISSN
- 1353-4858
No coin nor oath required. For personal study only.
✦ Synopsis
feature
German giant Bertelsmann has recently announced that it will loan money to its 'arch-enemy', Napster, to develop a secure file-sharing service. It will also drop its lawsuit if the service is implemented. However, at the moment the situation is far from rosy.
The expansion of Napster and of tools based on peer-to-peer file sharing continues apace. Some security software producers are actually using the related technology to share anti-virus updates and other products. The basic technology has sparked the interest of a great many people.
Potential security exposure
Let me begin by stating the potential security exposure related to this file sharing phenomenon. In the guise of Gnutella and others,this represents, the true boom of the year.
The main problem for users involves the exposure of the IP address of the machines that are sharing resources over this extended network.
This represents a serious problem, especially for those networks, and unfortunately there are still some around, which do not safeguard their users with hiding processes such as Network Address Translation (NAT) or with various types of proxies.
This exposure can have two consequences. The first is the possibility of users being monitored by copyright holders. The second is that attackers could, once they recognize the IP address used for the connection, use it to perform security probing, or worse.
Napster was an object of interest from researchers, even early on. They highlighted, and confirmed the existence of, the problem -Napster -but downplayed its effects, saying that malefactors would have to be quite experienced in order to acquire this data, and would run into serious complications when confronted by firewalls and proxies.
But the potential complications do not stop here. Another problem regards resource sharing.
When you get into the loop, certain resources on your hard disk are made available. Such file sharing could obviously represent a potential security problem.
For this reason, some only share MP3 CD-ROMs that they leave in dedicated machines. This could represent an initial countermeasure.