Combined with the security holes that P2P clients can open through techniques like tunelling, the dubious quality of downloaded files provides an attractive point of entry for a number of viruses, Trojan horses, and worms. They also allow users to download files whose origins cannot be verified, increasing the risk of downloading and installing malicious or buggy software that can propagate across the network. The threats posed by P2P networks, however, are not confined to technical issues raised by their file transfer protocols. P2P clients thus give users not only the incentive but also the means to circumvent network security policies. In both of these instances, this unprotected port is an attractive target for attackers who can use it to establish a backdoor connection and take control of computers within the networks. Many clients also implement tunelling techniques where the P2P traffic is disguised as normal web traffic which many firewalls assume is harmless. Because most firewalls block these ports, P2P clients will often ask the user to disable security restrictions on these ports. P2P networks send information over a port that is not usually used for network traffic, for example port 1214. More seriously, P2P clients can compromise network security by effectively boring holes into firewalls. This activity can choke bandwidth, slowing down legitimate communcation, and even resulting in denial of service. Not only do P2P applications allow users to download mutli-megabyte or gigabyte files, increasing inbound traffic they also allow computers inside a network to function as servers, causing large increases in outbound traffic as well. Most obviously, P2P file sharing causes can clog a network by substantially increasing traffic. Besides posing legal liabilities and decreasing productivity, P2P networks pose a variety of threats to network performance and security. These networks allow users to download and share music, movies, pictures, software, etc and are often used on corporate networks to take advantage of a broadband connection. This SonicWALL IPS signature category consists of a group of signatures that can detect and prevent network traffic associated with Peer to Peer (P2P) filesharing networks.
0 Comments
Leave a Reply. |