|
SEARCH: 

      [Change My Location] | Home | My Web Site | Corporate | Contact Us
About Us
Products
Programming
Customer Service
Business Services
In the Community
Products & Services
Why Choose Time Warner Cable?
Products
Cable
High Speed Online 
Order Services Now!
NEW! PowerBoost™
EarthLink
Road Runner
LocalNet
New York Connect
Packages & Pricing
Security  
Computer Viruses
File Sharing >>
Protecting Personal Information
Report a Security Violation
Safety for Children
Spam
Spyware
Wireless Security
Contact Information
Software Downloads
Self-Installation
FAQs
Home Phone
En Español
 

What is Peer-to-Peer File Sharing?

Peer-to-Peer - a type of transient Internet network that allows a group of computer users with the same networking program to connect with each other and directly access files from one another's hard drives. Napster, Kazaa, and Gnutella are examples of peer-to-peer software.

What are some of the consequences of Peer-to-Peer?

If you are using one of the peer-to peer file sharing services without disabling the file sharing option, the whole Internet can have access to the files on your hard drive. This can also lead to excessive bandwidth consumption which is violation of the Acceptable Use Policy.
When using peer-to-peer services, you should take several precautions. Here are several tips on protecting your PC:

1. Prevent the program from starting automatically.
2. Do not share files.
3. Close/Exit the program when you are finished.
4. Prevent the program from acting as a "supernode" (a middleman for other programs to secretly use your bandwidth

For additional information, please go to http://security.uchicago.edu/peer-to-peer/no_fileshare.shtml for easy-to-follow instructions on disabling file sharing for the various peer-to-peer programs

What are some of the concerns regarding Peer-to-Peer Security?

Reputation With the growing popularity of these file sharing programs, copyright violations have become a growing concern for companies and their employees. Employees who share files from the workplace can cause major issues for the company. Companies can be held responsible and liable for the copyright violation that their employees commit.

Denial of Service
The users of these programs are taking up the network's resources. Programs like Napster, Gnutella and Scour are generally used to download big files like MP3s, AVIs, MPGs, etc. When a large number of users are downloading these types of files, it can tie up the network bandwidth resources. This can result in a denial of service. The larger the amount of users who are sharing the same network resources and are file sharing, the more they are at risk of denial of service. This is why most schools have banned students from using these programs.

Security Holes
Most P2P software can be manipulated to slip through and create holes in a network security system. For example, AOL Instant Messenger can allow you to "sniff" for open ports on a peer machine.

Malware
Anyone using these programs can pick and choose what files they want to share by simply placing them in the folder associated with that service. This also means people can freely distribute any Trojan horse applications and viruses. To make matters worse, if they are using one of the sharing programs (like FreeNet), they may not get caught since some of these programs do not use a central server or track IP addresses. With a model like FreeNet, when a file is requested, it is copied locally from user to user until it gets to the requesting computer. This can easily and quickly spread malware among users. The possibility of introducing and spreading a Trojan horse or virus this way is almost too simple.

As it has been done with viruses in the past, if you give it a name that sounds like something else, it may speed up the infection rate. Using P2P software, the Zeropaid group found that files that were given fake names referring to pornography were downloaded at an alarming rate (more information can be found at www.zeropaid.com/busted

Even commercial software can be changed and made to work as malware. Programs like AOL Instant Messenger, or any other file sharing software, can be taken back to its basics and released. That means anyone with an understanding of programming can change the software code so that it can be used for other purposes. P2P programs can be used as a way to place a backdoor (an opening in your system that gives others unauthorized remote access to your computer) in your computer.

Information Gathering
P2P services can take away the security of network anonymity. Routers and gateway addresses can be exposed, and if the user is connected directly to the Internet, their IP and MAC addresses may also be exposed. This makes it easier and more convenient for hackers to break into your system. Even a novice hacker can easily do this with simple scanning software.

Another issue is that many of the peer-to-peer services provide information as to what connection speed a certain user has. High speed access cable modems are easier targets than dial-up modems. Most 56k connections and below are dial-up accounts, and not worth the time wasted to do anything with these systems because they are slow and are not always on. Connection speeds of 144k and higher can indicate cable modems that are 'always on'.

Confidentiality
As a normal setup, most peer-to-peer services give all clients direct access to files that are stored in a shared folder on a user's hard drive. The files stored in folders that are not shared by default still have a possibility of being shared or added to the shared folder. A hacker could figure out what operating system the peer computer has and could connect to folders that are hidden shares, thus gaining access to folders and information that was not meant to be accessed.


 
 


back to home 

Parental Control|Careers|Site Map|Privacy Policy + Terms of Use|Investor Relations|Leased Access|
© Time Warner Cable Inc. All rights reserved.