What Are P2P File Sharing Applications and Some of the Risks?
P2P file sharing applications are peer to peer networks that are comprised of a group of computers that are united for a common purpose. The purpose of peer to peer networks is to share and exchange data, provide directory services as well as a variety of other collaboration applications.
Many software vendors such as Microsoft and Sun design software applications specifically for use with peer to peer networks. Since these applications are transfer tools, they are vulnerable to exploits that involve exposure of sensitive data, illegal file sharing activity such as information copyright, network overloading, and the distribution of malware that includes spyware, bots, and viruses.
Criminals with malicious intent can attack peer to peer networks by changing legitimate files through the installation of malware, implanting malware into shared directories, exploiting vulnerabilities in the coding protocol of the network, denial of service attacks, and spamming attacks that attempt to harass the users of the P2P network.
P2P File Sharing Risks
P2P file sharing vulnerabilities can occur in any P2P software that is available for Microsoft Windows operating systems, as well as Linux, MacOS, and UNIX operating systems. The P2P programs operate on a set of default ports which can be altered by a malicious attack in an effort circumvent intrusion detection and firewalls. The attack is accomplished through the use of http wrapper and encryption malware that bypasses the restrictions placed on the network.
- File Sharing Networks: On a file sharing network, users are allowed to download files from other users and coordinate file searches among a group of users. This process makes the data available to others as well as intruders. The file sharing process functions through a network of applications, sharing directories, and data hard drives that can be exploited if there are any vulnerabilities in the software program.
- Cloud Computing: Cloud computing is a new form of data storage and file sharing. It provides a way for users to access and share data regardless of where they are located as long as they have access to an Internet connection. Cloud computing provides a virtual computing environment by employing online servers as needed so the end user can access and share data. The applications are executed on multiple servers as well as the end user's PC.
The server clouds are provided by large organizations that specialize in data storage and they are located throughout the Internet. End users never really know where the data resides physically. Depending upon the type of security the organization employs this could potentially open up the data and file sharing to exploits by criminals with malicious intent. The exploit could then be transferred to the P2P network within the organization.
Although P2P attacks can be sneaky, it is possible to detect malicious P2P activity with the right security applications employed. Mapping a plan for a P2P security system and employing intrusion detection in advance of installing the software will reduce the risk factors involved with using P2P applications.