Re: security in P2PJul 27 2012 05:00PM Rajiv D (rajiv ceh gmail com) (1 replies)
Hi Pratik,
P2P systems uses what is called hashing. Before you can share it on the network it should be hashed. P2P generally uses MD5. So any file that you are downloading should have same hash in all the peers. So if two users have the EXACT same file then only the hash will match and it will be downloaded from them. If some malware has been Introduced in the file then the hash will change and it will be treated as a separate file. The real problem comes when you download from a user and that particular file is malicious. In that case any HIPS can help you out.
-- Rajiv
-----Original Message-----
From: Pratik Narang <pratik.cse.bits (at) gmail (dot) com [email concealed]>
Sender: listbounce (at) securityfocus (dot) com [email concealed]
Date: Fri, 27 Jul 2012 12:38:37
To: <security-basics (at) securityfocus (dot) com [email concealed]>
Subject: security in P2P
Hi all,
Consider a situation involving (only) Peer to Peer traffic in a small
or medium sized network.
Peer A does a search for file qwerty.mp3, and then starts pulling the
file, in pieces, from different Peers- B, C, D and E.
Now say Mr. C is a malicious peer, and the file at his end contains a
malware/virus/trojan etc. Or better still, Mr. C decides to target
peer A and injects a malware/trojan etc. into one of the pieces of the
file.
As a network admin, what one may do that innocent peers like A are
protected from such situations. I need a solution involving use of
IDS/IPS with signature based and/or anomaly based detection.
Kindly do not suggest actions or measures relating to the end user.
Whatever has to be done, must be done in the network design/plan- say
use Snort or some other IDS/IPS and write rules to an Open source
firewall using the IDS/IPS for this specific scenario.
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.
P2P systems uses what is called hashing. Before you can share it on the network it should be hashed. P2P generally uses MD5. So any file that you are downloading should have same hash in all the peers. So if two users have the EXACT same file then only the hash will match and it will be downloaded from them. If some malware has been Introduced in the file then the hash will change and it will be treated as a separate file. The real problem comes when you download from a user and that particular file is malicious. In that case any HIPS can help you out.
-- Rajiv
-----Original Message-----
From: Pratik Narang <pratik.cse.bits (at) gmail (dot) com [email concealed]>
Sender: listbounce (at) securityfocus (dot) com [email concealed]
Date: Fri, 27 Jul 2012 12:38:37
To: <security-basics (at) securityfocus (dot) com [email concealed]>
Subject: security in P2P
Hi all,
Consider a situation involving (only) Peer to Peer traffic in a small
or medium sized network.
Peer A does a search for file qwerty.mp3, and then starts pulling the
file, in pieces, from different Peers- B, C, D and E.
Now say Mr. C is a malicious peer, and the file at his end contains a
malware/virus/trojan etc. Or better still, Mr. C decides to target
peer A and injects a malware/trojan etc. into one of the pieces of the
file.
As a network admin, what one may do that innocent peers like A are
protected from such situations. I need a solution involving use of
IDS/IPS with signature based and/or anomaly based detection.
Kindly do not suggest actions or measures relating to the end user.
Whatever has to be done, must be done in the network design/plan- say
use Snort or some other IDS/IPS and write rules to an Open source
firewall using the IDS/IPS for this specific scenario.
------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.
http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442
f727d1
------------------------------------------------------------------------
[ reply ]