Peer-to-Peer Technologies
Introduction
Peer-to-Peer, commonly referred to as P2P, is an encompassing term that includes computer systems directly connected to each other or communicating with each other via a network. A P2P network forms when a number of users ("peers") with network connectivity each initiate a particular P2P application on their computer.
Basic Security Recommendations
There are 2 classes of P2P applications. The "server-less" network operates without a central server. Each peer communicates with other peers, and the network widens dynamically. The other class of P2P network operates with a central server acting to identify peers to each other; however the central server does not play a role in sending or storing information.
Data Retention
P2P networks are designed to facilitate information exchange. When deploying P2P technology, departments should consider how essential records can be collected and safeguarded.
Encryption
To further protect the confidentiality of the P2P network and the content being transmitted, the data could be encrypted. Peers in a P2P network can be physically located anywhere, including outside the department network. The encryption protocol supported by the P2P solution or product should be evaluated according to the requirements identified in a Threat and Risk Assessment.
Overall Security Recommendation
Threat and Risk Assessment
With the increasing prevalence of P2P and an inevitable wider acceptance of P2P systems in corporate environments, departments and agencies should prepare both networks and employees in advance. A comprehensive Threat and Risk Assessment (TRA) with a specific focus on P2P will identify potential vulnerabilities, risks, and provide insight into how P2P applications will interact with the rest of the network. Departments could train employees in the proper use of P2P applications and how to minimize risks while using P2P applications.
In addition to the TRA recommended above, departments and agencies can mitigate known vulnerabilities through the use of the following tools:
IPS
The deployment of Intrusion Prevention Systems (IPS) to monitor the traffic of P2P applications would be beneficial in the proactive detection of malicious traffic.
Security Logs
It is recommended to ensure that the product/solution provides some logging functionality. Logging tools or systems that can interface with enterprise data logging tools facilitate analysis of the information.
Identification and Authentication
P2P applications provide functionality that may put a network at risk by bypassing traditional network security systems such as firewalls, and connect computers within the corporate firewall directly to systems on the public internet. Implementing and requiring identification and authorization prior to access to P2P resources ensures that only employees approved to use the P2P do so.
Conceptual Peer-to-Peer Network
Conceptual Client/Server Network
Stand Alone Applications
- aMule
- Ares
- BearShare
- BitTorrent
- Buzm
- CSpace
- EDonkey/Overnet
- eMule
- FastTrack
- FileScope
- Freenet
- gift
- Gnucleus
- GNUnet
- Gnutella2
- iMesh
- IRC
- JXTA
- KadNetwork
- Kazza
- KCeasy
- KiwiAlpha
- Krawler
- Limewire
- MLDonkey
- Morpheus
- Napshare
- NeoEdge
- P2PTV
- PeerCasting
- RetroShare
- Shareaza
- Tranche
- Usenet
- Vagaa
- Windows Peer-to-Peer
- WinMx
- WPNP
- Zultrax
Stand Alone Applications
- aMule
- Ares
- CSpace
- EDonkey/Overnet
- Freenet
- gift
- iMesh
- IRC
- KCeasy
- KiwiAlpha
- Morpheus
- Napshare
- RetroShare
- Shareaza
- Vagaa
- Windows Peer-to-Peer
- BearShare
- BitTorrent
- eMule
- FastTrack
- Gnucleus
- GNUnet
- JXTA
- KadNetwork
- Krawler
- Limewire
- NeoEdge
- P2PTV
- Shareaza
- Tranche
- WinMx
- WPNP
- Buzm
- MLDonkey
- FileScope
- PeerCasting
- Gnutella2
- Usenet
- Kazza
- Zultrax
www.cse-cst.gc.ca itsclientservices@cse-cst.gc.ca 613-991-7654