General discussion


Security Solutions: Stop network P2P

By discussion ·
In this week's Security Solutions TechMail column, Mike Mullins addresses the problem of file-sharing applications. Have you experienced security problems with these applications on your corporate network? Do you think your company should allow P2P applications on the network? How do you stop P2P? Share your experiences here.

Here are the links to the resources mentioned in Michael Mullins' column:

- GASP from Attest Systems, Inc.:

- Packeteer's PacketShaper:

*When pasting these links into your browser, remember to remove any spaces.

If you'd like to learn more about the Security Solutions TechMail, point to this link and click Security Solutions to see a sample. Ifyou're interested, you can also sign up:

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

Collapse -

Valt.X Instant Recovery Hardware

by dennis In reply to Security Solutions: Stop ...

We manufacture Instant Recovery Subsystems, a new computer security hardware component, to protect the more than 500 million existing computers in use worldwide and the 130 million computers that ship each year against virus and hacker attacks, Spyware, Cyber terrorism and Cyber warfare, instantly restoring computers to an authorized state and drastically reducing computer support costs.
With our technology computer users simply restart their computers and servers to instantly recover.

Collapse -

IOS Version

by gjohnson In reply to Security Solutions: Stop ...

What is the minimum version of IOS to support this. I have 12.2(2)T1 on a Cisco 3661 and the match protocol fasttrack, gnutella and kazaa2 arent recognized.
BTW, very helpful article.

Collapse -

P2P <> violating copyright law

by Gnunzo In reply to IOS Version

P2P file sharing in and of itself is not violating copyright law. Statments like these do damage to those of us who use it legitimately. Reminds me of people assuming that hackers are malicious. Cracking <> hacking and P2P <> violating copyright law.

Also, no mention here of the hit to performance.

Collapse -

Illegal use

by Mike Mullins In reply to P2P &lt;&gt; violating co ...

According to the final thoughts; "P2P applications are a security nightmare to any corporate network.", and unless you write policy for you home network. This article and the columns focus is for corporate or business networks, not your DSL connection @ home, that you use to share music with unknown "buddies".

Name me one valid use of P2P applications on the business network. You can't. They have no place on the corporate network.

Mike Mullins
Security Solutions

Collapse -

Valid uses for P2P

by Jim Phelps In reply to Illegal use

I'll tell you a very valid use for P2P applications: when you are doing support on a user's PC, but you don't want to keep the user from doing his job.

For example, after I set up a new computer for a user, I can share the new hard drive, then while he is working, I can push the contents of the old hard drive to his new hard drive without interrupting him. He can get back to work faster that way.

Another valid use: printer sharing.

Collapse -

Valid Use ???

by Mike Mullins In reply to Valid uses for P2P

I (and the rest of the admin community) have been pushing folders and software for years without it.
"Net use" if you like DOS, "Map a Network Drive" if you use explorer. P2P to share a printer, come on. I know you can whip up a better justification than that.

I run P2P apps at home. It's how we get around the net. But it still has no place on the company network.

Collapse -

KaZZa for Restore?

by TheChas In reply to Valid uses for P2P

Are you telling us that you use a rogue application like KaZZa to restore users files on PCs?

I hope that you are just confusing Peer to Peer networking with the Peer to Peer file sharing programs that are being used to share copyrighted material.

If you are using a file sharing app on your network, you owe it to yourself to check what is going on in your area in relation to the Super Digital Millennium Copyright law.

The movie and record industries are getting these laws passed in theUS state by state.

The SDMC acts allow the movie and recording industry to access ANY computer network that they suspect may have illegitimate copies of material on them.

In their basic form, the SDMC laws make the use of a firewall to block external access illegal.


Collapse -

IOS Version

by japhilipson In reply to IOS Version

I second the motion... What version is needed? Maybe that's something the author should have included.

Collapse -

IOS Version

by Mike Mullins In reply to IOS Version

Version 12.2 will suffice (it would work with 12.0). What you're really after is a version that supports the following:

match protocol

As for the match protocol problem, I didn't want to get specific to any of the applications, but the specific info for this line can be found at.**86a00800c75d0.html

That will bring you up to speed on NBAR, and to complete the equation, here is how to write the match protocol statements.

match protocol http

or you can see it at:

I could/should have included all of this, but they limit the length on the newsletter to promote actually reading it.

Good Luck,
Mike Mullins

Collapse -

P2P Should be consider and illegal app

by hbaum In reply to Security Solutions: Stop ...

For users with win9x systems, yes we still have them in my company, is almost impossible to stop them. I'm aware of tools and network utilities that can limit and help how to stop them, but its a fight against the executive team to approve such actions. (I'm in the process of creating a memo that can call their attention, and now thanks to this note, I have found more proof of my opinions.) Users need to be more educated on how much damage they can cause on a network, do you know how many timesAnti-Virus program have catch viruses in KaZaa and other such utilities? And how many times I had to troubleshoot a system because it had the Weather Bug, Bonzi Buddy, and many poor written third party programs that are install without you knowing it! All this should be consider a BIG NO NO. No good comes out by givin users what they want, they are just here to work efficiently.

Related Discussions

Related Forums