Results 1 to 9 of 9

Thread: is P2P a security threat?

  1. #1
    Junior Member
    Join Date
    Aug 2003
    Posts
    4

    Question is P2P a security threat?

    i frequently use Kazaa, and am constantly downloading from it. is this a threat 2 my computer even though i have a firewall, trojan detection, and antivirus software?

  2. #2
    BIOS Bomber
    Join Date
    Jul 2003
    Location
    Michigan
    Posts
    357
    In short yes.

    For one, the RIAA is starting to lay the boot up the downloading ass. Also they have alot of viruses not discovered yet on the networks. Downloading an MP3 and or some pr0n should still be ok though Try not to download any .exe files or screen savers. Basically anything that you could code could contain more than you wanted.
    "When in doubt, use Brute Force."

    Never argue with an idiot. They'll drag you down to their level, then beat you with experience.

  3. #3
    It is a major threat if you have file and printer sharing turned on. I have browsed parts of peoples computers before when they had it turned on and the scary thing is that a lot of people do have it turned on. Someone can connect to you and get your ip address and check very easily.


    EDIT::Just wanted to say that I dont know if the technique would still work if you have a firewall. Im not too famliar with them so dont be to alarmed

  4. #4
    Senior Member
    Join Date
    May 2003
    Posts
    472
    take proper precautions......then even p2p wont remain a thread for long....
    guru@linux:~> who I grep -i blonde I talk; cd ~; wine; talk; touch; unzip; touch; strip; gasp; finger; mount; fsck; more; yes; gasp; umount; make clean; sleep;

  5. #5
    Senior Member
    Join Date
    Jul 2003
    Posts
    114
    N1ghtstalker: You are, as you suspected, mostly wrong. A properly-configured, secure firewall will prevent people from accessing your shares. (That is not to say that you shouldn't bother turning them off, after all, defense in depth is good.)

    If you have taken standard precautions, then 3 risks remain from p2p:
    1) The p2p software itself, or rather, the spyware it installs. You're using Kazaa, I hope you meant K++, right? If not, burn Kazaa, and get K++ and adaware
    2) 0-day worms. The anti-virus people mostly just stop existing viruses. A worm that piggybacked off Kazaa could spread very quickly, so you might be infected before a fix was available.
    3) The "justice" system. (If, that is, you live in the U.S.) As mandraketux mentioned, the RIAA is not your friend. They can force your ISP to turn over your real name, then drag your ass into court. They do not need any evidence of wrongdoing to do so. The state will not provide an attorney for you. Your only defense is to look like a small-time operator. You are using K++, right?

  6. #6
    Banned
    Join Date
    Jul 2002
    Posts
    877
    First of all P2P... "Peer to peer"... your connecting directly to who knows where downloading who knows what. Another thing is P2P software has default shared folders so that any idiot can search anti-virus pages and findout some commonly shared P2P folders then make a program or script that copies itself to these folders... then next thing ya know someone easly brings yet another P2P worm to the world in a matter of seconds... j3r, calling P2P worms 0-days would be offensive to all the good coders out there... first of all P2P worms are exstreamly easy to make & have become about as common as the dirt we stand on. And also another thing... you'd be surprised how many so called "Im very carefull" & "I download only mp3" type of peaple would brainlessly checkout SexStory.vbs or readme.html or worse Hotmail_Hack.exe.

  7. #7
    YES, p2p is a threat to security. Just one example, sum1 puts a trojan on a file, you donwload it, run it, then person takes control of your comp....very unlikely but it can happen

    /edit: I'm not puttin any names of the trojans or how to do this exactly for the obvious reason of not teachin n1 how to do it.
    \"Not everything that counts can be counted, and not everything that can be counted counts.\" (Sign hanging in Einstein\'s office at Princeton)

  8. #8
    Senior Member
    Join Date
    Jul 2002
    Posts
    117
    Another aspect that no one really touched on was the whole possiblity of spyware that collect god-knows-what information and sends it god-knows-where, all without your knowledge. As someone in class tonight said, "there's a reason it's free..." I've even heard rumors (and they could be just that...) that some P2P groups keep logs of what their users download, date and time probably, and the IP to which it's being downloaded. Now whether or not it's true or not, I have no idea. Or hell, if it's even possible for that matter. But just another thought to keep in the back of your mind...

    alpha

  9. #9
    Junior Member
    Join Date
    Aug 2003
    Posts
    7
    Originally posted here by L1nk
    YES, p2p is a threat to security. Just one example, sum1 puts a trojan on a file, you donwload it, run it, then person takes control of your comp....very unlikely but it can happen

    /edit: I'm not puttin any names of the trojans or how to do this exactly for the obvious reason of not teachin n1 how to do it.
    Well, that's a risk you always have to take. Everything can get a virus/trojan bound to it. If they do it properly, your AV will not detect it.

    The best thing is not to download anything. Even better, never connect to the Internet. ^_^

    What I'm trying to say is that you should be aware of the possibility of virii/trojans, but it should not keep you from downloading a file. Common sense is probably the best defense. Along with an updated AV of course. ^_~

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •