Ask the Expert

Do P2P networks share the same risks as traditional ones?

What do the vulnerabilities of peer-to-peer networks have in common with traditional networks, and are there security concerns that are unique to P2P environments?

    Requires Free Membership to View

First, let's set the stage by explaining the basics of peer-to-peer networks. When computing resources are organized on a peer-to-peer network, a traditional server is not involved. Instead, each node, or "peer," in the network acts as both a client and a server, offering resources to others while taking advantage of the resources made available by the additional nodes.

This technology shows promise and could revolutionize the way that computers communicate. Over the past several years, however, peer-to-peer networking has taken a PR hit, as it has been used to illegally share music files and violate copyright laws, drawing the wrath of the music publishing industry, especially the Recording Industry Association of America (RIAA). Music sharing aside though, there are still plenty of legal applications of P2P technology, including collaborative file sharing and computational resource pooling.

P2P networks share the same risks as traditional ones, but there are also additional dangers. Under the traditional networking model, security professionals have been able to build highly fortified servers, which can then be used to block all inbound access to clients. Unfortunately, this model doesn't work for P2P networks, as every client must also act as a server.

If you choose to leverage P2P applications in your organization, you'll need to ensure that each node is carefully protected. First, your P2P software must provide adequate isolation between shared and private resources; you wouldn't want an anonymous remote client to be able to manipulate operating system settings through the P2P interface. Second, you'll need to carefully craft firewall rules that permit the desired P2P activity while blocking unwanted traffic.

P2P networking offers great promise for the future of computing, but it brings with it a number of possible risks. As with any new technology, security professionals must be able to adapt to a changing environment.

More information:

  • Need to control P2P applications? Expert Michael Cobb lays out your options.
  • See how the Tor peer-to-peer network of routers can be hacked.
  • This was first published in May 2007

    There are Comments. Add yours.

     
    TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

    REGISTER or login:

    Forgot Password?
    By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
    Sort by: OldestNewest

    Forgot Password?

    No problem! Submit your e-mail address below. We'll send you an email containing your password.

    Your password has been sent to: