
	Home > Ask the Security Experts > Network Security Questions & Answers > Do P2P networks share the same risks as traditional ones?

Ask The Security Expert: Questions & Answers

EMAIL THIS

Do P2P networks share the same risks as traditional ones?

EXPERT RESPONSE FROM: Mike Chapple

		Pose a Question

		Other Security Categories

		Meet all Security Experts
		Become an Expert for this site

Digg This!

StumbleUpon

Del.icio.us

QUESTION POSED ON: 22 March 2007
What do the vulnerabilities of peer-to-peer networks have in common with traditional networks, and are there security concerns that are unique to P2P environments?

EXPERT RESPONSE
First, let's set the stage by explaining the basics of peer-to-peer networks. When computing resources are organized on a peer-to-peer network, a traditional server is not involved. Instead, each node, or "peer," in the network acts as both a client and a server, offering resources to others while taking advantage of the resources made available by the additional nodes.

This technology shows promise and could revolutionize the way that computers communicate. Over the past several years, however, peer-to-peer networking has taken a PR hit, as it has been used to illegally share music files and violate copyright laws, drawing the wrath of the music publishing industry, especially the Recording Industry Association of America (RIAA). Music sharing aside though, there are still plenty of legal applications of P2P technology, including collaborative file sharing and computational resource pooling.

P2P networks share the same risks as traditional ones, but there are also additional dangers. Under the traditional networking model, security professionals have been able to build highly fortified servers, which can then be used to block all inbound access to clients. Unfortunately, this model doesn't work for P2P networks, as every client must also act as a server.

If you choose to leverage P2P applications in your organization, you'll need to ensure that each node is carefully protected. First, your P2P software must provide adequate isolation between shared and private resources; you wouldn't want an anonymous remote client to be able to manipulate operating system settings through the P2P interface. Second, you'll need to carefully craft firewall rules that permit the desired P2P activity while blocking unwanted traffic.

P2P networking offers great promise for the future of computing, but it brings with it a number of possible risks. As with any new technology, security professionals must be able to adapt to a changing environment.

More information:

Need to control P2P applications? Expert Michael Cobb lays out your options.

See how the Tor peer-to-peer network of routers can be hacked.

Sound Off! -

Digg This!

StumbleUpon

Del.icio.us

RELATED CONTENT

	Network Security
	Will Cisco's plan to open access to the IOS improve network security?
	Will VoIP attacks result in more than just spam?
	Should enterprises implement a mandatory iPhone VPN?
	Will organizations that lag behind on IPv6 adoption have greater security risks?
	Should iPhone email be sent without SSL encryption?
	How to secure an FTP connection
	DMVPN configuration: Is an additional firewall needed between the router and the Internet?
	Is centralized logging worth all the effort?
	What are the pros and cons of shaping P2P packets?
	Should an ISP keep corrupted machines off of a network?

Network Firewalls

Is it possible to allow select access to IP addresses using Windows Server 2003?

Sophos finds patching issues through endpoint NAC tool

Fortinet acquires database vulnerability scanner from IPLocks

Is an IPsec VPN necessary when connecting remote servers that process financial transactions?

Embedding security has drawbacks says TippingPoint chief architect

Is security improved when the number of Internet gateways is reduced?

Nipper audits routers, reveals insecure settings

Product review: Netgear's Netgear FVS336G ProSafe Dual WAN Gigabit Firewall

Product review: Tufin's Tufin SecureTrack 4.1

Product review: SonicWALL's SonicWALL NSA E5500

Network Device Management

Cisco warns of UCM flaws

Embedding security has drawbacks says TippingPoint chief architect

The 'security standards dilemma': Network segmentation and PCI Compliance

Product review: Tufin's Tufin SecureTrack 4.1

Product review: BreakingPoint Systems' BPS-1000

Cisco plugs serious UCM flaw

What is a 'top-down' IPS sensor search?

Comparing proxy servers and packet-filtering firewalls

Why does Skype connect to so many servers?

Cisco releases updates for multiple flaws

RELATED GLOSSARY TERMS

Terms from Whatis.com − the technology online dictionary

bastion host (SearchSecurity.com)

firewall (SearchSecurity.com)

Firewall Builder (SearchSecurity.com)

personal firewall (SearchSecurity.com)

screened subnet (SearchSecurity.com)

virus (SearchSecurity.com)

RELATED RESOURCES

2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems

Search Bitpipe.com for the latest white papers and business webcasts

Whatis.com, the online computer dictionary

Search and Browse the Expert Answer Center
Search and browse more than 25,000 question and answer pairs from more than 250 TechTarget industry experts.

Browse our Expert Advice
Operating Systems IT Management Networking Database	Security Servers and Storage Applications and Development Career Center

View this month\\'s issue and subscribe today.

Apply online for free conference admission.

SEARCH :

Advanced Search | Site Index

TechTarget provides enterprise IT professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective IT purchase decisions and managing their organizations' IT projects - with its network of technology-specific Web sites, events and magazines.


TechTarget Corporate Web Site \| Media Kits \| Reprints \| Site Map All Rights Reserved, Copyright 2003 - 2008, TechTarget \| Read our Privacy Policy