Problem solve Get help with specific problems with your technologies, process and projects.

Do P2P networks share the same risks as traditional ones?

Although P2P networks have their benefits, organizations still need to be careful with the peer-to-peer technology. In this SearchSecurity.com Q&A, network pro Mike Chapple explains how to protect a P2P network's many nodes.

What do the vulnerabilities of peer-to-peer networks have in common with traditional networks, and are there security concerns that are unique to P2P environments?
First, let's set the stage by explaining the basics of peer-to-peer networks. When computing resources are organized on a peer-to-peer network, a traditional server is not involved. Instead, each node, or "peer," in the network acts as both a client and a server, offering resources to others while taking advantage of the resources made available by the additional nodes.

This technology shows promise and could revolutionize the way that computers communicate. Over the past several years, however, peer-to-peer networking has taken a PR hit, as it has been used to illegally share music files and violate copyright laws, drawing the wrath of the music publishing industry, especially the Recording Industry Association of America (RIAA). Music sharing aside though, there are still plenty of legal applications of P2P technology, including collaborative file sharing and computational resource pooling.

P2P networks share the same risks as traditional ones, but there are also additional dangers. Under the traditional networking model, security professionals have been able to build highly fortified servers, which can then be used to block all inbound access to clients. Unfortunately, this model doesn't work for P2P networks, as every client must also act as a server.

If you choose to leverage P2P applications in your organization, you'll need to ensure that each node is carefully protected. First, your P2P software must provide adequate isolation between shared and private resources; you wouldn't want an anonymous remote client to be able to manipulate operating system settings through the P2P interface. Second, you'll need to carefully craft firewall rules that permit the desired P2P activity while blocking unwanted traffic.

P2P networking offers great promise for the future of computing, but it brings with it a number of possible risks. As with any new technology, security professionals must be able to adapt to a changing environment.

More information:

  • Need to control P2P applications? Expert Michael Cobb lays out your options.
  • See how the Tor peer-to-peer network of routers can be hacked.
  • This was last published in May 2007

    Dig Deeper on Network device security: Appliances, firewalls and switches

    Start the conversation

    Send me notifications when other members comment.

    Please create a username to comment.