Home page logo
/

basics logo Security Basics mailing list archives

Re: Napster vs. ITunes.. Which is more secure?
From: Eric Marden <security () xentek net>
Date: Fri, 5 Oct 2007 14:25:30 -0400

iTunes is both a player and a store, where Napster is more a store with playing ability. I'd leave them with Windows Media (for video/ non-ipod players) and iTunes, because most users are going to have iPods, and need iTunes to do anything with them. But in this day and age, you can't just kill multi-media - as more and more work-related content is going to be published in these new formats.

But, Block the sharing ports, to reduce network traffic - as has been suggested - to CYA.


Eric Marden
xentek: enlightened internet solutions
http://xentek.net/

On Oct 5, 2007, at 1:36 PM, William Holmberg wrote:

AS a clarification, iTunes runs on Windows just as well as on the Macs,
but if you prefer the WMP on Windows, you can go that route. I find
though, that most users using either have an iPod, which is uniquely
supported in iTunes and not as rich an experience when using another
App.
I also concur on the port blocking scheme you describe, as well as on
the P2P sw...
My .02
Bill

-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
On Behalf Of James Alcasid
Sent: Friday, October 05, 2007 10:34 AM
To: security-basics () securityfocus com
Subject: Re: Napster vs. ITunes.. Which is more secure?

If you apply the principle of minimal privilege then you would not allow
any
file/music sharing software and close up the corresponding ports on the firewall as an example. Also include a written policy that is signed off
and
understood by all then you won't have to support Britney Spears music
not
being downloaded.

A middle ground approach is to allow a program such as iTunes on the
Macs as
an example but block out ports 3689 music sharing and radio streaming
ports
8000-8999, 42000-42999.

Forget about any P2P programs on the corporate LAN, your just asking for
trouble.


On 10/4/07 1:26 PM, "desert penguin" <desertpenguin007 () msn com> wrote:

Greetings all,

Have begun a cleanup on a network in which many PCs were found to have
iTunes, Napster and some other P2P programs which are obviously "no
no's".
I am leaning more towards allowing Windows Media player and iTunes,
but what
about Napster?  Now that they are legalized, are there insecurities
with it-
or is it pretty much on the same "level" as iTunes? Is it good policy
to
allow WMP and iTunes and disallow Napster and say, BearShare, or would
it be
best to just restrict them all entirely?  Thank You





  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault