Home page logo
/

basics logo Security Basics mailing list archives

Re: security in P2P
From: Mike S <mikeofmany () gmail com>
Date: Sun, 29 Jul 2012 16:52:06 -0700

So if this is a private network, upon submitting the file for
tracking, one can setup the hash of the file. Then if the file is
modified, that hash can be compared against the modified file, to me
this seems like the only way to have a detection based on anomaly.

Otherwise, If it is my network, and I do not control the P2P network,
then I would choose not to allow such traffic in order to protect
against such things as are out of my control.

--
Mike of Many Stories, Ideas, and Ramblings
Game Chef 2009, 2010
NaNoWriMo 2008, 2009

http://mikeofmanystories.blogspot.com/ - writings
http://mikeofmany.wordpress.com/ - personal bloggery

On Fri, Jul 27, 2012 at 12:08 AM, Pratik Narang
<pratik.cse.bits () gmail com> wrote:

Hi all,

Consider a situation involving (only) Peer to Peer traffic in a small
or medium sized network.

Peer A does a search for file qwerty.mp3, and then starts pulling the
file, in pieces, from different Peers- B, C, D and E.

Now say Mr. C is a malicious peer, and the file at his end contains a
malware/virus/trojan etc. Or better still, Mr. C decides to target
peer A and injects a malware/trojan etc. into one of the pieces of the
file.

As a network admin, what one may do that innocent peers like A are
protected from such situations. I need a solution involving use of
IDS/IPS with signature based and/or anomaly based detection.

Kindly do not suggest actions or measures relating to the end user.
Whatever has to be done, must be done in the network design/plan- say
use Snort or some other IDS/IPS and write rules to an Open source
firewall using the IDS/IPS for this specific scenario.

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL
certificate.  We look at how SSL works, how it benefits your company and how
your customers can tell if a site is secure. You will find out how to test,
purchase, install and use a thawte Digital Certificate on your Apache web
server. Throughout, best practices for set-up are highlighted to help you
ensure efficient ongoing management of your encryption keys and digital
certificates.


http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------


------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]