peer to peer networks and security
play

Peer to Peer Networks and Security Kostya Kortchinsky CERT RENATER - PowerPoint PPT Presentation

Dec 15, 2022 •413 likes •757 views

Peer to Peer Networks and Security Kostya Kortchinsky CERT RENATER Kostya.Kortchinsky@renater.fr 23/06/2003 Kostya Kortchinsky - RENATER 1 Agenda Some Figures Security Issues Viruses, trojans, and other malware

  1. Peer to Peer Networks and Security Kostya Kortchinsky CERT RENATER Kostya.Kortchinsky@renater.fr 23/06/2003 Kostya Kortchinsky - RENATER 1

  2. Agenda • Some Figures • Security Issues – Viruses, trojans, and other malware – Information disclosure – System compromise • Solutions 23/06/2003 Kostya Kortchinsky - RENATER 2

  3. Some Figures 23/06/2003 Kostya Kortchinsky - RENATER 3

  4. Traffic Monitoring on RENATER Netflow 23/06/2003 Kostya Kortchinsky - RENATER 4

  5. Traffic coming from RENATER 23/06/2003 Kostya Kortchinsky - RENATER 5

  6. Traffic going to RENATER 23/06/2003 Kostya Kortchinsky - RENATER 6

  7. Number of Flows 23/06/2003 Kostya Kortchinsky - RENATER 7

  8. Security Issues 23/06/2003 Kostya Kortchinsky - RENATER 8

  9. Viruses, Trojans, and Other Malware • A virus is a piece of programming code usually disguised as something else that causes some unexpected and usually undesirable event. • A virus is often designed so that it is automatically spread to other computer users. • Viruses can be transmitted as attachments to an e-mail note, as downloads, or be present on a diskette or CD. 23/06/2003 Kostya Kortchinsky - RENATER 9

  10. Dissemination • By the software itself – Its popularity makes it a very valuable infection vector 23/06/2003 Kostya Kortchinsky - RENATER 10

  11. DlDer • http://www.grokster.com 1 January 2002 « It has recently come to our attention that our previous Grokster installer for about a three week period contained a program being called by the anti-virus companies W32.DlDer.Trojan. This program was apparently installed by one of our advertisers, ClickTilUWin. » 23/06/2003 Kostya Kortchinsky - RENATER 11

  12. Dissemination • By the content provided – Each user acts as a server for each other user • No centralized server to upload and download files • No way for the software developer to check the content provided • Protection is up to the user – A downloaded file is usually made available immediately for upload to other users 23/06/2003 Kostya Kortchinsky - RENATER 12

  13. Dissemination • http://www.kazaa.com/en/help/virus.htm « Most files that are accessible using Kazaa Media Desktop originate from other users. This means that there will always be the risk of irresponsible users introducing viruses. » • P2P File-Sharing networks have become a very easy mean to spread viruses 23/06/2003 Kostya Kortchinsky - RENATER 13

  14. Example • Win32/Merkur.A@mm (2002-11-01) – Mass mailing Internet worm in VB6 – Also spreads via • IRC network (using mIRC) • P2P network (using Kazaa, eDonkey, BearShare) – Copies itself to • C:\Program Files\Kazaa\My Shared Folder\IPspoofer.exe • C:\Program Files\Kazaa\My Shared Folder\Virtual Sex Simulator.exe 23/06/2003 Kostya Kortchinsky - RENATER 14

  15. Example • Win32/HLLW.Gool.B (2003-02-14) – Backdoor with trojan and internet worm capabilities in Delphi – Sets in the registry the sharing folders for Kazaa to C:\Windows\Sys32 – Copies itself in this folder to • Britney.jpg.exe • Catherine_Zeta_Jones_Nude.jpg.exe • X_Box_Emulator.txt.exe 23/06/2003 Kostya Kortchinsky - RENATER 15

  16. Screenshot XBOX Emulator search results on KaZaA 23/06/2003 Kostya Kortchinsky - RENATER 16

  17. Screenshot NO CD search results on eMule 23/06/2003 Kostya Kortchinsky - RENATER 17

  18. Information Disclosure 23/06/2003 Kostya Kortchinsky - RENATER 18

  19. Spyware • In general, spyware is any technology that aids in gathering information about a person or organization without their knowledge. • On the Internet, spyware is programming that is put in someone's computer to secretly gather information about the user and relay it to advertisers or other interested parties. 23/06/2003 Kostya Kortchinsky - RENATER 19

  20. Screenshot 23/06/2003 Kostya Kortchinsky - RENATER 20

  21. Sharing Private Data • The risk is great that unintended files will be shared – Users may often be sharing private data without being aware of it – Although theoretically the user controls what subdirectories he/she makes available to peer users, sometimes more subdirectories are shared than is known or intended 23/06/2003 Kostya Kortchinsky - RENATER 21

  22. Screenshot Several Inbox.dbx in search Downloading 260 megabytes Inbox results from eDonkey file from KaZaA 23/06/2003 Kostya Kortchinsky - RENATER 22

  23. Example To: « Pierre Dupont » <pierre.dupont@xxxxxxx.fr> Subject: Votre mot de passe From: membre@yyyy.fr Reply-To: membre@yyyy.fr Date: Tue, 22 Oct 2002 18:29:37 +0200 Cher(e) membre, Vous avez oublie votre mot de passe, le voici : zzzzzz A tres bientot sur www.yyyy.fr L'equipe Yyyy ! 23/06/2003 Kostya Kortchinsky - RENATER 23

  24. System Compromise 23/06/2003 Kostya Kortchinsky - RENATER 24

  25. BearShare Advice • http://www.bearshare.com/help/citizen.htm « You don't need to get rid of your firewall completely, you just need to "drill a hole" in it for BearShare. It won't decrease your security because BearShare doesn't contain any security holes. Please read BearShare Firewall Tutorial for instructions how to configure your firewall. » 23/06/2003 Kostya Kortchinsky - RENATER 25

  26. BearShare Directory Traversal • http://www.securityfocus.com/bid/5888 « The BearShare webserver is prone to directory traversal attacks. This may allow remote attackers to break out of the web root directory and browse the filesystem of the host running the software. This issue is a variant of the vulnerability described in Bugtraq ID 2672. The variant issue was unsuccessfully addressed in version 4.0.6. It is still possible to disclose files with a malicious URL encoded request to the webserver. » 23/06/2003 Kostya Kortchinsky - RENATER 26

  27. eDonkey 2000 Buffer Overflow • http://www.securityfocus.com/bid/4951 « The eDonkey 2000 Windows client includes a handler for a custom URI, ed2k://. It has been reported that the handler for eDonkey 2000 is vulnerable to a buffer overflow condition when parsing maliciously constructed URIs. This may be exploited to crash the user's browser or execute arbitrary code on the victim client. » 23/06/2003 Kostya Kortchinsky - RENATER 27

  28. Kazaa Buffer Overflow • http://www.securityfocus.com/bid/6747 « KaZaA version 2.0.2 is vulnerable to a denial of service attack caused by a buffer overflow. By sending a malicious response to an affected system for the automated advertisement download, a remote attacker could overflow a buffer and cause the system to crash or possibly execute code on the system. » 23/06/2003 Kostya Kortchinsky - RENATER 28

  29. SETI@home Buffer Overflow • http://spoor12.edup.tudelft.nl « The SETI@home clients use the HTTP protocol to download new workunits, user information and to register new users. There is a bufferoverflow in the server responds handler. Sending an overly large string followed by a newline ('\n') character to the client will trigger this overflow. » 23/06/2003 Kostya Kortchinsky - RENATER 29

  30. Solutions 23/06/2003 Kostya Kortchinsky - RENATER 30

  31. JANET-CERT • http://www.ja.net/CERT/JANET- CERT/prevention/peer-to-peer.html – « ...In an aim to improve the security of our network, as well as hopefully reduce bandwidth, particularly outgoing, we have decided to block Peer To Peer (P2P) file sharing. Research has revealed the following TCP/IP are used, and the software that uses them. Links to the software itself can be found with the list of ports... » 23/06/2003 Kostya Kortchinsky - RENATER 31

  32. University of Chicago • Disabling Peer to Peer File Sharing – http://security.uchicago.edu/peer-to- peer/no_fileshare.shtml 23/06/2003 Kostya Kortchinsky - RENATER 32

  33. Thank You ! Questions ? 23/06/2003 Kostya Kortchinsky - RENATER 33

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Peer-to-Peer Networks 14 Security Christian Schindelhauer Technical Faculty Computer-Networks

Peer-to-Peer Networks 14 Security Christian Schindelhauer Technical Faculty Computer-Networks

Peer-to-Peer Networks 14 Security Christian Schindelhauer Technical Faculty Computer-Networks and Telematics University of Freiburg Free-Net Ian Clarke, Oskar Sandberg, Brandon Wiley, Theodore Hong, 2000 Goal - peer-to-peer network -

746 views • 36 slides
Peer-to-Peer Networks 09 Random Graphs for Peer-to-Peer-Networks Christian Ortolf Technical

Peer-to-Peer Networks 09 Random Graphs for Peer-to-Peer-Networks Christian Ortolf Technical

Peer-to-Peer Networks 09 Random Graphs for Peer-to-Peer-Networks Christian Ortolf Technical Faculty Computer-Networks and Telematics University of Freiburg Peer-to-Peer Networking Facts Hostile environment - Legal situation - Egoistic

882 views • 57 slides
Peer-to-Peer Networks 14 Security Christian Schindelhauer Technical Faculty Computer-Networks

Peer-to-Peer Networks 14 Security Christian Schindelhauer Technical Faculty Computer-Networks

Peer-to-Peer Networks 14 Security Christian Schindelhauer Technical Faculty Computer-Networks and Telematics University of Freiburg Cuckoo Hashing for Security Awerbuch, Scheideler, Towards Scalable and Robust Overlay Networks Problem: -

329 views • 19 slides
Peer-to-Peer Networks 14 Security Christian Schindelhauer Technical Faculty Computer-Networks

Peer-to-Peer Networks 14 Security Christian Schindelhauer Technical Faculty Computer-Networks

Peer-to-Peer Networks 14 Security Christian Schindelhauer Technical Faculty Computer-Networks and Telematics University of Freiburg Cryptography in a Nutshelf Symmetric Cryptography - AES - Affine Cryptosystems Public-Key Cryptography -

474 views • 32 slides
THE POLITICS OF BLOCKCHAIN From Primus Inter Pares to Peer-to-Peer HOW BLOCKCHAIN WORKS In

THE POLITICS OF BLOCKCHAIN From Primus Inter Pares to Peer-to-Peer HOW BLOCKCHAIN WORKS In

THE POLITICS OF BLOCKCHAIN From Primus Inter Pares to Peer-to-Peer HOW BLOCKCHAIN WORKS In peer-to-peer networks, all the operations Peer-to-peer networks Proof-of-work equally rely on each node in the system. Digital signature Registry

328 views • 18 slides
Peer-to-Peer Networks 14 Game Theory Christian Schindelhauer Technical Faculty

Peer-to-Peer Networks 14 Game Theory Christian Schindelhauer Technical Faculty

Peer-to-Peer Networks 14 Game Theory Christian Schindelhauer Technical Faculty Computer-Networks and Telematics University of Freiburg Literature Feldman, Chuang Overcoming Free-Riding Behavior in Peer-to-Peer Systems, 2005

449 views • 24 slides
Peer-to-Peer Networks 16 Hole Punching Christian Schindelhauer Technical Faculty

Peer-to-Peer Networks 16 Hole Punching Christian Schindelhauer Technical Faculty

Peer-to-Peer Networks 16 Hole Punching Christian Schindelhauer Technical Faculty Computer-Networks and Telematics University of Freiburg Peer-to-Peer Networks NAT, PAT &amp; Firewalls 2 Network Address Translation Problem - too few

725 views • 38 slides
Peer-to-Peer Networks 11 Game Theory Christian Ortolf Technical Faculty Computer-Networks and

Peer-to-Peer Networks 11 Game Theory Christian Ortolf Technical Faculty Computer-Networks and

Peer-to-Peer Networks 11 Game Theory Christian Ortolf Technical Faculty Computer-Networks and Telematics University of Freiburg Literature Feldman, Chuang Overcoming Free -Riding Behavior in Peer-to- Peer Systems, 2005 Feldman,

687 views • 25 slides
Peer-to-Peer Networks 11 Past Christian Ortolf Technical Faculty Computer-Networks and

Peer-to-Peer Networks 11 Past Christian Ortolf Technical Faculty Computer-Networks and

Peer-to-Peer Networks 11 Past Christian Ortolf Technical Faculty Computer-Networks and Telematics University of Freiburg PAST PAST: A large-scale, persistent peer-to-peer storage utility - by Peter Druschel (Rice University, Houston

372 views • 26 slides
Peer-to-Peer Networks 13 Security Christian Schindelhauer Technical Faculty Computer-Networks

Peer-to-Peer Networks 13 Security Christian Schindelhauer Technical Faculty Computer-Networks

Peer-to-Peer Networks 13 Security Christian Schindelhauer Technical Faculty Computer-Networks and Telematics University of Freiburg Attacks Denial-of-Service Attacks (DoS) Timing attacks - or distributed denial of service - messages

419 views • 27 slides
Todays Objec2ves Kerberos Peer To Peer Overlay Networks Final Projects Nov 27,

Todays Objec2ves Kerberos Peer To Peer Overlay Networks Final Projects Nov 27,

11/27/17 Todays Objec2ves Kerberos Peer To Peer Overlay Networks Final Projects Nov 27, 2017 Sprenkle - CSCI325 1 Kerberos Trusted third party, runs by default on port 88 Security objects: Ticket: token, verifying

407 views • 30 slides
Decentralized Trust Management for Decentralized Trust Management for Ad-Hoc Peer-to-Peer

Decentralized Trust Management for Decentralized Trust Management for Ad-Hoc Peer-to-Peer

Decentralized Trust Management for Decentralized Trust Management for Ad-Hoc Peer-to-Peer Networks Ad-Hoc Peer-to-Peer Networks Thomas Repantis Vana Kalogeraki Department of Computer Science &amp; Engineering University of California,

1.41k views • 29 slides
Peer-to-Peer Networks 15 Self-Organization Christian Schindelhauer Technical Faculty

Peer-to-Peer Networks 15 Self-Organization Christian Schindelhauer Technical Faculty

Peer-to-Peer Networks 15 Self-Organization Christian Schindelhauer Technical Faculty Computer-Networks and Telematics University of Freiburg Topology-Management T-Man: Fast Gossip-based Construction of Large-Scale Overlay Topologies Mark

345 views • 15 slides
Peer-to-Peer Networks 16 P2P in the Wild Christian Schindelhauer Technical Faculty

Peer-to-Peer Networks 16 P2P in the Wild Christian Schindelhauer Technical Faculty

Peer-to-Peer Networks 16 P2P in the Wild Christian Schindelhauer Technical Faculty Computer-Networks and Telematics University of Freiburg Real-World P2P Applications in 2016 File sharing &amp; transmission Bittorrent, eMule,

559 views • 13 slides
Peer-to-Peer Networks 16 P2P in the Wild Christian Ortolf Technical Faculty Computer-Networks

Peer-to-Peer Networks 16 P2P in the Wild Christian Ortolf Technical Faculty Computer-Networks

Peer-to-Peer Networks 16 P2P in the Wild Christian Ortolf Technical Faculty Computer-Networks and Telematics University of Freiburg Real-World P2P Applications in 2016 File sharing &amp; transmission Bittorrent, eMule, FastTrack,

604 views • 10 slides
Peer-to-Peer Networks The Internet 6th Week Albert-Ludwigs-Universitt Freiburg Department of

Peer-to-Peer Networks The Internet 6th Week Albert-Ludwigs-Universitt Freiburg Department of

Peer-to-Peer Networks The Internet 6th Week Albert-Ludwigs-Universitt Freiburg Department of Computer Science Computer Networks and Telematics Christian Schindelhauer Summer 2008 Montag, 9. Juni 2008 1 Peer-to-Peer Networks Internet 2

625 views • 23 slides
Hunting for Metamorphic By Pter Szr and Peter Ferrie Introduction Polymorphic virus

Hunting for Metamorphic By Pter Szr and Peter Ferrie Introduction Polymorphic virus

Hunting for Metamorphic By Pter Szr and Peter Ferrie Introduction Polymorphic virus engines resulted in stronger virus scanners. Paper focuses on how virus creators have challenged virus scanners over the past decade. Evolution of

446 views • 16 slides
Malicious Software Computer Security Peter Reiher November 25, 2014 Lecture 12 Page 1 CS 136,

Malicious Software Computer Security Peter Reiher November 25, 2014 Lecture 12 Page 1 CS 136,

Malicious Software Computer Security Peter Reiher November 25, 2014 Lecture 12 Page 1 CS 136, Fall 2014 Outline Introduction Viruses Trojan horses Trap doors Logic bombs Worms Botnets Spyware Malware

838 views • 67 slides
Converting Scripts into Reproducible Workflow Research Objects Lucas A. M. C. Carvalho, Khalid

Converting Scripts into Reproducible Workflow Research Objects Lucas A. M. C. Carvalho, Khalid

Converting Scripts into Reproducible Workflow Research Objects Lucas A. M. C. Carvalho, Khalid Belhajjame, Claudia Bauzer Medeiros lucas.carvalho@ic.unicamp.br Baltimore, Maryland, USA October 23-26, 2016 Background and Motivation

745 views • 43 slides
Overview of a C Program Programming with C CSCI 112, Spring 2015 Patrick Donnelly Montana State

Overview of a C Program Programming with C CSCI 112, Spring 2015 Patrick Donnelly Montana State

Overview of a C Program Programming with C CSCI 112, Spring 2015 Patrick Donnelly Montana State University C Language Components Preprocessor Directives Comments The main function Variable Declarations and Data Types

777 views • 42 slides
Inventing Managerial Inventing Managerial Information: Information: Systems Men and the

Inventing Managerial Inventing Managerial Information: Information: Systems Men and the

Inventing Managerial Inventing Managerial Information: Information: Systems Men and the Computer 1957- -67 67 Systems Men and the Computer 1957 Tom Haigh thaigh@sas.upenn.edu 1 My Topic: My Topic: Managerial Information

558 views • 41 slides
Executive Office of Public Safety and Security Department of Criminal Justice Information

Executive Office of Public Safety and Security Department of Criminal Justice Information

Executive Office of Public Safety and Security Department of Criminal Justice Information Services CORI Training October 20, 2020 What is the Department of Criminal Justice Information Services (DCJIS)? DCJIS is the Massachusetts agency

529 views • 16 slides
OFFICE HOURS ESG-CV Reporting Prepared: September 15,2020 Call in If you are having audio

OFFICE HOURS ESG-CV Reporting Prepared: September 15,2020 Call in If you are having audio

OFFICE HOURS ESG-CV Reporting Prepared: September 15,2020 Call in If you are having audio difficulty using your computer, please call in using one of the following phone numbers: US Toll free +1-855-797-9485 US Toll +1-415-655-0002 Access

561 views • 17 slides
Checking Inside the Black Box: Regression Testing Based on Value Spectra Differences Tao Xie

Checking Inside the Black Box: Regression Testing Based on Value Spectra Differences Tao Xie

Checking Inside the Black Box: Regression Testing Based on Value Spectra Differences Tao Xie David Notkin Dept. of Computer Science &amp; Engineering, University of Washington, Seattle 12 Sept. 2004 ICSM 2004, Chicago 1 Synopsis

600 views • 35 slides

More recommend