C3.1 Description

Peer to Peer networks consist of collections of computers or “nodes” that simultaneously function as both “clients” and “servers” to achieve a common purpose. The nodes may exchange data, share resources, provide directory services, support communications and provide real time collaboration tools.

A number of control and communication architectures are utilized. Centralized index servers can provide directory services for data and service availability. In fully distributed networks each node helps with the indexing and directory services and is fully equivalent. Hybrid architectures combine the features of both to different degrees and groups of nodes may “elect/promote” certain nodes to act as regional index/directory servers.

Many legitimate applications use P2P. Software tool vendors, including Microsoft and Sun, provide a variety of tools and encourage development of P2P applications. However, like any data transfer tool, P2P applications can be misused or exploited to illegally share copyrighted material, obtain confidential data, expose users to unwanted pornography, violence or propaganda, distribute and execute malware (viruses, spyware, bots, etc.), overload the network, mine usage and behavior patterns and control bots, all of which can create a legal liability. The liability and legal prosecution may not be limited to the perpetrator and may be extended to the network sponsor, supporters or members.

The P2P networks themselves may be attacked by modifying legitimate files with malware, seeding malware files into shared directories, exploiting vulnerabilities in the protocol or errors in coding, blocking (filtering) the protocol, denial of service by making the network function slowly, spamming and identity attacks that identify network users and harass them. Legal action has been successfully used to shut down some popular networks that were culprits of copyright infringement.

P2P concepts and techniques are evolving and can be found in:

• File sharing networks—whose main goal is to share resources such as storage and bandwidth. These operate through a distributed network of clients, sharing directories of files or entire hard drives of data. Clients participate by downloading files from other users, making their data available to others and coordinating file searches for other users.



• Cloud Computing —(Also called distributed processing, Grid Computing, mesh networks) where “clouds” of computers are deployed to provide a virtual computing environment to accomplish a given task by distributing processing load and data. Cloud Computing brings servers on-line as needed, and the end user does not know where the data resides or executes at any point. In some cases, the application runs on a combination of servers and on the user’s PC. Server clouds can reside physically in large facilities controlled by one organization or they can also reside all over the Internet. Because resizable computing capacity is based on virtual servers the data owner does not really know where his programs and data reside physically.

Most of the P2P programs use a set of default ports but they can automatically or manually be set to use different ports if necessary to circumvent detection, firewalls, or egress filters. The trend seems to be moving towards the use of http wrappers and encryption to easily bypass corporate restrictions.

C3.2 Operating Systems Affected

There are versions of P2P software available for all Microsoft Windows operating systems currently in use, along with versions for Linux, MacOS and most Unix-like Operating Systems.