1. Peer-to-Peer Technology and Security Issues By Raul Rodriguez, Arash Zarrinbakhsh, Cynthia Roger and Phillip Shires College of Business Administration (CoBA) April 26, 2007 For HTM 304 Professor Fang, Fang

2. Introduction The Peer-to-Peer system/networking gets rid of having to have a centralize server. Peer-to- peer is a method in which computers communicate and share resources equally.

3. Objectives/Aims The objective is identifying the different types of technology and security applications with the Peer-to-Peer networking system.

4. Scope of the Project This report will introduce centralization, decentralization technology protocols, also security attacks and securing computers / networks.

5. Business Case Peer-to-Peer services has the resources to help companies in ways to sharply cut their distribution cost, this reason alone is reason for researching Peer-to-Peer technologies and security issues and concerns.

6. Research Methodology Arash Zarrinbakhsh – Centralization Cynthia Roger – Decentralization Phillip Shires – Attacks on P2P Networks Raul Rodriguez – Secure P2P Networks

7. Centralized Technology Traditional Peer 2 Peer, which connected one computer directly to another computer or server. Client-Server model A central server keeps information on peers and responds to requests from nodes for the same information.

8. Centralized Technology As nodes arrive and demands on the system increases, total capacity of the system decreases. In contrary with decentralized, centralized does not have peers that are responsible for hosting available resources

9. Decentralized Technology Definition per Wikipedia, Pure peer-to-peer network does not have the notion of client- server model, but only equal peer nodes that simultaneously function as both “client” and “server” to the other nodes on the network

10. Decentralized Technology Unlike centralized, Peers are responsible for hosting available resources. Peers are redirectors which make available resources sharable to peers that request files.

11. Decentralized Technology Advantages  Networks are scalable indefinitely  The more users the more network resources available.  Less costly

12. Attacks on P2P Networks Computer Attacks  Viruses  Malware – Spyware  Denial of Service  Identity Attacks  Filtering

13. Attacks on P2P Networks File Attacks  Poisoning  Polluting  Defections  Spamming

14. Securing P2P Networks Authentication  The process of whether or not some entity is in fact who or what that entity declares itself to be. Authorization  The process of giving a authenticated entity permission to do some action or access some resources.

15. Securing P2P Networks Encryption  The process of converting readily understandable information (plaintext) into a form difficult to understand by unauthorized individuals and systems (cipher text).

16. Securing P2P Networks Software  Antivirus protection  Firewall protection  Microsoft Windows Peer-to-Peer Networking = All three for Businesses  Safe boot = Encryption  Super E-mail Verifier 1.66 = E-mail

17. Securing P2P Networks Companies/Consultants  Fortify Software = Java script advisory  Enterasys Secure Networks = Network access control

18. Recommendations P2P is an efficient for monitoring traffic and control what is happening on desktop. Also, “For a name publication and resolution mechanism, Window Peer-to-Peer networking uses PNRP. PNRP is an efficient, protected, low cost, dynamic protocol that uses an iterative, server less method for name resolution.

19. Scope of Future Work P2P must be scalable, don’t worry about network defragmatation and loss of search replies. People must be able to trust resources being acquired. P2P must become a more robust network.

20. Conclusion The elements to secure systems focuses on trust with users/nodes. Trust is an issue when; management and distribution of content, distributing processed work when other nodes is sharing and collect results. Authentication Authorization Encryption