IP Media Monitor: P2P - whitepapers

Securing Your Network from Inbound and Outbound Threats

Thu, 01 Jan 1970 00:00:00

Join experts from Secure Computing & AECOM as they review a case study of deploying strong authentication & Web filtering to protect from inbound & outbound security threats. They will discuss the need to 1) strongly identify remote users, 2) to control outbound Web access and prevent liability & 3) to manage threats such as spyware, IM, P2P, & more.

Download Securing Your Network from Inbound and Outbound Threats Now.

Managing Emerging Security Threats

Thu, 01 Jan 1970 00:00:00

The biggest threat to corporate information security is the emergence of well-organized criminal groups as the primary perpetrators of computer attacks. They are largely succeeding by using a new breed of blended attacks, which employ a variety of methods (e.g., spam, malware, phishing) simultaneously to compromise security of systems, and spread in a multitude of ways (via e-mail, web, IM, P2P, even wireless devices).

Without implementing adequate protection measures, enterprises are at risk of having their operations critically disrupted. Protecting the enterprise requires a holistic approach, which must include user education, securing all possible network entry and exit points, implementing robust content filtering, and developing strong partnerships with vendors and law enforcement. Unless a comprehensive layered defense is implemented, it is certain that a company will be a target of a successful blended attack.

Desktop Security: Proactive Protection against Known and Unknown Desktop Security Threats

Thu, 01 Jan 1970 00:00:00

With security threats growing in complexity and destructiveness, it is imperative to have a multi-layered security solution that is fast, strong and nimble. Websense offers both a desktop security solution and an integrated security solution to proactively address security threats. The desktop security solutions are available in two options to provide comprehensive protection: Websense Web Security Suite ? Lockdown Edition and Websense Client Policy Manager (CPM).

These security solutions identify and block known and unknown threats automatically, and prevent unknown applications, such as spyware, keyloggers, peer-to-peer transmissions, and hacking tools, from launching.

Download Desktop Security: Proactive Protection against Known and Unknown Desktop Security Threats now.

Routing: Transitioning to IPv6 Now

Thu, 01 Jan 1970 00:00:00

Of all the benefits that IPv6 promises for next-generation networking -autoconfiguration, limitless addresses, mobility - its ability to recreate end-to-end communications will be among its greatest contributions. By re-enabling direct peer-to-peer communications, IPv6 will be the catalyst for a new generation of shared-experience applications - virtual concerts, video meetings, online video classes, and real-time gaming - using voice, video, and presence-based technology that far transcend today's early-stage applications.

Securing the University Network: An Introduction to Endpoint Security Options

Thu, 01 Jan 1970 00:00:00

Universities have a difficult network environment to secure. Proprietary information must be protected, the network must be available 24x7, yet tens of thousands of untrusted student-owned computers must be given access. That's where the problem arises. Network administrators cannot control what students do, or have done, with their laptops and desktops, and that puts the entire network at risk.

Compared to users in the business sector, students have an enormous amount of flexibility over how they configure applications, change security settings, download or install software, and use file sharing, messaging, and peer-to-peer applications. It's a network administrator's nightmare. The security of student computers (referred to as endpoints) is usually unknown and is frequently inadequate or nonexistent. There are no guarantees that these devices have the latest security patches, up-to-date anti-virus definitions, or a personal firewall. They may already be infected with malware; worms, Trojans, spyware, and viruses when they arrive on campus.

Protecting Revenues, Establishing Trust, Empowering Consumers: Digital Asset Protection ...

Thu, 01 Jan 1970 00:00:00

Content owners want to take advantage of the lower costs, viral marketing opportunities, and consumer satisfaction that comes with digital content distribution. Piracy fears have become a harsh reality for the entertainment industry with the advent of unrestricted peer-to-peer file sharing technology, high-quality, open digital content formats like MP3 and duplication technology that creates near-perfect copies of offline media. Consumers have taken well to these new technologies as they allow them flexibility with their purchased media. However, consumers are generally not well-versed in the complexities of copyright law and their desire for more digital content functionality has far outpaced their understanding of the consequences of their actions. The entertainment industry desires to give consumers the digital experience they want, but, they have their own business and the rights and compensation of their artists to protect. Consumers are also increasingly worried about identity theft and digital content services need to establish trust with consumers that their personal information will not be misused. RSA Security understands these issues and works with the leading standards bodies across industries to champion open, broadly-compatible solutions that tackle the challenges of effective digital asset protection with proven, stable security technologies. Our solutions give consumers the seamless, flexible, and trusted digital content experience they desire while promoting the protection of the rights and revenue of copyright owners.

Cisco White Paper: How to Configure Cisco's Core SIP Products

Thu, 01 Jan 1970 00:00:00

The Session Initiation Protocol (SIP) is a signaling protocol used to negotiate, establish, and terminate multimedia sessions such as voice calls. It is a peer-to-peer technology, similar to H.323, where endpoints possess the capability to initiate and receive sessions without the assistance of a call-processing agent such as those used with the Media Gateway Control Protocol (MGCP) and Skinny Client Control Protocol (SCCP). This paper introduces the core components of a SIP network and explains how to configure them.

Establishing an Internet Use Policy to Address Peer-to-Peer (P2P) Use

Thu, 01 Jan 1970 00:00:00

P2P file sharing is now a significant part of the Internet and is here to stay. Separating the social aspects of the Internet from work-related processes is an emerging challenge for companies. Keeping good employees from doing bad things on the Internet increases productivity, improves network performance and limits threats from viruses, worms, adware, spyware and other hoaxes. P2P cannot be controlled solely with network devices, URL filtering or acceptable use policies written in a binder. True application level control is required to control and manage P2P on enterprise networks. The Blue Coat ProxySG provides the visibility and control.

IP Telephony (VoIP) Security: Deploying Secure IP Telephony in the Enterprise Network

Thu, 01 Jan 1970 00:00:00

As voice over IP (VoIP) installations increasingly evolve from PBX trunking over private data networks to IP telephony (IPT)-based solutions ? and, in some cases, incorporating public networks ? it becomes increasingly important to recognize and address associated security issues. The risk and threat to enterprises deploying IP telephony are very real, and although few incidents have been reported in public, these are expected to increase in number as IP telephony deployments increase in number and size. Unless protective security measures are taken, the enterprise will be left open to privacy violation, fraud, and malicious attacks.

To mitigate these threats appropriately, the actual risks must be identified and mapped to a security framework. This framework can then be used to establish security requirements for the products used to obtain an appropriate level of security for the IPT solution. However, since IP telephony is a service that enables direct communication between end-user IP phones throughout an enterprise, it is critical that security measures allow this type of peer-to-peer traffic flow while protecting the telephony service. The telephony service is a convergence of the enterprise voice and data infrastructure, so it is critical that a security strategy be implemented on an enterprise-wide level within the enterprise-wide security framework. These measures must be taken as VoIP projects are planned and executed, and if properly implemented, most risks can be adequately mitigated.

The Rise of Greynets: Unsanctioned End User Applications and Their Impact on Enterprise Security

Thu, 01 Jan 1970 00:00:00

IM, P2P file sharing and spyware are 'greynets' -- elusive applications deployed by end users without IT permission. Ranging from good to bad (white to black), greynet applications can provide measurable business productivity benefits, but they also introduce threats to network and information security. In addition to increased exposure of viruses, worms and other security threats, greynets create risk of disclosure of intellectual property, loss of customer data, competitive leaks and spyware infections. The challenge for IT managers is how to enable and control use of the good greynets while blocking and defending against the bad ones. This white paper discusses the growing security threats that accompany greynet adoption in the enterprise and a comprehensive solution for end-to-end control and security of these stealth applications.

Protecting Revenues, Establishing Trust, Empowering Consumers: Digital Asset Protection ...

Thu, 01 Jan 1970 00:00:00

Securing Your Network from Inbound and Outbound Threats

Thu, 01 Jan 1970 00:00:00

Download Securing Your Network from Inbound and Outbound Threats Now.

Managing Emerging Security Threats

Thu, 01 Jan 1970 00:00:00

Building Peer-to-Peer XML Content Networks of Web Services for Federal Scientific and ...

Thu, 01 Jan 1970 00:00:00

XML is a new standard for preserving and communicating information - encoding, tagging, and internationalizing on the World Wide Web. Web services use XML data and messages to provide communication between applications running on different Web servers that will bring the Internet to its new level (called the third generation). Peer-to-Peer (P2P) architectures are best understood by thinking in terms of Presence, Identity, and Edge (PIE) resources that offer powerful approaches for solving the seemingly intractable problems of the Web and for creating a more efficient and robust Internet. P2P creates the most significant challenges to traditional centralized IT departments and security models.

Those Aren't Just Files You're Swapping - The Dangers of Peer-to-Peer File Sharing

Thu, 01 Jan 1970 00:00:00

Employees are using company resources to access peer-to-peer (P2P) applications on company time and exposing organizations to serious and potentially catastrophic risks. Swapped files from P2P networks may contain viruses, worms, Trojan horses, and spyware. And, since P2P is primarily used to exchange pirated audio, video, and software files or inappropriate content, companies should be concerned about the potential exposure to legal - even criminal - liability. Due to its unique, layered approach, Websense software allows companies to completely prevent P2P use at the network level, gateway, and desktop. Websense gives companies complete confidence that P2P applications will not operate in their IT environment and cannot be used on any company-owned computers.

Unauthorized Peer to Peer (P2P) Programs on Government Computers

Thu, 01 Jan 1970 00:00:00

Peer-to-peer (P2P) file sharing systems provide Internet users with the ability to share files on their computers with up to millions of other people. In doing so, the software makes it possible for people to accidentally share personal files or sensitive data. P2P programs have been found to allow easier access to government computer systems for theft of sensitive documents and use of government resources, due to unauthorized installation and use of this software on government systems. Recent news media reports stated P2P allowed sensitive government documents to get into the public domain.

An Efficient Nearest Neighbor Algorithm for P2P Settings

Thu, 01 Jan 1970 00:00:00

New Peer-to-Peer (P2P) applications like P2P job employee seeker networks and P2P virtual cities, for application domains such as collaborative urban planning and forming virtual communities, are about to emerge. An important component in these applications is spatial data, i.e., data with locational components. Many requests initiated on spatial data involve finding the spatial objects that are nearest to a query location. This paper proposes an efficient algorithm that finds the spatial objects that are nearest to a given query location on a P2P network in the order of their minimum distance to the query point.

Managing Peer-to-Peer Traffic With Cisco Service Control Technology

Thu, 01 Jan 1970 00:00:00

This paper discusses the unique problems associated with the growing popularity of P2P applications and how they affect the IP network; it offers various remedies that Cisco Service Control technology offers network operators. These include detailed usage accounting of P2P traffic as well as monitoring and billing, based on such information and the use of service control policies. The high level of data abstraction and presentation that the Cisco Service Control platform offers can help ISPs better manage these business challenges and avoid alienating their customer base by deploying proactive policies that are not perceived as intrusive or unfair by subscribers.

Establishing an Internet Use Policy to Address Peer-to-Peer (P2P) Use

Thu, 01 Jan 1970 00:00:00

Attack of the 'Zombies' (and How to Respond)

Thu, 01 Jan 1970 00:00:00

Today's bots are more powerful and sophisticated than the original distributed denial-of-service (DDoS) "zombies" of 2000 - and therefore much more difficult to defeat. Today's bots-on-steroids can encrypt their communications, employ "Swiss Army knife" feature sets and use peer-to-peer networks to maximize their range and damage. They can scan for hidden vulnerabilities and backdoors, sniff IRC, HTTP and FTP network traffic, harvest e-mails and steal secret passwords.

This webcast reviews next-generation bot features and security-evasion techniques, and explores practical ways for identifying them given their new level of sophistication. Attendees will gain an understanding of:

How to identify and destroy new bots, such as Phatbot and Agobot How bots combine to form "Waste Networks" Botnets in action: a step-by-step walk-through with pointers on what to look for at each stage

Searchius: A Hybrid Peer-to-Peer System for Collaborative Web Searching and Personalization

Thu, 01 Jan 1970 00:00:00

This paper presents Searchius, a hybrid peer-to-peer search engine that produces search results based solely on user provided web-related data and their sharing among users. Unlike current peer-to-peer systems, which are mainly used to exchange files between users, Searchius facilitates the sharing of information. The paper discusses the architecture of this system and how it compares to current state-of-the-art search engines.

Integrated Residential Gateway: Easy IA Management With P2P Community Using RFID

Thu, 01 Jan 1970 00:00:00

Ubiquitous network connectivity and enhanced home-appliance technologies are leading to an evolution in advanced consumer electronics equipment, called the Residential Gateway (RG). This paper proposes an IPv6-enabled platform-independent Integrated Residential Gateway (IRG) skeleton that integrates a novel P2P solution based on IPv6 networks. For network equipment to exchange information and gain benefits, this approach combines the current RFID, RG IA management, native IPv6 DNS and the Blog Community.

Protecting HTTP Traffic: Why Web Filtering Should Be Your First Line of Defense

Thu, 01 Jan 1970 00:00:00

Unrestricted browsing opens doors that allow viruses, Trojans, spyware, and other malware into your network that will very likely if not certainly decrease productivity, cause network disruptions, or even steal vital proprietary information. Web filtering is concerned primarily with HTTP-based threats to the network. HTTP threats that need to be protected against include threats revolving around messaging, email, P2P fileshare, spyware, adware, hijackers, cookies, DRM, malware, phishing, spam, worms, and employee Web surfing. Protecting against all of these threats requires a multi-layered content security strategy. Web filtering is a critically important component of this strategy, since HTTP communications are one of the primary methods used to exploit people, applications and networks.

A Service Workflow Management Framework Based on Peer-to-Peer and Agent Technologies

Thu, 01 Jan 1970 00:00:00

Service workflow management which consolidates multiple services to achieve business goals has become a critical issue in service-oriented computing. Due to the unique feature of service workflows such as full distribution and high dynamicity, the contemporary workflow technology has exhibited inefficiency, vulnerability, inflexibility and lack of adaptability. Based upon the authors' previous work on peer-to-peer based workflow management and seamless integration of agents and Web services, this paper innovatively presents SwinDeW-A which is a decentralised service workflow management framework based on peer-to-peer and agent technologies.

Anatomy of a P2P Content Distribution System With Network Coding

Thu, 01 Jan 1970 00:00:00

This paper presents the experiences with a P2P content distribution system that uses Network Coding. Using results from live trials, the authors are able to present a detailed performance analysis of such P2P system from a variety of novel perspectives and show that Network Coding incurs little overhead, both in terms of CPU processing and I/O activity, and it results in smooth and fast downloads. To ensure secure transfers, the authors describe a novel scheme that verifies encoded blocks on-the-fly and analyze its performance and also study the effect of peers behind NATs and firewalls and show the robustness of the system to large number of unreachable peers.

Software Pipelines - An Overview

Thu, 01 Jan 1970 00:00:00

Performance of critical business applications significantly impacts an organization's success. Compounding the complexity of this growing performance challenge is the popularity and rapid adoption of Service-Oriented Architecture (SOA), which can often lead to adverse performance implications in existing IT systems.Parallel computing is required to accomplish the next level of performance needed by many of today's critical business applications. Parallel computing to date has been concentrated on either mechanical solutions that offer limited scalability, or "embarrassingly parallel" grid-based scientific and engineering applications that lie outside the business domain. Developers need to address the performance challenge by applying a sensible and practical approach to parallel processing in demanding business applications. Learn how an architectural approach supports virtually unlimited peer-to-peer scalability, allowing the decomposition of business processes into specific tasks which are then executed in parallel, enabling flexibility and the speed required to respond to changing business requirements.Download Software Pipelines - An Overview now.

Competitive and Considerate Congestion Control for Bulk-Data Transfers

Thu, 01 Jan 1970 00:00:00

The current Internet features traffic from diverse applications; ranging from delay-sensitive web browsing to delay-insensitive data file transfers. This motivates service differentiation, yet router-centric solutions. The current practice relies on a limited service differentiation at network edges. End-hosts often implement such emulators of low priority service to differentiate low and normal priority traffic. A low priority service may fit well for some applications, e.g., software updates, but may not be adequate for bulk file transfers that aim at large throughputs. A scenario motivating home users is that of many simultaneous bulk transfers. This is a common feature of peer-to-peer file sharing applications. This paper develops a novel end-to-end congestion control that emulates a different service differentiation than the common low-normal priority.

Modeling Malware Propagation in Gnutella Type Peer-to-Peer Networks

Thu, 01 Jan 1970 00:00:00

A key emerging and popular communication paradigm, primarily employed for information dissemination, is Peer-To-Peer (P2P) networking. This paper models the spread of malware in decentralized, Gnutella type of peer-to-peer networks. The study reveals that the existing bound on the spectral radius governing the possibility of an epidemic outbreak needs to be revised in the context of a P2P network. The authors formulate an analytical model that emulates the mechanics of a decentralized Gnutella type of peer network and study the spread of malware on such networks.

Controlling the Use of Instant Messaging and Peer-to-Peer Applications With the Proventia ...

Thu, 01 Jan 1970 00:00:00

This paper identifies the techniques that can help businesses block, control and tailor the use of instant messaging applications and peer-to-peer applications with Internet Security Systems? Proventia Intrusion Prevention Appliances. The events in this paper are categorized in two groups: Instant messaging (IM) events and peer-to-peer events. In ISS' SiteProtector centralized management system, events may be grouped and located in different areas of the configuration menu based on the type of event. Events can also be located under the IM, File Sharing and Audits categories, as well as under the X-Press Update (XPU) tab.

Joint Server/Peer Receiver-Driven Rate-Distortion Optimized Video Streaming Using Asynchronous ...

Thu, 01 Jan 1970 00:00:00

This paper proposes a joint server/peer video streaming architecture for wireless networks, where a receiver can access a video server via an access point using the infrastructure mode and at the same time communicate with its peers using the ad hoc mode of its IEEE 802.11 interface card. The paper introduces a joint infrastructure/peer-to-peer, receiver-driven streaming scheme, and formulates it as a combinatorial optimization problem. The problem is decoupled into two steps: first selecting the sender (server or peer) by introducing asynchronous clocks, and then applying point-to-point rate-distortion optimization algorithm between a specific sender-receiver pair.

Competitive and Considerate Congestion Control for Bulk-Data Transfers

Thu, 01 Jan 1970 00:00:00

Filtering the Spectrum of Internet Threats: Defending against Inappropriate Content, Spyware, ...

Thu, 01 Jan 1970 00:00:00

With the newest Web-based threats, relying on basic firewalls is no longer enough to protect an organization's network. Most firewall rules are based on IP addresses and do not inspect the actual network traffic content, leaving the network dangerously exposed. This white paper will delve into the risk of allowing unwanted or offensive content into a network and describes the technologies and methodologies available to combat these types of threats. Learn why deploying a content-aware, perimeter-based network security devices that inspects and blocks Web requests based on URL destination should be an essential part of any network security plan. Download this paper to learn more about: Threats like phishing, fringe sites and instant messaging (IM); The cost of unmanaged Web surfing; Why standard firewalls are not enough.

iPrism ePolicy Handbook

Thu, 01 Jan 1970 00:00:00

Whether you need to implement an Acceptable Use Policy (AUP) for your organization, or have inherited one that needs to be updated, your AUP is critical in protecting your organization from Internet-based threats. This e-Policy Handbook is a valuable tool designed to help establish rules and guidelines for electronic communications within an organization. It includes vital information such as: The dos and don'ts of e-policy best practices; The tested and proven guidelines that can help organizations write the policies that support business goals; Why accurate and detailed policies must be part of an overall security strategy that includes Internet, instant messaging, and peer-to-peer filtering to protect against emerging threats. This handy e-Policy Handbook also provides templates you can use to compose or update your own AUP.

Finding Traffic Information With Mobile P2P Networks

Thu, 01 Jan 1970 00:00:00

This paper details a simulation of automobile traffic monitoring using mobile peer-to-peer networks. There is a great market need to be able to monitor traffic in real time. The goal of the project discussed is to create a system that could be implemented with currently available technology. Specifically the system would use a Global Positioning System (GPS) to determine current location and speed. The system would use a wireless networking communication medium such as 802.11 a, b or g. This paper introduces the MetaKMeans algorithm. This algorithm computes K-Means clusters using only local messages. The system is tested in a Java simulation.

On the Complexity of Variants of Cooperative Peer-to-Peer Repair for Wireless Broadcasting

Thu, 01 Jan 1970 00:00:00

The well-known NAK implosion problem for wireless broadcast can be addressed by leveraging cooperative peer-to-peer connectivity to repair corrupted data. This paper studies the Cooperative Peer-to-peer Repair (CPR) framework for multimedia broadcast. It is shown that CPR can be formulated as an optimization problem that minimizes the number of iterations it takes to wirelessly disseminate a desired message from peers 'With' the content to peers 'Without' it. Complicating the problem are transmission conflicts, where pre-specified sets of links cannot simultaneously transmit due to interference. The paper formalizes CPR as a discrete optimization problem, and proves that CPR and its many variants are NP-hard.

The Peer-to-Peer Wireless Network Confederation Scheme

Thu, 01 Jan 1970 00:00:00

In metropolitan areas, public infrastructures for high-speed wireless networking can be built through the private contributions of individual "Micro-operators" who use their Internet-connected Wireless LANs (WLANs) to forward foreign traffic from and to nearby low-mobility clients. The authors have designed a practical WLAN aggregation scheme that assumes that micro-operators are selfish and do not trust each other and uses a secure incentive technique to encourage their contribution; protects the real-world identities of micro-operators and clients by relying only on disposable opaque identifiers (public keys); is automated, using standard hardware and software developed for some of the main available platforms (Linux-based WLAN access points and Windows Mobile-based cell phones).

Instant Messaging, VoIP, P2P, and games in the workplace: How to take back control

Thu, 01 Jan 1970 00:00:00

Employees installing and using unauthorized applications like Instant Messaging, VoIP, games and peer-to-peer file-sharing applications cause many businesses serious concern. This paper looks at why it is important to control such applications, discusses the various approaches, and highlights how integrating this functionality into malware protection is the simplest and most cost-effective solution.

Instant Messaging, Voip, P2P, And Games In The Workplace: How To Take Back Control

Thu, 01 Jan 1970 00:00:00

IT departments have long understood the need to prevent viruses, spyware and other malicious applications or activity from compromising security and disrupting business continuity. Now the rapid emergence of Web 2.0 is beginning to redefine how individuals interact with the internet, and the related technologies pose a range of new threats. Web-savvy users who have local administration rights for their work computers are downloading applications such as Instant Messaging (IM), peer-to-peer (P2P) file-sharing applications and Voice over Internet Protocol (VoIP) services to help them communicate, share files and work collaboratively online - for both official and unofficial business.