With more popular P2P file sharing networks out there like Morpheus, GNUtella and Kazaa users around the globe have installed the client software to allow their machines to act as file servers to the P2P community and allow them to access the files of other computers on the P2P network. Again, the fact that computers participate on one of these P2P networks means they must have certain ports open on their networks or computers.
In this case they generally will have at least one folder on their computer shared out as well. Having open ports and open file shares offers another prime target for malicious developers to exploit.
In February of 2002 a Denial-of-Servicevulnerability was announced that affected users of Kazaa, Morpheus and Grokster. By exploiting this vulnerability an attacker could cause the system to exhaust available resources and crash. It is also possible for users who are not members of the P2P network to connect to your computer using the port opened by the P2P network and access the files or folders you have made available. Some novice computer users have installed P2P networks listing the root “C:” drive as their main sharing folder which makes all of the system files and other critical data available to anyone on the P2P network.
The last topic for this lesson is packet sniffing. Packet sniffing, like most maligned services and applications, serves a legitimate purpose when used in the right way.
Packet sniffing can be invaluable in determining problems and troubleshooting issues on your network. However, in the wrong hands a packet sniffer is to your Internet traffic essentially the same as someone tapping your phone conversations.
A packet sniffer captures the individual packet data flowing across a network. Most decent packet sniffer applications will decode the binary data into something intelligible. Some carry it a step further to do protocol analysis and can help identify key information that may be useful. By capturing and decoding packets in this manner a hacker can learn a lot of valuable information about your network and possibly capture passwords or confidential personal data like credit card numbers.
In order to work the packet sniffer must be on the same network as the originating or intended destination machine. However, if a hacker has managed to install some sort of Trojan horse or backdoor program on one of the computers on either the sending or receiving networks they may be able to do the packet sniffing remotely. A switch will provide better protection against being detected from a 3rd-party machine because the network traffic only goes to its intended destination. If the network traffic goes across a hub, that traffic is broadcast to all devices attached to the hub and can therefore be intercepted by any of them.
That does it for Lesson 5. Hopefully you now have a better understanding of the concepts behind active scripting, cross site scripting, instant messaging, P2P networks and packet sniffing. I have provided some quick tips to try and help you protect yourself. More in depth security solutions will be provided in lessons 8, 9 and 10. Lesson 6 will be devoted entirely to antivirus software.
In this case they generally will have at least one folder on their computer shared out as well. Having open ports and open file shares offers another prime target for malicious developers to exploit.
In February of 2002 a Denial-of-Servicevulnerability was announced that affected users of Kazaa, Morpheus and Grokster. By exploiting this vulnerability an attacker could cause the system to exhaust available resources and crash. It is also possible for users who are not members of the P2P network to connect to your computer using the port opened by the P2P network and access the files or folders you have made available. Some novice computer users have installed P2P networks listing the root “C:” drive as their main sharing folder which makes all of the system files and other critical data available to anyone on the P2P network.
The last topic for this lesson is packet sniffing. Packet sniffing, like most maligned services and applications, serves a legitimate purpose when used in the right way.
Packet sniffing can be invaluable in determining problems and troubleshooting issues on your network. However, in the wrong hands a packet sniffer is to your Internet traffic essentially the same as someone tapping your phone conversations.
A packet sniffer captures the individual packet data flowing across a network. Most decent packet sniffer applications will decode the binary data into something intelligible. Some carry it a step further to do protocol analysis and can help identify key information that may be useful. By capturing and decoding packets in this manner a hacker can learn a lot of valuable information about your network and possibly capture passwords or confidential personal data like credit card numbers.
In order to work the packet sniffer must be on the same network as the originating or intended destination machine. However, if a hacker has managed to install some sort of Trojan horse or backdoor program on one of the computers on either the sending or receiving networks they may be able to do the packet sniffing remotely. A switch will provide better protection against being detected from a 3rd-party machine because the network traffic only goes to its intended destination. If the network traffic goes across a hub, that traffic is broadcast to all devices attached to the hub and can therefore be intercepted by any of them.
That does it for Lesson 5. Hopefully you now have a better understanding of the concepts behind active scripting, cross site scripting, instant messaging, P2P networks and packet sniffing. I have provided some quick tips to try and help you protect yourself. More in depth security solutions will be provided in lessons 8, 9 and 10. Lesson 6 will be devoted entirely to antivirus software.
SHARE