Peer to Peer Networks

A peer-to-peer (P2P or rarely PtP) computer network uses computers connected to other computers in a network instead of going through a central hub or network server. Such connections are mostly ad hoc; i.e., you can never guarantee that any single computer will be connected to the network at any given time. One major use of P2P networks is file sharing where digital files (mostly media files) are shared between network member connections. Such sharing can easily include hidden malware.
One of the earliest P2P network, and one still operating, is the Usenet news server system. In that system peers connect to distribute Usenet news postings which eventually cover the entire network, stored on distributed news servers which collected and archived new messages as they came across the system. Some of these postings were or contained binary data, some infected. These were purged from the system when found but managed to find their way onto individual systems none-the-less.
Some P2P networks today use a hybrid network form. Napster, Open NAP, and IRC, for example, use a client-server approach for tasks like searching for files or sections of files to share and a peer-to-peer approach for the actual file sharing. Gnutella and Freenet (to name but two) use P2P techniques for everything.
One of the fairly obvious concerns with P2P systems is that in order to participate in one the user has to run client software on their system that actually puts their computer into the network with everyone else who might be a part of the network. Generally, all the other computers in the network are unknown to other computers on the network so you never know what you are connecting into. This diagram shows a typical Freenet connection where only the computers directly attached can be seen; the others are invisible to the connected user…
Freenet Architecture Example
Since P2P systems are often attacked there are some possible problems that come with that connection…
  • Files coming across the network with content different than the description that comes with the file; called a poisoning attack. Basically, you never really know if you are getting what you think you are getting.
  • Pollution of the files on the network by the addition of bad digital material to the file making it no longer a valid file.
  • Members of the network who only download files but do not allow their computers to host material for others to download (Freeloaders or Leechers). This makes it necessary for the remaining computers on the network to work a bit harder which steals resources from them.
  • Insertion of viruses or other malware into the files being carried on the network. Viruses can be anywhere so if an infected machine connects to a P2P network it’s well within the realm of possibility that the infected machine will be able to attach the infection to the data stream and thus infect other computers on the network when the complete file is run or opened.
  • Malware may exist in the peer-to-peer client software needed to connect to the network itself. While usually not a virus this may be adware or spyware that could be quite difficult to remove once it’s installed itself.
  • If the network itself is attacked with a denial of service attack in order to make it run slowly or fail then computers in the network will be made part of that attack with unpredictable results.
  • Spamming of unsolicited material can take place across P2P networks either directly or as part of a denial of service attack.
  • Since many P2P networks contain illegal material to download (movies, songs, software, etc.) it’s quite possible that as a member of such a network your identity on the network alone will make you a target of legal actions against the network because of the content; even if you are not using the network in any illegal manner. This can cause personal problems up to and including the necessity of hiring an attorney to defend yourself for doing nothing wrong (assuming you did nothing wrong) :-).
This is not to say that all P2P networks are bad or even vulnerable. Most attacks can be controlled or even defeated through careful design. But, no matter what, if the majority of other computers on a P2P network are somehow infected in a way that affects the network no amount of design is going to overcome the problems; and, it may not even take that many.
As but one example, on 25 January 2009, Intego reported that OSX.Trojan.iServices.B Trojan Horse, “…is found in pirated software distributed via BitTorrent trackers and other sites containing links to pirated software. OSX.Trojan.iServices.B Trojan horse is found bundled with copies of Adobe Photoshop CS4 for Mac. The actual Photoshop installer is clean, but the Trojan horse is found in a crack application that serializes the program.”

Advantages of Peer-to-peer networking over Client –Server networking are :-

1)  It is easy to install and so is the configuration of computers on this network, 
2)  All the resources and contents are shared by all the peers, unlike server-client architecture where Server shares all the contents and resources.
3)  P2P is more reliable as central dependency is eliminated. Failure of one peer doesn’t affect the functioning of other peers. In case of Client –Server network, if server goes down whole network gets affected.
4)  There is no need for full-time System Administrator. Every user is the administrator of his machine. User can control their shared resources. 
5)  The over-all cost of building and maintaining this type of network is comparatively very less.

Disadvantages(drawbacks) of Peer to peer architecture over Client Server are:-

1) In this network, the whole system is decentralized thus it is difficult to administer. That is one person cannot determine the whole accessibility setting of whole network.
2) Security in this system is very less viruses, spywares,trojans, etc malwares can easily transmitted over this P-2-P architecture.
3) Data recovery or backup is very difficult. Each computer should have its own back-up system
4) Lot of movies, music and other copyrighted files are transferred using this type of file transfer. P2P is the technology used in torrents.

Peer to peer networks are good to connect small number (around 10) of computer and places where high level of security is not required. In case of business network where sensitive data can be present this type of architecture is not advisable or preferred.

No comments:

Post a Comment