USER: Visitor
Home > Free Security Articles > Tips > P2P File Sharing November 23, 2017

Free Newsletter
Free Security Articles
Free Security Software
Free Security Tools

Security News

Feedback Form

Site Map



Click here to register.

The Dangers of P2P File Sharing

What Is P2P?

The strict definition of P2P is Peer-to-Peer. In current use it means the sharing of files between two users on the Internet.

What are Gnutella, KaZaA, Napster, BearShare, etc.?

These are some of the more popular programs that are used for P2P file sharing. Gnutella, KaZaA, Napster, iMesh, LimeWire, Morpheus, SwapNut, WinMX, AudioGalaxy, Blubster, eDonkey and BearShare each allow users to specify files located on their computers that can be freely shared with other users.

These P2P programs are most often used to share music and videos over the Internet. Although sharing, by passing around, a CD or DVD is not illegal, sharing by creating multiple copies of a copyrighted work is illegal.

What Are The Legal Ramifications of Sharing Copyrighted Material?

As the music industry is fond of saying, "The vast majority of [people] would never shoplift a CD at a record store but think nothing of accessing the same CD for free online." The Recording Industry Association of America (RIAA) has started lawsuits against individuals and businesses over this "sharing" of copyrighted material.

Federal statute, titles 17 and 18 of the U.S. Code, provide criminal penalties for infringing on copyrighted material. In the worst case infringements can be punishable by up to five years in prison and $250,000 in fines. Repeat offenders can be imprisoned for up to 10 years. Violators can also be held civilly liable for actual damages, lost profits, or statutory damages up to $150,000 per infringement, as attorney's fees and costs.

Other Risks From P2P Programs

  • Some P2P programs will share everything on your computer with anyone by default. Searches that we have done have provided us with patent applications, medical information, financial and other personal and corporate information.
  • Viruses, Worms and Trojans are being distributed. The RIAA has even proposed placing malware out on these P2P networks to discourage their use.
  • Much of the P2P activity is automatic, and its use is unmonitored. Computers running this software will be busy exchanging files whenever the machine is turned on.
  • Some of the P2P programs themselves contain "spyware". This allows the author of the program, and other network users, to see what you're doing, where you're going on the Internet, and even use your computer's resources without your knowledge.
  • Once installed, these applications can be hard to remove. In some cases a user has to know which files to remove, which registry entries to edit, and which configuration files need modification.
  • Since the computers running the P2P programs are usually connected to a network, they can be used to spread malware, share private documents, or use your file server for store-and-forward.
  • Various types of illegal files can be downloaded and re-shared over these P2P networks by mistake. This includes child pornography, which brings the owner of the computer and network under severe criminal penalties.

What To Do About P2P

  • Publish a policy forbidding the use of P2P software.
  • Remove any copies that are running on any computers. This may take some time, and require some professional assistance.
  • Do not allow P2P software Internet access. This may mean:
    • Disable NAT - Network Address Translation.
    • Block access to/from the common P2P ports.
    • Use a packet-reassembly firewall that can examine streams of data in-context for possible P2P mis-use. Mainstream's StreamClean service offering is one of the few that can do this.
  • Purge any files on any machines which may have been obtained over a P2P network.

Also Review

View Responses (1) Post Response

Free Computer Security Newsletter
Your email address:

Your name:

Listen to Craig on ClearChannel radio every Saturday from 6 to 9am on WGIR, WGIP and WGIN. Visit WGIR

Copyright 2003- 2007 DGKL, Inc. PRINT PAGE