File Sharers, Beware

mimo2005 · 11-19-2004, 10:04 PM

File Sharers, Beware

By Leon Erlanger

Peer-to-peer file-sharing networks have come a long way since the dawn (and demise) of Napster, with LimeWire, Kazaa, Morpheus, Grokster, and others offering everything from MP3 files to movies, software, and anything that can be exchanged across a digital network. If you're using or plan to use such networks, you should know that copyright infringement isn't the only issue to consider. You also open up your system to a host of security and privacy threats, including viruses, worms, Trojan horses, snooping, data theft, spyware, and more.

The first thing to understand about file sharing is that every user's system acts as a server for everyone else's, so there is almost no way to control the content that is available on a network. This makes it easy for anyone to distribute a virus, worm, or Trojan horse in a file you thought contained your favorite song. Once that file is in your file-sharing directory, it's usually available to everyone, whether you've tried to play it or not, so malware can spread very quickly. Some of the software itself has been known to have Trojan horses and other security problems. And a number of file-sharing applications contain invasive adware that monitors your online behavior and sends data back to a server . Although providers are backing away from this lately, millions of users have unwittingly downloaded tons of spyware along with file-sharing apps.

Even if you aren't using your file-sharing application, it's usually up and running in the background, providing other users with access to your system—and often to your IP address. Studies such as "Usability and Privacy: A Study of Kazaa P2P File-Sharing" suggest that the majority of users don't know what files they're sharing and may inadvertently end up sharing private files such as e-mail and financial information.

There are a number of steps you can take to protect yourself. The most obvious step is to turn off your file-sharing app when you're not actively searching or downloading. This is not as straightforward as it sounds, however, as many such applications continue running in the background after you think you've closed them. You may be able to right-click on an icon in the taskbar and try to shut your app down again, but this may not do the trick either. For example, unless you change some defaults in LimeWire's Options dialog box, it will not shut down until a current transfer has been completed. If your file-sharing app offers the option to disable sharing altogether, take advantage of this.

The next step is to make sure you control which directories you are sharing. Unless you really know what you're doing, choose the default directory the program offers and copy all the files you want to share into it. Don't enable sharing for any of your other directories; you may forget that you did, or that their subdirectories have also become available.

Most popular antivirus programs, such as those from McAfee and Symantec, are effective against file-sharing viruses and worms, so make sure you run yours, and take advantage of automatic signature updating so you're protected from the latest threats. Even if you're on a network that has a firewall, you should run a personal firewall, and if your firewall tells you that a program you don't recognize is trying to make a connection from your system, don't allow it access. If you encounter any problems running your legitimate software after that, you can always change your mind.

Run a spyware removal tool periodically to see whether you've downloaded anything unwittingly. PepiMK Software's free utility SpyBot Search & Destroy was a recent Editors' Choice. And make sure you keep your file-sharing application itself up to date with the latest patches and fixes. Finally, don't forget to perform regular backups in case an attack cripples your system. You can also run a system rollback utility, such as Windows XP's System Restore or Symantec's GoBack, to ensure that you can return your entire system to a previous state. As with e-mail, you'll never be completely safe from file-sharing security threats, but if you take the right steps you can greatly reduce the odds of becoming a victim.

batty_professor · 12-07-2004, 09:21 PM

Good article, if you share files this way, it's a "must read".

CrystalClear · 12-30-2004, 02:21 AM

I didnt think you could get a virus from files such as .MP3 because they are non-excecutable code?Viruses are floating around everywhere on file sharing networks, ive downloaded many but all of them were gotten rid of within getting created on my computer, just make sure you have an update Virus scanner running in the background.

11-19-2004, 10:04 PM	#1 (permalink)
mimo2005 Manager, The Relaxation Room/Analyst, Security Team Join Date: Oct 2004 Posts: 10,733 OS: xp	File Sharers, Beware File Sharers, Beware By Leon Erlanger Peer-to-peer file-sharing networks have come a long way since the dawn (and demise) of Napster, with LimeWire, Kazaa, Morpheus, Grokster, and others offering everything from MP3 files to movies, software, and anything that can be exchanged across a digital network. If you're using or plan to use such networks, you should know that copyright infringement isn't the only issue to consider. You also open up your system to a host of security and privacy threats, including viruses, worms, Trojan horses, snooping, data theft, spyware, and more. The first thing to understand about file sharing is that every user's system acts as a server for everyone else's, so there is almost no way to control the content that is available on a network. This makes it easy for anyone to distribute a virus, worm, or Trojan horse in a file you thought contained your favorite song. Once that file is in your file-sharing directory, it's usually available to everyone, whether you've tried to play it or not, so malware can spread very quickly. Some of the software itself has been known to have Trojan horses and other security problems. And a number of file-sharing applications contain invasive adware that monitors your online behavior and sends data back to a server . Although providers are backing away from this lately, millions of users have unwittingly downloaded tons of spyware along with file-sharing apps. Even if you aren't using your file-sharing application, it's usually up and running in the background, providing other users with access to your system—and often to your IP address. Studies such as "Usability and Privacy: A Study of Kazaa P2P File-Sharing" suggest that the majority of users don't know what files they're sharing and may inadvertently end up sharing private files such as e-mail and financial information. There are a number of steps you can take to protect yourself. The most obvious step is to turn off your file-sharing app when you're not actively searching or downloading. This is not as straightforward as it sounds, however, as many such applications continue running in the background after you think you've closed them. You may be able to right-click on an icon in the taskbar and try to shut your app down again, but this may not do the trick either. For example, unless you change some defaults in LimeWire's Options dialog box, it will not shut down until a current transfer has been completed. If your file-sharing app offers the option to disable sharing altogether, take advantage of this. The next step is to make sure you control which directories you are sharing. Unless you really know what you're doing, choose the default directory the program offers and copy all the files you want to share into it. Don't enable sharing for any of your other directories; you may forget that you did, or that their subdirectories have also become available. Most popular antivirus programs, such as those from McAfee and Symantec, are effective against file-sharing viruses and worms, so make sure you run yours, and take advantage of automatic signature updating so you're protected from the latest threats. Even if you're on a network that has a firewall, you should run a personal firewall, and if your firewall tells you that a program you don't recognize is trying to make a connection from your system, don't allow it access. If you encounter any problems running your legitimate software after that, you can always change your mind. Run a spyware removal tool periodically to see whether you've downloaded anything unwittingly. PepiMK Software's free utility SpyBot Search & Destroy was a recent Editors' Choice. And make sure you keep your file-sharing application itself up to date with the latest patches and fixes. Finally, don't forget to perform regular backups in case an attack cripples your system. You can also run a system rollback utility, such as Windows XP's System Restore or Symantec's GoBack, to ensure that you can return your entire system to a previous state. As with e-mail, you'll never be completely safe from file-sharing security threats, but if you take the right steps you can greatly reduce the odds of becoming a victim. __________________ TSF has outgrown its server, again. Please help "Gutta cavat lapidem, non vi sed saepe cadendo"

12-07-2004, 09:21 PM	#2 (permalink)
batty_professor Asst. Manager, Alternative Computing Forums Join Date: Jul 2004 Location: Hooterville Il 45 mi. east of St. Louis mo Posts: 2,609 OS: Fedora Core 5 for now	Good article, if you share files this way, it's a "must read". __________________ It's better to know me and not need me than to need me and not know me. B. While users are never under any obligation, if you feel the urge please feel free to visit our donation page. Every little bit helps. And we thank you for your support. Microsoft free Registered Linux user 397458

12-30-2004, 02:21 AM	#3 (permalink)
CrystalClear Registered User Join Date: Dec 2004 Posts: 16 OS: WinXP	I didnt think you could get a virus from files such as .MP3 because they are non-excecutable code?Viruses are floating around everywhere on file sharing networks, ive downloaded many but all of them were gotten rid of within getting created on my computer, just make sure you have an update Virus scanner running in the background.