2.3.1 Defenses

Before considering any technical defense, there must be a sensitization of P2P
users. Leaving a personal computer unattended without a complete firewall and
anti-virus on a broadband internet connection is begging for trouble. Blaster,
for example, exploited a vulnerability 5 days after it was made public by Microsoft
with a “Security Update” that fixed it.
A solution would be for P2P software developers not to write any bugged software!
Perhaps that is a far fetched goal, but it would be better to favor strongly
typed languages such as Java or C# instead of C or C++, where buffer overflows
are much easier to compute.
Another interesting observation is that hybrid P2P systems have a vulnerability
pure P2P systems do not. By making some nodes more special then others
(for example better connectivity for Gnutella’s supernodes) the attacker has the
possibility to target these strategic nodes first in order to spread the worm more
efficiently later on. Pure P2P does not offer such targets as all nodes have the
same “importance”.
Finally, it is interesting to note the operating system developers are also offering
some solutions. OpenBSD’s 3.8 release now returns pseudo-random memory
addresses. This makes buffer overflows close to impossible as an attacker cannot
know what data segment he should overwrite [15].

No comments:

Post a Comment

Hi thank you for comment in Assignment Lanka " Book Mark on me' To future references.

Note: Only a member of this blog may post a comment.

Temporary

" Temporary " means that every project has a definite beginning and a definite end. The end is reached when the project's ob...

Assignment Lanka Populer Posts ever