File sharing programs become cause of computer intrusion

File sharing programs like Kaaza, Limewire, Bearshare and Edonkey have recently been the cause of a few malicious intrusions into faculty, staff and student computers on campus, causing some damage to the machines.

“Two of these intrusions have been relatively severe, requiring that the hard drive be wiped clean, and the operating system reinstalled,” said Chad McDonald, director of computer support services. “In all cases, we have received complaints from external networks that a computer on the Georgia College & State University network is responsible for some type of intrusion attempt. That is not to say that a GC&SU student is responsible for any mischief, only that their computer is being used by some third party as a hacking tool. No data loss has been documented yet, but the potential is there. To date, the damages have included external email accounts being closed, complaints regarding SPAM attacks, denial of service attempts and computer downtime.”

While downloading music and movies can be a convenient way to get your hands on the newest releases out there, it can also be very risky.

“By installing and using file sharing programs, you are introducing software and data to your machine that may have a hidden virus or worm embedded in it,” said McDonald. “When you subsequently execute the file you are, in turn, executing the virus or worm that inflicts the damage. Additionally, file-sharing programs are not required to be secure.

That is to say, there is no perceived need to build applications of this type that will keep unwanted visitors out of your machine. In fact, it is the obvious intent of file sharing programs to allow the anonymous user to upload or download data to or from your machine. I have not seen a program of this type yet that goes very far to ensure that the anonymous user is unable to get into your computer. Once inside your computer via the sharing software, the unknown entity may be able to exploit other vulnerabilities either in the sharing application or within other applications on your computer.”

McDonald said that there are ways that OIIT can control certain types of traffic on the network, but there are downsides to those types of regulations.

“Education of our user base is the best thing that we can do at this point to discourage this type of occurrence,” he said. “It is very difficult to balance the need to lock up our network and the need to allow students, staff, and faculty to explore and use the web to its fullest. Theoretically, it is possible to prevent certain types of network traffic from entering our GC&SU network, but by that same token we would be stopping that type of traffic for users with a legitimate need to use it.”

If you are using file-sharing programs be careful with them. There are many firewall programs out there that can cut down on intrusion rates and keep your files in your hands.

“We don’t think twice about locking our doors and windows at night because we know that someone could come into our home,” said McDonald. Most users don’t think twice about installing this type of application that in a sense, props the front door of your computer wide open and posts a blinking neon sign above it saying, ‘come on in.’”

Posted by Colonnade Archives on Mar 21 2003. Filed under News. You can follow any responses to this entry through the RSS 2.0. You can leave a response or trackback to this entry