Security-p2p

Posted: May 20, 2013 in Security
Tags: ,

I avoid telling people to use p2p/fileshare to download random files from other users, as that is not always safe :troll:
I encourage people to use it for what what it was invented for.

The pure principal of fileshare, is to make it easy for like-minded individuals to work together on shared projects, bypassing the need for using upload-sites and remote storage.

I should add a “Safe-Hex” warning that effective and safe downloading needs you to;
1) be using a good Antivirus, as web-sites and other people may be sharing infected files.
2) take time to look at what your p2p program can do before downloading from using “name” searches (most beginners don’t wait for it to finish connecting before trying to search).
3) If you browse a users files and chat with them, it can help you decide if you trust them.

:troll: Peer-To-Peer connects you to peoples PCs. If they have a virus or infected file that you choose to DL, then you are at the same risk as downloading a virus from a bad site.
It is just as easily get a virus from searching with Google. People are often not aware that even malware sites pay for the sponsored links at the top and side.

:sherlock: When you are downloading from anywhere, your common-sense and Anti-Virus is always your defence.
The security thread at the Shareaza forum has a block-list you can install. It is only a small list, but it is a good start.
It needs updating, but it still blocks lots of spam and known malware distributors.
If you look at the security rules, you can see the do not just block IPs. It can block files by partial-name or hash-key etc.

:knight: Shareaza will not, and cannot, infect you with a virus (unless you got a fake Shareaza).
:doh: Downloading random files you are guessing at, and running them with no AV, is what gives people viruses :rip:
Once you have downloaded a file with Shareaza, it can get VirusTotal to check it (if you have a good AV, it will have already scanned it the same as any normal DL from a browser).
If you are not sure, then right-click on the new file in Shareaza library, and choose the VT web-service.

NOTE: You can also point Shareaza at your AV in the download preferences, so archives etc. are fully scanned when downloaded.
So in fact Shareaza, offers more basic security than a standard web-browser :knight:

My Shareaza tutorial covers adding the security, and has links for creating your own lists.
https://yourunreal.wordpress.com/2013/04/28/mirroring-sharing-your-files-with-shareaza/

:troll: Yes Shareaza has issues the same as any p2p software, and unfortunately most users on the G1 network have a basic crappy program, that cannot give feedback on deleted files.
The more people using the newer G2 network, and the more feed-back from deleted spam and viruses, the safer it becomes.
Shareaza can also show the contents and readme of a ZIP etc. over the G2 network so you can see what you are about to download.

The G2 network supports metadata, and if you are looking for a DLL you should be able to see all the info you get when you check a file-properties (SEE PICTURE ABOVE).

My tutorial also shows you how to spot fake/spam, by first searching for a file that cannot exist.
All results for that are fake, and you can block the users.

💡 If you must use it for searching, try it without the G1 network enabled. But you will see less results, and less spam.

If you stick to downloading from sites and people you know and trust (just like any website), you will be safe.

http://www.virusbtn.com/vb100/latest_comparative/index
http://www.virusbtn.com/vb100/archive/summary
http://www.virusbtn.com/vb100/archive/compare?nocache

http://my.opera.com/dr-flay/blog/how-to-block-sites
http://my.opera.com/dr-flay/blog/online-anti-malware

http://wikipedia.org/wiki/Comparison_of_download_managers
http://wikipedia.org/wiki/Shareaza
http://shareaza.sourceforge.net
http://shareaza.sourceforge.net/forums
http://shareaza.sourceforge.net/?id=support

http://www.scamfreeinternet.com/scam-list/p2p-scams/
Stay legal, and stay safe http://www.manolito.com/help/p2pu.html

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s