Peer-to-peer Security defender-peerguardian.

Although we have a variety of anti-virus software installed on the computer, firewalls to protect the security of personal computers, however, there is still the possibility of wolf. The development of broadband so that more and more people use peer-to-peer software to download files, in order to ensure the normal operation of Peer-to-peer software, must open Peer-to-peer software in the firewall to use the port, which gives our computer security has brought hidden dangers.

The security hazard of Peer-to-peer

1 The vulnerability of Peer-to-peer software itself

The security of Peer-to-peer software is mainly focused on the working principle of some code or software when writing software, for example, emule can attack an application through this vulnerability because of malformed requests to the Web page. The web generally sends the request way is the post data or the get data, the attacker sends out a malformed GET request based on this principle, can cause the emule program the crash, thus achieves the control emule host the goal.

2 Personal Privacy Disclosure

The Personal privacy disclosure problem of Peer-to-peer software comes from two aspects: one is open to share the directory, whether you want to, using Peer-to-peer software used to save the download folder, will be automatically shared out to facilitate other users to download, if you put personal files in this folder, Nature will be shared out; Second, from the network management agencies or software developers scanning and detection, whether the network management agencies or Peer-to-peer software developers want to master as much information as possible, through the Peer-to-peer software open port scanning is the best way to obtain information.

3 Trojans and viruses

At present, Peer-to-peer software is the transmission of viruses and Trojans a major way, Trojans can be easily included in movies and pictures, once you download these movies and pictures, the computer will be planted Trojans.

The working principle of PeerGuardian

In such a complex network environment, we need a powerful tool to ensure network security. PeerGuardian is such a good reputation, a fairly representative peer-to-peer network security software, designed for Peer-to-peer users and other users of information security needs of the user design, but also a peer-to-peer download optimization tool. It provides protection against Peer-to-peer transmission based on packet filtering characteristics, while safeguarding security while also preventing and recording nearly all international peer-to-peer blocking institutions (such as RIAA, MPAA, Mediaforce, BAYSTP, NETPD, etc.) to detect connections to your computer, thereby avoiding privacy leaks. PeerGuardian can automatically download the latest screening lists to block the scanning of your machines by various advertising, spyware, and research organizations. Because PeerGuardian adopts packet filtering mechanism, PeerGuardian can protect and optimize all peer-to-peer sharing software based on TCP/IP protocol.

Introduction to the use of PeerGuardian

1 View packet Status

Run PeerGuardian, the largest part of the interface is the list of packet status, the list contains the time, geographical location, packages source address and port, destination address and port, protocol, PeerGuardian operations. For example, one of the records is "10:05:35 Langley city:15438:udp blocked", which means that at 10:0 5:35 this time the software shields packets from the 15438 port on the 24.82.213.21 host to Port 6991 on the native 220.179.83.82. The host that sent the packet through the check found is the U.S. Rand Government website.

Tip: Click on the "View History" button on the main interface to view all history, and the history can be viewed in "all", "blocked", and "allowed" categories.

2) prohibit an IP access

When you find that an IP is constantly accessing one of your computer's ports, this IP is a bit suspicious. Because this IP is constantly accessing the computer port, the log will keep rolling. Click on the main interface of the "Disable" button, temporarily stop PeerGuardian packet filtering function, and then right-click the suspicious IP, from the menu can screen it (as shown).

Using PeerGuardian to detect emule

emule has a wide range of applications, and we all like to use it to exchange network resources. By scanning the emule default open 4662 and 4672 ports, an attacker discovers that the target host that is opening the port can then use a dedicated donkey attack tool to overflow the target. If the target host is using emule, a denial of service will result in the entire application crashing. The attacker listens to the local port of 4662 to return to a command shell that can go directly to the target system's system32 directory and then use TFTP to upload trojans or backdoor programs ... For emule This vulnerability, we can use PeerGuardian to monitor the use of emule, if you do not use emule download data, but PeerGuardian shows your machine non-stop access to an IP 4662 port, it is necessary to pay attention to, It is likely that your machine has been attacked.

Using PeerGuardian to improve BitComet efficiency

When we use BitComet to download the file, we also upload the file. If your network bandwidth is limited, but the upload of a file occupies a lot of bandwidth, at this time you can see from the PeerGuardian of which IP in frequent access to your computer, right-click on it, from the menu select "1 hours to intercept (the IP)" You can temporarily restrict this IP access to your computer, thereby improving your download efficiency.