RealTime IT News

Security Firms Move to Combat File-Swapping Tools

In the war of the Recording Industry Association of America versus Napster Inc., the U.S. District Court in San Francisco has yet to decide who will win or lose.

Yet while that battle rages, many organizations in the country are scrambling for solutions to combat network congestion and security issues.

Whether it is for tracking Napster users to deny them access to Metallica or Dr. Dre material, stemming the file-swapping tide to preserve precious bandwidth on single T-1 lines, or killing file-sharing outright, network security providers are heeding the call to create a line of defense for clients.

One such solution is from Packeteer, creators of the PacketShaper bandwidth management solution designed for college networks that suffer from diminished bandwidth. A box-shaped hardware/software device, PacketShaper discovers and classifies applications on the network. It analyzes traffic patterns and measures response times, enforces bandwidth allocation and implements service-level agreements and generates reports on application behavior.

Hap Wheeler of Plattsburgh State University in New York, and John Muggli of College of St. Benedict and St. John's University of Minnesota, are among a growing number of network administrators looking for solutions to the congestion.

With PacketShaper, Wheeler, who ensures network capability for 2,600 students, was able to set policies which allowed students to still access Napster, but keep it from diverting bandwidth away from university-sponsored applications.

"Beginning last November, our T-1 was useless -- incoming and outgoing," Wheeler said. "It was just flooded and a search kept pointing the way to Napster."

But Wheeler and Muggli also had to contend with students claiming their right to "free speech" was being tread upon. Because PacketShaper doesn't kill content, students could not direct anger toward their network managers. It wasn't that Wheeler and Muggli were pulling the plug on their students Internet access; rather they made them wait a little bit for PacketShaper to distribute bandwidth appropriately.

"Due to the elusive nature of most of these entertainment-based applications, firewalls simply can't prevent them from entering the network," Wheeler said. For the few which we actually can discover and stop through a firewall, we run into 'freedom of speech' issues. And we really have no intention of being big brother."

Muggli, whose network serves 3,600 students using two T1 lines, agreed. He said he didn't want to get into "content issues," which he said "could be a mess between faculty and students."

"We didn't want to tell the students 'you can't access Napster' and yet we simply couldn't afford to have Napster eat up all our bandwidth and impact our other applications," Muggli said. "That's why we set the appropriate bandwidth policies through PacketShaper and took control of the situation."

Another solution is PacketHound, developed by Palisade Systems Inc.. It's a software and hardware solution that allows administrators to block a number of bandwidth-eating applications, including Gnutella, RealAudio and RealVideo and Napster. The product resides passively on networks, making it invisible to hackers. By utilizing Intel-based PCs, the product is often less expensive and easier to administer than ordinary firewalls.

Conventional approaches to monitoring and blocking rely on blocking TCP ports. Gnutella, which is the hardest of all to block, typically uses port number 6346, so a firewall would block Gnutella by shutting off access to that port. However, more sophisticated users can easily switch their Gnutella use to another port and bypass the firewall.

But because it uses the fundamental characteristics of th