Security Firms Move to Combat File-Swapping Tools

In the war of the Recording Industry
Association of America
versus Napster
Inc.
, the U.S. District Court in San Francisco has yet to decide who
will win or lose.


Yet while that battle rages, many organizations in the country are scrambling for
solutions to combat network congestion and security issues.


Whether it is for tracking Napster users to deny them access to Metallica or
Dr. Dre material, stemming the file-swapping tide to preserve precious
bandwidth on single T-1 lines, or killing file-sharing outright, network
security providers are heeding the call to create a line of defense for
clients.


One such solution is from Packeteer,
creators of the PacketShaper bandwidth management solution designed for college
networks that suffer from diminished bandwidth. A box-shaped
hardware/software device, PacketShaper discovers and classifies applications
on the network. It analyzes traffic patterns and measures response times,
enforces bandwidth allocation and implements service-level agreements and generates reports on application behavior.


Hap Wheeler of Plattsburgh State University in New
York, and John Muggli of College of St. Benedict and St. John’s University
of Minnesota, are among a growing number of network administrators looking for solutions to the congestion.


With PacketShaper, Wheeler, who ensures network capability for 2,600
students, was able to set policies which allowed students to still access
Napster, but keep it from diverting bandwidth away from university-sponsored
applications.


“Beginning last November, our T-1 was useless — incoming and outgoing,”
Wheeler said. “It was just flooded and a search kept pointing the way to
Napster.”


But Wheeler and Muggli also had to contend with students claiming their
right to “free speech” was being tread upon. Because PacketShaper doesn’t
kill content, students could not direct anger toward their network managers.
It wasn’t that Wheeler and Muggli were pulling the plug on their students
Internet access; rather they made them wait a little bit for PacketShaper to
distribute bandwidth appropriately.


“Due to the elusive nature of most of these entertainment-based
applications, firewalls simply can’t prevent them from entering the
network,” Wheeler said. For the few which we actually can discover and stop
through a firewall, we run into ‘freedom of speech’ issues. And we really
have no intention of being big brother.”


Muggli, whose network serves 3,600 students using two T1 lines, agreed. He said he
didn’t want to get into “content issues,” which he said “could be a mess
between faculty and students.”


“We didn’t want to tell the students ‘you can’t access Napster’ and yet we
simply couldn’t afford to have Napster eat up all our bandwidth and impact
our other applications,” Muggli said. “That’s why we set the appropriate
bandwidth policies through PacketShaper and took control of the situation.”


Another solution is PacketHound, developed by Palisade Systems Inc.. It’s a software and hardware solution that allows administrators to block a number of bandwidth-eating applications, including Gnutella, RealAudio and RealVideo and Napster. The product resides passively on networks, making it invisible to hackers. By utilizing Intel-based PCs, the product is often less expensive and easier to administer than ordinary firewalls.


Conventional approaches to monitoring and blocking rely on blocking TCP
ports. Gnutella, which is the hardest of all to block, typically uses port
number 6346, so a firewall would block Gnutella by shutting off access to
that port. However, more sophisticated users
can easily switch their Gnutella use to another port and bypass the
firewall.


But because it uses the fundamental characteristics of th

e protocol itself
in addition to relying on default port blocking, PacketHound is more
difficult to bypass. When PacketHound is in monitoring mode, users are
completely unaware of its presence. When it is in blocking mode, it kills
unwanted activity by issuing a reset packet to the requesting machine; the
user sees only a “connection reset by host” message.


Small corporations aren’t the only ones jumping into the security solution
game. Media Enforcer, an application that tracks users of illegal files, is
a one-man operation run by a software developer and musician named Travis,
whose tracking application is available for download on a site hosted
by Tripod. In an e-mail exchange, Travis declined to provide his last name.


“There was no real answer to the Napster/Gnutella/file sharing explosion, so
I figured as a programmer/musician I was in a good position to make one,”
Travis said recently. “I didn’t want to bother with my own dot-com for this
project since that would effectively rule out anonymity. I really don’t want
to deal with news people at my door, or harassing calls from fifteen year
old Napster users.”


While Media Enforcer has its limits — Napster will not return user names
and Gnutella will return incorrect IP addresses — Travis stresses this is
done so the app will remain an antipiracy tool.


Media Enforcer works like this: A user can type in a performer’s name and the product will return the names of users who are illegally offering their music to the public.


Users may run the query for as long as they want to create a list of users
and their information. The program creates a file that can be exported to programs such as Microsoft Excel. Users may then
filter out any errors and/or duplicates by several methods, depending on the
tool you are using.


“Any way you choose, we need to take an active stance against media piracy
in all of its forms.”

Get the Free Newsletter!

Subscribe to our newsletter.

Subscribe to Daily Tech Insider for top news, trends & analysis

News Around the Web