A Message about Gnutella on the CLASSE Network
Dear Computer user:
Your computer should not be running Gnutella or similar MP3 sharing software. If it is, please shut it down and remove all of the associated files. We'll be glad to help if you need assistance doing this. The security and network issues are described below.
- The Security Concerns:
- This software has serious peer to peer server capabilities, and we consider it a threat on our network as it has already become a target for hackers. In fact one malicious virus has already been found that is targeted at Gnutella file sharing called W32/Gnuman.worm, which you can read about at this link: http://service1.symantec.com/sarc/sarc.nsf/html/w32.gnuman.worm.html
- The large amount of gnutella "pinging" produces huge numbers of reject messages in the firewall logs, making it essentially impossible to identify real attacks, and port hopping makes it difficult to reliably exclude the gnutella traffic from the logs. CLASSE normally gets around 2000 rejects logged per day; when 2 or 3 systems were participating in gnutella file sharing, over 20,000 gnutella connections rejections were being logged.
- It has features, particularly the "push request", that are designed to circumvent firewalls -- it's essentially a backdoor that lets any computer anywhere talk to the gnutella service on your computer, bypassing CLASSE security policies and exposing any exploitable bugs or configuration errors to the entire world.
- The Bandwidth Issues:
- There is an obvious bandwidth issue, and the not insignificant load that downloading MP3 files places on the single link to the campus network. This can place a significant burden on the network link that is already taxed. It represents an abuse of network resources that has a cost: ultimately everyone notices it by having poorer network performance.
- The inappropriate use of laboratory resources:
- Not long ago, there was an incident that prompted the Lab's Director, Maury Tigner, to address the appropriate use of CLASSE hardware resources in a lab-wide message on November 21, 2000. Maury wrote the following: "[CLASSE] computers are provided by the taxpayers for the purpose of carrying out the designated Lab program of particle and X-ray science."
In summary, the laboratory hardware and network exist to promote the laboratory's research mission; they are not "personal computers" in the sense that individuals are free to do whatever they wish on them.
Should you have any questions about this, or need help removing inappropriate software, please feel free to contact any member of the CLASSE computer group.
- 13 Mar 2006