Does anyone know what the security ramifications of letting peer to peer applications operate on a network with a PIX firewall? The inside user can make multiple state full connections with softwares such as Kazaa, eDonkey, etc going out but is it possible for a hacker or regular outside p2p user to exploit the connections to come back into the user without high jacking a connection. An example would be an inside user that has a shared folder (with the p2p application active) for files they want to share; can someone from the outside do a search and see the inside users folder and be able to download those files without the inside user having to make a connection to the searcher? By the way can Instant Messaging and ICQ do this also?
AIM needs tcp port 5190 open to receive files via transfer.
p2p is generally insecure. many of the programs come with spyware. a lot of the files shares are virus infected. some p2p apps work behind a firewall, but only for downloading files, not sharing (i.e. serving) them out
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...