6.3 Peer-to-Peer network

Description

Here, networked PCs are considered which are operated with Windows for Workgroups (WfW), Windows 95 or Windows NT. Only the pure Peer-to-Peer functions of these operating systems are taken into consideration on the basis of resource-sharing (printer, hard disk). Only brief attention is paid to security-specific aspects of single applications when using Peer-to-Peer functions, e.g. Mail Exchange, Schedule+, Direct Data Exchange (DDE) or Remote Access Service (RAS).

Since Peer-to-Peer networks offer considerably less security functions than server-supported networks, the use of Peer-to-Peer functions within a server-supported network should be avoided. Peer-to-Peer networks with a connection via WfW to another computer with WfW, Windows 95 or Windows NT should only be considered as a transitional solution until WfW has been replaced.

This chapter deals solely with the threats and safeguards specific to a Peer-to-Peer network. The threats and safeguards contained in the PC-specific units of Chapter 5 should thus also be observed.

Threat Scenario

The following typical threats (T) are assumed as regards Peer-to-Peer functions under Windows for Workgroups, Windows 95 or Windows NT:

Organisational Shortcomings:

Human Failure:

Deliberate Acts:

Recommended Countermeasures (S)

For the implementation of IT baseline protection, selection of the required packages of safeguards ("modules") as described in chapters 2.3 and 2.4, is recommended.

When processing the original Peer-to-Peer safeguards, a strategy should be drawn up using S 2.67 Determining a Security Strategy for the Peer-to-Peer Network, as this is the basis for the subsequent measures.

In the following, the safeguard group for the area "Peer-to-Peer network" is presented:

Organisation:

Personnel:

Hardware/Software:

Communications:

Contingency Planning:


© Copyright by Bundesamt für Sicherheit in der Informationstechnik 2000

Last Update on 6 April 2000