Contents
Index
Editorial
If you need help
Physics Computing Desktop Computing
- Zephyr, a Wind of Change
- 15 Years Novell at CERN and the Phase-out of NICE95-NT4
- Upgrade of the Printer Service Servers
- End-of-Life for CERN Linux 6.1.1 and 7.2.1
- Restrictions on Running KaZaA and Similar Peer-to-Peer (P2P) File-Sharing Applications at CERN
- New Improved SPAM Fight Available on CERN Mail Service
- New CENTRAL CVS Service at CERN
- Change of Procedures for CAE Cluster
- Latest News from Software Development Tools Service
| Previous: |  | Internet Services and Network |
| Next: |  | New Improved SPAM Fight Available on CERN Mail Service | (If you want to print this article) |
Restrictions on Running KaZaA and Similar Peer-to-Peer (P2P) File-Sharing Applications at CERN
Denise Heagerty , IT/DI
Abstract
Personal use of Peer-to-Peer file sharing applications is not permitted at CERN. This article explains the security risk they create for CERN.
Peer-to-Peer (P2P) file sharing applications are a popular way of exchanging files directly between end users across the Internet. A non-exhaustive list of such applications is: KaZaA, Napster, Gnutella, Edonkey2000, Napigator, Limewire, Bearshare, WinMX, Aimster, Morpheus,etc. The first, and perhaps best known, Napster, was intended for the exchange of MP3 (music) files; more recent applications support a range of file types.
Peer-to-Peer file sharing applications violate CERN's Computing Rules on file services in most configurations. File access must be protected from unauthorised use. Exchanging files with partners requires sufficient access controls to avoid exposing CERN to viruses or involving the organisation in illicit use, such as unauthorised storage or distribution of commercial software or copyright music. If the content of a file is not known in advance then some prior trust must have been established with the serving partner.
Personal use of Peer-to-Peer file sharing applications is not permitted at CERN. If Peer-to-Peer file sharing applications have been installed on CERN computers then they must be completely removed and the system secured. Peer-to-peer applications are known to be targets for viruses and some install spyware, software which can spy on your activity. Spyware is not removed by anti-virus nor by removing the peer-to-peer application. Unless you are sure that the computer has no viruses, spyware, or other intruder software likely to have been introduced by the peer-to-peer application, then you need to secure it by re-installing the system from scratch ( http://cern.ch/it-div/need-help/FAQs/InstallingOperatingsystems.asp).
Users of privately owned computers connected via VPN, ACB or directly on the CERN network must prevent Peer-to-Peer file sharing applications from using the CERN network and ensure that their computers do not expose CERN to security or privacy risks. This normally requires actions such as disabling non-essential applications, installing latest security patches and anti-virus updates and preventing exposures caused by spyware.
If professional use is being considered then a prior security check is required before installation of the software. For this you must contact computer.security@cern.ch with details of your professional requirement, an endorsement from your group leader or experiment computing responsible, and details of how you will secure the software and ensure it complies with CERN's Computing Rules.
CERN's Computing Rules are available at http://cern.ch/ComputingRules.