P2P-Zone - View Single Post - data integrity on p2p networks

Mowzer · 04-03-02, 06:16 AM

The most common virii infection that hits file share users I noticed often doesn't origitnate from the file share software itself.

Email worms that spread .vbs infections to .mp3s and .jpgs are common. A user reads email, and due to stupidity ends up opening a worm. This intern infects mp3s and jpegs, by chnging extensions to madonna.mp3.vbs for example.

The users may have a huge mp3 collection, and although they get the virus taken care of often they miss one or two mp3 files. Since they may have had kazaa or grokster running, and grokster and kazaa used to hide double extesnions, other users were getting the same worms.

In this type of case the user doesn't realize they are willingly sharing infected files.

Why some people don't clean up messes on there machines is beyond me. I know a girl who has her messenger sending out the message "Hi, I have new pics, take a look me.jpg(1)(@)(2)(1).exe" for others to download."

I told her she has a messenger virus running, her reply was, "I know, its been like that for months, I just tell my friends not to click it."

This is confusing, as I sent her a link to a easy step by step clean up article, and she read it, yet for some reason just never bothered cleaning it up.

I think your right indy, about it being impossible to determine for all p2p nets if a file is damaged, with out orignal comparisson.

"this signature has to be calculated from a p2p network client independent open source tool and placed in public places so it could be proved and commented by users - this is the only way to cover case 1 (the bad originator)."

With the search page I have been working on, I have it so you can reverse check hashes or signautres, for verification purposes. But I ma not really sure of the real need for that.

"all other cases are covered by this tool just using it after download on the data, recalculating the signature and comparing it to the published one.

i thought of a 32 byte 2*md5 hash, one in forward one in backward direction (block by block) which gives a 44 character uuencoded has string."

For that to be really sucessful there needs to be a set of widely used standards. Aswell as unity for it through out all p2p nets. In order for it to be used, it would need to be a built in feature of the p2p programs. It would also have to be a very easy to use feature.

Its good you posted this. Should be neat to see what others think about data integrity.

04-03-02, 06:16 AM	#2
Mowzer ' Join Date: Jan 2002 Posts: 209	The most common virii infection that hits file share users I noticed often doesn't origitnate from the file share software itself. Email worms that spread .vbs infections to .mp3s and .jpgs are common. A user reads email, and due to stupidity ends up opening a worm. This intern infects mp3s and jpegs, by chnging extensions to madonna.mp3.vbs for example. The users may have a huge mp3 collection, and although they get the virus taken care of often they miss one or two mp3 files. Since they may have had kazaa or grokster running, and grokster and kazaa used to hide double extesnions, other users were getting the same worms. In this type of case the user doesn't realize they are willingly sharing infected files. Why some people don't clean up messes on there machines is beyond me. I know a girl who has her messenger sending out the message "Hi, I have new pics, take a look me.jpg(1)(@)(2)(1).exe" for others to download." I told her she has a messenger virus running, her reply was, "I know, its been like that for months, I just tell my friends not to click it." This is confusing, as I sent her a link to a easy step by step clean up article, and she read it, yet for some reason just never bothered cleaning it up. I think your right indy, about it being impossible to determine for all p2p nets if a file is damaged, with out orignal comparisson. "this signature has to be calculated from a p2p network client independent open source tool and placed in public places so it could be proved and commented by users - this is the only way to cover case 1 (the bad originator)." With the search page I have been working on, I have it so you can reverse check hashes or signautres, for verification purposes. But I ma not really sure of the real need for that. "all other cases are covered by this tool just using it after download on the data, recalculating the signature and comparing it to the published one. i thought of a 32 byte 2*md5 hash, one in forward one in backward direction (block by block) which gives a 44 character uuencoded has string." For that to be really sucessful there needs to be a set of widely used standards. Aswell as unity for it through out all p2p nets. In order for it to be used, it would need to be a built in feature of the p2p programs. It would also have to be a very easy to use feature. Its good you posted this. Should be neat to see what others think about data integrity.