audnet.gif (4937 bytes)

 
AuditNet Links
Audit Programs
AuditNet Newsletter
AuditNet Mailing Lists
AuditNet Library
Audit Jobs
Travel Links
Audit Career Links
Partner Discounts
Search AuditNet
Sign Guestbook
Sponsor Advertising
About AuditNet
About Jim Kaplan
AuditNet Seminars
 Have you been Napstered...........?

This white paper exclusively published at;

   by  

Explores the risks associated with "FILE SHARING".

AUDITORS - take note of this QUOTE!

"The illegitimate use of the Web and the personal use of e-mail by employees have become commonplace.     When the boss is not around, improper use of the Web is normal." -- Michael Erbschloe, vice president of research at Computer Economics, Carlsbad, California. http://www.infoworld.com/articles/ca/xml/01/02/26/010226cacop.xml?0227tueb

NAPSTER

If you haven't heard of Napster by now then you haven't been reading the paper, listening to TV,
 radio or other forms of media. or maybe you've just got back from an interplanetary trip....... 

It's been the hottest news on the Internet for some time now and the usage rates for this very popular 
free software utility exclusively designed for sharing music files over the Internet is reported to be in 
excess of 60 million users. Napster was founded by Shawn Fanning in 1999.

Master Key Download details from ZDNET data since 27th December 2000 for this version only -  there have been many prior versions!
Napster v2.0 beta 9.6 - Finds and download MP3 and WMA files -       FREE
Version: 2.0 beta 9.6 Size: 1.76 MB Downloads: 974,562       Windows 9x, NT, or 2000 

Napster is designed to let end-users search for MP3 music files on the computers of other users 
online and download the tracks they want directly from those users, bypassing any central servers, 
a technique called peer-to-peer computing. The lack of central servers in the system is at the heart of 
Napster's approach as it argues that no copyright infringing material resides on an  organisations servers.

FILE SHARING is the new buzz word

You've heard of Application Service Providers (ASP's). Whilst the big vendors have been trying to work 
out the distribution model that would make them lots of revenue over the web with the "remote serving of 
applications to your desktop for a fee", the underground WWW community has been very pro-active in 
coming up with a model based on Napster that works for them. 

It's FREE.  It's FAIRGAME, and it gets them what they want - FREE latest version software. Software 
that you may have already paid for that they then copy from your systems to theirs then crack the serial 
number issue via crackz and serialz lists FREELY available to underground participants!

They have come up with the word FILESHARING as a means of legitimising (in their minds) software 
swapping and sharing across the WWW.

BE READY FOR IT, IT IS HAPPENING RIGHT UNDER YOUR NOSES ALREADY!

Whether you like it or not, you may have already been NAPSTERED!

It is highly likely that within your own organisation in government or the private sector there are avid 
listeners to MP3 and other sound files sitting on the desktop that have been downloaded to your systems,
using your internet time, using your assets, just so the desktop user can enjoy the benefit of listening to 
music. It's like "sharing a tape or a CD with friends" is what the avid enthusiast will say. "Besides, why 
shouldn't we share these sorts of files, its purely for listening pleasure" is another common quote.

This may mean that you have on your PC based systems large numbers of Napster files that have been 
acquired illegally and downloaded to your systems. The interesting legal question this will pose for 
auditors is - "Does this also put you and your organisation  in breach of copyright?'. 

It probably does, as  the act of copying and distributing music may well be in violation of the Digital 
Millennium Copyright Act. and several other copyright acts For additional information see
http://lcweb.loc.gov/copyright/legislation/dmca.pdf  and for the No Electronic Theft Law (NET Act) http://thomas.loc.gov/cgi-bin/bdquery/z?d105:HR02265:@@@L and the Audio Home Recording 
Act at http://www4.law.cornell.edu/uscode/17/ch10.text.html

Other ways you may have been Napstered...........

  • waste of enormous amounts of hard disk space
  • using company resources for private use
  • excessive bandwidth usage thus resulting in excessive telephone costs, ISP costs and 
    storage costs of data downloaded
  • un-necessary waste of consumables (backup tapes) backing up "data files' that are sound 
    files 
  • loss of productivity when performing this sort of activity in YOUR time

Napster is about to be outlawed and banned

The Ninth Circuit of the U.S. Court of Appeals has recently ruled that Napster infringes on record company
copyrights through the operation of its music file-trading service.  This was a direct result of appeals by the
Recording Industry Association of America (RIAA) who are concerned about copyright infringement and 
royalty payments to artists who are "dipping out", by the file sharing services offered by Napster.  The 
RIIA raised the issue in the courts through a lawsuit on behalf of the five major record labels--BMG 
Entertainment, Warner Bros. Music Group, EMI Group, Sony Music Entertainment, and
Universal Music Group--in December 1999.

Napster of course is fighting for it's life BUT the music industry has expanded its lobbying campaign 
(through the RIAA)  in an attempt to counter pushes by Napster and other products offering similar file 
sharing techniques. 

BREAKING NEWS - as we are writing this article these news feeds came in.......

From www.napster.com  "At a hearing in federal District Court on Friday, March 3, 2001 Napster 
proposed to carry out the February 12th Court of Appeals ruling by blocking the sharing of file 
names submitted to Napster by copyright holders. In contrast, the injunction proposed by the 
recording industry would force Napster to shut down entirely. The judge has not yet ruled, but we 
are hopeful that the court’s injunction, when it is issued, will allow the Napster community to 
operate while we continue to seek an agreement with the recording industry and transition to a 
membership-based service."

"Earlier today, Napster announced its plans to block access to individual files--including around 5,600 
songs submitted to the music-swapping service by each of the major record labels. Likely go into effect 
this weekend, the voluntary decision to filter out copyrighted material is clearly intended to soften the 
blow of Napster's impending court order". 
See:http://one.digital.cnet.com/cgi-bin1/flo?y=eBjm0PDqu0u0fTKp  

"Napster members this weekend may be unable to find thousands of songs over the file-swapping service, 
as the company voluntarily implements content filters in anticipation of a court order that may demand 
even stronger remedies. Napster announced the filtering plans for specific song titles at a court hearing 
Friday, where attorneys for the company and record labels presented arguments regarding how to police 
alleged copyright violations on the service. March 2, 2001, 11:45 a.m. PT" 
http://two.digital.cnet.com/cgi-bin2/flo?y=eBYv0HoiI0U0amPJ

NOTE: There are many Napster clones and other file sharing tools already springing up on the Internet 
daily. See http://www.pcprofile.com/fslists.htm

WHAT RISK DOES FILE SHARING PRESENT?

The actual risk of any given file depends on what sites a person has visited and what level of security 
those sites maintain.

File sharing or file swapping using web based networks such as Napster, Scour,  Gnutella and others 
coming on to the market daily may mean that the end user shares much more than they realise. 

There is the risk that sensitive data files could expose people, accounts, user names, passwords and other 
file details on local PC's that may lead to fraud and theft.  This can come partly through the use of cookies, 
left automatically on local computers through Web browsers. 

Computing managers will tell you that with firewall's this sort of thing can't happen and that systems are 
secure! 

BUT the larger majority of senior executives use notebook computers and these whilst connected through 
the organisation firewall when at work, often work in standalone mode via the Net overnight and when 
away from the office. These senior exec corporate notebooks will typically have significant corporate data 
and secrets installed on them and these can be exposed if detected at random via products like 
Sharesniffer 

It's your corporate data that is AT RISK!

VIRUS SHARING TOO!

File sharing has now opened up a whole new world of virus potential! It's already happened in late 
Feb 2001. See press snippets below.

"Gnutella worm finds new way to squirm into PCs see news.cnet.com/news/0-1003-201-4954849-0.html
FILE-SWAPPING ON THE Internet hit a sour note with the appearance of a virus that attacks users of the 
Gnutella file-sharing service, and several anti-virus vendors say it is the first virus to affect peer-to-peer 
communications."

"Named W32/Gnuman.worm, or by the alias Mandragore, the malicious file poses as an ordinary, requested 
media file. This masked file, however, is actually an .exe file that infects a user's computer once the program is 
run, according to statements from a variety of anti-virus software vendors. For the full story:  http://www.infoworld.com/articles/hn/xml/01/02/27/010227hnp2pvirus.xml?0228weam"

BUT THE RISKS ARE GROWING DAILY!

THE BIGGEST RISK AREA HAS JUST EMERGED!

ShareSniffer is a VERY BIG RISK to your organisation and has burst onto the scene in the last few months!

According to ShareSniffer there are tens of thousands of computers worldwide that are sharing files 
deliberately with the Internet requiring no password and no special software other than the Microsoft 
Windows operating system. 

In testing ShareSniffer, they have discovered files of all types available for copying, viewing or even 
execution. 

They have based their product to use your own Microsoft Windows operating system to navigate other 
computers that have been voluntarily exposed to the Internet using the ease of viewing a list of files in 
Windows Explorer. Using the computers IP address (Internet Protocol Address) they have developed 
software that increase the hit rate of detecting open IP addresses so that you can access  shared files on 
another computer connected to the Internet anywhere in the world with a simple two-step process:  How?

Step 1: Make sure you are using Client for Microsoft Networks and TCP/IP as your networking protocols.

Step 2: Open Windows Explorer (by double-clicking My Computer) and replace the contents of the Address box 
at the top with two backslashes and the IP address you want to navigate. (You can do this also in Microsoft 
Internet Explorer)  For example, if the IP address you want to navigate is 123.123.123.123,  you will type: 
\\123.123.123.123 
For this to work you must have enables Windows File and Printer Sharing 
Microsoft Windows® Windows File and Printer Sharing (WFPS) is used to locate the shared resources available 
on the Internet. In order to utilize ShareSniffer, it must be activated on your system. 

ShareSniffer offers these tips on how to activate your Windows File & Print Sharing (WFSP)  Consult the sites listed here - NOTE they are mostly university sites - no surprises here!.
http://www.hawaii.edu/its/micro/pc/fps9x.html 
http://www.uga.edu/ucns/lans/docs/win95doc/sharing/msshare.html
http://helpdesk.uvic.ca/hownote/1998/ht98033.html
http://web66.umn.edu/WinNT/CookBook/Win95Client/Sharing/Default.html
http://www.2kweb.com/support/virt-serv/ftp-fetch/windows-fileshare.html 

When you try the above on a guess basis of other IP addresses you may get responses such as;

 

BUT a successful hit will show the following OPEN share's on PC's;

Once you can see an OPEN share then it is only a question of then pasting the IP address straight to Windows Explorer and you can then see, copy, download, execute direct to/from the other users PC!

NEED WE SAY ANYMORE ABOUT THE THREAT 
THIS SORT OF SOFTWARE TOOL POSES?
Repeat;
.............you can then COPY, DOWNLOAD, EXECUTE files when 
you can get access to the Explorer Window! Now you should see 
what risk this poses!

What should you be doing as an AUDITOR?

  • talk to your computing management about just how secure the firewall is in 
    your organisation
  • if they say it's "all under control" make sure you CHECK that it is!
  • you have no firewall? then make sure all the shares are REMOVED when 
    connecting to the Internet.
  • start examining WHAT is installed on your PC's i.e.; is it authorised, legal 
    and the sort of software tools you want installed on your PC's
  • increase your vigilance over software auditing and desktop management
  • re-inforce desktop compliance policies over software downloading and use 
    of unauthorised/illegal software
  • conduct spot raids to ensure software compliance
  • repeat the audit cycle on a regular basis

If you need help then we can assist with our CDROM based Software Compliance Auditors Toolkit!

We also offer FREE audit software tools at the following page links;

1. SNAPSHOT can be a very good barometer of fraudulent activity PC by PC!
http://www.pcprofile.com/Snapshot_Auditing.htm
2. In terms of checking the existence of sound files (MP3 and others) and image files
 (pornographic issues) on your systems try the FREE tools we offer at AUDIT-SOUNDS and 
AUDIT-IMAGES at; http://www.pcprofile.com/free_pc_audit_software.htm
3. Why not send an OUTLOOK TASK e-mail message to the desktop user and get them 
involved in the audit! It works! http://www.pcprofile.com/New_Outlook.htm

DON'T FORGET YOU ALSO NEED TO CHECK FOR ILLEGAL AND UN-
AUTHORISED SOFTWARE as these carry VERY SIGNIFICANT LEGAL 
PENALTIES if you are caught with these loaded to your systems.

See here for more info on anti-piracy activity!
Check Your Post Box!
Imagine If ....-
BUSTED - Anti-Piracy news you NEED to hear!
"One in 3" - Software Management Issues
16 Steps to Software Compliance
Other PC Auditing Articles
Main Index  |  About Us  |  Contact Details  |   Shopping Mall Sites  |  Fast Search Engines | Hot News  |  Fax Ordering Facilities  |  Site Map  Please contact webmaster@pcprofile.com regarding any problems with this site  
Site Contents Copyright © 2001 Rob Harmer Consulting Services Pty Ltd - e-mail  Last revised: January 31, 2010

PCProfile PC audit software tools provide software compliance solutions for management and auditors. Our flagship product - AUDIT-Baseline allows for a software audit and a "differential" audit to be taken at any time to identify additions, changes and deletions since the last audit! We specialise in PC Audit Software, Software Compliance, PC Auditing, Software Inventory and Licence Management, and PC Desktop Asset Management and have significant management experience in the issues and problems faced by organisations (large and small) when trying to conduct desktop hardware and software audits, software inventory and asset creation.

AUDIT-Baseline, AUDIT-Manager, AUDIT-Images, AUDIT-Sounds, AUDIT-Compare, Software Compliance Auditors Toolkit,  and Software Inventory System Copyright 1999-2001(C) Rob Harmer Consulting Services Pty Ltd All rights reserved Worldwide 

Article written exclusively for AUDITNET.ORG by:  Rob Harmer Consulting Services Pty Ltd  
P.O. Box 196 Modbury North Sth Australia 5092 fax +61 8 8265 1961
email robharm@pcprofile.com  http://www.pcprofile.com

Copyright © 1999-2000 AuditNet.org.  

All rights reserved. No part of this Website may be reproduced in any form, by copying from the Internet, photostat, microfilm, xerography, or any other means, or incorporated into any information retrieval system, electronic or mechanical, without the written permission of the copyright owner.

Send comments to: editor@auditnet.org



Revised: January 31, 2010

Address of this Page is http://www.auditnet.org/