Peer To Peer Network

Oops Info Solutions Pvt Ltd
PEER TO PEER NETWORK
A PROJECT REPORT SUBMITTED

IN PARTIAL – FULFILMENT OF THE REQUIREMENT
FOR THE AWARD OF THE DEGREE
OF
MASTER OF COMPUTER APPLICATION

BY
Harsimran Kaur
(11MCA/4010/06)
DEPARTMENT OF COMP. SC. & ENGG.

BIRLA INSTITUTE OF TECHNOLOGY (MESRA)
EXTENSION CENTRE-JAIPUR
(2013)
Oops Info Solutions Pvt Ltd. 1

CERTIFICATE OF APPROVAL
The foregoing project entitled “Peer to Peer Network” is hereby

approved as a creditable study of research topic and has been presently
in satisfactory manner to warrant its acceptance as prerequisite to the
degree for which it has been submitted.
It is understood that by this approval, the undersigned do not necessarily

endorse any conclusion drawn or opinion expressed therein, by approve
the thesis for the purpose for which it is submitted.
(Internal Examiner) (External Examiner)

Head of the Department

DECLARATION CERTIFICATE
This is to certify that the work presented in the project entitled

“ Peer To Peer Network” in partial fulfillment of the requirement for the
award of Degree of Master of Computer Applications of Birla Institute of
Technology Mesra ,Ranchi is an authentic work carried out under my
supervision and guidance.
To the best of my knowledge, the content of the thesis does not form a
basis for the award of any previous Degree to any one else.
Date: (Guide’s Name & Signature)

Department of Computer Science
Birla Institute of Technology
Mesra , Ranchi
Head
Department of Computer Science
Birla Institute of Technology
Mesra , Ranchi - 835215

Preface
The well planned properly executed and evaluated training helps a lot in
including good culture. It provides linkage between the student and the
institution in order to develop the awareness of approach to problem
solving based on broad understanding of process and mode of operation
of an organization.
This report serves the purpose of elaborating the analysis and the
implementation phases of the above-mentioned project. All the features
that have been included in the final implementation have been clearly
explained to make the project easy to understand. It has been taken care
that this document elicits the system development process in a clear and
well-documented manner.
In the beginning we have provided an abstract into the general

features of the project. As we proceed, we’ll delve into more intricate
details regarding the working of the project.
During our stay here we learnt how an actual project progresses,
what sort of problems actually occur during the development of such
projects, how to produce quality products and so on.

Acknowledgement
Though we really worked hard to complete all of our assignments, given to
us in training period but still from core of our heart we feel that the fruit of
success comes up with the emissive support of our colleagues and time to
time guidance from our respected Project Manager Mr. Rakesh Kumar.
The skill that we are able to explore here will definitely help us in our
future. The spirit of team working and coordination made us know our
responsibilities. Here we learnt how to work under pressure, pressure of
responsibilities, pressure of performance and above all pressure of
competition. I feel, I was able to make all that due to timely support from
our near and dears.
At the outset we would like to thank Mr. Sunil (Director) of company
for giving us the opportunity to work with the organization. Friends you
might have heard about proverb that “Err is to Human”, so if you find
something better or something wrong then we’ll feel glad by your anytime
suggestions. We will continue to make additions and enhancements if and
when required.

Company Profile
Oops Info Solutions Pvt. Ltd.

SCO-110-111, Top Floor, Sector 34A, Chandigarh.
Contact No.: 0172-5009244, 9855222244
COMPANY PROFILE
Oops Info Solutions was established in 2003. It's foundation and purpose is to
provide and construct programs for existing companies and provide new and
exciting updates to primitive bases technology. Oops Info Solutionsstarted in
Mohali which is situated in Punjab India and was the one of the first to be opened
in the vicinity. Oops Info Solutionsfirst started with the education in India,
through their curriculum we were able to negotiate a service that was accessible
to all students and post Graduates (this continued with great success). We also
provide study materials i.e. program languages C, C++, Visual C++, VB, VB.Net,
ASP.Net, XML, Oracle 9i, Sql Server 2000, ASP, Java, and Advance Java,
Multimedia (Flash MX, Director MX, Fireworks MX, and Dreamweaver MX).
We now expand our network to other countries such as England, USA. This has
been met with much appreciation & support. Oops Info Solutionsnow in entering
its 4th successful year. Through networking we are able to provide a service to all
races of people.
1.1 OBJECTIVE
1. Encourage and promote the development and progress of electronic Data

Processing towards achieving self-reliance in the field of computer
sciences and technology for scientific research and development,
educational governmental commercial and industrial applications both for
indigenous utilization as well as for export.

2. Advance interdisciplinary co-operation amongst scientists, technologists,

engineers, administrators and commercial entrepreneurs for the growth of
teaching research and practice of Electronic Data Processing Systems and
allied subjects in Academic Institutions, Centre and State Govts, Industrial,
Commercial and Research and Development Organisations.
3. Disseminate knowledge on all aspects of Electronic Data Processing

Systems and allied subjects, and to foster the development of this
specialized branch of technology.
4. Stimulate and offer aid for research and development of the benefit of
manufactures End users Electronic Data Processing Systems.
5. Provide support for software development on consultancy basis.
6. Establish, manage and operate sub-Centre’s for all or any of the

objectives of the Centre.
In pursuit of these objectives, the Centre may engage in the following activities.
i. Setup Advisory and Consultancy Services.

ii. Organize study programmers, symposia, conferences, lectures.
iii. Maintain contacts with other learned and professional
organizations.
iv. Support publication activities.
v. Make available facilities of the Centre for the users.

1) What we do - Our Core Competencies

Our full-service portfolio that allows us to address diverse customer needs and
deliver an integrated, one-stop solution differentiates us. Our customers work
with us across different service lines - using the depth and breadth of our offering
to align IT strategy with evolving business needs
Consulting and Implementation services in ERP domain (very specifically in
SAP R/3 and Oracle Applications) and advanced Internet technologies i.e.
Microsoft .NET, J2EE framework and open source technologies like PHP,
MySQL
Enterprise Application Development – We are developing Web solutions for
complex integration issues between ERP and legacy systems. We are involved in
multiple offshore projects for developing Enterprise Applications using Java
and .NET technologies. Oops Info Solutions specializes for providing
outsourcing solutions for development and maintenance of your non-core
business requirements using reliable, secure and agile infrastructure & resources.
Training in Advanced technologies: Shortage of skilled manpower prompted us
to open Training division to cater to our company needs and for outside world as
well. Our training division is providing training in the followings.
• Enterprise Application development using Java
• Enterprise Application development using VB.NET
• Enterprise Application development using VC#. NET
• Website development using PHP and MySQL

• Embedded Programming using Assembly Language and C

• Hardware interfacing development-using VC++. NET
• OO Programming using Java

• XML
• J2EE Programming
• Introduction to Struts
• . NET framework
• Web services
• ASP.NET
We commit to bringing operational excellence to reengineer business processes

for optimal service, quality and cost. Oops Info SolutionsTechnologies currently
has development centers in Delhi and Chandigarh. The Oops Info Solutions
development centers are state-of-the-art facilities in terms of their infrastructure,
data security, and physical location projection. The centers have high-speed data
links that connect them with each other and with the clients to create seamless
virtually based teams. Since we know security is important, the networks are
protected through multiple layers of firewalls and DMZ implementations to
ensure our customers' assets are protected.
2) We are involved in development of following products: -
1 Kerbros Protocl :- This is Secure Authentication protocol that ensure the
information transfer from on network to another network without hacking .
this is anti hacking software.
2 PGP :- This is also for used to transfer information from one machine to
another without any hacking.
3 Messenger:- allow chatting with one or more clients.
4 Search Engine:- Allow searching of information on the internet.

• Project tracker: Project Tracker is a web-based solution to track time and

expenses for consultants working on different client sites and on different
projects. It is also used for doing project costing for consultants: employees
and/or subcontractors, qualification management, Budgeting and Real time
reporting
• Shipping Manager: Web based communication between ERP and non ERP
systems
• Document Management System: The system helps in scanning, optical
character recognition (OCR), and indexing of between 2 million and 12 million
pages of tobacco industry documents. The system then helps in document search,
retrieval, indexing, workflow management and distribution.
• Management Information System: The Management Information System
(MIS) is a comprehensive and integrated software solution designed by to cater to
the varied IT requirements of organizations. The solution offers services for
complete automation of organization’s functioning, as well as, web based
comprehensive communication solution for organization, wherein; the staff
members, shareholders of the organization are connected online for increased
communication between them.
• Enterprise Resource Planning (ERP) System: The ERP system would cater to
the requirements in the area of Sales, order and invoicing, production planning,
production, inventory, purchase, finance, personnel and payroll management.
• Online Reservation System: Online reservation system for Hotels, Resorts,
Motels, Villas, Apartments, Bed and Breakfasts, Guest Houses ...etc. of any size.
• Web base Requirements/Resume Tracking System: The system tracks the
staffing requirements of numerous customers, searches a database for potential

candidates, and monitor the interviewing and hiring process from beginning till
end.
1 Blog Site : - This site allow on line users to send the comments on the
specific topics. The other users can send reply to the comments. Managements
can view the overall comments and reply to different blogs.
2 University Management :- Manages the Universities to track the information
on line of different universities and colleges.
Contact information
SCO-110-111,
Top Floor,
Sector 34A,
Chandigarh.
Contact No.: 0172-4662624,

9855222244

iNDEX
S.NO. TOPIC PAGE REMARKS

NO.
1. Introduction/Abstract 13
2 Peer to Peer Network 14
3 P2P Models 18
4 Gnutella File Sharing Protocol 21
5 Freenet Decentralized p2p 27
6 Mobile p2p 30
7 P2P Security 44
8 P2P Applications 46
9 Conclusion
49

ABSTRACT
The subject of “P2P” attracts much interest in the networking

community, even though many disagree on its exact meaning. P2P technology
promises to radically change the future of networking, yet the concept has existed
for years. P2P also raises interesting cultural issues despite its “policy free”
architecture. All in all, these apparent paradoxes of P2P only add to its mystique.
Peer to peer networks are gaining widespread acceptance as a

scalable and robust model for data-sharing Internet applications. Building on the
successful, though technically deficient, legacy of Napster and Gnutella, these
systems strive to provide a scalable, decentralized, fault-tolerant, and self-
stabilizing architecture for large scale data sharing applications. The broad
vision of P2P systems, however, goes well beyond the sharing of music files.

CHAPTER-1
INTRODUCTION
INTRODUCTION
Peer-to-peer is a type of network in which each work-station has equivalent
capabilities and responsibilities. This differs from client/server architecture in
which some computers are dedicated to serve others.
Peer-to-peer (P2P) networks are increasingly becoming popular
because they offer opportunities for real-time communication, ad-hoc
collaboration and information sharing in a large-scale distributed environment.
Peer-to-peer computing is defined as the sharing of computer resources and
information through direct exchange.
The most distinct characteristic of P2P computing is that there is
symmetric communication between the peers; each peer has both a client and a
server role. The advantages of the P2P systems are multi-dimensional; they
improve scalability by enabling direct and real timesharing of services and
information; enable knowledge sharing by aggregating information and resources
from nodes that are located on geographically distributed and potentially
heterogeneous platforms; and, provide high availability by eliminating the need
for a single centralized component.
1.1 Historical Development

Before discussing the history of peer-to-peer computing (P2P), we must first
decide what it is. According to Whatis.com, P2P is "A communications model in

which each party has the same capabilities and either party can initiate a
communication session". So we could define P2P as direct communication or
collaboration (mostly file-sharing) between computers, where none are simply
client or server, but all machines are equals - peers. In that case, P2P is at least 30
years old. With this definition, communication between two servers is P2P. It
could even be argued that telephones and email are P2P.
The basic idea is that two computing devices (peers) share resources
and information with each other, with both acting as a kind of mini-server, that
is to say neither is specifically a client or server.
1.1.1 Past
What came before P2P?
Before we had P2P, one of the big favorites for companies to use was B2C. B2C
stands for "Business-To-Consumer".
The P2P Overnight Explosion
The history of P2P cannot be recounted without reference to Napster, the software
that brought P2P into the mainstream. Napster became the single most popular
P2P application literally overnight.
Napster's winning idea was in giving P2P, for free, to the masses. At
the same time as Napster was released three factors greatly increased its mass
popularity - higher bandwidth, more powerful desktop processors and cheaper
storage. Since the Napster case, many other P2P programs have surfaced
including Gnutella, KaZaa and Winmp.

1.1.2 Present
The growth in the number of P2P technology users has been exponential since the
birth of Napster. The vacuum left by Napster's demise has been filled by
numerous other companies/applications, with Kazaa and Gnutella dominating the
market. It has been reported that these two account for between 40% and 60% of
all traffic on the Internet. In recent years we have seen P2P technologies being
embraced by large companies trying to tap its vast potential. Two of the more
notable examples of this are Deloitte & Touché, and Intel. Central databases are
no longer required when using P2P. This means it can be less expensive and far
easier to scale. Intel has been using P2P since 1992, thus avoiding the need for a
large server. Traditional databases are still commonplace today, but as increasing
numbers of companies follow the example of organizations like Intel, such
databases could be overtaken and replaced by P2P.
A significant turn in the development of P2P occurred recently when

Microsoft announced plans to invest $51m in a company called Groove
Networks. Groove Networks is implementing a hybrid technique in its
development of P2P. This means it utilizes both centralized and decentralized
techniques in order to get the best of both worlds.
1.1.3 Future
It's hard to know what the future of P2P is until the legal situation becomes clear.
Companies will have to expend significant resources to protect themselves
against lawsuits. There will always be illegal file-sharing and copyright
infringement, but these will be at the periphery. A lot depends on the legislation
drawn up by governments in response to P2P.

Searching is a definite area in which P2P will prosper in the future.

P2P allows queries to be sent to a number of machines. If the initial search is
unsuccessful, the query is passed on by each of the original machines to a number
of further machines. Thus the search area increases exponentially until a result is
found. This eliminates the need for a huge central search engine. The big guns
such as Intel, Microsoft and Xerox have recently stressed the potential of P2P and
the likelihood is that P2P will continue to be adopted by big business as a cheaper
way of storing and sharing files internally.

CHAPTER-2
PEER TO PEER NETWORKS
PEER TO PEER NETWORKS

The current article deals with the definition of Peer-to-peer network and how it
differs from Client/server network. It also describes advantages and
disadvantages of Client/Server and p2p networks.
2.1 What is peer to peer?

P2P in some sense is decentralization – moving away from monolithic central
hub-spoke model to the decentralized device to device or service to service
model. The devices can be edge devices or they could be servers talking to each
other to make a server overlay. Even though traditional definitions of P2P include
similar devices at the edges communicating without *any* central system.
Traditional Peer-to-Peer
The P2P acronym technically stands for "peer-to-peer" computer networking.

Webopedia defines P2P as
“A type of network in which each workstation has equivalent

capabilities and responsibilities. This differs from client/server architectures, in
which some computers are dedicated to serving the others. "
This definition captures the traditional meaning of peer-to-peer

networking. Computers in a workgroup, or home computers, are configured for
the sharing of resources such as files and printers.

2.2 Peer-To-Peer and Client/Server Networks
Client/Server Network P2P

Network
Peer -To-Peer networks may be defined as a collection of

heterogeneous distributed resources which are connected by the network. In a
simpler way Peer-to-peer may be defined as the opposite of Client/Server
network.
The most distinctive difference between Client/Server networks and
Peer-to-peer networks is the concept of an entity acting as a Sevent, which is used
in peer –to-peer networks. Servent is derived from the first syllable of the term
server (.Serv-.) and the second syllable of the term client (.-ent.). Thus the term
Servent represents the capability of the nodes of a Peer-to-peer network of acting
at the same time as server as well as client. This is completely different to
Client/Server networks, within which the participating nodes can either act as a
Sever or act as a Client never both.
A distributed network architecture thus may be called a Peer-to-peer
(P-to-P, P2P,..) network, if the participants share a part of their own hardware
resources (processing power, storage capacity, printers,.) where as a distributed

architecture which consists of one higher performance system, the SERVER and
several lower performance systems, the clients is called as Client/Server network.
#Advantages of the server-client architecture:
The principle advantage of the server-client architecture is the central index

which locates files quickly and efficiently. Also because all clients have to be
registered as part of the network search requests reach all logged on clients which
ensures the search is as through as possible.
#Disadvantages of the server-client architecture:
The central server system provides a single point of failure and a visible target for
legal attacks on the network. Also because the central server index is only
updated periodically there is a possibility of client receiving outdated information.
#Advantages of a decentralized architecture:
They are more rugged, because a single point of failure is eliminated. They are
also harder to shut down.
#Disadvantages of a decentralized architecture:
Searching a decentralized network is slower. You are not guaranteed to find a file
even if it is on the network because it may be too far away for a search request to
reach the peer which has it before the TTL expires.

CHAPTER-3
P2P MODELS
P2P MODELS
The Current article deals with the models of p2p communication including Pure,
Hybrid and Federated p2p.It also describes the p2p architecture.
Models of p2p communications

Five models of P2P communications have evolved over time.
3.1 Pure P2P

The first and traditional model is pure P2P where two arbitrary edge
Devices (could be clients or servers) talk to each other without any one
Central device.

Fig1: Pure P2P
3.2 P2P with simple Discovery server

Figure 2 represents the configuration of a P2P network with simple discovery
server. In this configuration there is one central server that is used to discover
locations of other peers. Usually this is implemented so that when application
starts it registers to discovery server that keeps track of machines that are
available. When a peer wants to contact another it first queries discovery server
for a list of locations and then one at the time makes queries directly to peers in
the list.

Fig2: P2P with simple Discovery server
3.3 Peer-to-peer with a Discovery and Lookup Server

P2P with a discovery and lookup server architecture is very similar to the one in
figure2. The only difference is that the server also functions as a lookup server.
This means that when a P2P application starts it not only registers to server but
also uploads the list of content that it is providing to the server. When contacting
another peer application first makes a query to the lookup server that responds
with an address of the peer that provides content that was queried.
3.4 Peer-to-peer with a Discovery, Lookup, and Content Server

Fig3: P2P with a Discovery ,Lookup & Content Server
Figure 3 shows structure of a network where there are three peers and a discovery,
lookup, and content server. This last approach is here to only show that P2P
model can be reduced back to client/server model if we rely more and more on
the server. In this model peers (clients) upload all content that they have to
provide to central server so that any other peer can access the content even when
the provider is not online.
3.5 Federated P2P

The third model that has recently evolved is federated P2P where the peer to peer
communications occur in the realm of domains – be they be inside a corporation
or a campus infrastructure in an educational institute.

CHAPTER-4
GNUTELLA
Gnutella
 "Gnutella is a very simple file sharing protocol that uses the principles of
peer-to-peer networking to allow users to share data".

 The articles give a detailed account of Gnutella, everything from

connecting to it, how queries are done and even what the Gnutella packets
look like.
4.1 What Is Gnutella?

Gnutella is a very simple file sharing protocol that uses the principles of peer-to-
peer networking to allow users to share data. It became public domain through a
process of reverse engineering of an experimental P2P client developed by Null
soft.
As many people set about using Gnutella clients as a replacement for

Napster, the poor scalability of the protocol became apparent. Although later
adjustments were introduced to improve its scalability and performance, Gnutella
still remains far less popular than the likes of KaZaa, WinMX etc.
4.2 Technical Overview
The Gnutella protocol (current version 0.4) is run over TCP/IP a connection-
oriented network protocol. A typical session comprises a client connecting to a
server. The client then sends a Gnutella packet advertising its presence. This
advertisement is propagated by the servers through the network by recursively
forwarding it to other connected servers. All servers that receive the packet reply
with a similar packet about themselves.
Queries are propagated in the same manner, with positive responses being routed
back the same path. When a resource is found and selected for downloading, a
direct point to point connection is made between the client and the host of the

resource, and the file downloaded directly using HTTP. The server in this case
will act as a web server capable of responding to HTTP GET requests.
Gnutella packets are of the form:
Message ID (16 Function ID (1 TTL (1 Hops (1 Payload length (4

bytes) byte) byte) byte) bytes)
Where:
Message ID in conjunction with a given TCP/IP connection is used to uniquely
identify a transaction.
Function ID is one of: Advertisement [response], Query [response] or Push-
Request.
TTL is the time-to-live of the packet, i.e. how many more times the packets will
be forwarded.
Hops count the number of times a given packet is forwarded.
Payload length is the length in bytes of the body of the packet.
CHAPTER-5
FREENET

Freenet
 "Freenet is a completely distributed decentralized peer-to-peer system” and

this article give as brief overview for Freenet i.e. what it is Freenet and its
main design goals.
 It then gives a architecture of Freenet, also gives advantages and

disadvantages of Freenet.
5.1 What is Freenet?
Freenet is a completely distributed decentralized peer-to-peer system. It has no

notion of global coordination at all. Communication is handled entirely by peers
operating at a global level.
A node is simply a computer that is running the Freenet software, and

all nodes are treated as equals by the network. Each node maintains its own local
data store which it makes available to the network for reading and writing, as well
as dynamic routing table containing addresses of other nodes and the keys that
they are thought to hold. This removes any single point of failure or control.
It is intended that most users of the system will run nodes, to

- provide security guarantees against inadvertently using a hostile node
- increase the storage capacity available to the network as a whole.
Freenet enables users to share unused disk space, just like systems
like distributed.net enable ordinary users to share unused CPU cycles. The system
operates at the application layer and assumes the existence of a secure transport
layer, although it is transport-independent.
5.2 Main Design Goals

1. Anonymity for both producers and consumers of information.

2. Efficient dynamic storage and routing of information.
3. Decentralization of all network functions-remove any single point of failure or
control.
5.3 Freenet Architecture
Freenet is implemented as an adaptive peer-to-peer network of nodes that query

one another to store and retrieve data files, which are named by location-
independent keys like KSK, SSK, CHK, etc.
The basic model is
1. Keys are passed along from node to node through a chain of requests in which
each node makes a local decision about where to send the request next, in the
style of IP (Internet Protocol) routing.
2. Depending on the key requested the routes would vary.
3. Each request is given a hops-to-live limit, which is decremented at each node

to prevent infinite chains.
4. Each request is also assigned a pseudo-unique random identifier, so that nodes
can prevent loops by rejecting requests they have seen before.
5. This process continues until the request is either satisfied or has exceeded its
hops-to-live limit. Then the success or failure is passed back up the chain to the
sending node.
5.4 Advantages & Disadvatages of Freenet
Advantages:
1. Freenet is solving many of the problems seen in centralized networks.

2. Freenet also removes the single point of attack for censors and the single point
of technical failure.
3. Free net’s niche is in the efficient and anonymous distribution of files. It is

designed to find a file in the minimum number of node-to-node transactions.
Disadvantages:
1. It is designed for file distribution and not fixed storage. It is NOT intended to
guarantee permanent file storage.
2. Freenet does not yet have a search system, because designing a search system
which is sufficiently efficient and anonymous can be difficult.
3. The node operators cannot be held responsible for what is being stored on its
hard drive.
CHAPTER-6
MOBILE P2P

6.1 Introduction
A mobile peer-to-peer network differs from fixed peer-to-peer networks in a few

significant ways. First, each mobile peer-to-peer network consists of only those
devices that are within the range of the network technology whereas a fixed peer-
to-peer network can include devices from all over the globe. Second, as the
devices move the composition of mobile peer-to-peer networks changes rapidly
making them much more transient in nature. This means that many techniques
used in existing peer-to-peer networks like indexing the available files in the
whole (sub)network no longer make sense as by the time the index would be
finished, the files would no longer be available, because the devices have already
moved out of reach.
6.2 Architecture
The proposed mobile peer-to-peer architecture is shown in Fig. 1. All of the peer-
to-peer communication entities that have a common set of interest and obey a
common set of policies construct one peer-to-peer community. This architecture
consists of the following basic components:
Peer-to-peer node: The peer-to-peer node is an independent communication
entity in the peer-to-peer network. It can be a mobile device, a PDA, a personal
computer, a server or a workstation, or any of a variety of devices.
Mobile proxy: Theoretically, all the mobile devices (e.g. WAP or i-mode
terminals) can be independent nodes in the peer-to- peer architecture. However
some of them are functionally limited and can not act as autonomous nodes. The
mobile proxy is a function in a node, which acts as a proxy for the mobile devices
with constrained capability, so that these mobile devices can join the peer-to-peer
architecture.

6.3 Peer-to-Peer Wireless Home Communication

Wireless communication is becoming more and more important technology

especially in home networks. It has major advantages over traditional local area
networks including absence of cables and flexible moving inside apartment and
also outside. P2P brings many useful features to home network. It lets files reside
on any machine and other computers can access those files using peer-to-peer
communication protocols.
Probably the most important thing that P2P computing adds
to the wireless computing environment is that every node in P2P network can act
as a router. That way there is no need for central access point that relays queries.
Also, every device doesn’t have to be near the central access point but it is
sufficient to be near a peer that is connected to access point.
6.4 Technologies
There are several technologies to choose from when designing wireless home
computing environment. Here we will concentrate only to the two most important
ones: Bluetooth and WLAN.
Bluetooth
Bluetooth is a wireless low-power, low-cost technology that is designed for short
range wireless communication. Specification is developed by Bluetooth Special
Interest Group. It is designed to smooth wireless communication between PDAs,
laptops and other similar devices. Bluetooth works in the frequency band of 2.4
GHz. Even though it has been a long time since Bluetooth was published, devices
that support Bluetooth have been appearing quite slowly. However, now there are
many devices, and chips have become relatively cheap as originally intended.

Bluetooth is ideal in indoor communications since its range is very short, about
10 meters. It has many advantages in home environment in addition to being
wireless. There has been news flashes about high technology homes in which
television can communicate with refrigerator. With Bluetooth this becomes quite
easy. Every Bluetooth chip can communicate with each other and every chip has
its own identity. It is possible for example to use Bluetooth chip as a key that
opens door when person approaches his home. When entering, the chip might
connect to the lighting system and turn on the lights while refrigerator would
upload shopping list to person’s PDA. Possibilities are endless.
Bluetooth’s close range throughput is 1 Mbps so it doesn’t
compete with WLAN with its speed. However, Bluetooth can be an optimal
solution for devices like printers and MP3 players that don’t need large data flow.
Actually, Bluetooth can be used to create a so called Personal Area Network
(PAN) that transfers data with mobile devices that can be carried all the time.
Wireless LAN
Wireless LAN (name WLAN is used here to refer to the IEEE standard 802.11b)
is a communications system that can be used to replace or extend wired LAN.
WLAN is actually an IEEE standard which means that different products work
well together.
WLAN operates in the radio frequencies just like Bluetooth but its
main advantage over Bluetooth is its fastness. WLANs throughput can be as high
as 11 Mbps. It typically needs an access point that connects it to the wired
network but it can also be used in “P2P mode” that lets two computers
communicate whenever they are in the range of each other. WLAN that works in

“P2P mode” have exactly the same advantages than Bluetooth network but it is
much more expensive. However, when large throughput or longer ranges are
needed WLAN is superior to Bluetooth. As WLAN cards are quite high-priced,
building the same kind of network with them as with Bluetooth chips is way too
expensive for most people. It makes no sense to add WLAN cards to refrigerators
and devices like that so it is worth thinking a little bit before choosing between
WLAN and Bluetooth. Actually, there is no need to choose, because the two
technologies are complementary and can be used together to fill anyone’s needs at
least in home environment.

IEEE STANDARDS AND WIRELESS NETWORKS

The IEEE has produced the series of standards referred to as 802.X, which
encompassed LANs, MANs and PANs. The
IEEE 802 is confined to standardizing
processes and procedures that take place in the
bottom two layers of the OSI Reference Model
- The Media Access Control (MAC) or link
layer and the Physical layer. The committee of
IEEE 802 standards is currently divided up
into working groups numbered 802.1 through
802.17. The figure shows how the 802.1x
wireless security process is supposed to work.
The original standard, which is currently used to set up Wireless Networks, is the
IEEE 802.11 standard. Nowadays, there are four types of Wireless networks,
ranging from slow and inexpensive to fast and expensive. They are: WECA
(Wireless Ethernet Compatibility Alliance) -WI-Fi, Bluetooth, IrDA (Infrared
Direct Access) and HomeRF.
TRADITIONAL WLAN SECURITY

As with other networks, security for WLANs focuses on access control and
privacy. Robust WLAN access control prevents unauthorized users from
communicating through access points, the WLAN endpoints on the Ethernet
network that link WLAN clients to the network. Strong WLAN access control
ensures that legitimate clients associate with trusted, rather than "rogue" access
points. WLAN privacy ensures that only the intended audience understands the
transmitted data. The privacy of transmitted WLAN data is protected only when

that data is encrypted with a key that can be used only by the intended recipient
of the data.
Traditional WLAN security includes the use of Service Set Identifiers (SSIDs),
open or shared-key authentication, static WEP keys and optional Media Access
Control (MAC) authentication. This combination offers a rudimentary level of
access control and privacy, but each element can be compromised.
ATTACKING A WLAN NETWORK
In this section, the various methods in

which one can get illegal access to a
WLAN are examined. The tools which
are available freely on the internet and
are being used for attacking a WLAN
are as follows: NetStumbler, Kismet,
Wellenreiter, THC-RUT, Ethereal, WEPCrack, AirSnort and HostAP.
The different types of attacks are as explained below:
1. Eavesdropping: In the wireless network, eavesdropping is the most

significant threat because the attacker can intercept the transmission over
the air from a distance away from the premise of the company.
2. Tampering: The attacker can modify the content of the intercepted packets
from the wireless network and this result in a loss of data integrity.
3. Utilizing Antennas: To connect with wireless LANs from distances greater

than a few hundred feet, sophisticated hackers use long-range antennas that
are either commercially available or home built and can pick up 802.11
signals from up to 2,000 feet away.

4. War Driving: War driving is simply driving around in a car to discover

unprotected wireless LANs. Windows-based freeware tools probe the
airwaves in search of access points that broadcast their SSIDs and offer
easy ways to find open networks.
5. Malicious Association: A hacker begins this attack by using freeware

HostAP to convert the attacking station to operate as a functioning access
point. As the victim's station broadcasts a probe to associate with an access
point, the hacker's new malicious access point responds to the victim's
request for association and begins a connection between the two. After
providing an IP address to the victim's workstation (if needed), the
malicious access point can begin its attacks. The hacker - acting as an
access point - can use a wealth of available hacking tools available that
have been tested and proven in a wireless environment. At this time, the
hacker can exploit all vulnerabilities on the victim's laptop, which can
include installing the HostAP firmware or any other laptop configuration or
programmatic changes. The malicious association attack shows that
wireless LANs are subject to diversion and stations do not always know
which network or access point they connect to. Even wireless LANs that
have deployed VPNs (Virtual Private Network) are vulnerable to malicious
associations.
6. Interference and Jamming: A simple jamming transmitter can make

communications impossible. For example, consistently hammering an
access point with access requests, whether successful or not, will
eventually exhaust its available radio frequency spectrum and knock it off
the network.

7. Brute-Force attack: A brute-force network attack is one in which the

intruder attempts to derive a WEP key by trying one value at a time. For
standard 128-bit WEP, this would require trying a maximum of 2104
different keys.
8. Mac spoofing– Identity theft: Many enterprises secure their wireless LAN
with authentication based on an authorized list of MAC addresses. Any
user can easily change the MAC address of a station or access point to
change its 'identity' and defeat MAC address-based authentication.
Software tools such as Kismet or Ethereal are available for hackers to
easily pick off the MAC addresses of an authorized user. The hacker can
then assume the identity of that user by asserting the stolen MAC address
as his own.
9. Man-in-the-middle attack: To begin this attack, the hacker passively

observes the station as it connects to the access point, and the hacker
collects the authentication information, including the username, server
name, client and server IP address, the ID used to compute the response,
and the challenge and associate response. The hacker then tries to associate
with the access point by sending a request that appears to be coming from
the authenticated station. The access point sends the VPN challenge to the
authenticated station, which computes the required authentic response, and
sends the response to the access point. The hacker observes the valid
response. The hacker then acts as the access point in presenting a challenge
to the authorized station. The station computes the appropriate response,
which is sent to the access point. The access point then sends the station a
success packet with an imbedded sequence number. Both are captured by
the hacker. After capturing all this data, the hacker then has what he needs

to complete the attack and defeat the VPN. The hacker sends a spoofed
reply, with large sequence number, which bumps the victim's station off the
network and keeps it from re-associating (i.e. 0x00ffffff). The hacker then
enters the network as the authorized station.
10.Denial-of-Service attack: Every network and security manager fears the

downtime and loss of productivity from a crippling Denial-of-Service
attack. Because 802.11b wireless LANs operate on the unregulated 2.4GHz
radio frequency that is also used by microwave ovens, baby monitors, and
cordless phones, commonly available consumer products can give hackers
the tools for a simple and extremely damaging DoS attack. Unleashing
large amounts of noise from these other devices can jam the airwaves and
shut down a wireless LAN. Hackers can launch more sophisticated DoS
attacks by configuring a station to operate as an access point. As an access
point, the hacker can flood the airwaves with persistent disassociate
requests that force all stations within range to disconnect from the wireless
LAN. In another variation, the hacker's malicious access point broadcasts
periodic disassociate commands every few minutes that causes a situation
where stations are continually kicked off the network, reconnected, and
kicked off again.
MAKING A WLAN MORE SECURE
As today’s companies extend their wireless capabilities across their entire

enterprise, several issues come to the forefront, not the least of which is the
security of their proprietary data. Despite the complexity of the problem, an
enterprise can undertake some relatively simple measures to thwart hackers and
maintain the integrity of their wireless network. There are at least ten ways in

which we can prevent malicious attacks on a WLAN which are as described

below.

Avoiding factory default SSIDs: One

protection method involves changing
the SSID’s factory default because
an SSID can be sniffed in plain text
from a packet, so as to avoid easy
detection. As every access point and
all devices attempting to connect to a specific WLAN must use the
same SSID, it makes sense to change the SSID.
Deploying device-independent authentication : Many companies rely on

device authentication to protect their WLAN from intruders, but this
approach proves problematic on several fronts. The optimal solution
involves the use of RSA SecurID token deployments whose
authenticator requires users to identify themselves with two unique
factors before they are granted access. With a constantly changing
RSA SecurID authenticator generating an unpredictable code every 60
seconds, tokens add a layer of security that passwords cannot
provide.
Using VPN technologies to protect data : VPN technologies such as IPsec

with 3DES can protect data by ensuring that users authenticate to the
network and credentials are made available to all access points in the
environment that appropriate access control policies are enforced
throughout the wireless network, and that encryption is efficiently
implemented to protect enterprise data. In additional, cryptographic
hashing function such as MD-5 or SHA-1 can also be used to ensure
the integrity of the information transmitted over the wireless LAN.

Limiting or controlling where WLAN traffic can go: Firewalls normally

restrict access to the network itself by implementing packet filters on
routers to inspect the IP addresses as a means of determining
authorized users. But if the WLAN is to be used for a selected
purpose, then specific packet filters designed to only allow that access
should be placed on the WLAN.
Moving security from access points to a wiring closet: Access points are
situated for ideal throughput and coverage, and as a result are often
positioned in an open setting where they are exposed. Unscrupulous
visitors and careless employees can easily move, replace, or reset them
with alarming ease. When also considering the fact that many vendors
are equipping the access points themselves with security measures, it is
important to ensure the integrity of your WLAN’s security by splitting out
security from the physical access points to storage in a secured wiring
closet.
Actively monitoring access point configurations: It is easy for someone to

perform a hardware reset on an access point, and then wreak havoc
from a misconfigured point on the WLAN. Security measures can be
completely counteracted when misconfigured points inadvertently
broadcast the WLAN’s location to hackers. By actively monitoring the AP
configuration, you can ensure that the AP is automatically reconfigured
should such an event occur.

Using monitoring software for rogue WLAN detection: Today’s

employees are more than capable of creating a rogue WLAN inside a
business. Because this can result in the entire WLAN’s security being
impugned, active sniffing for these rogue devices is a critical operational
requirement. New software tools to ease this task are now readily
available and can detect all the known devices on the network, and
differentiate them from foreign wireless devices.
Taking steps to secure client devices : Over a WLAN, an intruder can

attack wireless clients themselves in a peer-to-peer fashion. This attack
can give the intruder what appears to be legitimate network access by
simply using a client as an accepted entry point. To address this issue,
desktop firewalls should be deployed, along with network management
tools that actively audit and manage the client before permitting access
via the WLAN.
Policing bandwidth for fair access and attack prevention: Wireless

access points have low bandwidth capabilities and are shared by
multiple users. This scenario allows intruders to simply blast traffic over
the wireless link to prevent additional traffic with what are known as
Denial-of-Service attacks. But even legitimate users can unintentionally
hog bandwidth in the course of their everyday responsibilities. As part of
the packet filtering solution, a good solution installs software that
controls traffic by slowing large downloads in addition to a wide variety of
other measures.

Deploying real-time policy management : As they are deployed, wireless

LANs will span entire campuses and incorporate multiple global sites.
Security policy changes (e.g. valid user lists, access rights, etc.) will
naturally change. These changes must be reflected in real-time
throughout the WLAN, to reduce the window of opportunity for intrusion
and, more importantly, provide immediate lock-down of detected security
holes.
Increasing the user security awareness: Users within the company

premises should not be allowed to set up their wireless stations in ad-
hoc mode and communicate with each other without going through the
access point. The user should power down the wireless station when it is
not being used for a long period of time. When the user's wireless station
has become connected to the internal wired network, it should not have
concurrent direct connection to any unreliable network, like the Internet.
Logging and auditing: Logging of the wireless LAN helps to detect

unauthorized network traffic, by using Intrusion Detection System, to
detect attacks directed over the wireless LAN. Logging information such
as source/destination IP addresses, MAC addresses, user's logon
names/ids and logon time/duration can be logged to aid analysis and
investigation in the event of network problem. On periodical basics, audit
should also be performed to detect any exceptions or abnormal network
activities and alert should be sent to the network administrators.
CONCLUSION

It is preferable to have only one access point and make it run under a secure
operating system like Linux. It is better to occasionally boot up and trap
sections of traffic to look for any attack signatures. The user must connect
via a VPN, the access point is secured so it cannot be reset, WEP is enabled,
and access point is in a position that limits travel of the radio frequency
outside of the premises. The traffic between the access point and the LAN
passes through a firewall to help block any possible DoS attacks on the
WLAN from entering the enterprise LAN. WLANs are definitely here to
stay, but pose definite security issues which can be minimized.
CHAPTER-7
P2P SECURITY
Overview
Security is an essential component of any computer system, and it is especially

relevant for P2P systems. In the following sections we will outline the main topics
including:
 P2p security.
 Security advantages particular to p2p system.
7.1 P2P Security

P2P networks are not just about communication between devices on the wire.
Security is a prerequisite for many of the meaningful interactions and scalability
in the p2p world. In addition to the traditional security primitives like
Confidentiality, Integrity and Availability, factors like privacy, DRM and identity
management are fundamentally required to make a P2P network effective.
7.2 Few security advantages particular to P2P systems

1. Privacy
Since a message can be sent between two peers without going through a
centralized server, there's no way an intruder on the server can read the message.
2. No Central Point of Knowledge
Since content can be replicated un-deterministically anywhere on a P2P network,
it's impossible for an intruder to know the location of all copies. As a result
content corruptions and denial-of-service attacks can't be performed that easily on
a Peer-to-peer network.
3. Web of Trust
When interacting with each other, peers can establish their own level of trust. In a
federated P2P environment, this can be achieved by the trust established between
the domains. P2P systems then can refine the general trust level to suit their
interactions.
4. Locality
When searching, a peer will always ask another peer in its local domain first. As a
result, bad behavior is limited to neighbors or direct contacts. When a server is
contaminated, so are all its clients.

CHAPTER-8
P2P APPLICATIONS
8.1 Important P2P Applications

There are many applications for P2P networks:
 Content distribution over a P2P network is a viable and honorable model
in many cases – for example the Open Office group in Sun is looking for a
P2P network to ease downloading of their software. Even though file
sharing itself has been shadowed by the publicity around ad-hoc music file
sharing networks, the concept can be effectively used to share content
across various populations for various reasons – from digital image assets
(like photograph) between friends and relatives to sharing of medical
images with shared annotations. From a security perspective, these apps

require integrity of content, content versioning, confidentiality in the

content sharing medium and authorization to view the content.
 Distributed search is another application that can be leveraged by a P2P

network. In this application peers know some part of the search domain and
work at keeping the meta information like indexes fresh talks about
PeerOLAP architecture where a number of low-end clients, each containing
a cache with the most useful results, are connected through an arbitrary P2P
net-work.
 Collaborations at many levels are possible based on federated P2P

networks. We can easily think of collaborations for designing autos, planes
or any such systems. These systems require direct interactions between
entities and also content sharing between those entities.
 At a personal level, at home we all have come across devices that are at a
different computer than the one we want. P2P networks could help here -
for example a fast CD burner could be accessed via P2P network from any
other computer in the network.
 Other potential areas where federated P2P can be applied include:

o Server overlays
o First responder networks
o Self organizing networks
o Ad-hoc networks
o Spontaneous networks

8.2 Ideas for future

Internet2 offers unparalleled opportunity for the P2P domain. As a part of the I2
infrastructure, we should make P2P frameworks and substrates available which
includes one or more P2P eco systems consisting of various “devices” including
Peer registry (dynamic/static), Peer router and Peer monitor.
We also should seek synergy from the enterprise space has a lot of applications
for the federated P2P networks.
CHAPTER-9
CONCLUSION
It seems that P2P technology is still evolving and all of its capabilities haven’t
even been found yet. However, there is no doubt that P2P is here to stay and quite
likely it will replace client/server model in the near future.
P2P communication model seems to fit perfectly to home
environments where there are many different devices and it is crucial that they are
able to communicate with each other. Using P2P model home networks can orient
themselves to the most effective form and P2P networks become much cheaper
than centrally managed networks. Interoperability of different digital devices
definitely is something that has been waited for and it opens huge amount of
possibilities when designing home of the future.

BIBLIOGRAPHY
References
[1] Tommo Reti, Yki Kortesniemi and Mikko Välimäki, “Broadcasting
Commercial Data on Mobile Peer-to-Peer Networks” Tokyo Mobile Roundtable
2002.
[2] Jari Sukanen, “Peer-to-peer Communication”, Helsinki University of

Technology, Telecommunications Software and Multimedia Laboratory.
[3] Takeshi Kato, “A Platform and Applicationsfor Mobile Peer-to-Peer

Communications”,Ericsson Research Torshamnsgatan 23, Kista SE-16480
Stockholm Sweden.
Web sites
http://www.peer-to-peerwg.org/
http://www.openp2p.com
http://www.yahoo.com

Peer To Peer Network

Hochgeladen von

Dokumentinformationen

Originaltitel

Copyright

Verfügbare Formate

Dieses Dokument teilen

Dokument teilen oder einbetten

Freigabeoptionen

Stufen Sie dieses Dokument als nützlich ein?

Sind diese Inhalte unangemessen?

Copyright:

Verfügbare Formate

Peer To Peer Network

Hochgeladen von

Copyright:

Verfügbare Formate

Oops Info Solutions Pvt Ltd

PEER TO PEER NETWORK

A PROJECT REPORT SUBMITTED

MASTER OF COMPUTER APPLICATION

DEPARTMENT OF COMP. SC. & ENGG.

Oops Info Solutions Pvt Ltd. 1

The foregoing project entitled “Peer to Peer Network” is hereby

It is understood that by this approval, the undersigned do not necessarily

(Internal Examiner) (External Examiner)

Oops Info Solutions Pvt Ltd. 2

Head of the Department

This is to certify that the work presented in the project entitled

Date: (Guide’s Name & Signature)

Oops Info Solutions Pvt Ltd. 3

institution in order to develop the awareness of approach to problem

solving based on broad understanding of process and mode of operation

implementation phases of the above-mentioned project. All the features

In the beginning we have provided an abstract into the general

what sort of problems actually occur during the development of such

projects, how to produce quality products and so on.

Oops Info Solutions Pvt Ltd. 4

Though we really worked hard to complete all of our assignments, given to

responsibilities. Here we learnt how to work under pressure, pressure of

responsibilities, pressure of performance and above all pressure of

our near and dears.

At the outset we would like to thank Mr. Sunil (Director) of company

suggestions. We will continue to make additions and enhancements if and

Oops Info Solutions Pvt Ltd. 5

Oops Info Solutions Pvt. Ltd.

1. Encourage and promote the development and progress of electronic Data

Oops Info Solutions Pvt Ltd. 6

2. Advance interdisciplinary co-operation amongst scientists, technologists,

3. Disseminate knowledge on all aspects of Electronic Data Processing

5. Provide support for software development on consultancy basis.

6. Establish, manage and operate sub-Centre’s for all or any of the

i. Setup Advisory and Consultancy Services.

Oops Info Solutions Pvt Ltd. 7

1) What we do - Our Core Competencies

Oops Info Solutions Pvt Ltd. 8

• Embedded Programming using Assembly Language and C

• OO Programming using Java

We commit to bringing operational excellence to reengineer business processes

Oops Info Solutions Pvt Ltd. 9

• Project tracker: Project Tracker is a web-based solution to track time and

Oops Info Solutions Pvt Ltd. 10

Contact No.: 0172-4662624,

Oops Info Solutions Pvt Ltd. 11

S.NO. TOPIC PAGE REMARKS

Oops Info Solutions Pvt Ltd. 12

The subject of “P2P” attracts much interest in the networking

Peer to peer networks are gaining widespread acceptance as a

Oops Info Solutions Pvt Ltd. 13

1.1 Historical Development

Oops Info Solutions Pvt Ltd. 14

What came before P2P?

The P2P Overnight Explosion

Oops Info Solutions Pvt Ltd. 15

A significant turn in the development of P2P occurred recently when

Oops Info Solutions Pvt Ltd. 16

Searching is a definite area in which P2P will prosper in the future.

Oops Info Solutions Pvt Ltd. 17

PEER TO PEER NETWORKS

2.1 What is peer to peer?