1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. Audit: P2P DirectConnect Application

Audit: P2P DirectConnect Application

Severity: Medium

This attack could pose a moderate security threat. It does not require immediate action.

Description

This signature detects a DirectConnect client on the network.

Additional Information

DirectConnect, developed by Neo Modus, is one of the older, file sharing communities still in existence. What began as a small community of only a few thousand individuals has grown into a major P2P player.

The DirectConnect network is centralized. Its network architecture and philosophy is similar to OpenNap. Like OpenNap, the DirectConnect development team creates the client and server software, and distributes the programs to the community. It is up to the DirectConnect community to maintain the network. Although it once lived in the dark ages of the file sharing world, this community was rejuvenated under DC++, an open source DirectConnect client. It supports Tiger Tree Hash (TTH), multi-source downloading, and other key enhancements.

The usage of certain P2P applications is restricted in certain environments, depending on the network policy.

Affected

  • Windows

Response

Uninstall the DirectConnect application if its use violates the network policy.
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube