Internet Security and Control The problem and solution of using Foxy

Content
1. Introduction 1.1 aims of the report 2. Foxy Architecture 2.1 Connect to the Foxy network 2.2 Search files on the Foxy network 2.3 Download files through the Foxy network 3. Problem of using Foxy 4. Solution & Recommendation 5. Conclusion 6. Reference Pg.7-9 Pg.10- 14 Pg.15 Pg.16 Pg. 4-6 Pg. 3

Introduction:
With the expanding capabilities of personal computers and the ever-increasing bandwidth, peer-to-peer (P2P) applications have notably become the most popular means for data transfer over the Internet. One of the very hot applications spanning over Hong Kong, Mainland China and Taiwan is Foxy1, which is a peer-to-peer file transfer program with Traditional Chinese user interface. Due to the cost-free client program available on the Internet and its simple user interface, Foxy gained its popularity a few years ago when students in upper primary schools and secondary schools started using it to share music and video files. Since the beginning of year 2008, Foxy has attracted lots of public attention, which include sharing of a pop icons scandal photos and more recently, the unintended disclosure of sensitive documents by government officers. Beyond question, Foxy is a convenient tool for sharing resources online. However, if files containing sensitive information, like personal data or classified documents, are shared unintentionally, it can be a real disaster to individuals, companies, or even the entire society. It is therefore important for users to observe its working manners and take note of some traps coming along with it.

One may question, apart from Foxy, why there are no serious security incidents in other implementations, like the Bit Torrent (BT) network? Also, what are the potential causes of the leakage incidents happened in the Foxy network? This is the aim of this report to unveil the Foxy working protocol together with its security analysis.

Foxy Architecture:
Foxy is a traditional Chinese peer to peer file transfer program, it supports mainly two functions which are search and download, widely used in Hong Kong, Mainland China and Taiwan and is very popular in upper primary schools and secondary schools. Unlike other P2P programs (such as eMule, BitTorrent), Foxy is very easy to use and has unlimited download capabilities. In the foxys system, it includes 3 main parts just as the followings. Connecting to the Foxy network

To start off, a user (which also refers to the Foxy client program) needs to connect to some Foxy servers to get a peer list. By capturing the network packet sent from a Foxy client, it is found that the Foxy client attempts to connect to servers at iblinx.com. Through a preliminary analysis, it is believed that the Foxy protocol is constructed based on the Gnutella protocol. When the peer list arrives, a PING request is sent to each peer on the list to determine if a particular peer is active. PONG requests are sent back from

all active peers to the user as an acknowledgement. The user then joins the Foxy network as a Leaf Node of the Ultra peers and is regarded as a part of the network. Figure 1 summarizes the steps in initiating a connection to the Foxy network. Searching a file from the peer:

On the Foxy network, each file to be shared is specified by its name. When a user wants to look for a file, he may enter the file name (or just part of it) as a search query. The Query message is sent to the peers, including Ultra peers, and then passed on to other Leaf Nodes and neighboring peers. When a peer possesses a file which matches with the Query string, it replies with a Query Hit message to the requesting user. The Query Hit message contains information, like IP address and port number, about the peer sharing the file and the file itself. This enables the user to establish a connection to that peer and initiate the download with the HTTP/1.1 protocol. Figure 2 summarizes the propagation of a Query and Query Hits.

Downloading a file from the peer:

Upon receiving the Query Hit messages along with the necessary connection information, the user chooses a file and requests a download by sending a TCP HTTP GET request, together with his own IP address, to the peer that is hosting the file. The download request can be made by the index number (generated for the purpose of sharing) and file name (e.g., GET /get/<file index>/<file name>/), or by a URN SHA-1 value stored in the Query Hit message. It is transmitted in the form GET /get/<file index>/<file name>/ and GET /uri-res/N2R?<urn value>, respectively. The hosting peer then responds back and starts sending the requested data. It is worthwhile to note that, a user may send out multiple requests for different portions of a file over the same HTTP connection or to multiple source addresses over multiple HTTP connections. In other words, a user can download a file from one or multiple single sources depending on the Foxy client request message. Figure 3 illustrates a file download on the Foxy network.

Problem of using Foxy:

As foxy is a Peer-to-Peer (P2P) Networks, it means any computer can use peer to peer technology for data transfer. Suppose there are two computers need to share data, they will use some network standards such as foxy and estimation of available bandwidth, computing power, the two sides to communicate and connect and data transfer (upload and download).As Foxy is a quick search on the network can download the MP3 music format and software. In addition to search for MP3 music, Foxy can also search for video files, compressed files, text files, image files. Although, foxy has a lot of use, there are a lot of disadvantages and there is much serious news about foxy. 1. Hackers A hacker is a person who gains unauthorized access to a computer network for profit, criminal mischief, or personal pleasure. It frequently assaults the Internet and other networks to steal or damage data and programs. It means if the user selects download option is the file sharing to the desktop. It means all files on the desktop will be set to share some or even to download the file. Finally, the data or program in the computer can be shared; some private information can be shared in the internet. 1.1 The problem of privacy Since the user only focus on the speed of download file. However, use foxy to download file, it will automatically upload files as well. On the other hand, the user may not know foxy can divulge any personal information through upload files. It may caused by wrong files sharing. As the result, personal information was shared. Foxy becomes exposed to and dissemination of personal privacy of the platform. Hence users Privacy under threat.

In 29th April, 2009, because of foxy, people use foxy search [pol] and can downloads the software of four copies of internal documents of the policies. http://hk.news.yahoo.com/article/110428/4/o1h5.html search at 22 May 2011 In May 22, 2011, there is news about Form six student crack e-learning platform to help other students to do online homework.It means after the students enter the program and entering i-learner account, the program will automatically answer. As a result, the program can not help the students. http://hk.news.yahoo.com/article/110521/4/ofq5.html search at 22 May 2011 1.2 Installing Foxy from an unofficial website In the internet, there is some unofficial websites say that they had enhanced version Foxy which can supports faster downloading speed. These versions have been modified by third-parties and state additional features than the official ones. However, this enhanced version of Foxy may contain by hackers to share all files in your computer automatically without your notice. It is easier to share privacy information through internet. 2. Computer viruses They are computer programs that are capable of self-replication, allowing them to spread from one infected machine to another, usually without use knowledge or permission. However, because of easy to download some music, video from foxy, the user needs to set is weaken the firewall and network security. However, if the data mixed with Trojans() or other viruses, so that the computer data leakage. Also, Foxy does not a safe version to download, it can not determine the user can be hundred percent safe to use. 2.1 Sources of computer viruses

2.1.1 2.1.2 2.1.3

Through the Internet from files of downloads software or other files From other computer networks, of infected diskettes Through wireless computing devices.

3. Misconfiguration There are some cases of unwanted file sharing because of unaware features of Foxy. The one is auto-startup; it means foxy starts up automatically. The second one is share folder; it stand for all sub-folders and files under Share Folder are shared. The Foxy settings are inherited to users sharing the same computer and this may lead to unintentional information leakage. 4. The Protection of Intellectual Property Intellectual property refers to property, such as computer software, a music score or the chemical formula for a new drug; that is the product of intellectual activity. It is possible to establish ownership rights through patents, copyrights and trademarks 4.1 Copyrights Copyright is the right given to the owner of an original work. This right can subsist in literary works such as books and computer software, musical works such as musical compositions, dramatic works such as plays, artistic works such as drawings, paintings and sculptures, sound recordings, films, broadcasts etc. Moreover, copyright protects creativity. Many people use foxy to download the music and will not buy genuine. The efforts of writers and artists will decrease because of buy genuine will be a power to support their work. As a result, the writers and artists do not have effort to work hard and creativity and enjoy the return. Also, it leads to the more and better products will not comes in the future.

Solution & Recommendation:

In order to reduce the problem of information leakage, heres the existing solution which can help to reduce those problem.

1. Follow the good practice: We have to make a good practice of uninstalling it when you do not need it or turn it off unnecessary after use. Check and make sure the Foxy is not running before you use the computer. Never share a pluggable drive because you may not aware what you have shared next time when you plug another drive to your computer. Dont save sensitive and restricted files in local computer or any removable media. However, if it is necessary, please do encryption and configure your computer carefully and make sure not to share any sensitive and restricted files. Scan all downloaded filed by antivirus and antispyware before use. Install security software with update security patches and scan the computer regularly.

2. Download Foxy from the official site: We have to make sure that Foxy is downloaded from the official website. If you are not sure that whether the Foxy in your computer is downloaded from the official website, you should uninstall it.

3. Separate user accounts in a shared computer:

Separate user accounts in a shared computer and assign no administrator right to the accounts. Although this cannot completely solve the problem of inherited settings, this can create a more personalized environment for creating personal folders for downloading and sharing files. This can lower the risk of information leakage. 4. Use anti-virus and anti-spyware software to scan and remove the inflected file:

Virus / Worm

Information / Solution

TROJ_GNUTEL MAN.A

http://aboutthreats.trendmicro.com/ArchiveMalware.aspx?language=us&name=T ROJ_GNUTELMAN.A

http://aboutPE_POLIP.A threats.trendmicro.com/ArchiveMalware.aspx?language=us&name=T ROJ_GNUTELMAN.A 5. Configure Foxy properly: If youve installed Foxy from the official website, you should configure it properly. 6. Folder setting: Assuming that you have opened separate user accounts in a shared computer, it is suggested to create three directories specifically for Foxy under each users My Documents

How to apply this Directory Suggested location setting

Select the folder Share My Documents \Foxy\Foxy_Share under the tab of

Download

My Documents\Foxy\Foxy_download

Select under

Select Temporary My Documents\Foxy\Foxy_temp under

7. Program setting: Disable automatic startup by unchecking under the icon of

Recommendations:
Network security is only as strong as its weakest link. Accordingly, our recommendations are: 1. Apply the least-privileged user account approach. That approach ensures that users follow the principle of least privilege and always logon with limited user accounts. That approach also limits the use of administrative credentials only to administrators. Further, accounts should not be shared. Consequently, other users are unable to share, intentionally or accidentally, files belonging to another user. 2. Sensitive data should not be transferred via Foxy. 3. When using other peoples PC, always check whether or not Foxy is running there. If it is running, turn it off at once. 4. Before connecting a USB drive to a computer, always check whether or not Foxy is running on that computer and whether or not that drive is a shared drive. 5. Obtain a copy of a stable version of Foxy only from the official website. This avoids installation of a copy which may contain bugs or malicious code like Trojan horse, back door or worm. 6. Do not configure Foxy to start at startup of the computer. This is because once the computer is connected to the World Wide Web, other Foxy users may obtain shared files from the computer even the user is not intended to let Foxy run.

7. Do not select an entire disk drive as shared drive. A user tends to select a larger disk drive to store downloaded files from Foxy. That allows other files stored on that disk drive to be available to other Foxy users. 8. Folders such as Desktop, My Documents should not be used as a download folder or sharing folder. This is because those folders usually contain files not intended for sharing. Also, those folders are common locations for placing files currently in use for just a while, the files available there can be rather unanticipated. 9. Always scan a downloaded file for virus, Trojan horse, back door or worm. Files downloaded could be just what a downloader expects, but they might also be a vehicle for malicious intent. 10. Always turn off Foxy after use.

Conclusion:
After all the information above, we completely know how to use Foxy effectively and efficiently. We know how we can download files through the Foxy network successfully, how to share files safely. As more and more people join the P2P community, it is envisaged that the trend will keep up surging in the forthcoming years. In particular, Foxy is one of the emerging tools generally adored by local school kids and teenagers. Apparently, it offers the convenience of sharing information online very easily. It is also clear that Foxy can harm a user badly if the tool is not properly configured or the user is not aware of the security settings of their computers. To help users to enjoy the advantages of the technology and at the same time balance the security needs, we have analyzed the problem and propose better ways to close the existing loopholes in the above section. It is obvious that the installation of the Foxy client software at the computers where those documents stored is the cause of the leakages. But more importantly, the deficient awareness of information security of the involving parties is the major concern in some incidents.

Reference:
[1] Baidu : Foxy, http://baike.baidu.com/view/1297167.htm; accessed on June 14, 2008. [2] Foxy , http://www.gofoxy.net/ [3] J. Delahunty, Global bandwidth use rises due to P2P, http://www.afterdawn.com/news/archive/6298.cfm; accessed on June 14, 2008. [4] Copyright in Hong Kong, http://www.ipd.gov.hk/eng/pub_press/publications/hk.htm [5] Foxy , http://hk.knowledge.yahoo.com/question/question?qid=7006110705251 [6] Know more about Foxy, https://www.cuhk.edu.hk/itsc/security/gpis/tipsfoxy.html#def8