Security Best Practice: Blocking Thunder
| Check Point Reference: | SBP-2009-01 | |
| Date Published: | ||
| Severity: | ||
| Source: | SmartDefense Research Center | |
| Protection Provided by: |
VPN-1
|
|
| Who is Vulnerable? Thunder users | ||
| Vulnerability Description Thunder (AKA Xunlei) is a popular peer to peer Chinese download manager and file sharing client that supports BitTorrent, eDonkey, Kad, and FTP. Thunder accelerates downloads by accessing its proprietary P2P network in addition to the given HTTP download. The use of Thunder may circumvent the organizational security policy. |
||
|
Vulnerability Details Peer to peer Internet traffic, such as Thunder, slows critical business applications on corporate networks. It lowers employee productivity as they take time away from their work to download music and videos. This sort of traffic also significantly increases a company’s Internet communication costs and requires them to purchase additional bandwidth. |
Protection Overview
By enabling this protection, SmartDefense will block the access to the Thunder proprietary P2P network by identifying Thunder fingerprints. SmartDefense is able to detect peer to peer traffic regardless of the TCP/UDP port that is being used to initiate the peer to peer session.
In order for the protection to be activated, update your VPN-1 product to the latest SmartDefense update. For information on how to update SmartDefense, go to SBP-2006-05, Protection tab and select the version of your choice.
To configure the defense, select your product from the list below and follow the related protection steps.