Application Security CHAPTER 3 43 There are software products available to better control IM traffic and log and archive IM communications. Such products add to the security of IM . Peer-to-peer Peer -to-Peer (P2P) networks have become a mainstream application, with two of the largest P2P networks being BitTorrent and eMule. In P2P networks, each computer communicates with other systems, and in order for this to work properly, a firewall rule would be required to allow traffic to and from all addresses that existing and future clients may use. Aside from limitations on your inability to implement restrictive network-based Access Control Lists, P2P networks are associated with the following additional risks: Used as a target ingress path for Trojans and viruses: The port(s) used between P2P clients to share data can include viruses. Used as an egress vector to transfer stolen data: An attacker can access data and then transfer the stolen information off a client\network to a location under the attacker's control. Information disclosure: Some P2P clients, such as Kazaa and Gnutella, provide backdoor file system access to other peers on the P2P network.