Scanning Your Network For Copyrighted Material with Nessus

Nessus includes three plugins to look for systems containing movies and music files being served through web servers, ftp servers and SMB shares. This blog entry will discuss why this is something you might want to look for, how these plugins work and how you can use the Security Center to analyze these results.

Plugins #11777, #11778 and #11779 look for files with the following extensions: mp3, mpg, mpeg, ogg, avi, wma, vob. These files are normally associated with movies, music and DVDs that have been obtained from the Internet through P2P file sharing such as Bittorrent, BearShare, eMule, Kazaa and WinMX.

Having a movie or music file on a computer is not a crime, however, having data that is copyrighted can be a crime. If users on your network are sharing this sort of data illegally, they may be exposing your organization to potential investigations from the Recording Industry Association of America (RIAA) or the Motion Picture Association of America (MPAA).

Tenable's university customers (and even our corporate customers) regularly tell us that if a user starts to blatantly use the network for sharing files with music or movie content, that they can expect to get a letter from the RIAA or MPAA. This can take time for the IT staff to respond to.

Internally, any organization that hosts a file server containing copyrighted material may be open to lawsuits or even embarrassment if news of this leaves the organization.