Peer-to-Peer Security (Windows CE 5.0)

Send Feedback

Peer-to-peer networking is a server-less networking technology that allows several network devices to share resources and communicate directly with each another. The following security considerations must be taken into account when you are developing a peer-to-peer application.

Best Practices

IPv6 Connectivity

Even though PNRP can resolve names into IPv6 or IPv4 addresses, to resolve names, PNRP requires IPv6 connectivity. IPv6 connectivity can take any form, such as a direct connection to the IPv6 Internet or some IPv4 tunneling mechanism like 6to4 tunneling. For information about these mechanisms, see IPv6 and IPv4 Coexistence.

Ensure that the appropriate firewall rule is enabled on devices to allow PNRP traffic

Within a cloud, devices make use of PNRP to resolve names to IP addresses. If a device has firewall enabled or is behind another device with a firewall, such as a gateway, the messages associated with name resolution are blocked. To overcome this, configure the device with a rule that allows IPv6 traffic on ports 3540 through 3550. If you are using the Windows CE Firewall functionality, create this custom rule by using the FirewallCreateRule function. For firewall examples, see General Firewall Rule Examples.

Note   Do not disable these rules because this will cause name resolution to fail.

For a list of default firewall rules, see Default IP Firewall Rules.

Default Registry Settings

For peers to bootstrap into the Global or the Internet PNRP cloud, a peer can contact a PNRP seed server hosted by Microsoft. To enhance security, this seed server value is defined in the HKEY_LOCAL_MACHINE\COMM\PeerNet\PNRP key, where only trusted applications can access it. For more information about this registry value, see Peer-to-Peer Registry Settings.

Ports

Applications that use the peer-to-peer networking infrastructure can use ports 3540 through 3550 for PNRP communication.

For more information about Windows CE security services, see Enhancing the Security of a Device.

See Also

Peer-to-Peer Networking

Send Feedback on this topic to the authors

Feedback FAQs

© 2006 Microsoft Corporation. All rights reserved.