"There is no central authority," said Gerry Santoro, assistant professor in the School of Information Sciences and Technology (IST), in a statement sure to send shivers down some corporate spines.

Santoro isn't talking about world-wide anarchy, however -- he's talking about
the unique feature of
peer-to-peer (P2P) networking programs such as Kazaa.

All traditional networking applications rely upon a client-server architecture, Santoro explained.

Client software, such as e-mail programs and web browsers, make a request to the server, another piece of software.

The server responds with the requested data. "The server acts like a warehouse and provides functionality," he said.

"P2P systems are equals," and
are fundamentally different, Santoro said.

Rather than going through a server to request information, software can make requests directly to other software.

This attribute is what allows users of P2P networks to freely exchange music, movies and other types of files.

Because each request for a file travels a different path, it is impossible to keep a log of what has been downloaded, said James Wang, assistant professor of IST.

One of the main ways groups like the Recording Industry Association of America (RIAA) identify computers that are sharing files is a scan for computers with a P2P program running.

The RIAA can then ask the machine's Internet service provider for the owner's name and address, Wang said.

Messages between peers on the network can be sent in either TCP or UDP protocols, the two main standards for communications between individual computers.

Santoro said computers are identified on the network by their IP (Internet Protocol) address.

Each machine on the network can communicate directly with any other by knowing that machine's unique IP address, such as 128.118.2.23.

The actual physical path the communication takes can vary wildly de-
pending on congestion and other factors.

P2P was originally introduced in Microsoft Windows to allow people to easily create networks for file and printer sharing.

This highlights some of the more benign uses of the technology, Santoro said. Research data, public domain media, and freeware and shareware software applications are also easily shared via P2P, he said.

The client-server and P2P models are extremes on a continuum of varying degrees of authority, Santoro said. There are also some systems that are largely decentralized but maintain user lists on designated machines known as superpeers, he said.

Because of the lack of a central server, tracking users is extremely difficult, Santoro said. Sometimes pieces of software known as packet sniffers are installed on the network to monitor the flow of information.

The university has such software installed but does not use it to monitor student's personal activity, Santoro explained.

Increases in network bandwidth can usually identify sharing of large files, he said. To evade detection, some students use an even more discreet P2P program: Direct Connect.

This software allows for file sharing directly between multiple users on the Penn State university-wide network, and requests for files are invisible to outside users, making it nearly impossible to track.

Penn State has banned the use of programs like Direct Connect due to the strain it places on the university's supply of bandwidth.

Send questions for 'Inner Workings' to eca905@psu.edu.