Educause Security Discussion mailing list archives
Re: DMCA and NAT
From: Brian Helman <bhelman () SALEMSTATE EDU>
Date: Wed, 30 Nov 2011 16:49:32 +0000
And that 10 minutes could be reduced to 1-2 if the complaints contained the needed information. If the RIAA/MPAA want our assistance, they should give us the information we need. This is why SOPA is so dangerous. The RIAA/MPAA will have no responsibility in protecting their "own" IP... including incurring none of the enforcement costs. All in all, I believe higher ed wants to act responsibly, but the more the (recording/movie) industry pushes, the more I want to push back (anyone else have that StarWars Death Star scene and the line "the more you tighten your grip, the more they slip through your fingers" stuck in your head now? Ok, me neither. Never seen it.). /soapbox. -Brian From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of hall, rand Sent: Wednesday, November 30, 2011 11:22 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] DMCA and NAT It only takes us about 10 minutes to process a takedown request. We get a couple per week--which is mostly our own fault because our education program is minimal. I would imagine that processing time is largely related to your infrastructure and available tools. Rand On Wed, Nov 30, 2011 at 10:39 AM, SCHALIP, MICHAEL <mschalip () cnm edu<mailto:mschalip () cnm edu>> wrote: Has anyone gone as far as trying to calculate the "cost per incident" of having to respond to something like this? While it's almost always *possible* to track something like this down to a 95% certainty, (given enough time and FTE funding to HAVE someone do this!?)......what is it costing our institutions to respond to these kinds of things?? Even if it only takes 1-2 hours to come up with this 95% certainty - what is that 1-2 hours costing us over the course of a year? Surely someone has already calculated this....?? M From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>] On Behalf Of hall, rand Sent: Wednesday, November 30, 2011 8:10 AM To: SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU> Subject: Re: [SECURITY] DMCA and NAT Kevin, We generate copious NAT logs off our firewall (Cisco ASA) and compress the crap out of them nightly. Doable. When we get a takedown notice we decompress the log for the day in question and and grep the IP/port combo. By and large, the time is right on target (well within a minute). That log file entry goes in the evidence pile.[The only requests We've had trouble with are ARES requests from RIAA. I've repeatedly offered to work with them to figure out why they're broken. Crickets.] We look at our NAC (Impulse) records to see who owned the internal address at that time. We grab a pretty screenshot and add it to the evidence pile. If the address is from an internal wireless (Meraki) pool we look for layer 7 evidence of P2P use. If we see any we grab a pretty screenshot and add it to the evidence pile. If the identified machine is currently on the network we'll look for live evidence of P2P traffic on our bandwidth shaper (Procera). If we see any we grab a pretty screenshot and add it to the evidence pile. Once the evidence is compiled we forward the takedown notice and evidence to the student. In our cover letter we are charitable and suggest that, perhaps, they don't realize that they are sharing the file and ask them to disable access to the file. We offer to further explain, to assist in disabling access, and to accept that they actually have copyright holder's permission to share the file. We ask them to help the college maintain its online reputation. Rand Rand P. Hall Director, Network Services askIT! Merrimack College 978-837-3532 rand.hall () merrimack edu<mailto:rand.hall () merrimack edu> On Tue, Nov 29, 2011 at 10:42 AM, Kevin Halgren <kevin.halgren () washburn edu<mailto:kevin.halgren () washburn edu>> wrote: Looking at the current discussion on DMCA notices, I was wondering how those of you using NAT handle associating a DMCA notice with a particular client system. This continues to be a challenge for us. Kevin -- This message has been scanned for viruses and dangerous content by MailScanner<http://www.mailscanner.info/>, and is believed to be clean. -- This message has been scanned for viruses and dangerous content by MailScanner<http://www.mailscanner.info/>, and is believed to be clean.
Current thread:
- Re: DMCA and NAT, (continued)
- Re: DMCA and NAT SCHALIP, MICHAEL (Nov 30)
- Re: DMCA and NAT Joel Rosenblatt (Nov 30)
- Re: DMCA and NAT Tim Doty (Nov 30)
- Re: DMCA and NAT John Ladwig (Nov 29)
- Re: DMCA and NAT Kay Avila (Dec 01)
- Re: DMCA and NAT John Ladwig (Dec 01)
- Message not available
- Re: DMCA and NAT hall, rand (Nov 30)
- Re: DMCA and NAT SCHALIP, MICHAEL (Nov 30)
- Re: DMCA and NAT Everett, Alex D (Nov 30)
- Re: DMCA and NAT hall, rand (Nov 30)
- Re: DMCA and NAT Brian Helman (Nov 30)