Educause Security Discussion mailing list archives

Re: Sniffer notification

From: Tracy Mitrano <tbm3 () CORNELL EDU>
Date: Tue, 23 Mar 2004 11:11:57 -0500

Just curious on this thread about a related question:

        How many schools have IT policies that state something to the
effect of:

        "[Name of Institution] does not as a practice monitor its network
for content"

Please note that such a statement does not prevent whatever technical
measures are necessary for security and maintenance, as is explained by
additional policy language.

Thanks!

Tracy




At 10:55 AM 3/23/2004 -0500, Richard Gadsden wrote:

On Tue, 23 Mar 2004, Cal Frye wrote:

> We're about to diagnose some networking issues here with rather
> aggressive use of Sniffer on student ports. We've always considered this
> to be pretty intrusive, and not to be done without notifying the users
> involved that we would be listening in. But we don't have written
> policies concerning this action, beyond the general statement that we
> (1) respect users privacy but (2) reserve the right to sniff should the
> need strike us.
>
> Anyone have a quick link to policies and notification documents to be
> sent to the user that I might have a look at and/or steal outright? I
> worry that there's something I might overlook in the process.

If you're not sure that the existing "general statement" in your policy
authorizes the diagnostic activity that you have in mind, then your first
stop should be your university counsel's office. That should be part of
your standard procedure for anything potentially invasive that's outside
the scope of routine operations.

If your legal counsel advises that you are authorized to proceed based on
your existing policy, then you might, in terms of notification, simply let
the affected users know about the coming diagnostic activity, and
reference the policy that authorizes it.

For example, were I in your shoes, I'd probably be referring the affected
users to the "Privacy and Confidentiality" section of our school's
computer use policy:

 <http://www.musc.edu/ccit/cup/cup2001.html>

 --- o ---
 Richard Gadsden
 Director of Computer and Network Security
 Medical University of South Carolina

**********
Participation and subscription information for this EDUCAUSE Discussion
Group discussion list can be found at http://www.educause.edu/cg/.


**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/cg/.

Current thread:

Sniffer notification Cal Frye (Mar 23)
- <Possible follow-ups>
- Re: Sniffer notification Doug Sandford (Mar 23)
- Re: Sniffer notification Matthew Keller (Mar 23)
- Re: Sniffer notification Richard Gadsden (Mar 23)
- Re: Sniffer notification Tracy Mitrano (Mar 23)
- Re: Sniffer notification Brian Reilly (Mar 23)
- Re: Sniffer notification Neil_Sachnoff (Mar 23)
- Re: Sniffer notification Cal Frye (Mar 23)
- Re: Sniffer notification Dan Schneider (Network Administrator) (Mar 23)
- Re: Sniffer notification Doug Sandford (Mar 23)
- Re: Sniffer notification Cal Frye (Mar 23)
- Re: Sniffer notification David L. Wasley (Mar 23)
- Re: Sniffer notification Cal Frye (Mar 23)
- Re: Sniffer notification Carol Myers (Mar 23)
- Re: Sniffer notification Brian Reilly (Mar 23)

(Thread continues...)