Re: classifying P2P traffic - what about legit uses?

[Joel Rosenblatt <joel () COLUMBIA EDU>]

Three cheers for Randy .. a sane voice in all of the chatter :-)

No disrespect intended .... I happen to agree with Randy about this.

We have an open network and our policy states that if you break the law, you are responsible for the consequences.

My 2 cents.

Joel Rosenblatt

Joel Rosenblatt, Manager Network & Computer Security
Columbia Information Security Office (CISO)
Columbia University, 612 W 115th Street, NY, NY 10025 / 212 854 3033
http://www.columbia.edu/~joel


--On Tuesday, January 29, 2008 12:13 PM -0500 Randy Marchany <marchany () CANDI2 CIRT VT EDU> wrote:

> Having lurked on this and other related threads over the past couple of
> months, I'd like to ask a few questions and make a few observations about how
> EDUs appear to be dealing with P2P.
>
> 1. With all of the "monitoring" and "rate limiting" strategies, how does your
> institution deal with legit uses of P2P? We're a land grant and our extension
> division may use P2P to distribute videos/sound recordings of their products
> to extension agents around the state.  Obviously, blocking all P2P would
> prevent them from doing their business. Music students working on projects and
> putting their "product" on the net for download (legit because permission was
> given to distribute) is another example.
>
> 2. How many BitTorrent servers or other P2P servers are on your campus nets?
> What type of scanning or metrics do you collect about p2p traffic? The usual
> suspects like excessive traffic to/from IP address is nice but what do you do
> to keep tabs on "normal" P2P traffic?
>
> 3. An observation: I'm a security type and a musician. I've always thought
> that banning P2P traffic because of the potential "copyright" problems was
> like banning the US Postal Service (Fedex, UPS) because someone xeroxed a book
> and use them to mail the book. I don't buy the volume issue (it's much faster
> using P2P than USPS....duh!) because that's a smoke screen. The real issue is
> making sure users understand copyright issues and know what the potential
> penalties are.  There are legit uses of P2P in our world and I don't see
> forcing users to jump through hoops to do real work as being an effective
> practice. If it's too cumbersome, they'll circumvent it. Having IPS rulesets
> blocks the casual user but not the determined user. I can remember not being
> able to download tunes from our band www site because of an arbitrary block
> while visiting an EDU. Never mind that it was legal (we, the copyright owners,
> give permission to distribute freely). The block prevented a legit use of P2P.
>
> 4. Another observation: are we taking the easy way by arbitrarily blocking P2P
> because a) we're short staffed b) we're lazy c) we don't have resources for
> user education d) we don't have upper mgt support d) we're afraid of the
> RIAA/MPAA e) all of the above? Shouldn't we be investing more in the short
> term (policy enforcement, user education, categorizing P2P traffic to id the
> illegal stuff)? This short term effort would eliminate a good chunk of the
> longer term problem.
>
> Just my .01 worth.
>
>         -Randy Marchany
>         VA Tech IT Security Office
>         



Joel Rosenblatt, Manager Network & Computer Security
Columbia Information Security Office (CISO)
Columbia University, 612 W 115th Street, NY, NY 10025 / 212 854 3033
http://www.columbia.edu/~joel