Re: RIAA Notices

["Doty, Timothy T." <tdoty () MST EDU>]

> -----Original Message-----
> From: The EDUCAUSE Security Constituent Group Listserv
> [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Anand S Malwade
> Sent: Monday, January 26, 2009 9:02 AM
> To: SECURITY () LISTSERV EDUCAUSE EDU
> Subject: [SECURITY] RIAA Notices
>
> All,
>
> I was wondering how other Universities deal with RIAA notices ? Do you
> really invest the time and effort to track down ? what methodology and
> tools do you use for investigation ?

Yes, we do though we don't get that many notices. We use netflow to verify
the alleged traffic, DHCP and ARP history to verify the system that was
using the IP address, and notify the registered owner and our student
judiciary people who handle the adjudication.

> Do you block all peer-peer traffic

Yes and no. By default any traffic detected as P2P is dropped (courtesy of a
CISCO Service Control Engine, our traffic shaper), but users can request
that the block be lifted. The request is handled in a completely automatic
fashion that does a few things (user must state they won't violate
copyright, pass a short quiz, acknowledge having read our procedures for
dealing with DMCA notices and the like).

So anyone who wants to use P2P can but they have to explicitly request it.

Tim Doty

Attachment: smime.p7s
Description: