Re: RIAA Notices

[Bob Bayn <bob.bayn () USU EDU>]

We have a web interface to our ARP logs where I submit the IP address to find the MAC address connected at the 
infringement time.  That has a cross reference to the IPAM registration for that MAC where I find the owner and email 
address.  I forward the complaint to the user - removing the contact info for the copyright watchdog and prepending a 
statement of our action being taken in response to the complaint.  

I disable the IP registration in our IPAM and post to our user-searchable disabled-issues database.  I send a minimal 
response to the watchdog and file the complaint.  To get network access back, for that MAC, the user has to respond 
with confirmation that the infringing file(s) have been removed and pay a $50 administrative fee.  Repeat infringers 
are referred to the student discipline officer (I don't know what happens there).

We were getting one or two a week up until this month;  I had 10 last week and two already today. 

Bob Bayn     (435)797-2396     Security Team coordinator
"IT will NEVER ask for your password via email, honest!"
Office of Information Technology at Utah State University
________________________________________
From: The EDUCAUSE Security Constituent Group Listserv [SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Anand S Malwade 
[Anand.Malwade () SHU EDU]
Sent: Monday, January 26, 2009 8:02 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] RIAA Notices

All,

I was wondering how other Universities deal with RIAA notices ? Do you really invest the time and effort to track down 
? what methodology and tools do you use for investigation ? Do you block all peer-peer traffic ?

Thanks,
Anand

Anand Malwade
Information Security Officer,
Seton Hall University
malwadan () shu edu