Educause Security Discussion mailing list archives

Re: RIAA Notices

From: "Stanclift, Michael" <michael.stanclift () ROCKHURST EDU>
Date: Mon, 26 Jan 2009 13:12:14 -0600

Since we do not have IT/CS programs on campus anymore (sad, I know) we don't get many issues like you mention in #2. 
However there are other (slower) ways of grabbing stuff like that outside of P2P. For us, our limited bandwidth 
outweighs even the sometimes legitimate uses of P2P.


Michael Stanclift
Network Analyst
Rockhurst University

http://help.rockhurst.edu
(816) 501-4231

-----Original Message-----
From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Michael 
Sana
Sent: Monday, January 26, 2009 1:01 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] RIAA Notices

Aloha,

Not trying to hijack this thread but I think its relative...

1. For those who have indicated that they don't block P2P, do you feel
that your safeguards in place meet the requirement of the Higher
Education Opportunity Act (HEOA) regarding developing plans to
"effectively combat" the unauthorized distribution of copyrighted
materials?

2. For those who block P2P, how do you deal with distinguishing between
legitimate P2P transfers such as an ISO Linux download versus
copyrighted material.

We are currently using a packet shaper to identify/throttle/block P2P in
conjunction with a CS MARS box to readily flag/identify if it believes a
P2P transaction is occurring.  From there, we can cross reference the
internal IP with Bradford to identify who the laptop is registered to
(not always necessarily the owner).  And because we NAT, I can also use
CS MARS to do a query on reverse NAT translations when the dreaded
letters come in.  This process is still currently in refinement...

mike.sana.

-----Original Message-----
From: The EDUCAUSE Security Constituent Group Listserv
[mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Anand S Malwade
Sent: Monday, January 26, 2009 5:02 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] RIAA Notices

All,

I was wondering how other Universities deal with RIAA notices ? Do you
really invest the time and effort to track down ? what methodology and
tools do you use for investigation ? Do you block all peer-peer traffic
?

Thanks,
Anand

Anand Malwade
Information Security Officer,
Seton Hall University
malwadan () shu edu

Current thread:

Re: RIAA Notices, (continued)
- Re: RIAA Notices Stanclift, Michael (Jan 26)
- Re: RIAA Notices John Kaftan (Jan 26)
- Re: RIAA Notices Sweeny, Jonny (Jan 26)
- Re: RIAA Notices Bob Bayn (Jan 26)
- Re: RIAA Notices Anand S Malwade (Jan 26)
- Re: RIAA Notices Stanclift, Michael (Jan 26)
- Re: RIAA Notices John Lerchey (Jan 26)
- Re: RIAA Notices John Kaftan (Jan 26)
- Re: RIAA Notices Anthony Maszeroski (Jan 26)
- Re: RIAA Notices Michael Sana (Jan 26)
- Re: RIAA Notices Stanclift, Michael (Jan 26)
- Re: RIAA Notices Doty, Timothy T. (Jan 26)
- Re: RIAA Notices Tim Cline (Jan 27)
- Re: RIAA Notices Brenda B Gombosky (Jan 27)
- Re: RIAA Notices Joel Rosenblatt (Jan 27)
- Re: RIAA Notices Scholz, Greg (Jan 27)
- Re: RIAA Notices Ken Connelly (Jan 27)
- Re: RIAA Notices Stanclift, Michael (Jan 27)
- Re: RIAA Notices Peter Charbonneau (Jan 27)
- Re: RIAA Notices Bob Bayn (Jan 27)
- Re: RIAA Notices Cal Frye (Jan 27)

(Thread continues...)