Educause Security Discussion mailing list archives
Re: RIAA Notices
From: "Stanclift, Michael" <michael.stanclift () ROCKHURST EDU>
Date: Mon, 26 Jan 2009 13:12:14 -0600
Since we do not have IT/CS programs on campus anymore (sad, I know) we don't get many issues like you mention in #2. However there are other (slower) ways of grabbing stuff like that outside of P2P. For us, our limited bandwidth outweighs even the sometimes legitimate uses of P2P. Michael Stanclift Network Analyst Rockhurst University http://help.rockhurst.edu (816) 501-4231 -----Original Message----- From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Michael Sana Sent: Monday, January 26, 2009 1:01 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] RIAA Notices Aloha, Not trying to hijack this thread but I think its relative... 1. For those who have indicated that they don't block P2P, do you feel that your safeguards in place meet the requirement of the Higher Education Opportunity Act (HEOA) regarding developing plans to "effectively combat" the unauthorized distribution of copyrighted materials? 2. For those who block P2P, how do you deal with distinguishing between legitimate P2P transfers such as an ISO Linux download versus copyrighted material. We are currently using a packet shaper to identify/throttle/block P2P in conjunction with a CS MARS box to readily flag/identify if it believes a P2P transaction is occurring. From there, we can cross reference the internal IP with Bradford to identify who the laptop is registered to (not always necessarily the owner). And because we NAT, I can also use CS MARS to do a query on reverse NAT translations when the dreaded letters come in. This process is still currently in refinement... mike.sana. -----Original Message----- From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Anand S Malwade Sent: Monday, January 26, 2009 5:02 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] RIAA Notices All, I was wondering how other Universities deal with RIAA notices ? Do you really invest the time and effort to track down ? what methodology and tools do you use for investigation ? Do you block all peer-peer traffic ? Thanks, Anand Anand Malwade Information Security Officer, Seton Hall University malwadan () shu edu
Current thread:
- Re: RIAA Notices, (continued)
- Re: RIAA Notices Stanclift, Michael (Jan 26)
- Re: RIAA Notices John Kaftan (Jan 26)
- Re: RIAA Notices Sweeny, Jonny (Jan 26)
- Re: RIAA Notices Bob Bayn (Jan 26)
- Re: RIAA Notices Anand S Malwade (Jan 26)
- Re: RIAA Notices Stanclift, Michael (Jan 26)
- Re: RIAA Notices John Lerchey (Jan 26)
- Re: RIAA Notices John Kaftan (Jan 26)
- Re: RIAA Notices Anthony Maszeroski (Jan 26)
- Re: RIAA Notices Michael Sana (Jan 26)
- Re: RIAA Notices Stanclift, Michael (Jan 26)
- Re: RIAA Notices Doty, Timothy T. (Jan 26)
- Re: RIAA Notices Tim Cline (Jan 27)
- Re: RIAA Notices Brenda B Gombosky (Jan 27)
- Re: RIAA Notices Joel Rosenblatt (Jan 27)
- Re: RIAA Notices Scholz, Greg (Jan 27)
- Re: RIAA Notices Ken Connelly (Jan 27)
- Re: RIAA Notices Stanclift, Michael (Jan 27)
- Re: RIAA Notices Peter Charbonneau (Jan 27)
- Re: RIAA Notices Bob Bayn (Jan 27)
- Re: RIAA Notices Cal Frye (Jan 27)
(Thread continues...)