Educause Security Discussion mailing list archives

Re: copyright infringement notices volume

From: "King, Ronald A." <raking () NSU EDU>
Date: Fri, 17 Sep 2010 10:11:16 -0400

We block P2P/Torrent traffic with our Tippingpoint IPS.  We allow gaming.
The IPS has had no issues (or rather we have had no complaints) with the
device detecting them correctly. 

(KNOCK on WOOD!)


Ronald King
Security Engineer
Norfolk State University
Marie V. McDemmond Center for Applied Research
Suite 401
700 Park Ave.
Norfolk, Virginia  23504
Phone:  757-823-3918
Fax: 757-823-2128
Email: raking () nsu edu
http://security.nsu.edu


-----Original Message-----
From: The EDUCAUSE Security Constituent Group Listserv
[mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Jeff Kell
Sent: Friday, September 17, 2010 9:49 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] copyright infringement notices volume

 On 9/17/2010 7:15 AM, John Ladwig wrote:

I *had* meant to send my policy query only to Jeff but given the sudden

but inevitable betrayal by my MUA, I'm interested in BT control policies, as
some I've seen apply to bulk-transfer only, and others apply to control and
discovery traffic.  Do you do full-block or radically-degraded service, etc?


It occurs to me that blocking BT via bulk-transfer policies without also

limiting tracker and other discovery traffic may net one the worst of both
worlds;users grumpy about not being able to transfer fiels, *and* DMCA
notices due to uncontrolled tracker traffic.

We block BitTorrent, but do allow it for World of Warcraft updates (students
get very vocal when that doesn't work).  Those specific updates are
recognized by the Procera.

If you are less flexible in identifying that traffic, WoW updates are
typically BT over port 3724, but your users may hard-code that into their
own BT client and take advantage :)

We also have a "BitTorrent Allowed" exception object that requires
presenting a valid case and justification for the exemption, which takes
care of the CS-types and linux junkies that want to obtain .iso images and
related files that way.  The process includes (as I've seen mentioned by
others regarding BT-based .iso downloads) suggestions of finding a suitably
well connected FTP source.  We can pull an .iso via FTP over Internet2 a
whole lot faster than any BT process.  Consequently, our exception list is
down to 2-3.

Jeff

Attachment: smime.p7s
Description:

Current thread:

Re: copyright infringement notices volume, (continued)
- - Re: copyright infringement notices volume Chris Green (Sep 16)
    - Re: copyright infringement notices volume Jeff Kell (Sep 16)
    - Re: copyright infringement notices volume Michael J. Wheeler (Sep 16)
    - Re: copyright infringement notices volume Jeff Kell (Sep 16)
    - Re: copyright infringement notices volume John Ladwig (Sep 17)
    - Re: copyright infringement notices volume Daniel Bennett (Sep 17)
    - Re: copyright infringement notices volume Patrick Goggins (Sep 17)
    - Re: copyright infringement notices volume John Ladwig (Sep 17)
    - Re: copyright infringement notices volume Daniel Bennett (Sep 17)
    - Re: copyright infringement notices volume Jeff Kell (Sep 17)
    - Re: copyright infringement notices volume King, Ronald A. (Sep 17)
    - Re: copyright infringement notices volume Cal Frye (Sep 17)
    - Re: copyright infringement notices volume Dave Inman (Sep 17)
    - Re: copyright infringement notices volume Cal Frye (Sep 17)
    - WebKnight - web application firewall Youngquist, Jason R. (Sep 20)
    - Re: copyright infringement notices volume Gibson, Nathan J. (HSC) (Sep 16)
    - Re: copyright infringement notices volume Jeffrey D Sabin (Sep 16)