Educause Security Discussion mailing list archives
Re: Student Side Ports
From: "Hahues, Sven" <shahues () FGCU EDU>
Date: Tue, 27 Sep 2011 10:03:48 -0400
On our residential network we try to give students the same internet access as if they had a cable modem at home: We use our network registration system to place gaming consoles into a network with publically routed IP addresses and allow some ports back in for Xbox live and PSN. This helped a lot for the people who reported that xbox live did not work behind NAT (which it unfortunately really does not), and fixed most of the PSN problems as well. Normal devices, such as PCs, and iphones do not end up on that network, but rather end up on private IPs that get NAT'ed to the Internet. We do not block anything there but have a system in place that detects P2P traffic and quarantines users based on the number of offenses, and we also rate shape our users for fair use. (We had a really bad problem where 5% of the users were using 90% of the bandwidth). -----Original Message----- From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Boyd, Daniel Sent: Tuesday, September 27, 2011 8:09 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Student Side Ports The same here... we don't allow inbound traffic without an corresponding outbound request for it, but do very little to restrict gaming and have also tweaked our network to help along some of the more fragile game frameworks. I can handle 100% of our students playing typical games that relay position and status information back to a server, MMORPGs for example, but what I can't handle is 100% of them streaming NetFlix, Amazon, or Hulu and the like, so here we say, "Game on!" (As long as they all don't try to update their game files at the same time...) Dan Daniel H. Boyd (94C) Senior Network Architect Network Operations Berry College Phone: 706-236-1750 Fax: 706-238-5824 There are two rules to follow with your account passwords: 1. NEVER SEND YOUR PASSWORD VIA EMAIL (TO ANYONE)!!!!! 2. If unsure, consult rule #1 -----Original Message----- From: Ken Connelly [mailto:Ken.Connelly () UNI EDU] Sent: Monday, September 26, 2011 2:39 PM Subject: Re: Student Side Ports Kevin Wilcox wrote:
On Mon, Sep 26, 2011 at 12:54 PM, Jason Rinne <rinnej () moval edu> wrote:Now that our bandwidth has increased more users are jumping back on our network. As a result I am getting a lot of requests to open ports for online gaming. What is your policy on opening ports on the student side for gaming or other applications?A lot of folks have chimed in but they've not said what I consider the magic words. Are these inbound ports or outbound ports?
No, they didn't. We don't allow inbound SYNs to our resnet, but don't restrict gaming outbound much at all. In fact, we have done a few things to make a couple of poor performers better. Yes, Blizzard, I'm talking about you! - ken
kmw -- Kevin Wilcox GPEN, GCIH Network Infrastructure and Control Systems Appalachian State University Email: wilcoxkm () appstate edu Office: 828.262.6259
-- - Ken ================================================================= Ken Connelly Associate Director, Security and Systems ITS Network Services University of Northern Iowa email: Ken.Connelly () uni edu p: (319) 273-5850 f: (319) 273-7373 Any request to divulge your UNI password via e-mail is fraudulent! COMPUTING SERVICES WILL NEVER ASK FOR YOUR PASSWORD. You should never give out your username or password for any accounts you have, including bank accounts, credit card accounts, and other personal or University accounts. Computing Services will never contact you using a return e-mail address that is not @fgcu.edu. If you receive a questionable e-mail or an e-mail asking for passwords and logon information, DO NOT RESPOND, and please contact the Help Desk at 239-590-1188.
Current thread:
- Student Side Ports Jason Rinne (Sep 26)
- Re: Student Side Ports Chuck Keeler (Sep 26)
- Re: Student Side Ports Parker, Ron (Sep 26)
- Re: Student Side Ports Roger A Safian (Sep 26)
- Re: Student Side Ports Russ Leathe (Sep 26)
- Re: Student Side Ports Kevin Wilcox (Sep 26)
- Re: Student Side Ports Ken Connelly (Sep 26)
- <Possible follow-ups>
- Re: Student Side Ports Dennis Bohn (Sep 27)
- Re: Student Side Ports Boyd, Daniel (Sep 27)
- Re: Student Side Ports Hahues, Sven (Sep 27)