Peter Van Epp
vanepp at sfu.ca
Wed Apr 3 20:22:03 GMT 2002
> So, since our Institution already has in place a ban on users "signing away the rights
> to Institution property", can we talk about how to block this mess?
> Barbara Inzina
> Network Manager
> Marine Biological Laboratory
> Woods Hole, Massachusetts
Sure. Here are a few suggesions:
1) block port 1214 in your border router. I believe this blocks access to
a required kaza connection (although it may port hop, I'm usually behind
the times on these things).
2) use argus, NetTraMet, your_preferred_traffic_measuring_device to assess
traffic by IP address/port and complain / charge / disconnect violators.
3) Set your Packeteer (or preferred traffic limiting device) to allow
9.6 K baud (adjust to taste) to be shared by all KAZA connections on your
We are currently using 2) but may switch to 3) if the load gets too
high. We have found that word quickly spreads in the undergrad community here
that bandwith 1) isn't free (as is widely assumed) because we don't usually
charge for it, and 2) is monitored and excess use will be asked about (with
questions like "and will that $8000 bandwith charge be check or credit card?")
and 3) is covered by the terms of our AUP (even if most have never read it).
Peter Van Epp / Operations and Technical Support
Simon Fraser University, Burnaby, B.C. Canada
More information about the unisog