[unisog] no-ip.com etc.

Valdis.Kletnieks at vt.edu Valdis.Kletnieks at vt.edu
Sat Oct 25 03:54:11 GMT 2003


On Fri, 24 Oct 2003 13:30:25 PDT, Ben Curran said:

> I think I hit <send> too soon, after the "shock and awe" of finding some tunnled 
> Gnutella clients getting around ACL's and coincidentally querying campus DNS for  
> no-ip.com hosts, and seeing that our very own campus students are also using no-
> ip.com to register their IP addy's. My apologies for the knee jerk, but sometimes I just 
> get too protective!

Now take a deep breath, *step* *back*, relax, and ask yourself:

"Why am I trying to ban servers on student machines?  What *problem* am I
solving by doing so?"

Is it a bandwidth issue?  If so, notice that it's quite possible to hose a
network while being a client.  The right answer here isn't banning servers,
it's banning excessive bandwidth usage.  Tools like mtrg for graphing who the
offenders are, and stuff like Packeteers for traffic engineering are the right
answer here.

Is it a DMCA/copyright/RIAA/MPAA issue?  If so, your school already has, or
*SHOULD* have, a way to refer those things to whatever campus judicial system
you have.  Let said judicial group know that if they make some examples of
people, their workload will go down.  Works wonders for us - we have what seems
to be one of the lower complaint rates, because the word gets around that if
our DMCA mailbox gets a complaint, you *will* end up having a very bad
afternoon in front of a judicial review board that really didn't want to see
you there the first time, and doesn't want to see you EVER again, and intends
to make sure of it.  (I know Randy is lurking here someplace, and can give a
much better overview of what we do to first second third offenders).

Hmm.. Killing the network, and doing something illegal.  The first isn't about
servers, and the second isn't either, and you should already have ways to deal
with both cases.  Now ask yourself:

If they're not killing the network (which they shouldn't be because you have
countermeasures for that) and they're not doing anything illegal (and you got
countermeasures for that too), why are you spending time and effort trying to
detect/ban/control a server on a student machine?


-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
Url : http://www.dshield.org/pipermail/unisog/attachments/20031024/c5e76c97/attachment-0003.bin


More information about the unisog mailing list