[unisog] Peer-to-Peer Software

Tim Lane tlane at scu.edu.au
Wed Jun 8 01:57:36 GMT 2005


here at Southern Cross University Australia, we are also using Packeteer 
PacketShaper to block "known" P2P protocols, when I say known,  either 
known by us or known by the Packetshaper - there are hundreds of 
"discovered" ports on the packetshaper that we have not looked at that are 
not blocked.  We also issue periodic email warnings through our copyright 
officer to all students and staff.

A few months ago we sat through a webcast on software that scans for P2P 
software and file types throughout the network and the Internet link as 
well, it seemed pretty good, I am sure that this type of software industry 
is only growing....

A combination of technology controls, and as Russell says, demonstrable 
process would be the go.



At 10:27 AM 8/06/2005, you wrote:
>On Wed, 2005-06-08 at 08:48 +1000, Leigh Vincent wrote:
> > Hi All,
> > I am curious to find out what other places are doing about Peer-to-Peer
> > software.  Here in Australia, Universities are facing a crackdown by the
> > recording industry on downloads that are in breach of copyright etc.
> > and I would be interested to know how others handle this issue.
>We in NZ have also been directly threatened with the same action taken
>against various Australian institutions.
>Our response has been to strictly monitor all file sharing activity
>(note not all p2p is file sharing eg. skype) we mainly rely on snort for
>When we find someone using p2p we send them an official letter drafted
>by the university's lawyers that clearly spells out the university's
>position on copyright violation (i.e. that *everyone* is forbidden to
>use any university owned resource (including network bandwidth) to
>breach the copyright of any third party).
>We also request that if they are using file sharing for some legitimate
>purpose (eg. using BT to download OS software) that the user let us
>This seems to be working well.  We have recently taken over internet
>connectivity for several residences and are currently have a minor
>battle with users as they keep switching to more and more obscure p2p
>protocols.  The latest ploy is IRC channels that have bots that
>advertise downloads, but snort catches them too.
>We believe that the key thing is that we can get up in court(should the
>need arise) and say that we have taken all reasonable measure to prevent
>our resources being used for piracy.  We can point to education
>campaigns, to monitoring and to numerous warnings and follow ups and (a
>very few) disciplinary actions.
>This was something that the 4 Australian universities could not do and
>so they were left fighting the Anton Pillar orders with very little
>backing.  So far they have spent several million dollars fighting regard
>legal action.
>[ Anton Pillar order is a court order allowing a plaintive (in this case
>representative of the Australian music industry -- sadly lead by a
>Kiwi :( ) access to documents (in this case server disks and backup
>tapes) for the purpose of searching for evidence.  I.e seize documents
>so you can mount a fishing expedition  ;)   ]
>unisog mailing list
>unisog at lists.sans.org

Tim Lane
Information Security Program Manager

Information Technology and Telecommunication Services
Southern Cross University
PO Box 157 Lismore NSW 2480

(02 6620 3290    7   02 6620 3033    - tlane at scu.edu.au
8 http://www.scu.edu.au  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.dshield.org/pipermail/unisog/attachments/20050608/52b144bf/attachment-0001.htm

More information about the unisog mailing list