[unisog] Consumer-grade networking in Residence Halls

McGuffin, Tim ucs_tim at exchange.shsu.edu
Thu Sep 1 20:17:22 GMT 2005

We allow them.

If they're running a NAT box, they're computer is a little more
protected from the worm-of-the-day that may be present in the residence
halls.  It'll also allow them to connect their game console, PC and
laptop at the same time through the single active port we give them.  

They are notified through a netreg-style system that they're responisble
for all the traffic that passes through their port, and are disabled if
anything "bad" comes through it or happens.  They're also allowed their
own wireless AP, and are given instructions on how to secure them.  If
they don't secure them, they're still responsible for every packet that
originates from it...

We haven't had any problems since we've started working with the
students instead of against them on this issue.  


-----Original Message-----
From: unisog-bounces at lists.sans.org
[mailto:unisog-bounces at lists.sans.org] On Behalf Of Weidner, Steve
Sent: Thursday, September 01, 2005 2:48 PM
To: unisog at lists.sans.org
Subject: [unisog] Consumer-grade networking in Residence Halls

Although I'm confident that students have been bringing hubs, switches
and routers (and their wireless equivalents) to their dorm rooms for the
last few years, we are taking a more active stance this year in our
attempts to locate and remove such devices.  

Hubs and switches are not trivial, but relatively easy to locate as we
can view the MAC-address tables in our Cisco switches and just look for
any access (non-trunk) port with two or more MAC addresses associated.
Unfortunately, the routers and wireless routers are more of a challenge.

What utilities and methods have others on this list used on their

Steve Weidner
Network Analyst
The University of South Dakota

unisog mailing list
unisog at lists.sans.org

More information about the unisog mailing list