Notes about how we manage the Residence networks

Network Operations Center -- 8/2007

Take a look at this block diagram of the Dowling networks to get an overview of our configuration.

There is a firewall at the edge of the Residential networks. It is set to prevent incoming connections but allow nearly all outgoing connections. This means that most attempts to attack your PC from outside of Dowling will be blocked, but it also means that many applications, including games, that try to connect to your PC will also be blocked. This is a necessary security measure.

There is also a bandwidth management device called PacketShaper at the edge of the Dowling networks. It classifies traffic and attempts to prioritize things like web surfing and Blackboard while lowering the priority of Kazaa, chat, games and various media applications. We do not block these applications with Packetshaper; we limit the amount of bandwidth that they can consume. During the day the administrative networks (including the Computer Labs) get more bandwidth, and at night the Residences get more. Given the limited bandwidth that we all share, this was judged to be the fairest allocation.

Filesharing

We do not block filesharing, but we must remind you that you are not permitted to distribute copyrighted materials without permission. Review the Acceptable Use Policy, and note that one of the things you are not permitted to do is "Violat(e) Federal and State copyright laws". In the Residences this means that you should not use peer-to-peer (P2P) applications to present copyrighted music, videos, software or documents to anyone outside of your PC. In practice, you should remove any such materials, including the music that you legally own, away from any location on your PC where P2P programs can share them: keep them on a CD or in a non-shared directory on your hard drive.

We periodically receive notices from motion picture or recording industry entities, asserting that someone on a PC at Dowling is offering copyrighted materials via peer-to-peer networks. It is our responsibility, once we receive such a notice, to take measures to end the copyright violation activity. What we do is as follows:

  1. We block Internet access by the IP address mentioned in the notice.
  2. We alert the user that s/he has been blocked by redirecting him/her to this page.
  3. We require the user to remove any offending material from shareable locations, and recommend that s/he uninstall any peer-to-peer applications they have installed.
  4. We require the user to sign a statement indicating that the material has been removed and that the copyright violation activity will stop.
  5. Once the above have taken place we restore Internet connectivity for the user.
  6. If a similar event occurs again which involves the same person, that person is again disconnected and referred to the Dean of Students for possible further action.

If we notice that you are utilizing an excessive amount of outbound bandwidth (which almost always indicates filesharing), you may be redirected to the "grim reaper" page for a day or two, even though we have not received a copyright violation notice about your PC. Remove copyrighted material from any place where it can be seen from the Internet; this will eventually eliminate outbound traffic from your PC and get you off the "warning" page quicker. We believe this action reduces the likelihood that you'll get an actual RIAA notice.

Students at other schools have been sued by the record industry concerning copyright infringement. We urge you to take this situation seriously, and protect yourself by not sharing files from your PC.

Viruses and Worms

To get connected and stay connected, you must keep your PC "clean" of viruses and worms, which can cause damage to your PC, and slow everyone's access as the worms attempt to infect others. If we detect worm or virus traffic coming from your PC, we will block your Internet access until it stops, and show you this page. Please read http://www.dowling.edu/mydowling/tech/securepc-v3.html and do what it takes to secure your PC, so that you can stay online.

We have provided some tools which you may borrow from the Residence staff or from the Library, on a CD named "ResNet2007" (replicated here - login with your Dowling email/network account). These tools include some free antivirus and antispyware tools, and a couple of other programs that turn off vulnerable services.

Games

Many games require that we "open ports on the firewall" so that your PC can become a game server. Opening ports increases your vulnerability to malware. We suggest seeking help from the game authors: more recent programs are written more securely and don't require your network admins to "open holes" in order to make them work.