I though a little but about this issue and here are some of my comments.
User management I think is a wrong path to take, it will create large overhead and the tasks of administration will eventually grown out of control or boil down to a lot of administration task which I do not think the "landlord" in interested in long term support. Agreement page is sorta useless because the landlord in this case is not acting as an ISP nor does SCFN. So the agreement between the landlord and his user is not the same as the agreement between the his user and the providing ISP. Part of the reason is that these are NATed devices so there is no public visibility to the private addresses other then the public IP that interface with the providing ISP. So if something goes bad, it's the owner of the public address that is responsible because as far as the ISPs are concern they no way to know who is behind the public IP. To comment on Steve and Phil questions, I have some question. Do the "abusive users" preventing you from providing a free Internet service by soaking up all the available bandwidth? Or they get you into trouble because they download copyrighted material? Or both? If soaking up the bandwidth, wouldn't a simple technical solution like priority queue solve this? For example, traffic that are unencrypted and classifiable (http, aim ... etc) are given the highest priority in term of delivery and anything else is best effort. So even if there are 6 abusive users online, the next guy who tried to load a webpage would get it immediately. Second, I'm not sure about the legal ramification of this at this point but from my understand working at large Campus network. If someone were to "accidentally" contacted one of the many fake servers put up by the RIAA or MPAA (to harvest IP addresses) and the user download something copyrighted, a letter is send to the network contact for that AS to locate the user in question. If the campus can find him then he is handed over to the requesting party if not then it's not on the Campus's head. Unless there a subpoena which then Campus have to hand over what ever related data they have. This basically means that the ISP/Campus is not responsible but the user of the IP/MAC is. But since this is a NATed environment, there is no way for the RIAA or the like to identify who behind the public IP address that initialed the request, exactly what Speakeasy policy is saying. So the owner is held responsible. I think, and the keyword is _think_ that the owner can pass on the responsibility if he can prove that it's not him that is causing the trouble. One way I can think of is keeping a detail log of what MAC address is in used, date, time , private IP, requests, remote IP contacted and any other info that aid in proving the owner is not always the person initiating the connection from behind the NATed device. So if a law enforcement knock on his door, he have some proof to give. Someone with legal background here can tell me if that is wrong otherwise I derived it from our tax code, basically audit can happen when there suspicion from the IRS that there is an inconsistence between what we do verses what we said we do, when we do our taxes. So audit is like law enforcement knocking on door and keeping the receipt is one of the way to prove what we said we did is what we did, much like the log. -bn On 3/21/07, Jason Murphy <[EMAIL PROTECTED]> wrote:
Michael, If it is six people shutting down the Normal Heights Node with P2P traffic, is this just a case of more monitoring of traffic? Should there be more network and system admin brought in to do monitoring of the traffic and ban people? It seems like we have everything covered from a technical stand point but this seems to be a social engineering problem and enforcement of it. Michael Mee wrote: > Phil Karn wrote: >> What do you do about this beyond making users agree to an acceptable use >> policy? Who owns the public IP addresses that they use? Has anybody ever >> been contacted by law enforcement about a Socalfreenet user, and were >> they reasonable or heavy handed about it? What about Speakeasy -- are >> they reasonable, or do they just cut you off? > > A lot of great questions Phil. Below are the ones I can answer based on > actual experience: > > We do have an acceptable use policy that people ostensibly agree to by > clicking through. It can be found at > http://socalfreenet.org/wirelesstou. We've never received legal advice > one about whether this actually helps. Some community wireless groups do > this, others don't bother. Note that there may be liabilities with > collecting more information and signups vs a completely hands off > approach. This topic comes up amongst groups who do have some legal > access, and the consensus seems to be that its never been tested in > court and noone really knows for sure. No such group has had a problem > that I'm aware of. > > We've never been contacted by law enforcement (touch wood!). > > We have been contacted by both Speakeasy and Cox (or perhaps Time > Warner?). Both have been very reasonable and worked with us to overcome > the problems they were seeing. In both cases they were concerned about > computers that were trojan infected. I've often thought that our traffic > loads would generate calls, but so far its always been specifically > about 'you have a computer that is virus infected and we need you to fix > it or we'll disconnect you until you do'. We respond by: > > + adding a notice on the captive portal page asking people to check > + adding a redirect to the captive portal to a page telling people how > to check their computer > + where we could, we blocked the MAC of the offending computer > + blocked port 25 in one case where it wasn't already by the ISP > > The contact was never heavy handed. It was a tech person both times, > trying to get to a tech person on our side. They gave us at least 24 > hours in both cases and we were able to resolve it to their satisfaction. > > Random aside: we have blocked MAC addresses that we felt were abusing > the network. Meraki makes this particularly easy, and the user gets a > captive portal page with a custom message explaining why they are > blocked and what they can do about getting unblocked. > > Note that in no case does SCFN own any feeds (except the one on my > street that I run). They're owned by the landlords who pay the monthly > bill who are fully informed about what we're doing. We've asked them > specifically about this issue and they're usually far less concerned > than we are. Apparently they already live with concerns that any tenant > can trip over a crack in the sidewalk outside their building and sue > them and this is just another event their insurance will protect them from. > > That said, I know that I and some of the other key people in SCFN feel > much better that we're now under the wing of the San Diego Computer > Society which has its own liability policy and exists as a legal entity > in its own right. > > hope this helps! There's lots more I could write, so please feel free > to respond if you have specific questions. > > cheers, michael -- -- Jason Murphy [EMAIL PROTECTED] _______________________________________________ SoCalFreeNet.org General Discussion List To unsubscribe, please visit: http://socalfreenet.org/mailman/listinfo/discuss_socalfreenet.org
_______________________________________________ SoCalFreeNet.org General Discussion List To unsubscribe, please visit: http://socalfreenet.org/mailman/listinfo/discuss_socalfreenet.org
