I though a little but about this issue and here are some of my comments.

User management I think is a wrong path to take, it will create large
overhead and the tasks of administration will eventually grown out of
control or boil down to a lot of administration task which I do not think
the "landlord" in interested in long term support.

Agreement page is sorta useless because the landlord in this case is not
acting as an ISP nor does SCFN.  So the agreement between the landlord and
his user is not the same as the agreement between the his user and the
providing ISP. Part of the reason is that these are NATed devices so there
is no public visibility to the private addresses other then the public IP
that interface with the providing ISP. So if something goes bad, it's the
owner of the public address that is responsible because as far as the ISPs
are concern they no way to know who is behind the public IP.

To comment on Steve and Phil questions, I have some question. Do the
"abusive users" preventing you from providing a free Internet service by
soaking up all the available bandwidth? Or they get you into trouble because
they download copyrighted material? Or both?

If soaking up the bandwidth, wouldn't a simple technical solution like
priority queue solve this? For example, traffic that are unencrypted and
classifiable (http, aim ... etc) are given the highest priority in term of
delivery and anything else is best effort. So even if there are 6 abusive
users online, the next guy who tried to load a webpage would get it
immediately.

Second, I'm not sure about the legal ramification of this at this point but
from my understand working at large Campus network. If someone were to
"accidentally" contacted one of the many fake servers put up by the RIAA or
MPAA (to harvest IP addresses) and the user download something copyrighted,
a letter is send to the network contact for that AS to locate the user in
question. If the campus can find him then he is handed over to the
requesting party if not then it's not on the Campus's head. Unless there a
subpoena which then Campus have to hand over what ever related data they
have. This basically means that the ISP/Campus is not responsible but the
user of the IP/MAC is. But since this is a NATed environment, there is no
way for the RIAA or the like to identify who behind the public IP address
that initialed the request, exactly what Speakeasy policy is saying. So the
owner is held responsible.

I think, and the keyword is _think_ that the owner can pass on the
responsibility if he can prove that it's not him that is causing the
trouble. One way I can think of is keeping a detail log of what MAC address
is in used, date, time , private IP, requests, remote IP contacted and any
other info that aid in proving the owner is not always the person initiating
the connection from behind the NATed device. So if a law enforcement knock
on his door, he have some proof to give. Someone with legal background here
can tell me if that is wrong otherwise I derived it from our tax code,
basically audit can happen when there suspicion from the IRS that there is
an inconsistence between what we do verses what we said we do, when we do
our taxes. So audit is like law enforcement knocking on door and keeping the
receipt is one of the way to prove what we said we did is what we did, much
like the log.

-bn

On 3/21/07, Jason Murphy <[EMAIL PROTECTED]> wrote:

Michael,
If it is six people shutting down the Normal Heights Node with P2P
traffic, is this just a case of more monitoring of traffic? Should there
be more network and system admin brought in to do monitoring of the
traffic and ban people?

It seems like we have everything covered from a technical stand point
but this seems to be a social engineering problem and enforcement of it.


Michael Mee wrote:
> Phil Karn wrote:
>> What do you do about this beyond making users agree to an acceptable
use
>> policy? Who owns the public IP addresses that they use? Has anybody
ever
>> been contacted by law enforcement about a Socalfreenet user, and were
>> they reasonable or heavy handed about it? What about Speakeasy -- are
>> they reasonable, or do they just cut you off?
>
> A lot of great questions Phil. Below are the ones I can answer based on
> actual experience:
>
> We do have an acceptable use policy that people ostensibly agree to by
> clicking through. It can be found at
> http://socalfreenet.org/wirelesstou. We've never received legal advice
> one about whether this actually helps. Some community wireless groups do
> this, others don't bother. Note that there may be liabilities with
> collecting more information and signups vs a completely hands off
> approach. This topic comes up amongst groups who do have some legal
> access, and the consensus seems to be that its never been tested in
> court and noone really knows for sure. No such group has had a problem
> that I'm aware of.
>
> We've never been contacted by law enforcement (touch wood!).
>
> We have been contacted by both Speakeasy and Cox (or perhaps Time
> Warner?). Both have been very reasonable and worked with us to overcome
> the problems they were seeing. In both cases they were concerned about
> computers that were trojan infected. I've often thought that our traffic
> loads would generate calls, but so far its always been specifically
> about 'you have a computer that is virus infected and we need you to fix
> it or we'll disconnect you until you do'. We respond by:
>
> + adding a notice on the captive portal page asking people to check
> + adding a redirect to the captive portal to a page telling people how
> to check their computer
> + where we could, we blocked the MAC of the offending computer
> + blocked port 25 in one case where it wasn't already by the ISP
>
> The contact was never heavy handed. It was a tech person both times,
> trying to get to a tech person on our side. They gave us at least 24
> hours in both cases and we were able to resolve it to their
satisfaction.
>
> Random aside: we have blocked MAC addresses that we felt were abusing
> the network. Meraki makes this particularly easy, and the user gets a
> captive portal page with a custom message explaining why they are
> blocked and what they can do about getting unblocked.
>
> Note that in no case does SCFN own any feeds (except the one on my
> street that I run). They're owned by the landlords who pay the monthly
> bill who are fully informed about what we're doing. We've asked them
> specifically about this issue and they're usually far less concerned
> than we are. Apparently they already live with concerns that any tenant
> can trip over a crack in the sidewalk outside their building and sue
> them and this is just another event their insurance will protect them
from.
>
> That said, I know that I and some of the other key people in SCFN feel
> much better that we're now under the wing of the San Diego Computer
> Society which has its own liability policy and exists as a legal entity
> in its own right.
>
> hope this helps!  There's lots more I could write, so please feel free
> to respond if you have specific questions.
>
> cheers, michael


--
--
Jason Murphy
[EMAIL PROTECTED]

_______________________________________________
SoCalFreeNet.org General Discussion List
To unsubscribe, please visit:
http://socalfreenet.org/mailman/listinfo/discuss_socalfreenet.org

_______________________________________________
SoCalFreeNet.org General Discussion List
To unsubscribe, please visit: 
http://socalfreenet.org/mailman/listinfo/discuss_socalfreenet.org

Reply via email to