your mail

Eric Gauthier eric at roxanne.org
Mon Mar 15 03:19:12 UTC 2004


> > This is a topic I get very soap-boxish about.  I have too many problems
> > with providers who don't understand the college student market.  I can
> > think of one university who requires students to login through a web
> > portal before giving them a routable address.  This is such a waste of
> > time for both parties.  Sure it makes tracking down the abusers much
> > easier, but is it worth the time and effort to manage?  This is a very
> > legitimate idea for public portals in common areas, but not in dorm
> rooms.

I've been offline for a few days and I'm catching up, so I might be taking
this one out of context.  If so, I'm sure I'll be flamed appropriately.
The University that I work for has one of these "go to a web page and
authenticate to get a valid IP" though, admittedly, we only make
them authenticate once.  What does it take to manage?  Just the up front 
work to put the system in place (which wasn't much).

For the small inconvenience of logging in once and the extremely small
overhead in maintaining the system, we've found a log of uses.  Two
examples come to mind.  We have the ability to automate the forwarding 
of DMCA violation notices because we know what human was responsible for
the "offense" that occured a few weeks/months back.  We also have the ability 
to contact a human when their system is infected instead of merely shutting 
their port, waiting for them to call, and hoping that our help desk correlates
the "my computer isn't working" with the "this port is shut for a security
incident".  We might know what dorm room the computer is in, but our rooms 
sometimes have four people with four to six computers and almost none of our 
students use their land-line, opting for a cell phone that's not listed in the 
campus directory...   Anyway, knowing what room the computer is in really 
doesn't provide us much help unless we want someone to walk over there.  With a 
username, we can at least send them an email or put them on a "watch" list for
when they call....

Eric :)



More information about the NANOG mailing list