[afnog] Use of BitTorrents in Academic Environments
regnauld at nsrc.org
Tue Feb 26 15:59:33 UTC 2013
amon.kasonda at unza.zm (amon.kasonda) writes:
> Dear All,
> I am seeking advice from IT experts in academic environments on
> how they have handled the issue of BitTorrents on their network.
> As a university we have blocked this service because of the effect
> it has on internet bandwidth and issues pertaining to security. This
> is an inherent default configuration policy I have found in the
> university. However, our users strongly feel the service must be
> restored to enhance their learning and internet experience. Your
> independent views in this regard are welcome.
A few observations and questions from an outsider:
While I understand that bittorrent is frighteningly efficient
at downloading lots of content in a short time (which is,
after all, that which it was designed to do), but I'm a bit
curious about the security aspect. Would you care to elaborate
on that particular point ? It would actually be useful for
us as the question of dealing with bittorrent is quite a
popular one when we talk to universities around the world.
Is it insecure clients ? Or something else ?
The next question is: how do you block bittorrent ? In doing
so, are you certain that you are not blocking other services
? Filtering ports 6881-6999 may not be enough as motivated
users will find ways around it, such as changing the ports,
or using encryption/ Tor. Third party solutions such as DPI
or similar (NBAR) will have an impact on performance -
something that may not be an issue today, but as networks
get faster, this will almost certainly be a bottleneck (or
get really expensive to license).
The third question is: while a major part of bittorrent
content may not be of educational interest, can you be
certain that limiting access to it is not going to hurt
someone's research ?
For instance: http://en.wikipedia.org/wiki/BitTorrent#Education
* Florida State University uses BitTorrent to distribute large scientific
data sets to its researchers.
* Many universities that have BOINC distributed computing projects have used
the BitTorrent functionality of the client-server system to reduce the
bandwidth costs of distributing the client side applications used to process
the scientific data.
Finally, a suggestion: what some universities have done is:
1. Create an Acceptable Use Policy that all students and
faculty must sign upon enrolling. This AUP will amont other
things state that users and faculty are not allowed to use
university facilities including Internet access to access
or download material obtain illegally, and that university
staff can terminate internet access for these users should
they do so repeatedly.
2. Setup a passive monitor (span port, mirroring) to monitor
traffic with something like Snort or NfSen, and upon detecting
traffic on these ports, redirect the client's port 80 traffic
to a webpage, where something similar is displayed:
"You are currently, or have recently, been using bittorrent. If you
are running bittorrent, please take the following measures: limit
your upload and download rates as a courtesy to other users and
make sure you are not downloading material you do not have permission
to copy, as stated in the AUP. Do note that your IP, MAC address
and the time of this connection has been logged.
If this is not the case, please disregard this message and click
Continue, but know that you may unknowingly be running software
that was installed without your knowledge."
What we've seen is that this (and it may be different in some
parts of the world), is usually enough to make users think twice
about using bittorrent for downloading content.
More information about the afnog