Slashdot Mirror

And now you're talking about schools mantling their own fiber! I'm sorry, are they going to employ their own lien men and NOC operators?

That'd be done either by whatever organisation runs the local school system or some group set up specifically as an ISP for the schools. (Assuming we're using JANET as an example...)

You also gota realize that the UK is like the size of California. No sorry, quite a bit smaller. And that's just 1 of 50 states that need to be interconnected. Ever hear of alaska? Ya, it's like the size of France, who thinks that'll be cheap to fiber up? I'll bet that it should cost the same to cross 20,000 miles of roads as it does to cross 2,000 miles. Maybe you can find me a single citation for the cost your talking about. I've looked up the prices, my estimate is quite conservative. Your price of "virtually nothing" is a laughable as it is fantastic. As in: it only exists in your fantasy.

This excuse comes up way too often. I imagine it's perfectly easy to wire up New York and its surrounding areas for not much more than Sweden. Meanwhile, there seems to be nowhere that has 100Mb/s Internet in the US that isn't sat on a university WAN. There is nothing at all stopping an ultrafast ISP being set up specifically in San Francisco, New York or other cities and ignoring anywhere remotely rural.

"I already have 50Mbps at home, going to 100Mbps sometime soon, with probably a 20Mbps backup - all for me."

I'm sure that makes it easy to download all those text books. But seriously, what the hell are you doing with 50mbps? Oh I'm sure you have a really good reason to need to double that bandwidth too.

I imagine he's using Virgin at home, in which case the speed doubling is their doing, not the poster's choice...

Janet, the Joint Academic Network, that connects all the UK universities, colleges, schools etc. has a strict policy against content-filtering - partly because it's against the ethos of an academic network and partly because they're bright enough to realise that it wouldn't work:

there is no centrally imposed filtering of web, e-mail or other content provided by the network; indeed, such filtering would be ineffective as the network provides many possible routes to bypass any solution implemented at a single point.

http://www.ja.net/documents/publications/factsheets/072-janet-and-internet-filtering.pdf

Bearing in-mind that most academic institutions use Janet for their student's Internet access, and most file-sharers are in the 18-25 age group, and something like 45% of 18-25 year olds go to university...

I know for a fact (because my work ISP feed gets their feed of them) that JANET does not use the IWF blacklists.

JANet offers both uncensored and censored feeds, at the institution's choice. Presumably the theory is that universities (who JANet was originally set up to serve) will usually want an uncensored link, whereas schools are more likely to want censored.

I'm not sure whether the "RM SafetyNet Plus" filtering offered uses IWF lists or not. Based on a quick reading of RM's web site, it seems they have their own list, but they could just be rebranding IWF's.

I know for a fact (because my work ISP feed gets their feed of them) that JANET does not use the IWF blacklists.

And yet they are listed on the IWF site as full members. http://www.iwf.org.uk/funding/page.64.htm

Maybe they just report your GPS location directly to the kill-bots.

I know for a fact (because my work ISP feed gets their feed of them) that JANET does not use the IWF blacklists.

This leads to the amusing situation where schools (who are clearly in a position to most 'benefit' from the IWF list) who use JANET or a JANET subsidiary for their Internet feed are not subject to the IWFs will.

Bureaucracy gone mad. :)

Well, it is the main hub for Eastnet

There's a 2004 analysis by Columbia University of how Skype does its sneaky business here: http://arxiv.org/ftp/cs/papers/0412/0412017.pdf. The JANET network in the UK didn't like what happened when it allowed a PC to become a supernode, as you can read here: http://www.ja.net/development/voip/skype&janet.pdf . They found in 24 hours it had talked to over 38,000 different IP addresses, maintaining 'over 660-690 open connections to different hosts'.

Just for all those who say Skype is ok to put on your network and net admins should chill and allow this crap..

check out: http://www.ja.net/development/voip/skype&janet.pdf

There are many more examples of why skype should be blocked, there are other voip clients which can be used which do not put such a high drain on your bandwith, especially if you have a large pipe.

Ross Anderson made an interesting presentation on the Economics of Dependability and Security at Networkshop this year which provides a good overview of the subject. The video and slides are linked from:
http://www.ja.net/services/events/networkshop/Netw orkshop34/webprog.html

Yes, you are completely correct. It is spam.

But you will not change his opinion. I believe he is the anonymous "EMail marketing company" from earlier in this thread.

He claims that "This is an industry standard practice..." but that phrase means whatever anyone wants it to mean.

That practice has been vilified for YEARS as "collateral spam". Here is a reference from FIVE YEARS AGO http://www.ja.net/CERT/JANET-CERT/mail/junk/collat eral.html

Again, always remember Rule #1.

Spammers lie. He is a spammer. He lies.

One of the reasons I prefer Exim4 is that it is possible to kill all rNDR collateral spam by simply adding an X-header to my out-bound email and checking for such on any in-bound "NDR" messages.

The banning of Skype at some departments and colleges at Cambridge comes as no surprise to me.

I was at Cambridge during the late 90's-early Noughties, and I seem to recall a number of stern warnings to students about bandwidth usage from both College and University computing authorities. One of them even included a plea to use European or British mirrors as much as possible.

The shame is that while the Cambridge University Data Network had bandwidth to burn within Cambridge, it seems that the trouble was always further upstream on JANET.

Things got so bad that there were rumours at the time that the poorer colleges were going to start charging their students for bandwidth. I never heard anything of it, and it didn't stop the proliferation of p2p (both in the form of Napster and samba shares) in my time there.

If you get an IP from a DHCP request, as far as I'm concerned that constitutes authorisation. How else am I supposed to know if I am authorised ?

Me : Am I authorised an IP on this network
DHCPD : Lemme check your MAC address ...... sure here's an IP

http://www.ja.net/CERT/JANET-CERT/law/cma.html#1

Computer misuse offences
Unauthorised access to computer material.
1.-(1) A person is guilty of an offence if-

1. he causes a computer to perform any function with intent to secure access to any program or data held in any computer;
2. the access he intends to secure is unauthorised; and
3. he knows at the time when he causes the computer to perform the function that that is the case.

(2) The intent a person has to have to commit an offence under this section need not be directed at-

1. any particular program or data;
2. a program or data of any particular kind; or
3. a program or data held in any particular computer.

(3) A person guilty of an offence under this section shall be liable on summary conviction to imprisonment for a term not exceeding six months or to a fine not exceeding level 5 on the standard scale or to both.

hmm, oh bugger. I'd better not rely on that in court ! (and if I do, I hope I don't get my /. posts used as evidence)

http://www.dhcp-handbook.com/dhcp_faq.html#widpx

# How can I prevent unauthorized laptops from using a network that uses DHCP for dynamic addressing?

This would have to be done using a mechanism other than DHCP. DHCP does not prevent other clients from using the addresses it is set to hand out nor can it distinguish between a computer's permanent MAC address and one set by the computer's user.

Apart from the university I work at, as the IT Security Officer, where we've spent large amounts of money on hardware firewalls and monitoring software etc. JANET take a dim view of people running 'h4x3d' networks.

Freeriders, Ha!
The UK academic network (JANET) pays charges per megabyte of transatlantic traffic; a few years back, to reduce the bandwidth charges,they set up a Web cache service. http://wwwcache.ja.net/ That seems to be semi-defunct now, but when it had monthly stats online, the graphs for requests by volume were very interesting: 30% or more of the total transatlantic traffic (paid for by the UK taxpayer) was banners served up by Doubleclick and friends: advertising useless shite that wasn't even available/usable/useful in the UK. Every Doubleclick image had a unique URL with a tracking ID built in, so it wasn't cached like everything else, but served up anew with every page view.
So 30% of the bytes passing through the UK web cache were a complete waste of bandwidth, paid for out of the UK academic funding. And these arsecandles want to call anyone who doesn't want to waste bandwidth/download time on dialup in loading ads for stuff they don't want/need/can't use, *free riders*?

If they infect a UK resident they are in breach of the computer misuse act here. If someone were to report it to the police they would have to investigate. That is if it is actually a problem and not just a journo trying to make noise.

(1) A person is guilty of an offence if-

1. he causes a computer to perform any function with intent to secure access to any program or data held in any computer;
2. the access he intends to secure is unauthorised; and
3. he knows at the time when he causes the computer to perform the function that that is the case.

full text

Fundamentally, it's just like the JANET network here in the UK -- it is a network backbone that links educational establishments to each other and the Internet.

(I'd say that calling the US academic network "Internet2" is misleading -- it's just another network, albeit a fast one.)

The University where I work has introduced
1) Censorship of the Web, using Websense http://ww2.websense.com/global/en/.
2) Throttling bandwidth on network ports using Storm Control http://www.cisco.com/en/US/products/hw/switches/ps 708/products_configuration_guide_chapter09186a0080 160a9f.html
3) Filtering out spam using Ironmail http://www.ciphertrust.com/products/index.php
Each these measures have had a negative impact on genuine study and research.

Our Computer Centre Director, who is in the invidious position of having to balance academic freedom against meeting JANET http://www.ja.net/ regulations, released this message which I reproduce here to show what Universities are dealing with.

-END OF QUOTE-
The introduction of restrictions is not something
that we have come to lightly. We certainly have
no desire to apply censorship to our users;
however, unlike Internet Service Providers,
we have somewhat more legal responsibility for
the material that is carried over or stored
within our network. In particular, the University
can be held 'vicariously liable' for a number
of offences relating to, for example, the
display or storage of pornography. Similarly,
material relating to religion or race that is
capable of offending is a potential threat, in
a legal sense, to the University. There are others.

On the matter of websites that just plainly offer
no business value to the University, we need to
strike the right balance between the various
interests. We have real concerns about the
capacity of our network and to compromise academic
and business activity on the network because we
are hosting a flood of dubious traffic does not
make good sense. However, under this specific
concern, clearly there may be scope for relaxing
restrictions outside the 'working day'.
-END OF QUOTE-

Sure it's fast, but it's not that great. SuperJANET 4 is running on a 10Gbps backbone with plans to increase it to 20Gbps in the near future.

There's nothing quite like having a 2.5Gbps net connection coming straight into your department at uni :)

Bristol (UK) is home to the second largest HP Labs in the world. They have also been involved in some fun wireless projects around the city. By fun, I mean "open networks connected to JANET". (here's one)

As far as I know institutions were charged for data that went over the transatlantic links (and not for data that went round Europe

JA.NET used to fund a proxy service that the institutions could link up to (for free) however this was closed in late 2002, details are still online wwwcache.ja.net

I think you will find that UK Universities DO pay bandwidth costs for traffic that goes outside of ja.net (maybe they are charged for ja.net traffic too these days). Prices are especially steep if you generate transatlantic traffic. Caching of data has become very important in an effort to cut costs and it's rare that you are allowed to make www connections without going through some sort of Uni proxy.

Take a look at the network charging page for more details.

Why on earth would the bandwidth be free? Just because it's "academic"?

Best guess, its probably some old server on the end of a shared university 10mb line or something. JANET are going to be so pleased.

Don't be so certain, JANET (the Joint Academic NETwork, which links together UK universities) has a 10 Gbit/s backbone. That's a pretty fat pipe...

This site was already playing up a few days ago when I looked at it. Its the Public Records Office all over again.

Best guess, its probably some old server on the end of a shared university 10mb line or something. JANET are going to be so pleased.

Britain's JANET network has a highly extensive network of web caches. The theory being that one of the biggest loads on the transatlantic link is web traffic, and that the same site is often accessed repeatedly (eg: for University coursework), so that the most efficient solution is to cache everything.

This program behaviour was previously hilighted as a breach of the Computer Misuse Act 1990-- software which causes a computer to perform any function with intent to secure access to any program or data held in any computer. i.e. the software firm is illegally securing access to licensing data (i.e. that the program is pirated) by sending an email without the computer owner's authorisation. I remember the author of an Acorn program a few years back being forced to remove this behaviour from his software for this reason.

And, found more in depth info from Bontchev - seems he just misremembered later.

Anyone who want to learn more about how UNIX Password security was designed should read this paper by Robert Morris and Ken Thompson that explains things like hashes (one way cryptographic functions) and salted passwords.

For me, it ends at the edge of my isp, where everything else goes on to alter.net, and from my university the connection is dead beyond janet in London.

Some of the UK academic network has started an experimental IPv6 network for researchers to play with.

Remote OS detection via TCP/IP StackF ingerPrinting

TCP/IP Stack Fingerprinting Principles

Graphing Randomness in TCP Initial Sequence Numbers

Security Problems in the TCP/IP Protocol Suite

System Fingerprinting With Nmap

Remote OS detection via TCP/IP Stack FingerPrinting

By providing circuits to power substations and then setting up PLC kit there SSE have been able to provide such high speed access to an area that the telcos and cable companies are never going to cover in a million years.
They're not looking to be cheaper, they're looking to cover the areas that won't normally be reached.

Further Information as shown in a presentation I went to several months back

ja.net (The UK organisation for education networking) is currently trialing 2 way satellite and I'd have to say I was impressed at the network access conference I went to recently.
The guy was brave enough to do a live demo (The dish having been rigged up only a couple of hours earlier). ping times were a consistant 600ms and bandwidth was a symmetric 2M.
It seems like a very good solution for the rural, the only barriers are the latency (which isn't as bad as I thought it would be) and the high cost.
dc-sat.net are the company involved in the trial.

Note : The link isnt to the full act itself, but to the excerpted version provided by JANET/CERT as a referance for academic institutions in the UK with lots of nice hyper links. If you want the real Mcoy in one big lump it can be found here

Note : The link isnt to the full act itself, but to the excerpted version provided by JANET/CERT as a referance for academic institutions in the UK with lots of nice hyper links. If you want the real Mcoy in one big lump it can be found here

We use LVS code to load balance our squid boxen at layer 4, and have successfully shifted some 120Mbps through one of our nodes using direct routing on the backends, rather than NATing the system - this configuration barely loaded the frontend (which was only a 500MHz machine) and load balanced some 15-16 backend machines.

ISTR there is some early layer 5-7 code on the LVS site somewhere, but I've not used it, so I don't know how stable it is, or what the performance is like.

Well, according to JaNet's "External Network access Provision" page, there's another 2.5Gbits from JaNet to the US that isn't KPNQ. And, incidentally, my connection to slashdot, from bris.ac.uk (on janet,) doesn't go via any of janet's transatlantic links, it goes though linx and then UUNet. No black holes here, thank you very much :-)

As far as I know UK academic network (JANET) was solely connected by KPNQwest so they are looking for new providers.

WorldCom has provided a new transit system but I'm not sure if its fully working and if the switch is fully over. We shall see at 7pm.

It looks like JANET (the Joint Academic NETwork) is going to lose its connection to the rest of the world, unless they speed up their process for procuring a replacment: according to their current schedule, a replacement will be active on the first of September, while KPNQwest is probably closing down in a couple of hours (time correct as I write) :(

It looks like JANET (the Joint Academic NETwork) is going to lose its connection to the rest of the world, unless they speed up their process for procuring a replacment: according to their current schedule, a replacement will be active on the first of September, while KPNQwest is probably closing down in a couple of hours (time correct as I write) :(

Take the UK for instance, Government has no involvement in administrating .uk, Nominet is run as a non-profit in the academic world, I believe part of the (modest) fees they collect go to fund the academic backbone, no business nor government gets in the way.

As for South Africa, their government is intent on controlling anything of value, after five years of pondering they've only just realised that Internet = $$$, hopefully in another few years they'll realise the bubble burst two years ago.

Be good for education and research though. JANET is planning to be 10Gbps on the core by late-Summer so they'll be pleased the standard has been approved (see http://www.ja.net/superjanet/index.html)

Clarification:

ja.net charges for transatlantic bandwidth partly because a great deal of ja.net's costs were on paying for transatlantic lines. Anything that doesn't travel via these lines (ie via LINX or GEANT is free which means most resources in the UK or europe.

Ja.net has also mitigated the need to use so much transatlantic traffic through the use of mirror.ac.uk and the National ja.net webcache.
If only more people were to use these, a number of smaller UK academic institutions are not aware of a number of services that ja.net can provide for them but this is changing in recent years.

Clarification:

ja.net charges for transatlantic bandwidth partly because a great deal of ja.net's costs were on paying for transatlantic lines. Anything that doesn't travel via these lines (ie via LINX or GEANT is free which means most resources in the UK or europe.

Ja.net has also mitigated the need to use so much transatlantic traffic through the use of mirror.ac.uk and the National ja.net webcache.
If only more people were to use these, a number of smaller UK academic institutions are not aware of a number of services that ja.net can provide for them but this is changing in recent years.

I once heard a phone engineer (BT) plug himself in...

At the time (1984-89) I worked on the JANET network as a Network Operator. We used to have to chase line faults on the 9600 analogue circuits used back then (isn't progress a great thing?). One particular afternoon I was on the phone to the local exchange helping said engineer trace an intermittent problem.

Suddenly in the middle of the conversation there was a strangled yell, followed by a loud metallic clatter as he fell off his aluminium step-ladder. A few seconds of silence passed, then a wavering voice came back on the line "..h..hello?..".

Turned out the poor bloke had been talking to me on a linesman's phone (attached to the exchange with croc-clips) whilst he looked for a dry joint - then decided to grasp a bare wire carrying ringer circuit. This page gives ringer as 75V AC @ 25hz. Ouch

Matt

If this screensaver was able to become "more than a screensaver" would it be illegal? The janet rules for .ac.uk are that only students of whatever university are allowed to use the uni's janet connection, non uni students/staff are not allowed (at least that is what we got told). If this is (still) true then would the companies advertising be allowed to advertise this way, as they are most likely companies who are not uni staff, and having a "more than a screensaver" could mean they could use this internet connection somehow
Another thing is, if this kind of advertising was to become a common thing then it would make sense to have a centralised ad server which the screensaver running at each uni would pull a new ad from each time, that would probably violate janet's rules too as it is using the connection for non-academic purposes..

Is anyone else thinking of the Greybook protocol?

My upstream ISP (Demon Internet) is a participant in the 6bone network; so I e-mailed their 6bone contact and requested a small allocation of IPv6 addresses with which I could use on my internal network (all Linux; therefore all capable of IPv4).

I received no response from them whatsoever after three seperate e-mails. I *want* to switch away from IPv4, but my upstream ISP won't let me, while they are making out to the outside world that they are 'spearheading' the IPv6 revolution by announcing that they are a member of the 6bone.

Yes, I have considered applying to other 6bone networks, such as JANET and other UK ISPs, but my upstream ISP would have been ideal for my IPv4IPv6 tunnel (zero routing overheads). Besides, it is a matter of principle.

Anybody running a 6bone site reading this care to comment ? - before you say it, yes, I fulfil the criteria for joining the 6bone (according to http://www.6bone.net/ anyway).

Readers of a UK bent might be interested in the latest upgrade to JANET, the Joint Academics Network. This is the primary backbone supplier to (all?) Universities and (some) Further Education Colleges in the UK.

SuperJANET4 currently has a 2.5Gbps SDH optical backbone, rising to 20Gbps in 2002 using DWDM. At various points across the contry are JANET Connection Points (JCPs) to which Metroplitan Area Networks (MANs) are connected: these MANs then supply the universities with bandwidth. These MANs are being upgraded in concert with JANET - the London MAN, as an example, is moving to a 2.5Gbps backbone, with 100Mbps feeds to individual universities.

QoS was a key factor in designing the network and thus the routers chosen (Cisco 12016s and 12008s) support Multiprotocol Label Switching (MPLS) (see RFC 2702 for why this is good for QoS) amongst other QoS features.

JANET's link to the rest of the internet is being upgraded too, with 2.5Gbps of external bandwidth and 622Mbps transatlantic bandwidth - to Internet2.

In the past, the UK academic community has been on the ball with internetworking - from the invention of packet-switched data networks (1967) and the first ARPAnet node outside the US at University College London (1974) to one of the earliest and largest (and still very large) deployments of web caching with Squid (the JANET webcache). Not to mention that the web was invented by a British academic... (although he was working in Switzerland at the time... does that count? :p )

If only our commercial managers were as bright... then we wouldn't have The Great British Broadband Farce.
Hmmm, now can I steal 802.11 wireless from my local university? I'm sure they'd never notice now :)

Readers of a UK bent might be interested in the latest upgrade to JANET, the Joint Academics Network. This is the primary backbone supplier to (all?) Universities and (some) Further Education Colleges in the UK.

SuperJANET4 currently has a 2.5Gbps SDH optical backbone, rising to 20Gbps in 2002 using DWDM. At various points across the contry are JANET Connection Points (JCPs) to which Metroplitan Area Networks (MANs) are connected: these MANs then supply the universities with bandwidth. These MANs are being upgraded in concert with JANET - the London MAN, as an example, is moving to a 2.5Gbps backbone, with 100Mbps feeds to individual universities.

QoS was a key factor in designing the network and thus the routers chosen (Cisco 12016s and 12008s) support Multiprotocol Label Switching (MPLS) (see RFC 2702 for why this is good for QoS) amongst other QoS features.

JANET's link to the rest of the internet is being upgraded too, with 2.5Gbps of external bandwidth and 622Mbps transatlantic bandwidth - to Internet2.

In the past, the UK academic community has been on the ball with internetworking - from the invention of packet-switched data networks (1967) and the first ARPAnet node outside the US at University College London (1974) to one of the earliest and largest (and still very large) deployments of web caching with Squid (the JANET webcache). Not to mention that the web was invented by a British academic... (although he was working in Switzerland at the time... does that count? :p )

If only our commercial managers were as bright... then we wouldn't have The Great British Broadband Farce.
Hmmm, now can I steal 802.11 wireless from my local university? I'm sure they'd never notice now :)

"While I might believe that they offer it as a service to some of their customers, I just can't see one of the world's top five IP carriers [Teleglobe] refusing to route any part of the Internet."

Here's their part of the traceroute from the Slashdot submittor from Greece who reported being unable to access www.macromedia.com. This is as reported to me on Friday, after macromedia.com was taken off the RBL:

5 310 ms 311 ms 250 ms oteny-otenet2.ote.otenet.gr [194.153.81.13]
6 311 ms 310 ms 310 ms if-2-0-0.bb3.NewYork.Teleglobe.net [207.45.199.2 25]
7 300 ms 311 ms 310 ms if-3-1.core2.NewYork.Teleglobe.net [207.45.221.9 8]

He also reported that many of his friends in Greece were unable to access the site, writing: "Every person in business (I am web developer/designer) couldn't not see Macromedia server for the past 4 days. They 'see' internet from different ISPs. I am very certain." This meshes with your pointing out that Teleglobe often is the primary access provider for entire countries.

Teleglobe is a licensed subscriber to the RBL, but as for whether they use it to block traffic other than mail, a quick Google search on "teleglobe MAPS RBL" turns up good leads. See e.g. "JANET, Teleglobe and the RBL," in which one of Teleglobe's clients -- itself a well-known internet provider -- explains to its own customers the situation which has been forced upon them:

Does this affect things other than mail?

Yes. No connections of any kind will work in either direction between JANET and a blackholed address -- not Web, FTP, telnet or anything else.

On another page, they hopefully claim "it is not likely that any valid use of JANET requires access to such networks." Well, maybe that page needs to be updated.

You see why I think this is important?

Jamie McCarthy