Slashdot Mirror
Is AIM Really a Bandwidth Hog?
Crispen asks: "A mess of schools, especially K-12 schools in the US, have banned instant messaging, claiming that it is a huge bandwidth hog. Is it? If you block ports 4443 (images) and 5190 (file transfers), how much bandwidth does AIM really take?"
Depends on how much bandwidth the schools have. A lot of K-12 schools are running on a single DSL line that may or may not be throttled to something less than 1.5mbit. If the line pipe is always full, it makes sense to close the ports for all services that are generally used for recreational rather than academic purposes.
Then again, given the amount of time most my teachers spent just trying to figure out how to work a computer during my classes' time in the computer labs because they were never trained, I'd say having computers in the classrom is more of a bandwidth hog.
As Manager of Technology for a school system, we made the decision to shut down all AIM ports because there is currently no way to monitor, filter, or track instant messages that go across it. Local, state, and even federal programs require that we monitor and filter all Internet access by minors. After having some incidents with AIM (including a bomb threat that AOL would not trace for us, even with a search warrant from the FBI), we shut down all Internet-based instant messaging programs.
.. especially in these days of cheap bandwidth for education (we have a full DS3 45Mbps for a 7500 student district). The liability of having Internet traffic that is basically untraceable without a sniffer is something we can't have.
The bandwidth use is negligible
Jason
"FORMAT C:" - Kills bugs dead!
If you meant outoing to port 5190, well, that would be a quasi-effective way to block AIM.
Now, granted I haven't tried this, but I believe you can always reconfigure AIM (and gaim, of course!) to use a different port, so that doesn't really block AIM. Now, I don't know much OSCAR (the AIM protocol), but it's possible that it uses incoming port 5190 to recieve file transfers...but what are people going to be transferring from school, anyway?
duh.
Ah, that's nothing,
I've seen system administrators on european universities that have absolutely no idea how to set up a firewall.
An example is when they block anything except port 80. Then, they open anything, so anyone can use kazaa, do some cracking and generally abuse the academic bandwidth.
Then, they block it back again! so, they prove, port 80 is the only thing they know, so thats the only thing they can allow if they start blocking.
If you've lived on such a great administration environment - surprise surprise, it's so strange they use windows for name serving as well - that's really nothing.
Trust me, blocking prv messaging is nth compared to a blocked 22.
I briefly worked IT for a local high school district, and while AIM doesn't consume much resource wise, it's an enormous productivity-sink for the student/employee.
Instant Messaging can allow excellent, speedy communication in teams, but it can also utterly destroy productivity during lectures. AIM et all should be banned from installation on institution owned student computers, or at the very least, used in a very selective manner.
"Inattention makes clowns of us all" -Bean
After having some incidents with AIM (including a bomb threat that AOL would not trace for us, even with a search warrant from the FBI), we shut down all Internet-based instant messaging programs.
If Big Brother can't see you doing it, Big Brother will ban it!
There's two main reasons we've taken to blocking any form of IM, or in fact anything that isn't HTTP/FTP, to student desktops. First, of course, is the somewhat limited bandwidth, although this was the least of our reasons. Secondly, and far more importantly, is the element of control: with a transparent proxy through which all HTTP and FTP traffic is routed, we can (a) cut down the amount of input bandwidth needed, and (b) implement a certain amount of filtering (well known porn sites, ads, etc).
Not having IM installed on each desktop also means that there's not configuration problems. Realistically schools have to support one environment, and IM systems, with the number that there are, complicate this no end (imagine the arguments if AIM is the only one supported by a school, but a large percentage of kids use MSN...).
Realistically, if kids want to use IM, they're welcome to do so at home on their own (usually dialup) time. Likewise with any other non-HTTP access. I personally don't see it at that disabling; if kids want to IM each other, they can go back to "pass-it-on" notes. :-)
Without file transfers IM doesn't take much bandwidth. Think about it, messages of of a few dozen bytes only take 1 packet to send! No, you'd have to have hundreds of IMs to add up to a few piddly Kbps. Problem is allowing IM and diallowing file transfers. Or, as one poster stated, monitoring IM traffic. In that case, they could run their own jabberd server, and with firewall rules force users to use it. Since it's GPL/OS they should be able to modify the code to allow "snooping", if jabberd doesn't already.
and get over it. If I could keep myself entertained when I got my homework done during study hall when I was in school before IMing was around, you can figure out how to do it with it blocked.
I have a net admin friend at a school who helps manage the dorm network. Amazingly, he claims that it is really those tiny ads (150x40pix). I guess AIM is very lazy and is constantly refreshing them (If you're using the computer or not) and doesn't do much caching.
To fix it, they rerouted ads.aol.com (i just made up that DNS) to their own servers and sent their own images back localally.
Luckily my firewall blocked the spooge...
Now before you go on about emailing my files, my college had the myopic foresight to limit email to 5 megs per attachment. My senior thesis was over 19 megs and my thesis advisor couldn't figure out how to open it after I split the files into email sized pieces. Turns out he didn't have winzip but that's another story. Make a long story short, his computer didn't have AIM and I had to turn a hard copy in late.
Once AIM caught on we had files going in and out of the department all the time. Students began collaborating on AIM. This was a commuter college and students HATE collaborating. AIM takes some of the sting out of having to drive in at the one awkward time when everyone can meet.
I can understand schools wanting to control net access but there are better ways to go about doing it. How many naughty files slip through the filters anyway. Blocking AIM isn't going to stop a determined kid but it will chill an effective means of communication between students and the school.
At the rate some schools are going all those computers will turn into nothing more then a complicated Cable TV system attached to a word processor.
I've hit Karma 50 and gotten a Score:5, Troll... I win!
Before our campus moved to a fully switched LAN, I used to use Ethereal to sniff my whole dorm's AIM traffic in real time. 80 people, not that much traffic. Even in the evening at peak utilization it was easy to keep up with, no worse than a busy IRC channel. So IMO AIM is not a bandwidth hog.
The protocol itself is not as efficient as it COULD be. I did notice occasional repeated messages, and signon/signoff messages are repeated frequently. But we're still talking about piffiling small bandwidth.
PS I'm just kidding and I didn't actually do anything that I've described in this post. By reading this post you agree that I didn't run a sniffer, or reverse engineer AIM's protocol just by watching it's traffic in a sniffer.
-73, de n1ywb
www.n1ywb.com
PS I'm just kidding and I didn't actually do anything that I've described in this post. By reading this post you agree that I didn't run a sniffer, or reverse engineer AIM's protocol just by watching it's traffic in a sniffer.
:)
Ah, you put your condition at the end. I can't agree to something by reading a post without knowing the condition first. Plus there's the questionable enforceability of ERLA's (end-reader user agreements).
But don't worry. You've already done far more to publish your self-incrimination than I could possibly expand upon. Besides, "gossip wants to be free."
Now, where do I pick up encrypted AIM?
You could just access AIM through a box set up to connect w/ AIM and send it to you via telnet. An example is a box w/ Bonim. It is self explainitory. I honestly don't believe that blocking ports and firewalls do too much, if you are determined, smart and want to break out.
void
what, are you using the keyboard to do it???
good lord man, step back from the computer when polishing your freshmaker...
AIM uses a significant amount of bandwidth, even idling. Run Ethereal on any machine with AIM up and running, doing nothing - on my W2k box, about 2/3 of the idle traffic was domain/workgroup/etc broadcasts, and 1/3 was AIM acknowledgements, signons, signoffs, etc.
levine
Why doesn't someone just write an AIM client (and ICQ/MSN/IRC) where the administrator can set a specific port for each, then log that port, and be able to enable/disable file transfers and such? If I had the time or expertise, I would do something like this.. but currently I would go to AOL (for just AIM/ICQ) or Cerulean Studios (the makers of Trillian, for access to AIM/ICQ/MSN/YIM/IRC) and ask about the possiblity of a special school edition such as this. Also, state law shouldn't be a problem anyways, as a good router can log all incoming/outgoing traffic anyway.
Those who watch their backs meet death from the front.
I had no idea that the education system had degraded to such a point that one must rely on AIM in order to graduate. Truely very sad for today's students.
But only if you're on broadband. If you're on 56K (God help those poor people), you're pretty much screwed any way you turn, especially if you've got pages with Java/Javascript running.
Striking fear in the authors of godawful fanfiction, I am here, appearing in darkness, Tuxedo Jack!
there is currently no way to monitor, filter, or track instant messages that go across it.
Just out of curiosity, do you *approve* of these policies? I'd have to say that I feel that the ability to privately say what you want to is fundamentally a fairly reasonable thing.
AIM is an extremely inexpensive, versatile tool that many people use in the workplace and in college. Why deny it to high-schoolers?
After having some incidents with AIM (including a bomb threat that AOL would not trace for us, even with a search warrant from the FBI), we shut down all Internet-based instant messaging programs.
This, also, I don't understand. It seems to me like AIM's getting scapegoated here. There are many, many ways to make untraceable bomb threats. Hell, take a computer, type it out, print it, and leave it somewhere, handling the paper with plastic gloves and leaving it in a plastic envelope. Bomb threats are sort of part of high school life -- I remember a couple in high school. AIM's not at fault here.
The liability of having Internet traffic that is basically untraceable without a sniffer is something we can't have.
Frankly, *I* found the constant monitoring of everything we did in high school abhorrent and Orwellian, and with a number of friends, constantly went around the school disabling monitoring systems (which happened to use a client-side system).
May we never see th
And cars can be used to ram people. Should we ban them from the American public? You can drop chairs on people, use paint from art class to vandalize the school, stuff people in lockers, etc.
AIM et all should be banned from installation on institution owned student computers, or at the very least, used in a very selective manner.
At some point, you have to place some responsibility on the students. You can't simply control them throughout school (and then expect them to suddenly mature on graduation day).
If people are going to screw up, they're going to do it. I've never understood why IT personnel (more than general managers in the workplace or teachers in school) feel a deep-seated need to try to control behavior like this.
May we never see th
It ain't hard to setup an FTP server at home, and most Universities (Colleges for the yanks) allow FTP access to their students.
Why not just use that?
Because FTP isn't designed for this. FTP is great if you have an always-on machine at the same IP (or at least hostname). It was originally designed to let a user work with files in *his* account's disk space.
AIM and other IM programs with file-transfer capabilites are far better suited to most home users. The IP of the user may change. The user may only come online at some time. The remote user is made aware of this ("Oh, John's on. I can send him that presentation file."), since an IM program handles registering and retransmitting this information.
Furthermore, FTP exposes a whole collection of directories, and generally (unless you hack things up) grants write and list access to *other* things in an upload directory. The user wants to make available a *single file*, and wants to know when the transfer is done, so that they can get offline. IM clients do a better job of providing this functionality than do FTP server/clients.
Often, file transfer is done at the same time people are talking to each other. This combines two frequently-used-together services, since an IM client would likely be necessary anyway.
Finally, even setting up an FTP system to approximate the model desired is *much* more work. You'd need a dynamic hostname, need to run a daemon to keep it up to date, the remote person would need to have a program that keeps trying to log in to tell when you're online, you'd need to set up permissions so that your server didn't let people see files that other people uploaded, you'd need some monitor for people logging in...
FTP was designed in an era where people didn't have goddamn filewalls or NAT all over. Frankly, they do now, and pose a major irritation if someone's trying to send a file. AIM is quite good at dealing with firewalls.
Also, FTP security sucks. Kerberized FTP is *very* rarely used, as is SSL-tunneled FTP. Plaintext passwords...not even MD5 support. Ick. Granted, most popular messaging protocols aren't much better, but they are improving.
So while FTP is better for the task that it was designed for, for the kind of thing this guy is doing, he's better off with IM.
May we never see th
EXACTLY.
The whole notion that we need computers in every classroom is pointless.
Pointless.
I graduated in 2000, and I learned more from my at-home computer than the locked-down computers in my high school.
They restrict any real use, defeating the whole purpose of having it hooked up to the 'net! The web filter was absolutely painful. I remember this one time where a friend was trying to research marijuana for a school paper covering drug use. The teacher glanced at my friend's computer screen and after getting over the initial surprise of the website managing to slip through the webfilter's cracks, automatically banned him from the computer lab.
Nope... American schools aren't in trouble. No sir.
It is possible to monitor the traffic, make everybody go though a proxy set up for just AIM traffic, log traffic to a file.... and there you go.
This reminds me of the time a friend of mine had a rather... interesting topic for a biology class.
Hermaphrodism. Oh, that was some fun research.
so... i use PC only in my home, and dont interest me, if it hog my bandwidth.AIM hog bandwidth,but i use DSL connection(256 Kbps).Sometimes i feel what the velocity down, and close it.Ready! come back my full connection.Well, Lets think About: How percentage the AIM damage the velocity the speed of our connection??? i Guess 20%.And you?
This is incorrect: I am a technical analyst for a corporation that supports approx 6000+ users on our local corp. campus here in Columbus, Ohio and we host 1 of the most bandwidth intensive net events online every year. I have recently completed a study of IM client server technologies with a specific focus on management of this traffic. (Logging: users, sessions, bandwidth usage etc, Rules based content / connectivity management and more) In the course of this study and report I found several solutions to your problem and that of many corporations. Take a look at www.akonix.com they provide a cost effective solution to your problem. There are many more but this one seems to be the most full featured.
My senior thesis was over 19 megs
:-)
.bmp full screen captures of the text in various windows, and paste them into powerpoint, then embed the powerpoint objects into cells in an excel spreadsheet with bits of text around to explain each image, then export views from excel into word, and htmlize the result and email it out to the european-wide mailing list. They'll never find the body of the last luser who did that on my network!
Let me guess, your senior thesis was written in word and only 22 pages long? Wow, I gotta get back into an american university. I can crank out 19 meg word docs every week
the AC
First you take
Hemos is like...sci-fi fans;he thinks technology is cool, but he hasn't bothered to understand the science it's based on
In general AIM doesn't use hardly any bandwidth. Myself and my two roommates each have clients running 24/7 and traffic to and from AIM servers barely shows up in the statistics on our router.
However, one of my roommates has a sister that has recently discovered AIM's DirectIM feature. She seems to like it because she can see if the remote party is typing or not. That's nice, but these connections seem to use quite a large amount of bandwidth even when completely idle. I didn't get exact numbers, but I thought a file transfer of some kind was going on until I went and checked with my roommate. Needless to say, it was causing a measurable difference in latency on our cable modem (which is kind of shaky anyway) or I probably wouldn't have noticed in the first place.
Anyway, I added a pf rule blocking direct connections on the ports AIM uses from the network she's on at Auburn and haven't seen any problems since then. I don't know if this has anything to do with the claims this story is referring to, but I guess it could.
Game... blouses.
In 1997, as an OAC (formerly gr.13 in Ontario, now a thing of the past completely) student, I had a similar overbearing Admin (of course I mean head of the business department, but happened to have the most computer knowledge of all the employees in the school). I was a part-time student at the time (2 classes a day) and my independant study for OA Eglish was due later that morning.
My printer at home had died so I was unable to print it out for submission (the teacher would not accept a soft copy).
I had the teacher allow me access to one of the computer labs (which happened to be locked when he let me in). Within 2 minutes of me logging in the sysadmin stormed in and told me to leave the lab, as I was banned.
I asked him why, at which point he asked what I was doing, who let me in, etc.
This is the whole problem with schools, is the shoot first, ask questions later mentality of people who are doing a job that they have neither the intelligence, experience, or time to do.
I'm in a situation at my place of employment (a community college). There's a lot of content we'd like to block, such as porn, instant messaging, file sharing etc. It's a waste of bandwidth, but more importantly it's a waste of resources.
Now, most schools have an 'acceptable use' policy, us included. Try telling resident adults that they can't use community funded resources to do whatever they want. It doesn't happen. Tell someone they can't look at porn in a public lab, and they'll throw the first amendment at you. So we use the all inclusive "waste of bandwidth." Kinda hard for them to argue on that point.
I suspect you're in the same situation. rather than having students using computer for chit chat and wasting time, they administration wants to see them used for work. Rather than re-inventing the wheel when it comes to their usage policy, which can take ages, they're calling AIM for what it is in your environment, a waste of bandwidth.
There are some people that if they don't know, you can't tell 'em.
I've always wondered where IM services get their money from. Is that why some of them change protocols so often, to force people to go past the ads on the download site again to upgrade their clients? that hardly seems a viable business model to me... The only thing I can come up with is that they keep their IM services alive with money they get elsewhere, and the whole IM thing is just a form of spreading brand awareness. Any suggestions?
Please correct me if I got my facts wrong.
all the computers at school that have AIM on them with saved passwords. Hahaha...
sig.
From what I've noticed... when it comes to computer systems in academia, those who know the most about computers actually feared. Oddly enough, this is a huge swath of computer users. At the bottom, we have those who have a firm understanding of the "start" menu in windows. Middle of the range are the kids who know what DHCP does. At the top, we have those who compile their own linux kernel in their spare time. Where am I going with this? There's a strange hypocritical mentality going on that says students are supposed to know how to use computers, yet aren't allowed to use them.
"No child is to be left behind, technologically. Everyone needs to know how to use a computer for jobs in the real world," they say. But if they dare apply that knowledge, or even attempt to use the computers their (parents) tax money pays for, they're quickly shunned and told they're using something "inappropriately." Or, gasp, without supervision!
Perhaps that's an over-generalization, but nevertheless, in my experience, that assessment has held true to this day. Quite frankly, it pisses me off. Fortunately, this applies more to local school districts as opposed to colleges and universities.
Nevertheless, here's another dose of reality for those still paying attention to this thread. Someone dropped a virus on our high school computer network right before summer break. Instead of wiping all of the hard drives over the summer and starting from scratch, they bought new computers. Their old computers were little over a year old. They bought about fifty new units. This was three years ago.
Worse... my parents now have to pay $300 for every sport my little brother plays. Don't pay? Can't be on the team. How wonderful is that?
it doesnt matter what ports you filter, i'll still proxy tunnel my packets no matter how you filter it up.