Slashdot Mirror
Schools to Avoid: University of Florida
Iphtashu Fitz writes "The University of Florida has apparently come up with a technological approach to deal with P2P file sharing on their campus networks. According to this article on wired.com they have developed a program that scans the PCs of students in the UF dorm rooms. The program, dubbed 'Icarus' not only detects P2P applications but viruses, worms, and other trojans. If a P2P application is found then an e-mail is sent to the user, a message is popped up on their screen, and their internet connection is disconnected. First time offenders lose their connection for 30 minutes. The second offense results in a 5 day loss. The third strike results in an indefinite loss of connectivity. An editorial in The Independent Florida Alligator, the student newspaper, called the use of Icarus 'an invasive and annoying system that further deters students from living in dorms (see also another story).'"
From the article: If students are mistakenly identified as violating the school's policy, the burden is on them to justify what they are researching, invading their privacy in the process, [EFF attorney Jason] Schultz said.
In other words, innocent until proven guilty. What kind of intellectual environment is there at a university that intimidates students from conducting research? Now, you could argue that there are not many research projects that would be helped by P2P applications, but the school's definition of violations is so ethereal that the cautious, not-so-tech-savvy will be left afraid of his/her computer. Will downloading that PDF violate the bandwidth rules? Is this FTP server a file-sharing network? Your average students won't know for sure, and they won't test the limits for fear of losing their Internet privileges. These scare tactics will inevitably hinder valid academic pursuits.
Last spring, the university received about 40 notices of copyright violations per month. At peak file-trading periods, 90 percent of the traffic on the housing network was peer-to-peer. In an average 24-hour period, 3,500 of the 7,500 students in the residence halls would use P2P services like Kazaa.
Unfortunately you are on their network, thus your computer becomes part of their network (on campus). If you don't like the policy (and you are warned when you sign up for the DHCP access) don't connect to the network. If you don't think that ISPs are scanning computers for viruses, trojans, etc, you're wrong. I worked for ATTBI and there were quite a few people (calling in to me alone) that were infected with some sort of trojan/virus and they had been automatically disabled.
P2P applications should be blocked at colleges. Colleges are not houses of endless bandwith... 40 copyright violations a month is a pain in the ass to deal w/ (especially in this day and age). 90% of the traffic was P2P? What about Quake pings (when I was in college that's what I was concerned with) what about downloads of legitimate software? Hah, nope, just get your P2P porn movies and the latest DiVX of The Matrix Trilogy...
School to Avoid??? I would have avoided it when 90% of the bandwith was being sucked up by people sharing MP3s and porn, now maybe the bandwith is reliable and useful for stuff other than loading Google.
As far as it is detering students from living in the dorms... I have heard nothing but problems with overcrowding in dorms (3 to a room instead of 2, people living in converted lounges, being housed in hotels/motels until space becomes available, etc). You think that Universities really care about not having people in the dorms?
This is not an invasion. This is reality. College editorials are always biased bullshit. Please move along.
Sounds like they might be a little scared of lawsuits. I'd think that colleges don't have that much budget for a legal team.
Don't ping my cheese with your bandwidth!
Wow, what a wonderous world we live in where students can recieve e-mail when their internet connection is hosed *goes wide eyed*
Banaaaana!
From the Wired article:
"We needed something to stem the flow. We were spending too much time tracking people down," said Robert Bird, supervisor of network services for the UF department of housing.
So a guy named Bird creates (read: has some overworked grad student create) a program called Icarus to "bring down" file sharers. I guess he imagined his program being like the sun melting the wax on the mythical Icarus' wings and sending him crashing back to earth. And Bird himself, of course, would be the sun-wary Daedelus, who after trying out flight himself, hung up his wings as an offering to Apollo.
I guess he's now a flightless Bird. The old story about the ostrich sticking his head in the sand comes to mind.
Stressed? Me? Of course not. Stress is what a rubber band feels before it breaks, silly.
How long before Unis demand that all computers on one of their networks join one of their administered domains, with Domain Admins in the local Admins group, or with one of their public SSH key in /root/.ssh/authorized_keys2 for *nix boxes?
Logins tested every day at random times. Should a login fail, box comes off network.
Get your own free personal location tracker
The program, dubbed 'Icarus'
What are the odds that this program is running on a Sun machine?
So, what happens if a kid brings their netgear MR814 router with them and every time he gets cut off, he simply changes the Internet-side MAC address of the router through the handy-dandy html-based admin tool?
So the university has taken a pro-active to insure that they're hardware isn't used in the commission of a crime - and people don't like it.
Now I KNOW that not all P2P users are copying music - but MOST are.
Further, you probably sign a usage agreemnt when you connect up to the school's network saying that you won't due anything illegal. All the university is doing is holding you to that agreement.
I don't see a problem here
Have you compiled your kernel today??
Set up a firewall on some old P166, build your own subnet, and lock them out. It's not hard. Mandrake MNF or Astaro are great for this sort of thing. Run a VPN between you and your friends in the dorm. Heck there's lots of fun to be had there.
Hell is being intelligent in a world full of idiots.
i'm not sure what they expect to do with this thing, but it wouldn't be that hard to fire up tcpdump and get a range of "management" ips. you then block those ips from connecting to your computer with iptables/ipchains/ipfwadm/windows firewall/your favorite bagel. that and it surely won't stop hardcore downloader from logging on IRC and downloading from there (surely everyone know only newbies use kazaa, the rest are still on irc)
they can try to block losers, but they won't get the truly geek. and i sure wouldn't accept any violation of MY privacy and limiting legitimate uses (private servers,game servers, research projects, name it)
and before i get blasted into oblivion, no i don't use kazaa et al, my music is all legitimately got from www.emusic.com, go check it out
As I understand it, if you search for the names of political figures from a chinese internet connection, you'll be cut off for a short period.
Using the campus network from dorms is a privledge, not a right. UofF has not only the right but the responsibility to ensure that their network resources are protected, not only from without but from within as well.
If students want to file share (legit or otherwise), or game, or whatever, without restrictions, they can drop the cash for DSL or cable.
It is news like this which causes me to drink more Dew. More and more ISPs (whether they are colleges or corportations) are acting as Big Brother to their subscribers. There was a story a while ago which talked about ISPs acting as a firewall for the stupid. Well, now we have them looking out for our interests by tracking down virii, trojans, P2P. I guess one could see as vaguely similar to how cable companies control what is fed to their viewers. Great. Can't wait till Roadrunner picks up this feature.
I am currently a sophomore at the University of FL who works part time as part of the campus network ops group. This provides me an intimate knowledge of how Icarus works.
Icarus is a VB application which attempts to connect to the standard ports used by the various P2P apps. If it is able to connect to one of these ports, the IP is marked as suspect in the central DB.
Addresses marked as suspect are then sniffed, and all packets going to and from that IP are logged to a central server. The RIAA has already subponeaed most of this data for further analysis (and more lawsuits, I would expect).
Hope this helps
-sk
Yeesh, this is one school that is ACTUALLY DOING SOMETHING about the problem.
My Niece went to college this fall and her "100mb/s" connection in her dorm room was running slower than the 56k elcheapo modem we installed so she'd have fax/voiceline answering machine capability.
I checked her system (worked fine) then put my packet sniffer in the wall socket and it just about fried! The university support puppy tracked it down to some students shairing movie files.
I'm emailing this story to them.
It doesn't matter what you wrap your emotions around, Reality is a brick wall specifically designed to scramble eggs
Speaking as someone living in a university apartment, whatever the IT guys can do to restrict P2P or even block it altogether is fine by me. There was a lot of moaning from a small subset of users after Packeteer (bandwidth limiter) was installed on the network a couple years ago, but the effect for 90% of the users has been a dramatic increase in general responsiveness. You can still use Kazaa and so on here, but they're throttled down to 20K/sec.
This is by far the dumbest method of controlling P2P traffic I've ever heard. At Kansas State, you can have any P2P program you want on your harddrive, it's just not gonna give you any performance at all. I know the guy who does the "bandwidth shaping" as they call it, and he's real, real good. Honestly, I have no idea how it works, but he's given several talks on the topic of eliminating p2p traffic on college networks. All he'll tell me is it doesn't work by port numbers, it doesn't work by IPs and it's not protocol specific. Yet within 2 or 3 days of a new p2p program being released transfer rates for it are crushed down to the 0.1 k/sec range.
That's the best solution. Let the students have whatever programs they want on THEIR computers, but control YOUR resources appropriately.
--Stupid Sig Here--
Here at the university I work for we have had the hardest time trying to get students to look at the big picture, how their obsessive game playing, compulsive downloading of music/movies/porn (sorry, I had an exam in psych today and it appears to be showing!) and obvious script kiddie hacks of other web sites slow down the entire internet for everyone.
Any given day we'll get a call from some kid who's complaining that his WarCraft 3, his KaZaA, and his port scanner are running way too slowly and he wants us to fix it NOW!
Basically what it boils down to is this: The network itself belongs to the university and, as such, must fulfill the mission statement as laid out by the university officials. Here at UWP we state very clearly that the internet/network are to be used for official university business only and incidental personal use of the network/internet is OK as long as it doesn't interfere with university business.
P2P does interfere by drawing bandwidth from, say, Financial Aid, who is, at the same time, trying to submit FAFSAs to the Federal Gov't. Students can be very short-sighted, and while I sympathize with them, I can't see why they don't realize that the other 1600 people on the network besides them all are competeing for the same resources. Maybe someday they'll learn.
"This food is problematic."
Because Daedalus was the worrywort engineer who kept trying to prevent Icarus from flying to close to the sun and getting himself in trouble?
It'd be a much better analogy from that angle - as it would equate the file sharers to Icarus, the wings to Kazaa and the Sun to the RIAA.
Calling the watchdog app Icarus... well it's just begging to fall into the Ocean and drown.
or maybe that was their actual intent...
// "Can't clowns and pirates just -try- to get along?"
Adding a router does not extend the segment. It creates a new segment and a new subnet. The 5-4-3 rule does not apply to routers. Just imagine how broken the Internet would be if we could have at most 4 routers between end points. :)
Jason.
"It's the universities network, they can do anything they want. You have to agree to their policies or don't use the network." If there are alternative ways to get on the Internet, then I agree. However, a lot of universities require incoming freshman to stay in dorms. The university is the only provider of cable television, phone and Internet access for those particular students. So dictating what programs they can and cannot use is definitely infringing on some freedoms.
Its in school owned facilities, and you sign away privacy rights when you move in anyway..
its THEIR place.. not yours.. and they have the right to prevent illegal acts on their property.
Should they do this, no. its in bad taste, but legally they can..
---- Booth was a patriot ----
Being a dorm rat, I can say that I have a large group of friends, including myself, who stay in the dorm becuase of the network. It's a lot easier to play games // connect to servers from the dorms. With this restriction on P2P applications, they'll push out the students stay in the dorms there for the high speed connection.
And, really, the showers aren't that bad.
bwah-ha-ha-ha
Like its name says, the florida alligator is NOT run by students, or affiliated with the university in any way. It's an independent company that makes a living by selling its paper to students. That is the only respect in which it is a "student" paper, and the views found in the Alligator bear little or no resemblance to reality. They want people to read their paper, so they can sell your eyeballs to their advertisers, and that's it.
Except ... I regularly use P2P network programs for academic purposes. Almost daily.
"Who is the Journal of Quantum Physics going to believe?" --Stephen Hawking
...is exactly what legitimate uses are being blocked by a rule like this?
C'mon, college students - tell us. I'm really, truly curious. What are the most compelling, legitimate uses of P2P software for you?
Wow, what a wonderous world we live in where students can recieve e-mail when their internet connection is hosed *goes wide eyed*
Doesn't seem that wonderous to me, but maybe I'm just getting old.
I can remember being on the Oregon State University campus, and being within 5 minutes walk from no less than 4 student computer labs, one of which was open 24-hours!
On top of that, when I worked in IT and we used to kill someone's dialup account (remember dialup?) if they were connecting with a terminal they would get a message to call us so the situation could be resolved. When the dorms were outfitted with network jacks, there were technical people living in each dorm to help coordinate this sort of situation, you could just walk upstairs/downstairs.
And if you weren't a total recluse, you could probably get onto one of your neighbor's computers to check your email...
"There are people who do not love their fellow human being, and I _hate_ people like that!" - Tom Lehrer
I seem to remember this being a big issue in law somewhere. It is a public institution receiving public funds, and therefore must abide by no internal rule that comes into conflict with federal law. (or something like that) - And crossing the line into the users machine, well, that certainly doesn't sound right. Don't you need a warrant for that?
I guess the question is, is this school public or private? If public, they could get paddled. Electronic Communications Privacy Act (ECPA1986) may actually have some value here. - Because they sure as hell can't squeeze this under the Patriot Act.
(all opinions of this humble correspondent should be presumed wrong until proven otherwise.) kulakovich
Obviously you didn't learn how to spell in collEge.
When the less technically-inclined students unfamiliar with geek lingo start getting e-mails informing them they have trojans, I can only imagine what kind of responses the IT department will get.
Ergonomica Auctorita Illico!
So as far as I understand, if it detects that you have a trojan or virus, you get disconnected.
Moral issues aside of whether they should be running P2P software or not, doesn't this cause a problem for the person who now has a disconnected computer with a virus or trojan and can't go do his "auto-update" to get the latest virus defs?
Actually, they are looking inside the computers themselves, identifying files, viruses and apps.
Florida's current solution is much too invasive, and not very effective. Does the app run in Linux? Wine? Mac? Limiting operating system choices is a very bad thing for a university, especially for the computer science students who are trying to widen their experience.
It's also not effective. What's to stop someone from running the spyware in an emulator? Renaming their P2P programs?
The problem is that a university network has untrusted (in the security usage) clients. But it's not a problem: It's easy to tell who's running P2P programs, and who's infected, centrally. This is more effective and less limiting.
Litigious bastards
Or other, relatively low-bandwidth server applications - like a MUD, or a small 8user, private game server? These are relatively low bandwidth, especially the MUD example, and do not interfere with legit research access to the internet.
;)
You say they can't possibly be legit if they're running a server that would be caught by Icarus. Think of this:
-You're a student running a cvs tree off your box for an open source project. You get shut down because of the ports being used.
-You're a student writing some kind of server application for a computer science degree. You decide that it works well enough to run it on your own box so you can more easily monitor it. You get bumped off the 'net for doing research.
-You set up a private Natural Selection server and only give the password to people on campus. While this isn't "legit" like the other two examples, it does not use the external bandwidth of the university - only the internal LAN bandwidth. They pay for the hardware to accomplish this, not the bandwidth used like an external connection. While it's not "legit" per se, it really isn't that harmful either.
-You decide to run SSH on your box in your dorm room, so you can access files and applications on your personal computer from anywhere on the university, with your ssh client diskette. Even though I commute to college, I use this method to truck files back and forth to class without the headache of an ftp server or using an external storage space, like a web server. Not to mention, it's faster than uploading it to a web server.
All of these are actions which would result in your network rights revoked at this university. While it fixes one problem, it creates many, many more. It's not viable, and I'm just glad I didn't decide to transfer to Florida
What a bunch of asshats. These people are blocking IRC and kicking people off of it. I'm sorry, but if I got punted from my school's network for chatting on IRC -- something that uses like 1k of bandwidth every 10 minutes or so -- I'd be telling them some creative uses for Cat5 and their spinchter.
AUP Policy
On page 3...
Don't most modern operating systems include at least basic firewalling functionality?
Last time I checked... my network, my terms. No excuses, no exceptions. I don't allow people who visit my building to join their typhoid-mary laptops to my network, ever. I don't allow our employees who bring their typhoid-mary laptops to join my network, ever. If the box is out of my control, its hostile. Period. (Welcome to Windows, btw...)
A college LAN is different, why... exactly... the school is accountable for the network, and therefore must have authority over it. OTOH, with a student who has no accountability for its use, HOW can they have any authority over how it's used? Would YOU accept being on the wrong end of that relationship? With someone else using your stuff? And you're responsible for the results?
Problem is... students have full authority, and it's pretty much unchecked. So, FL is implementing a measure of accountability. Yep, real far-fetched.
And sure, a few knee-jerks will say that the students pay for the school, and that money allows the network to exist, so it's theirs.
And god bless 'em. Here, we've got a couple hundred thousand people per year who cause our income, so the next time you walk into a business... just sit down at a keyboard, and start typing. See how far your "I paid for this" argument gets you in court. No, really... see if they buy it.
help me i've cloned myself and can't remember which one I am
I disagree with scanning people's PCs.
However, P2P sharing is the *worst* thing your network can be beset with. The leeches hog incredible amounts of bandwidth. Kazaa et al. are also very network hostile with measures to get around a sysadmin's attempt to shape traffic.
It takes more and more admin time just blocking malware and P2P music sharing. The university network is there primarily for academic purposes, not wholesale music piracy.
It's a frigging nightmare. If I were a University admin, my goal would be to not block ports or traffic because I want proper end-to-end connectivity. But then you get the cancer that is Kazaa which actively tries to evade your attempts at sharing traffic. The only route left for the admin is a strict anti-music sharing policy. If only the leeches could control themselves instead of getting not only their mouths in the trough, but their front trotters too, it wouldn't be such a big deal. But of course, they show no restraint.
If I were a university admin, I'd make it very plain what the policy is when students get their connection. The policy would be no music sharing, no spam, no malware (if you want to share legitimate music, then you either put it on the music department's website or rent your own server). Anyone caught sharing music otherwise would have their account locked and would have to come to me for a bollocking. Three offences and it'd be disciplinary action.
Oolite: Elite-like game. For Mac, Linux and Windows
What I find absolutely amazing though, is that after reading slashdot posters calling time and time again for net admins to cut off virally / worm infected computers from the net, I haven't seen a single post saying "You go U of FL! Thanks for trying to curb the propagation of malicious programs!"
Historically the college campus has been the bastion of liberal mindsets. A mindset which is stereotypically supportive of relinquishing personal rights in favor of collective support.
(Translation: collective support = big brother).
Consider this learning venture to be "socio-economic repercussions 101" - when personal control is relinquished, culpability reassigned and/or positions of responsibility abdicated in favor of the security offered by those in authority we may find that those decisions created for the control and oversight of all are not as digestible as those which prompted us to adopt the mindset in the first place.
For those requiring a simpler explanation: The fox makes a great guardian for the henhouse - it just sucks when he starts eating the chickens you asked him to protect...
Or, do they force you to run win on your computers you connect to the dorm's network..and have you install icarus software on your system?
Light travels faster than sound. This is why some people appear bright until you hear them speak.........
I for one applaud U Florida's decision to move
ahead with this. After all, it is their
network which is being used to commit these crimes.
However I must admit to being disappointed at
the limited scope of their action. U Florida
still allows students to use its phone
system to plan criminal activities. Students can
freely board the campus shuttle, using it to
transport contraband. And the privacy provided
by the University's bathroom stalls is an open
invitation for illegal drug use.
Until UF begins monitoring all phone conversations,
strip searches anyone boarding a bus, and mounts
surveillence cameras in all of the toilets, their
facilities will continue to be used for criminal
activities and the university, by association,
will be responsible for all that occurs.
-deane
1)UF has instituted a ban on any and all file sharing, regardless of intent or content.
2)UF is scanning students' private computers to look for violations.
Slashdot reaction: No problem; these damn kids are just downloading music and pr0n anyway. (And, they'll be competing with us for tech jobs once they graduate, so three cheers for them getting hosed!)
[rant] Excuse me? Is this the same place that collectively does the wave when the RIAA comes up against any sort of opposition? The same place that actively discussed hacking Sen. Orrin Hatch's website when he advocated developing spyware, and remotely destroying the computer of anyone caught with copyrighted files? Did my DSL open up a wormhole, and somehow I've managed to log onto the Bizarro World's .\ ?? [/rant]
*regains composure* Yes, I'm certain that college dorms are hotbeds for distributing copyrighted MP3s. So is off-campus housing. The fact is, there are many legitimate uses for P2P. The person trying to obtain public domain photographs for a history research project is tarred with the same brush as those trying to download the collected works of Britney Spears. Someone sending a friend a shareware MP3 (provided by the band for the purpose of downloading) suffers the same penalty as someone looking for warez. Since FU has gone after IRC, I suppose that the next target will be ICQ, since both allow for file sharing; if you prefer using an IM service besides AIM, tough luck, kid. But we can't take the risk of you doing anything illegal.
True, bandwidth is not free. Handing the worst offenders a bill for their usage would provide an immensely powerful real-world lesson. Big Brother tactics, however, are not the solution. And to see /. endorsing such things leaves a sour taste in my mouth. Believe it or not, this is not an attempt to flame or troll. I just find it incredibly baffling that this policy is drawing large numbers of cheers from the same crowd that roundly condemns other attempts to infringe upon personal privacy.
Doing my level best to piss off the religious right wing...
It didn't mention it in the story, but I think that it would be logical to assume that linux clients would get cut off from the network because ICARUS probably doesn't come in a flavor that scans linux file systems. So besides robbing users of using p2p for legitmate purposes the system also prevents them from using a free operating system? Am I missing something here?
In linux libertas
School must protect it's systems from viruses and trojans. Also, must protect itself from lawsuits from the RIAA. I'm sure the contract these students signed when they enrolled spelled this all out.
Blar.
Maybe it wasn't clear from the article, but Icarus scans only the housing network, to which the president, provost, etc. do not connect. Think of the housing network as an entirely separate segment of the overall UF network.
And assuming you were clever enough to say, spoof a housing network router's IP, you'd probably (1) get a lot of your friends pissed off at you for taking them offline, and (2) get kicked out of campus housing for violating the living agreement.
I worked at Stanford over the summer in an IS dept, where their centralized "ITSS" NOC dept. disconnected every machine via scans every two hours and switch rules that did not apply the MS03-039 patch before an arbitrary date, which created an unnecessary and artifical emergency in our dept. Stanford is definitely run like a non-profit, the people there dont really know what they're doing. There's no firewalls anywhere and everyone's machine is a public IP, so anyone can host an FTP warez site. Most every machine at Stanford is a Mac OS 9.x or Windows 2000 Pro, and a few OS X's and XP machines. Additionally, many other universities do not have firewalls, including UC Davis. I believe that MIT has most of their student's machines firewalled.
But, in support of UF's position, schools have cover-their-asses when it comes to I.P. and P2P issues since their big corporate donors can threaten to withhold funding. Also, it is almost ethically justifiable to block P2P, since the only few legitimate uses are (but not limited to) finding patches and sharing public-domain works. But, if colleges start blocking certain sites, then the line between protectionism and censorship begins to blurr. If these schools would firewall
The biggest trick the devil pulled was letting lawyers become politicians so they can write the laws.
Technically, couldn't someone check what services are running on my PC right now without violating my rights legally.
Can I not say that checking for P2P is just like entering my IP into a web browser to see if there is an HHTP daemon on my machine? Finally, couldn't you install a software firewall to make sure the machine can't be "scanned?"
Someone, please fill me in here.
Wh47 d1d j00 541, 31337 15n't t3h r0xor5 ne m0r3???
UofF IT: Let's build a killer VB app that automagically disconnects connections based on bandwidth usage and port scans! It will be new and exciting and make us look leet.
Competent IT: We already have several options available to curb p2p abuse and prevent viral infection, used widely throughout the industry with great effectiveness while keeping end users happy.
I realize I don't know the whole story, so I can't say this wasn't their only option with any certainty, EXCEPT for this..
Disconnecting the user is ridiculous. The punishment doesn't come close to fitting the crime, actual copyright infringement not withstanding. In the real world, where companies don't have the luxury of giving a big "FUCK YOU BITCH!" to our customers, bandwidth abusers are capped, not severed from the network. Keep the policy but change the rules to
1. The first time a notice will come up to cease
and desist.
2. Second time bandwidth is capped at 28800bps. Let them live with old modem speeds for a few days, and see what life will be like.
3. Third and final infraction: Bandiwdth permanently capped at 28.8. If they want a greater level of service they can either pay for it, or find another service provider.
This seriously smells like a case of too much self importance of the IT staff. This can (and quite possible should) be maintained and managed away from the application layer.
Or maybe Icarus is just some super duper app that we'll all be switching over to windows to run on our corporate networks, because it is just that badass.
Everyone is entitled to their own opinion. It's just that yours is stupid.
I am the architect of ICARUS, and I felt a need to address some of the overall comments in this thread as I have watched them develop.
;).
0. Downloading large files, etc. will never trigger ICARUS. This is not a simple matching system, by any means.
1. ICARUS is not some magic bullet super scanner. We use, and promote all open source tools, open source operating systems and free speech. We do not install a client package, we do not "hack" systems and we do not look at files, process tables, etc. on the client systems.
2. ICARUS is a system for integrating a vast array of tools together, making complex policy decisions based on data collection, and then taking complex actions. Yes, it can stop P2P apps in a wide variety of ways. It can do a lot of things regarding management. In that regard, it's not focused at all, it's something you use to manage everything around you. For example, you say you want to determine who has patched themselves against some certain vulnerability? Then select the appropriate methods for collecting the data you need, and decide what actions you want to take. Actions are limited by...perl.
3. "You are responsible for considering the moral implications of what you create, and how it is used"
I simply can't believe this statement. We DID consider the implications of it. Extensively. In fact, my co developer and I wrestle with it all the time. Vastly more good comes from what we are creating than bad. ICARUS is a policy enforcement tool...that can encompass a number of things. It is the policy of the University to prohibit illegal activity on their network. We are simply able to enforce it.
4. Florida Sunshine Law: Actually, this is explicitly covered as a mechanism of security policy enforcement. There is no legal access under this law to source code or anything else.
5. We will likely be making this a public open-source project in the spring. We intend to offer it free of charge, although the licensing itself has not been determined (likely GPL).
6. The individual claiming to know how it was written (re: VB, subpoened database, etc.), fabricated every part of that post. Only a tiny handful of people have seen the source code or been involved in a discussion about its internals.
Calm down, folks. Some day, you'll probably want to use it for something, I promise
Take care,
Rob
I'm sure the Icarus will be blocked as a potential hostile port scanner, I know my firewall does.
I know that my Uni (ok I graduated last summer) is keeping a rather tight eye on external bandwidth, in order to keep it blazing fast, as it is. But as far as I know, they're looking at total and sustained bandwidth usage, nothing else. Mysteriously, the internal DC++ hubs (IP limited to internal only, difference is only GB limit) are doing great and contain so many terrabytes, there's little reason to go anywhere else. I'm sure it stands out as a red herring on the internal LAN stats, but the networks admin don't want to look. And word-of-mouth spreads pretty quickly to those who haven't caught on.
Personally, I think that if the goal is to provide a network that is the most useful for all the students, that is the way to go. While I'm sure they "know" that illegal stuff is going on over their lines, they're acting as a good ISP and common carrier and don't nose around. I'm sure you wouldn't appriciate your cable company or telco to do so either, I'm sure they "know" too.
Kjella
Live today, because you never know what tomorrow brings
So here's the low down on this program. As a RA (Resident Assistant) on UF's campus and also being somewhat of a knowledgable Linux user (read: former Gentoo dev).
Basically they port scan you. If you've accidently left WinXP's default Shared Doc's folder shared or anything shared then they say in the Housing Agreement you sign that they can log in and look at anything you have openly shared.
Now just cause they know people will run their own firewalls to block them out and then still run whatever apps they want.. they require you to leave certain ports and accept certain packets (i.e. ping, netbios stuff, etc).
The message that they pop up on your screen is actually a net send message.
In actually application, it has slowed down the max speeds of the network and latency is about the same. It does kick you offline for very short periods (long enough for IRC to reset sometimes and GAIM to definitely have to reconnect)