Slashdot Mirror
Ask Slashdot: Dealing With University Firewalls?
An anonymous reader writes "My university only provides access to the web, via a restrictive content filter and proxy service. There is no access to the wider internet. I was wondering if this is common, and if anyone has any suggestions on how to go about protesting the issue. I've spoken to the lecturers and they have the same frustrations I do. I've also spoken to the head of the IT department who spouted lines about 'protecting the network.' This is very frustrating, I've seen a number of students making use of 3G/4G dongles to get access to the net and this just seems crazy. The restrictions applied to the web are draconian, with sites such as hackaday, hypberbole and a half, somethingawful, etc being blocked." What would you do to get better access?
I have been in the position of having to block internet to a college in a previous job. There were constant battles between the marketing and academic departments about blocking and unblocking social media sites. In the end the marketing department won and they were unblocked. The tutors didn't like it because they relied so much on computers for their lessons rather than using good old fashioned methods like lecturing and demonstrating.
I'd say the university isn't fulfilling its role, and you should definitely rally to change things. The purpose of the university network (besides supporting research communications) is to allow you to learn.
During my undergrad the university I attended provided full firewall-free internet with a *public* IP from their block for everyone who plugged in (and no-questions asked CNAMEs). The wireless was of course NAT'd but I had no problems.
This all worked because of the genius way they solved problems was genius. If IT detected any funny business, a tech would physically show up at your lab/office and ask you what was going on and make you fix the problem right then and there.
Rutgers University bans ssh public keys. Ergo, all the students employ expect scripts that contain their passwords. These expect scripts aren't from students writing em' themselves, but just copied from friends. In particular, there are students who barley know what ls and rm do, but certainly won't know to change their password if their laptop gets stolen. And students commonly hack one another's accounts by copying said script.
The Christian religion has been and still is the principal enemy of moral progress in the world. -- Bertrand Russell
There were constant battles between the marketing and academic departments about blocking and unblocking social media sites. In the end the marketing department won and they were unblocked. The tutors didn't like it because they relied so much on computers for their lessons rather than using good old fashioned methods like lecturing and demonstrating.
Why was that a problem? - That people might use (gasp!) their computers for more that just the lessons?
Sounds like narrow-minded tutors with a feeble grasp on reality.
Besides, why should the tutors care? - If people waste the lessons updating Facebook instead of getting smart, they'll simply fail and thus have wasted their tuition. I hope Facebook was worth it, but the tutors shouldn't care less if the students are that stupid.
"For every complex problem, there is a solution that is simple, neat, and wrong." -- H.L. Mencken (1880-1956) --
I am security@ a large public .edu .. and I can say that their approach is quite *uncommon* among my peers in the industry.
.. and we block common things like tcp/6666 and tcp/445 outbound .. but other than that, we reguarly field calls from folks that just got $shiny_new_game for their $toy and want to know if we can figure out why voice chat (or whatever) doesn't work.
.. we had the network engineers, security team, etc. all assembled and basically told the students "go for it" and made several ongoing tweaks to things to ensure they got the best experience (gaming is a latency-sensitive application, we just needed to figure out how to prioritize it with QoS and the packeteer).
.. tl/dr .. sounds like your Uni has a sucky policy. Take it up with the provost .. you are paying to be there, and Internet access is part of your campus experience. If it's not up to par, they need to make changes.
Education is typically a very open environment, and IT will happily provide (within reason) anything that doesn't interfere with something else.
For example, we have several "hacking labs" on campus, where students are free to do basically whatever they want, regardless of how malicious. Granted, those networks are firewalled off from the rest of campus (and the Internet). We also have PlanetLab, TOR (which I run myself), and a few other projects.
As for Internet access, we don't have "wide open" like your home DSL (email, for example, must go through our servers for obvious reasons)
Last year we actually had students bring their PS3/Xbox units into a conference room in the IT department, hooked up to our projectors, and had then all plug into a switch where we were running a sniffer
In short