Regulations and Services Available from a Public Network Access Point (incl Student Villages)

Transcription

1 Regulations and Services Available from a Public Network Access Point (incl Student Villages) General Guidelines As with all computing or communications resources at the University of Limerick all users are obliged to abide by the University's Code of Conduct for Users of the University of Limerick computing resources. Reference to ITD below refers both to the Information Technology Division and to agents acting on behalf of ITD. Service Provided ITD provides the following services to Student Villages and Public Access network connection points. Services are operated on a continuous basis. In the event of a failure outside of the period 8.30 AM to 6.00 PM, Monday to Friday inclusive, services will be restored, as soon as possible, normally the next working day. In the event of a network maintenance call to any village house, this will be serviced within the maintenance window of 2.30 PM to 4.00 PM, Monday to Friday inclusive Internet access through a proxy server-supporting HTTP. Internet access to the University of Limerick is routed directly access using either POP or IMAP File Transfer access (FTP) using client software which is "Socks4" compliant Access to Instant Messaging and File Transfer using MSN Messenger and ICQ, verified for Windows 2000 Access to the University of Limerick print services ITD does not provide: Access to University application servers (such software is only licenced for computers owned by the University). Access from outside the University to computers located within the Village (WEB, FTP, Telnet etc.) The University can only provide software licences for computers that it owns. Some software is also licensed for home use by staff and students of the University and such licences are available for purchase from the Print Room or loan from the Library. PC Connection from a PNAP Page 1 of 6 Last Updated: 21 September 2006

2 Responsibility Individuals are responsible for all the software and hardware on their computer and are responsible for configuring same for use on the computer network. The University cannot take any responsibility for the way that this software is configured or as to whether it will work on the University network. ITD does not offer advice, assistance or support on configuring privately owned PCs for use on the University computer network. Users are responsible for all traffic originating from their machine regardless of whether or not they personally generated it, whether or not they know the affect and implications of what they are doing, and whether or not they realize that they have violated any specific policies. In most cases, unintentional violations will result in a temporary loss of connectivity pending the resolution of the problem. Repeat violations may result in a longer term or even permanent loss of connectivity. In some cases, especially those in which the Code of Conduct have been violated, the student will be referred to the University Discipline Committee. Registration Any machine attached to any part of the campus network must be properly registered with ITD. If your machine is not properly registered, it may be disconnected at any time without notice. For any given machine, ITD needs to know: the primary user of the machine the location of the machine the network adaptor address of the machine This information is critical to being able to diagnose and resolve network problems in a reasonable manner. Any machine on the network not properly registered, will be disconnected without notification. Under no circumstances may machines be configured with IP addresses that have not been assigned by ITD. By using an unregistered IP address or an IP address assigned to another, you deprive other users of network service and/or make it considerably more difficult to diagnose network problems on the campus network. Routers Routers are not permitted to be attached to any portion of the campus network. Any devices, which provide a routing service, will be immediately disconnected from the campus network. PC Connection from a PNAP Page 2 of 6 Last Updated: 21 September 2006

3 Ethernet hubs, which attach multiple devices to a single network outlet, are not routers and may be attached to the campus network. It is important that all machines connected to a hub be registered with ITD. Most operating systems do not provide routing functionality and are perfectly safe to attach to our network in any configuration. Some operating systems such as Windows NT, Windows NT Server, and most UNIX operating systems have the capability to provide routing functionality; for these operating systems, you should ensure that routing is not configured. Domain Name Servers. No Domain Name Servers are to be attached to the network. Network Traffic Network traffic should be considered private. Because of this, any "packet sniffing", or other deliberate attempts to read network information which is not intended for your use will be grounds for loss of network privileges. Student Village connections to the campus network, and to the Internet, are provided to allow students, staff and faculty to fully participate in the education and research missions of the University of Limerick. It may not remain feasible to provide unlimited connectivity for systems, which are not strictly serving the University's missions. Because of this possibility, ITD reserves the right to request that users reduce the amount of traffic being caused by their service, or where necessary, to remove such systems from the campus network. In all but extreme cases, ITD will contact the owner of the system before removing it from the network. ITD regularly monitors network traffic both content and amount. Miss-configured Services There may be times when a machine is unintentionally miss-configured and subsequently causes a problem on the campus network. In such cases, in order to preserve the best service possible for the majority of the users, the machine will be disconnected from the campus network immediately. The machine will only be allowed back onto the network after the owner notifies ITD that they have reconfigured the machine, resolving the problem. Accounts PC Connection from a PNAP Page 3 of 6 Last Updated: 21 September 2006

4 Some operating systems, specifically UNIX operating systems, allow the system administrator to create accounts for other users. While this is not discouraged for machines connected to the campus network, there are some things that should be considered. All users must be accurately identifiable. The user name field for any given account should contain the user's real name. There is no valid reason to allow a user to have a fictitious name assigned to their account. Off-campus users with no affiliation to the University of Limerick are explicitly prohibited from having accounts on machines connected to the campus network. It should also be noted that university resources, such as the campus network, are provided for university purposes. As a system administrator you are fully responsible for the conduct of your users. If the users in question are violating computing policies or causing other problems, the system administrator will be expected to take appropriate action to resolve the problem. If ITD determines that the problem has not been resolved, the system used will be disconnected from the campus network. Security Users are responsible for the security and integrity of their systems. In cases where a computer is "hacked into", it is recommended that the system be either shut down or be removed from the campus network as soon as possible in order to localize any potential damage and to stop the attack from spreading. In such cases, if the system administrator cannot be contacted in a reasonable time, ITD reserves the right to disable the network connection. Once the system administrator is made aware of the situation and agrees to take reasonable steps to ensure that the machine is not compromised, network privileges may be restored. In cases where, despite the efforts of the system administrator, the machine continues to pose a security concern, ITD reserves the right to require that the user switch to a single user OS before allowing the system back onto the campus network. Commercial Use Individuals are only permitted to use their network connection or computing privileges for commercial purposes with the explicit permission of the Director, ITD. Anonymous Mailers All electronic communications at UL must accurately identify the sender. Anonymous mail forwarders are explicitly prohibited. Running an anonymous mail forwarding service is grounds for removal of campus network privileges. Intentional Abuse PC Connection from a PNAP Page 4 of 6 Last Updated: 21 September 2006

5 Systems found to be intentionally running programs, which disrupt network activity or attack specific machines on the network will be subject to immediate removal. In some cases, disciplinary action may be taken against the owner of the system. Common Problems ITD has noted a few "recurring themes" in the computer abuse area. Some of these are outlined below, mainly to make you aware that some activities, which you might not consider to be "bad", may get you into trouble. Music and Video Files It is a common misconception that the creation and subsequent distribution of music and video files is an acceptable activity. The distribution of any copyright protected materials is illegal. The most common type of illegally distributed copyright files are music (MP3) and video files. Users found to be distributing copyrighted files may have their network connections revoked and be subject to disciplinary action. Software Piracy Distributing licensed software is illegal and constitutes a violation of the Code of Conduct. Systems being used to distribute copyrighted software will be removed from the network immediately and the system administrator may be subject to disciplinary action. Denial of Service Attacks No one should deliberately attempt to degrade or disrupt system performance or to interfere with the work of others. Any attempt to disrupt service or performance on systems on or off campus can result in the loss of network privileges and disciplinary action. The following items are all examples of denial of service attacks: Mail bombing (sending thousands of mail messages to a group or individual) Ping flooding (launching continuous ping requests at a specific machine) "Smurf attacks" "SYN flooding" By making you aware of some of the activities that frequently cause problems for users on the campus network, ITD hopes that you will be able to avoid situations, which could jeopardize your network access. PC Connection from a PNAP Page 5 of 6 Last Updated: 21 September 2006

6 If you wish to avail of these services, it is required that you print the registration form and complete the required details. PC Connection from a PNAP Page 6 of 6 Last Updated: 21 September 2006