P2P Programs on K-12 Networks?

deque_alpha asks: "I am a system administrator for a small K-12 public school district. I am taking over after a bunch of goofballs have really messed things up, the technology department is in utter disarray. I have near infinite problems, but the hairiest are with people sucking up what little bandwidth we have, introducing virii, downloading warez, and generally causing problems with P2P file sharing programs. I don't generally have a problem with these programs, but they are not an appropriate use of the limited bandwidth of a K-12 institution as they provide little in the way of an educational resource, not to mention the legal liability they potentially introduce. The rub lies in that these people are teachers, and I have virtually no policy to back me up if I come down on them, but shutting them down is neccesary to maintain harmony (and legality) on the network. I don't have the authority to pen new policies myself, and my supervisor cannot to be counted on to do it either. Have any of you been in this position before? How would you approach solving it without totally alienating your users? How do you broach the subject of introducing new policies with supervisors?"

The obvious answer

[dachshund]

You've got problems with p2p users and virus idiots? Just block all the relevant p2p ports and blame it on a computer virus. Then sit back and watch the two groups destroy each other.

Block the ports

[God_Retired]

Just block the ports for the p2p. What are the teachers or students going to get all pissed, run up and say,"WTF!? You're phreaking the l33t h4x0r thing we got going! Daaaamn you!" ?

Hi, I'm from the RIAAA...

[rufusdufus]

I am from the RIAAA [as far as you know] and am hereby officially notifying you, as an administrator or electronic services at your institution, to cease and desist illegal activity or face civil and criminal prosecution.

When they complain, just tell them you were given a cease and desist notice ;)

What to do, half serious

[PD]

If you block the P2P software and make it the official policy that it should not be used, document that thoroughly. Make sure that it's expressly for the purpose of keeping unlicensed software out of your system. Then, insist that everyone show their licenses for their software. Put up big posters explaining that you are doing this because it's important to comply with the law. Become the biggest pain in the butt to everyone who opposes you.

Then, just before you think they've all had enough of you and can fire you, call the BSA on yourself. When that phone call from the BSA comes, you can point at all your policies and say that all along you were just trying to avoid that exact situation. Suddenly all the babies who were crying because you took away their Kazaa will be viewed as the real problem in the organization. You will have achieved Total Management Support (TM).

Re:Filtering/Throttling

[CmdrPinkTaco]

Or instead of throttling them down, you install a logging proxy and show them that you know exactly what they are doing and when they do it. Print out a monthly report and post it in the teacher's lounge.

If information wants to be free, then let their peers handle any wrong-doing amongst the staff by giving them all the information that you can.

There is only one reference for this situation...

[rkwright]

BOFH!!!

If ever a circumstance called for some BOFH TLC, it would be this...

"Hi... my KaZaA isn't working."

"Well, let me take care of that... what's your password?"

Re:Filtering/Throttling

[bloggins02]

This is becoming the stock answer to every question in existence.

"Say, how do you show that every simply connected manifold is homeomorphic to the 3-sphere?"

"I don't know, but I'm sure it's possible with a properly configured linux server/firewall along with some kind of proxy program."

Re:If they're K-12 teachers...

[jovlinger]

Perhaps you can do something inbetween: start downgrading the performance of said ports, depending on length of connection. Short connections on a p2p port go through, while longer transfers start getting slower and slower because you're dropping every nth packet.

So instead of making it impossible, illegal, or whatever, just make p2p really inconvenient. If everything else works fine, the culprits can't really complain -- in fact, this will likely make everything else faster.

Its time to brush off your people skills

[ahde]

Once upon a time, social engineering was a valuable part of a hacker's skillset. I suggest buying (and reading) a copy of Dale Carnegie's "How to Win Friends and Influence People" -- or just going directly to the teachers. Tell them you're the new guy working on the networks and you're trying to analyze and optimize and [insert other techincal sounding word here] the network. Ask them if you can schedule 5 minutes of their time, say next Thursday just before lunch? Explain the bandwidth problem, tell them that programs such as Kazaa and Back Orifice are not allowed on the school network. You can even type up a list of what's inappropriate yourself (and put a graphic border around it) and title it "Official District Network Acceptable Use Policy." Explain that you've been given the job to set up a firewall and set up bandwidth caps to prevent viruses and potential access to porn and pirated MP3s. Express your sympathy for their inconvenience (at this point they will admit it is hardly any inconvenience at all to have to wait to get home and download porn), and ask if there is anything you can do to help them out. You can show them a couple cool sites, teach them to defrag, dust out the chalkboard erasers, and leave an apple on their desk. Let them know that all traffic is being logged, and that your superviser receives a weekly summary, so they shouldn't feel any need to narc on their fellow teachers. Tell them if they have any questions, don't hesitate to call you or your superviser.

Re:New hardware

[Wintersmute]

I have got to hand it to those suggesting the "TCP header length blah blah string theory homeomorphic protocol" whatever. Damn, even made my eyes glaze over.

However- there is another way to achieve that... just look up the school's legal counsel and send him an email saying that you're concerned about the liability implications of all this file sharing, and when he writes a memo to the faculty going on for 50 pages (only lawyers can write a 50-page memo) about "contributory infringement res ipsa loquitur blah blah mutatis muntandis damnum absque injuria" and how he'll want to have the server logs copied to him, your faculty will never wish they knew what a Gnutella client was.

See, lawyers can be technocrats too.

It's obvious

[Anonymous Coward]

Easy Peasy,

Make note of all the teachers who are doing it, place some porn in a convinient position.

Approach them one by one, explaining that you've found porn on their computers/in their user areas/in the logs.

Now, either say you'll overlook it, they will be greatful and you'll reap the rewards in any favours you may need (say asking them to eas off on their net traffic) Or get both by mentioning an audit is being done on the web logs and you've nicely cleared off all the porn and mp3 downloads from the logs so they don't get in trouble, tell them they should be safe if they wait a couple of moonths befoe downloading anything inappropriate again. Recycle and reuse until they are gone.

You could just proxy them away form their dodgy downloads but you just won't be their saviour that way.