Editor’s Note: We often get asked by college administrators how the NetEqualizer can block p2p with our behavior-based rules. Since the NetEqualizer is containment based, it is effective in stopping approximately 80 to 90 percent of all p2p (see comparison with layer 7 shapers). Yet, questions and fears still remain about RIAA requests. Since the NetEqualizer is not a complete block, not that anything is, customers wonder how they can be safe from those intimidating lawyers.
In short, here’s the answer. The RIAA finds copyright violators by downloading files from your network. Since these downloads must be initiated from the outside, you simply need to block all outside initiated requests for data. Obviously you would still allow requests to your Web servers and other legitimate well known content servers on your network. Understanding this, administrators can configure their routers to work in conjunction with their NetEqualizers to largely curb RIAA requests.
Below, NetEqualizer user Ted Fines, the network administrator at Macalester College, shares his methods for preventing RIAA requests on his university network.
A few years ago, we implemented a rule on our firewall to improve our overall security. However, it has also had the added effect of stopping RIAA notices almost entirely.
The rule simply blocks all inbound connections to all ports on all residence hall computers. Here are some sample config lines from our firewall (aCisco PIX) that show how the rule works:
name 18.104.22.168 Kirk description Kirk Res Hall
object-group network Res_Halls
description All Residence Halls
network-object Kirk 255.255.255.0
network-object Bigelow 255.255.255.0
network-object Wallace 255.255.255.0
access-list 101 extended deny ip any object-group Res_Halls
Even though it may appear this rule would interfere with normal user Web browsing, etc., this rule actually has no effect at all on what systems the student computers in our residence halls may access. This is because the firewall tracks what computer initiates the connection.
For instance, when a student tries to access “http://www.cnn.com”, they are initiating the connection to CNN’s server. So when CNN’s server replies and send back news content, etc., the firewall knows that the student computer requested it and the incoming connection is allowed.
However, if a student is running a server, such as a Web server or a file sharing server, outside computers are not able to connect to it. The firewall knows that the outside computer is trying to initiate a connection, so it is blocked.
Our student body makes great use of our resources and we have a very open and unrestricted campus life, so I was pleasantly surprised that making this change did not ruffle any feathers. We do make exceptions when students request that a port be unblocked for a particular need. I have found that the ones who are savvy enough to know that they need a particular port opened are not typically the ones we have to be worried about, so we’re usually happy to accommodate them.
–Ted Fines, Macalester College, St. Paul, MN
Editor’s Note cont’d: This recent tip was given on the ResNet mailing list by Sidney Eaton of Ferris State University…
If you want to minimize your notices, just block these address ranges on your firewalls (in and out):
These are MediaSentry IP addresses (the company scanning your network to determine if your users are sharing copyprotected materials). They are not the only company hired by the RIAA and MPAA but they are the largest one. So you may still get some but hopefully not as many.
Sidney Eaton, Ferris State University, Big Rapids, MI
How the Music Industry Caused the Current Bittorrent ExplosionDecember 21, 2008 — netequalizer
By: Art Reisman
Art Reisman is the CTO of APconnections. APconnections designs and manufactures the popular NetEqualizer bandwidth shaper.
Originally published April 4, 2008
Update Dec 18 , 2008: The RIAA announced a new tactic over the weekend. The ironic twist is that by our accounts the old tactic of vigorous enforcement was working. We were seeing (on the hundreds of networks we support) far fewer bittorrents running when compared to two years ago. I’d estimate the drop to be about 80 percent. I am not sure if our observations were indicative of the industry trend, but by our accounts, pirated material must have been on the decline. We’ll be putting together a more detailed article shortly.
Flash back to the year 2000, Napster hits the scene and becomes the site of choice for anybody trying to download online music.
It is important to understand that the original Napster had a centralized infrastructure. All file transfers happened via the coordination of a central server. Had the music industry embraced this model, they would likely have had a smooth transition from their brick and mortar channel to a soft distribution. Had they only been a bit more farsighted as to the consequences of their actions.
Instead of embracing Napster, the music industry, along with the RIAA (the industry henchman for copyright enforcement), worked to shut Napster down, much the same way they had successfully gone after commercial establishments that play unlicensed music.
There were some smaller label artists that did embrace Napster, obviously looking for untapped market share, but for the most part the industry reacted like a obsolete dinosaur fighting progress out of fear of losing revenue.
I was personally experimenting with downloading music at this time. If Bill Clinton and Obama can admit to illegal drug use, I should be able to confess to one or two illegal downloads without retribution (note: I have since licensed all my music in my library). It wasn’t the free music that attracted me to Napster in 2000, but rather the convenience of getting the tracks I wanted when I wanted them.
Well, the RIAA succeeded in getting an injunction against Napster and shutting them down in February 2001.
This would turn out to be a costly mistake.
It was no coincidence that shortly after the fall of Napster a whole heard of new file sharing techniques showed up. BearShare, Kazaa, Gnutella, Limewire, and Bittorrent all became popular seemingly overnight and once again copyrighted material was being spread all over the world. Only this time it was not coming from a centralized server, but from millions of servers. Now, instead of having one source where music distribution could be tracked, the music industry had a wasp nest of swarming downloads.
Although today there are many paying customers of legal downloads, black market peer-to-peer file sharing still runs rampant, and this time it is not possible to squash the distribution model . Bittorents are themselves not the cause of illegal file sharing, no more than automobiles cause drunk driving. The industry cannot possibly shut down a freely distributed file sharing model without shutting down the Internet itself, and obviously the distribution channel is not guilty of piracy but the people that us it are. Instead, the RIAA has adopted a policy of making examples by tracking down and arresting individual copy right distributors, a daunting and possibly futile task.
For example, it is extremely difficult to get a subpoena to far off corners of the world where governments are concerned with more important matters.
I’ll comment on how the RIAA enforces illegal distribution and the downside of their model in my next posting.