Network analyzing question

[pipboy]

I was talking to a local college and they are having problems with students streaming music and video, and the pipes are very full because of this. The senior administrator is on vacation and has not gotten around to fixing this problem. The Jr Administrator who is a teacher at the school in a diffrent department and does not know how to remedy the problem. This gives me the opportunity to get myself in good favour before I apply in a few months. Right from the beginning I figured blocking .FLV and .SWF at the proxy server/firewall should fix this problem, but it got me wondering how I would determine if someone was viewing streamed files via a program like wireshark. I know you can simply filter HTTP trafic but sifting through each packet to look for certain file extensions seem kinda meticulous. I'm sure anyone who has been an administrator has run into a problem like this, feel free to post which actions you took and possibly any deterrents you used.

Thank you for your time.
- Pipboy

[imported_spankdidly]

I just shut down the whole network. They can use books and Pencils and Paper again. Teach them not to fill up inturwebs with garbage.

[streaker69]

I was talking to a local college and they are having problems with students streaming music and video, and the pipes are very full because of this. The senior administrator is on vacation and has not gotten around to fixing this problem. The Jr Administrator who is a teacher at the school in a diffrent department and does not know how to remedy the problem. This gives me the opportunity to get myself in good favour before I apply in a few months. Right from the beginning I figured blocking .FLV and .SWF at the proxy server/firewall should fix this problem, but it got me wondering how I would determine if someone was viewing streamed files via a program like wireshark. I know you can simply filter HTTP trafic but sifting through each packet to look for certain file extensions seem kinda meticulous. I'm sure anyone who has been an administrator has run into a problem like this, feel free to post which actions you took and possibly any deterrents you used.

Thank you for your time.
- Pipboy

I use the "Network Adjustment Tool". Which happens to be a very large heavy stick. Anyone that doesn't care to abide by company policy of not doing that sh!t, gets 'adjusted'.

On a serious note. You could research QoS, and assign all things that you don't want to be used, a low QoS. If they're continually using YouTube or such sites, you could setup a dummy DNS resolution so that those sites cannot be resolved internally.

[purehate]

I use the "Network Adjustment Tool". Which happens to be a very large heavy stick. Anyone that doesn't care to abide by company policy of not doing that sh!t, gets 'adjusted'.

I need a secure wifi policy like this. Maybe I could create a captive portal with a log in page saying you agree that if you are caught using my network I can legaly beat you within a inch of your life and repo your laptop.

[pipboy]

Thanks for the impute. QoS will solve some problems and is an interesting read. They have something along the lines of a firewall that acts for a censor for downloads, thats where I got the idea of blocking .FLV and .SWF from. Blocking certain file extensions may solve the problem but the real question is will the average firewall filter will stop a streaming video or audio. Leaves me wondering if their Censor program would recognize a streamed video, I mean technically buffering something is the same as downloading it. No? I know its an easy task to block certain sites such as youtube or google video, but in my opinion is seems like only a temporary fix.

[Primey]

I use the "Network Adjustment Tool". Which happens to be a very large heavy stick. Anyone that doesn't care to abide by company policy of not doing that sh!t, gets 'adjusted'.

i'd go with "Stop Using YouTube or You Will Get Bitch Slapped By Me" kind of thing

Pipboy, depends on the firewall you're using, some come with the filters for streaming audio and video by default, but still you'd have to configure it, the best way is to block the most used streaming pages (Yahoo Radio, YouTube, DailyMotion, etc), i'd go with a Linux Firewall along the lines of Mandriva or something like that, easy to configure, easy to administrate,

[thorin]

I was talking to a local college and they are having problems with students streaming music and video, and the pipes are very full because of this. The senior administrator is on vacation and has not gotten around to fixing this problem. The Jr Administrator who is a teacher at the school in a different department and does not know how to remedy the problem. This gives me the opportunity to get myself in good favour before I apply in a few months. Right from the beginning I figured blocking .FLV and .SWF at the proxy server/firewall should fix this problem, but it got me wondering how I would determine if someone was viewing streamed files via a program like wireshark. I know you can simply filter HTTP trafic but sifting through each packet to look for certain file extensions seem kinda meticulous. I'm sure anyone who has been an administrator has run into a problem like this, feel free to post which actions you took and possibly any deterrents you used.

Thank you for your time.
- Pipboy

1) If the Jr. Admin gives you access to any of their infrastructure components to "help" with this he should be fired.
2) Lots of modern firewalls do packet inspection, so it should be irrelevant what tool the person is using to get/watch the content.
3) Something like Web Sense would make this very easy.
4) If you're going to start blocking things then make sure there is a process for people to have things un-blocked or exceptions created. Though streaming media can put a strain on resources you will find out that there are a number of valid academic requirements for streaming media. (i.e.: Listening to lectures after the fact, streaming feeds from telescope/microscope cameras at other facilities, webinars, etc...)

[-=Xploitz=-]

Be very careful with this blocking idea of yours. In my College, (Eastfield Community College of Dallas), even the Network admins cannot block access to any site you surf or want to surf. Why? I don't know the whole story, but it had to do with invasion of privacy lawsuits. Today, anyone can go on our Colleges network and look at porn if they so wish too, and theres nothing anyone can do about it. Do I agree with this? Of course not. College is not for looking at porn, its for learning.

But seriously...check into the laws of your state and with the Network admin about this. The last thing you want is to have someone slap an invasion of privacy lawsuit on you over you trying to be helpful. Leave it to the Network admin to deal with.

[Re@lity]

Are you sure!? That's outrageous!

I would have thought that any "internal" agreement of usage would be sufficient to provide/block whatever the owner sees fit.........

Are you sure that this isn't a misunderstanding or confusion pertaining to laws prohibiting actually sniffing the traffic to *see* what people are up to, as opposed to not being able to subject users to your own tailored "reasonable use policy"??

[-=Xploitz=-]

Are you sure!? That's outrageous!

I would have thought that any "internal" agreement of usage would be sufficient to provide/block whatever the owner sees fit.........

Are you sure that this isn't a misunderstanding or confusion pertaining to laws prohibiting actually sniffing the traffic to *see* what people are up to, as opposed to not being able to subject users to your own tailored "reasonable use policy"??

I'm as serious as a hart attack Re@lity.

When I go to school tomorrow, I'll ask the Network admins or whoever is available and credible about it to make 100% sure...but this is what one of my instructors told our class one day. And sure enough...they have NO websites banned. Whether it be a porn site, hacking site, anything goes. But I distinctly remember her telling the class that it would be considered an invasion of privacy or a freedom of expression...or something like that, that would be violated by the College if they blocked access to any web site.