On Sun, Mar 14, 2004 at 01:29:29AM -0500, Andrew Dorsett wrote:
This is a topic I get very soap-boxish about. I have too many problems with providers who don't understand the college student market. I can think of one university who requires students to login through a web portal before giving them a routable address. This is such a waste of time for both parties. Sure it makes tracking down the abusers much easier, but is it worth the time and effort to manage? This is a very
In the UK it certainly does. To absolve ourselves of liability for misuse 'net access must be from an 'identifiable' user. This is part of our institution-wide security policy.
legitimate idea for public portals in common areas, but not in dorm rooms. In a dorm room situation or an apartment situation, you again know the physical port the DHCP request came in on. You then know which room that port is connected to and you therefore have a general idea of who the abuser is. So whats the big deal if you turn off the ports to the room until the users complain and the problem is resolved?
That's all very well if you have switches which can do DHCP option 82 but most educational institutions have strict budgets to work to, which may involve reuse of older kit which was previously used for core academic purposes.
I guess this requires very detailed cable map databases and is something some providers are relunctant to develop. Scary thought.....
I'd say having a login system which identifies the user is considerably less difficult than maintaining a very extensive database of cable patches which will inevitably get out of date (think replacement of dead switches...) within a very short timeframe. It's much easier to index an abuse report from an IP directly to a username, there's less room for argument and error. Functionally, this is the way most broadband access networks are run anyway, username/password gets you the PPPoA or PPPoE session. W