Trinity College ResNet Information Kit
1. What ResNet is:
The Trinity College ResNet is a 100 or 1000 Megabit local area network operating in the Trinity and St. Hilda's buildings. It is connected to the University of Toronto's (U of T's) fibre-optic backbone for internet access.
The ResNet exists primarily for academic needs. It is, however, accepted that non-academic uses can coexist on ResNet. Our concern is simply that ResNet works well for its intended purpose. The rules and policies outlined in this document are designed to achieve this goal while permitting legal, non-disruptive activities which can safely coexist with it.
2. Prerequisites for ResNet Access:
All ResNet users are required to protect their computers against viruses or other activity that can impair network performance. Computers without a functional virus scanner are not allowed on the network. Unprotected computers can become infected within seconds of being on the ResNet! We recommend that you install Microsoft's free Security Essentials antivirus software. The use of adware removers and a firewall is recommended but optional. Infected computers might not be allowed back onto ResNet without an in-person check by a ResNet administrator as a necessary means of preventing the proliferation of infections on the network. It is your responsibility to make sure that your virus scanner updates its virus definition files automatically. Failure to realize that your computer is infected is not accepted as a reason for early reconnection. The disconnection penalties outlined in section 4 are strictly enforced to minimize administrative overhead and to avoid any perception of favouritism.
If you agreed to the ResNet terms and conditions on your Residence Application, proceed with the "online registration procedure" outlined in the ResNet Essentials handout. Your jack will be de-activated if you have not agreed to the ResNet terms and conditions. ResNet jacks are activated by default unless the occupant has not confirmed ResNet policy agreement upon move-in, or has been disconnected for an administrative reason.
3. Traffic Quota:
Subsequent to various upgrades Trinity no longer actively monitors traffic usage but reserves the right to disconnect any user if their traffic is deemed excessive and thus disruptive to other users. We do disconnect our users whenever U of T Network Operations notify us that any of our residents exceed the U of T limits: basically 16+ GB in a day, or 8+ GB/day twice in a week. It may eventually be determined that our local limits need to be stricter than the U of T limits (to maintain local network integrity) but for now the U of T limits are what we enforce at Trinity. See www.noc.utoronto.ca/net- ops/security/traffic.htm for more information on U of T internet traffic policy.
Please note that ResNet activities such as viewing streaming videos or file-sharing movies and popular music files can severely impair the speed of the network for other ResNet users. Moreover, sharing copyrighted material is illegal and may invoke litigation against you. File-sharing (such as running uTorrent, Frostwire, BitComet, etc.) means that you are running server software, which is a violation of the ResNet rules and U of T policies.
While Trinity does not normally monitor file-sharing on ResNet, the U of T does implement traffic-shaping protocols which limit the volume of traffic involved in file-sharing. (The restrictions are usually reduced between midnight and 8 AM.) Some specific file-sharing programs may be blocked if it is determined that they pose a security threat (e.g., if they leave vulnerable ports open) or if they pose a severe traffic congestion issue. Those who insist on torrenting would be wise to review the various U of T network security issues described at www.noc.utoronto.ca/net-ops/security.htm. If you have file- sharing software installed, we strongly urge you to remove all files from your shared folders (or otherwise disable the file- sharing) in order to prevent unexpected disconnection. Also note that Trinity has been contacted many times by legal representatives of copyrighted materials regarding infringements by students who then had to see the Bursar to negotiate reconnection. Repeat copyright offenders are permanently banned from ResNet.
Excessive use of available bandwidth does affect your network neighbours, causes network hardware crashes, and invokes the attention of U of T Computing and Networking Services. While there is no current traffic monitoring site for ResNet users, if you think your traffic might be high (ex: you regularly download large video files or you fileshare using P2P software despite our ban) then you should be checking if your IP number appears at the various lists at www.noc.utoronto.ca/TS. (Note that only your internet traffic is counted: traffic that stays within the St. George Campus is disregarded.) Due to the administrative overhead required to handle transgressors (and the potentially disruptive effects of their activities), no excuse is accepted (such as "My friend installed something on my computer and didn't tell me...."). How your own computer affects other users is entirely your own responsibility.
The following disconnection period policy must unfortunately be strictly enforced when a resident's traffic volume exceeds the U of T limit (described above), or when a resident's computer is determined to have an infection, or when some other security violation is detected.
4. Disconnection Procedure:
1st time: 2-business-day disconnection from ResNet. (To see if you have been disconnected, at an online computer check the "Status" box for your room at www.trinity.utoronto.ca/myjack.) At the time of disconnection you will receive a voice message (at your room's extension) explaining why and your room will be mailed a "Misuse Declaration" form to sign (stating that you understand the penalties and agree to not contravene the rules again). After the 2 days (and provided that you have returned the Declaration) you will be reconnected. 2nd time: Same as 1st time but with a one week disconnection before reconnection. 3rd time: Same as 1st time, but with a one month disconnection. 4th time: Disconnection for remainder of the academic session (minimum 3 months—may carry over into your next term).
Note: Disconnection offenses are cumulative (they do not reset to zero each year).
In some cases (such as repeated high traffic) Trinity will require, at its sole discretion, a ResNet administrator’s inspection of a resident's computer prior to reconnection to verify that the computer is free of file-sharing software and has adequate virus protection. If you refuse to allow the inspection then you may not be allowed further access to ResNet. For serious violations the disconnection procedure may also be accelerated (immediate and permanent disconnection is possible, depending on the nature of the violation). ResNet ports of violators are routinely capped (after reconnection) to limit future traffic bandwidth capacity and to reduce the likelihood of future excess traffic.
5. SHARING your ResNet connection in residence is BANNED:
U of T Network Security Policy at www.utoronto.ca/security/documentation states that “Departments must take steps to prohibit unauthorized access point installations by their users" and that "Departments must ensure that all access to wireless and wired docking area connectivity is controlled by an authentication system..." that "...can be traced to an identifiable end user". This means that you are prohibited from using a wireless transmitter to allow password-free access to your ResNet connection (users not identifiable).
U of T policy posted at www.provost.utoronto.ca/policy/use.htm states that "Access to ICT resources at the University of Toronto may only be provided by the personnel who are responsible for those systems. A person who has been given such access does not, in general, have the authority to extend that privilege to anyone else." This means that Trinity College administrators are not authorized to allow you to share your ResNet connection with ANYONE, in any way. As a result, YOU assume responsibility for ANY traffic that you enable (even unwittingly) via your ResNet jack. You may set up a password-protected wireless connection (using a router or access point) for your own use, but you are prohibited from sharing that connection (by giving out the password or by allowing password-free access). Sharing your ResNet connection is not allowed, even if you set up password protection so that only a trusted friend can connect. Wireless devices with password protected access are permitted for your OWN use only. Providing ResNet access to others through your wireless transmitter will also result in your own traffic total being increased (all traffic routed through your ResNet jack counts toward your own total). Routine checks for rogue wireless access points that are not password-protected are conducted and penalties are imposed. Your Residence Application affirmation that you agree to these ResNet usage terms means that YOU are LEGALLY responsible for both the quantity and CONTENT of ALL the traffic that traverses your ResNet connection.
An additional reason for Trinity to prevent sharing via wireless transmitting equipment is that they have been unacceptably used in the past to restore ResNet access to students who have been disconnected for violations of ResNet Policy (and sometimes even resumed their disruptive activity as soon as they were wirelessly enabled by a neighbour to regain access to the network). Trinity deals sternly with those who circumvent their ResNet disconnections and also with those who assist them (expulsions have occurred).
Regarding routers: Even though routers are allowed on ResNet (for your own use), several routers include built-in DHCP servers. If activated, the DHCP server in your router may issue non-functional IP numbers to other ResNet computers when their IP leases expire (ResNet leases are typically renewed daily). As a result, your router may cause many ResNet users to lose ResNet access because their computers have obtained an invalid IP number from your router. This happens every year and is a seriously disruptive violation. Not realizing that your router is running DHCP is not an acceptable excuse to avoid a subsequent extended disconnection penalty. Check to see if your router has a DHCP-server function built-in BEFORE you connect it (and learn how to disable it if it does).
6. UTORwin Wireless network at Trinity:
The University of Toronto Campus Wireless Network (UTORcwn) provides three SSID's in your list of available wi-fi networks at Trinity: "UTORwin", "UofT" and "eduroam".
The "UTORwin" and "UofT" networks require a UTORid for access. UTORid's are provided in advance during enrolment application procedures, however new UTORid's are only activated when you receive your T-Card and activation key at the T- Card office at Robart's Library (room 2054A). "eduroam" is intended for UT students who are planning to attend other universities or for temporary visiting students from other universities.
Wireless access points provide UTORcwn access in most of the common areas of the College as well as to about 30% of St Hildas’ residence rooms and about 80% of the main Trinity building’s residence rooms. Further expansions are planned for eventual 100% coverage. The Larkin building and the Graham Library also have UTORcwn access.
To connect to the internet through the UTORcwn wireless transmitters see wireless.utoronto.ca. Essentially, users select the "UTORwin" wireless network (from the options in their available networks list), then they enter the UTORwin security key (UToronto1home), and then login with their UTORid and password (activate your UTORid at the Robart’s T-Card Office). Once a computer has been thus registered on the UTORwin network, it should not be necessary to enter the security key again but UTORid login may be required after extended inactivity. Immediately following the first login authentication, computers must pass an ESP (endpoint security policy) scan (similar to the initial ResNet scan). This scan checks for a functional virus scanner and current Windows updates (Mac and Linux computers automatically pass). Limited access is provided to computers that initially fail the test — these should have the free Microsoft Security Essentials scanner installed.
There is a 2 GB per week UTORwin quota, resetting at 6 AM on Mondays. Computers that exceed the quota are blocked until the next cycle starts.
ALL support for the UTORcwn wireless networks is provided by Robart's Library Info Commons Helpdesk and Helpline (416- 978-HELP). Trinity College IT staff do not assist students with wireless issues.
7. Outgoing mail server requirements:
This section is for those who want to configure an email client program such as Thunderbird Mail or MS Outlook to work on ResNet.
Webmail users (e.g., U of T students who access their utoronto.ca email using webmail at www.my.utoronto.ca, or anyone who uses any other webmail service such as gmail, hotmail, etc.) do not have to enter outgoing mail server settings.
Those who use commercial email accounts such as Rogers email and an email client (as opposed to webmail) must obtain their outgoing mail server settings from their email provider (e.g., Rogers).
For UTORmail account holders who use an email client program: U of T Computing and Networking Services restricts outgoing mail (SMTP) connections from residence computers to prevent spam relaying from residences (many viruses and spyware contain their own SMTP servers by which they propagate). All U of T students with [email protected] accounts who use an email client (such as Thunderbird Mail) to access their UTORmail account should set smtp.utoronto.ca as their outgoing mail server, using TLS on port 587 and SSL on port 465. Trinity College ResNet Rules
1. ResNet users shall obey all University of Toronto rules on "Appropriate use of Information and Communication Technology" (see www.provost.utoronto.ca/policy/use.htm). Comment: These rules are subject to change without notice. Penalty: Varying penalties (warnings to expulsion). 2. No Internet server software shall be run from a ResNet port. Comment: Server software is any software that allows your computer to be accessed from outside the ResNet i.e. the Internet. This means no HTTP (web), FTP, telnet, DNS, DHCP/BOOTP, SMTP/POP/IMAP, or Remote Access servers, and no running software that automatically shares out large amounts of files or data from your computer (ex: file-sharing programs such as Limewire, Ares, or BitTorrent). This rule is designed to prevent excessive traffic on the shared ResNet. Security measures are in place to prevent some server software from working, and periodic checks will be made on suspect computers. Running servers may result in extended termination of your ResNet access (due to the potential results) and doing so unknowingly or by accident is not accepted as an excuse for lenience! Penalty: Extended disconnection, varying penalties depending on severity 3. No illegal or hate materials shall be disseminated from a ResNet port. Comment: For example, no child pornography, hate literature of any type, death threats, etc. Penalty: Extended Disconnection, varying penalties depending on severity 4. No unsolicited commercial email (Spam) shall be sent from a ResNet port.0 Comment: Spam is an annoyance to everyone. Penalty: Disconnection, varying penalties depending on severity 5. No ResNet port shall be used to attempt to gain illegal access to any other computer system. Comment: i.e. no hacking. This includes connecting to an outside computer and hacking from there. You are responsible as long as your connection is anywhere in a chain of systems used for hacking. Penalty: Extended disconnection, varying penalties depending on severity. 6. No ResNet port shall be used to attempt to obtain sensitive information without the knowledge of all parties involved. Comment: This means no attempts to "sniff packets on the network for passwords, personal email, etc.. Penalty: Extended disconnection, varying penalties depending on severity 7. No ResNet port shall be used to attempt to make malicious attacks on any computer systems. Comment: No denial-of-service attacks (Teardrop), Ping of Death, SATAN attacks, etc.. Penalty: Extended disconnection, varying penalties depending on severity 8. No ResNet port hardware (data jack, sticker, wire, screw, clip, molding, conduit, access hatch, hub, or hub closet) may be opened, removed, relocated, or damaged in any way. The only permitted use of this hardware is the connection and disconnection of a patch cable from a data jack to a network card or hub. Comment: Tampering is vandalism. Repairs are very costly, and you are responsible for your port. Penalty: Repair bill & fine against your residence/academic account. Extended disconnection, varying penalties depending on severity 9. Devices connected to ResNet must be both virus-free and adequately protected against virus infection. Comment: In preceding years, epidemic virus activity has repeatedly brought ResNet and the University's computer network to a halt. The University has purchased site licenses for antivirus software and requires the use of antivirus software on all computers connected to its network. The U of T also requires that all computers connected to its network to be protected with operating system updates against virus infection. You will be prompted to scan your computer upon your first use of a web browser on a ResNet port. You must successfully virus scan your computer before being allowed full use of ResNet. The College has network servers which will scan your computer for vulnerabilities and automatically segregate your computer from ResNet while allowing connection to antivirus and operating system update websites. The servers will automatically connect your computer to ResNet after vulnerabilities have been removed. Penalty: for using ResNet without a virus scanner installed on your computer: Minimum 1-week disconnection. 10. Only the IP number assigned by a ResNet DHCP server may be used by your computer (i.e., you are not permitted to set a fixed or static IP number on your computer in residence). Comment: All ResNet ports get automatically assigned IP numbers by ResNet DHCP servers. Using a fixed IP number will cause conflicts with other ResNet users and will prevent network access for them. This is a serious inconvenience for those affected. Penalty: Minimum 1-week disconnection, depending on severity. 11. Giving others access to your ResNet service is banned (by allowing physical plug-in or by wireless access). Comment: See section 4 of this ResNet Kit. Penalty: Disconnection, varying penalties depending on severity