DOCSLIB.ORG

Network Defense Tools: Perimeter and Internal Defenses This Lecture

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Network Defense Tools: Perimeter and Internal Defenses This Lecture CS 155 Spring 2006 Perimeter and Internal Defenses Network Defense Tools: Commonly deployed defenses Firewalls, Traffic shapers, and Perimeter defenses – Firewall, IDS Protect local area network and hosts Intrusion Detection Keep external threats from internal network Internal defenses – Virus scanning Protect hosts from threats that get through the perimeter defenses John Mitchell Extend the “perimeter” –VPN Common practices, but could be improved Internal threats are significant Unhappy employees Compromised hosts 2 This lecture Basic Firewall Concept Standard perimeter defense mechanisms Separate local area net from internet Firewall Packet filter (stateless, stateful) Application layer proxies Firewall Traffic shaping Intrusion detection Local network Internet Anomaly and misuse detection Methods applicable to network or host Router Future lectures Virus and malware Worm propagation and detection All packets between LAN and internet routed through firewall 3 4 Firewall goals Two Separable Topics Prevent malicious attacks on hosts Arrangement of firewall and routers Port sweeps, ICMP echo to broadcast addr, syn flooding, … Several different network configurations Worm propagation Separate internal LAN from external Internet Exploit buffer overflow in program listening on network Wall off subnetwork within an organization Prevent general disruption of internal network Intermediate zone for web server, etc. External SMNP packets Personal firewall on end-user machine Provide defense in depth How the firewall processes data Programs contain bugs and are vulnerable to attack Network protocols may contain; Packet filtering router Design weaknesses (SSH CRC) Application-level gateway Implementation flaws (SSL, NTP, FTP, SMTP...) Proxy for protocols such as ftp, smtp, http, etc. Control traffic between “zones of trusts” Personal firewall Can control traffic between separate local networks, etc E.g., disallow telnet connection from email client 5 6 1 Review: TCP Protocol Stack Review: Data Formats TCP Header Application protocol Application message - data Application Application Application message TCP, UDP protocol Transport Transport Transport (TCP, UDP) segment TCP data TCP data TCP data IP protocol IP protocol Network Network packet IP Network (IP) IP TCP data Network Link Data Data Link Access Link Layer frame Link Link ETH IP TCP data ETF IP Header Link (Ethernet) Link (Ethernet) Header Trailer Transport layer provides ports, logical channels identified by number 7 8 Screening router for packet filtering Packet Filtering Uses transport-layer information only IP Source Address, Destination Address Protocol (TCP, UDP, ICMP, etc) TCP or UDP source & destination ports TCP Flags (SYN, ACK, FIN, RST, PSH, etc) ICMP message type Examples DNS uses port 53 Block incoming port 53 packets except known trusted servers Issues Stateful filtering Encapsulation: address translation, other complications Fragmentation Illustrations: Simon Cooper 9 10 Packet filtering examples Source/Destination Address Forgery Compare: Tiny Personal Firewall, ZoneAlarm 11 12 2 More about networking: port numbering Filtering Example: Inbound SMTP TCP connection Server port uses number less than 1024 Client port uses number between 1024 and 16383 Permanent assignment Ports <1024 assigned permanently 20,21 for FTP 23 for Telnet 25 for server SMTP 80 for HTTP Variable use Ports >1024 must be available for client to make connection Limitation for stateless packet filtering If client wants port 2048, firewall must allow incoming traffic Better: stateful filtering knows outgoing requests Only allow incoming traffic on high port to a machine that has initiated an outgoing request on low port Can block external request to internal server based on port number 13 14 Filtering Example: Outbound SMTP Stateful or Dynamic Packet Filtering Known low port out, arbitrary high port in If firewall blocks incoming port 1357 traffic then connection fails 15 16 Telnet FTP FTP Server FTP Client Telnet Server Telnet Client 20 21 Data Command 5150 5151 23 1234 X Client opens command channel to X Client opens channel to server; tells server 151” X server; tells server its port X second port number PORT 5 1234” “ number. The ACK bit is “PORT not set while establishing Y Server the connection but will be Y acknowledges Y set on the remaining Z “OK” “ACK packets ” Z Server opens data channel to client’s DATA CHAN second port NEL Y Server acknowledges [ Client [ acknowledges TCP ACK Stateful filtering can use this pattern to identify legitimate sessions 17 18 3 NAT: Network Address Translation Advantages of NAT rest of local network Motivations for NAT Internet (e.g., home network) Limited address space 10.0.0/24 10.0.0.1 Prevent unsolicited inbound requests Port numbering: host behind NAT not reachable as server 10.0.0.4 10.0.0.2 Avoid renumbering if provider changes 138.76.29.7 Small/mid-sized LANs inherit address space from ISP Addresses hidden by NAT 10.0.0.3 Normal routing Outgoing msg from 171.64.78.90 contains sending address All datagrams leaving local Datagrams with source or Recipient or observer can access 171.64.78.90 network have same single source NAT destination in this network IP address: 138.76.29.7, have 10.0.0/24 address for Addressing with NAT different source port numbers source, destination (as usual) NAT rewrites outgoing packet so recipient sees public addr only An outside computer cannot see 171.64.78.90 Illustration: Kurose and Ross 19 20 Complication for firewalls Normal IP Fragmentation Abnormal Fragmentation Low offset allows second packet to overwrite TCP header at receiving host Flags and offset inside IP header indicate packet fragmentation 21 22 Beyond packet filtering Packet Fragmentation Attack Proxying Firewall Firewall configuration Several network locations – see next slides TCP port 23 is blocked but SMTP port 25 is allowed First packet Two kinds of proxies Fragmentation Offset = 0. Circuit-level proxies DF bit = 0 : "May Fragment" Works at session layer (which I omitted from OSI diagram) MF bit = 1 : "More Fragments" Destination Port = 25. TCP port 25 is allowed, so firewall allows packet Application-level proxies Second packet Tailored to http, ftp, smtp, etc. Fragmentation Offset = 1: second packet overwrites all but first 8 bits of Some protocols easier to proxy than others the first packet DF bit = 0 : "May Fragment" Policy embedded in proxy programs MF bit = 0 : "Last Fragment." Proxies filter incoming, outgoing packets Destination Port = 23. Normally be blocked, but sneaks by! What happens Reconstruct application-layer messages Firewall ignores second packet “TCP header” because it is fragment of first Can filter specific application-layer commands, etc. At host, packet reassembled and received at port 23 Example: only allow specific ftp commands Other examples: ? 23 24 4 Screened Host Architecture Screened Subnet Using Two Routers 25 26 Dual Homed Host Architecture Firewall with application proxies FTP Telnet proxy SMTP proxy proxy Telnet FTP SMTP daemon daemon daemon Network Connection Daemon spawns proxy when communication detected … 27 28 Application-level proxies Configuration issues Enforce policy for specific protocols E.g., Virus scanning for SMTP Need to understand MIME, encoding, Zip archives Flexible approach, but may introduce network delays “Batch” protocols are natural to proxy SMTP (E-Mail) NNTP (Net news) DNS (Domain Name System) NTP (Network Time Protocol Must protect host running protocol stack Disable all non-required services; keep it simple Install/modify services you want Run security audit to establish baseline Be prepared for the system to be compromised 29 30 5 Solsoft Securify 31 32 Problems with Firewalls References Performance Firewalls may interfere with network use Limitations They don't solve deeper problems Buggy software Bad protocols Generally cannot prevent Denial of Service Ineffective against insider attacks Administration Many commercial firewalls permit very complex configurations Elizabeth D. Zwicky William R Cheswick Simon Cooper Steven M Bellovin D. Brent Chapman Aviel D Rubin 33 34 Traffic Shaping Stanford computer use Traditional firewall Allow traffic or not Traffic shaping Limit certain kinds of traffic Can differentiate by host addr, protocol, etc Multi-Protocol Label Switching (MPLS) Label traffic flows at the edge of the network and let core routers identify the required class of service The real issue here on Campus: P2P file sharing takes a lot of bandwidth 1/3 of network bandwidth consumed by BitTorrent Students: what are BitTorrent, Gnutella, Kazaa, … used for? 35 36 6 Sample traffic distribution Traffic shaping functions Classify and analyze traffic Classify by IP address and port number Use application-specific information (layer 7) Control traffic Selectively slow certain classes of traffic Monitor network performance Collect performance data, used to improve policies Network resilience Active traffic management can provide resilience to DoS attacks, at least within the enterprise network Packeteer white paper example; not Stanford data 37 38 PacketShaper Classification PacketShaper Controls A partition: 7 Application Classify 400+ Apps at OSI Layers 2-7 Creates a virtual pipe within a link for each traffic class Peer-to-Peer Apps: 6 Presentation Some Other Apps: Provides a min, max bandwidth •Aimster • H.323 Enables efficient bandwidth use 5 Session • AudioGalaxy
Load more

Recommended publications
  • “Napster” Is Released (At Northeastern University) • 04/04/00
    • 03/07/97 - “Hotline” is released • 09/09/99 - “Napster” is released (at NorthEastern University) • 04/04/00 - “Gnutella 0.56” is released • 01/04/00 - “Napster” reaches 10 million downloads, but still has no revenue • 01/05/00 - Cable internet provider threaten to discontinue contracts with users that use “Napster” • 01/05/00 - Universal and Sony start to develop “Duet”, a “Napster” clone to be released 4/01 • 01/08/00 - AT&T start to develop “Publius”, a P2P network publishing system • 03/08/00 - Intel, HP and IBM create the “P2P Working Group” • 16/11/00 - Bertelsmann buys Napster; invests millions • 08/12/00 - Sun says it is working on a Java Peer-to-Peer platform • 18/01/01 - Microsoft initiates “Farsite” (“Federated, Available and Reliable Storage for an Incompletely Trusted Environment”) project [email protected] 24.1.01/UBIComp 1/44 • Background Etzard Stolte – History: P2P Networking IKS Group/ETH – A P2P Definition [email protected] – Merging technologies • What is out there? – File Sharing – Distributed Computing – Instant Messaging – Collaboration – Web Services • Summary • Discussion – Will P2P remain? – Will P2P be a profitable business concept? [email protected] 24.1.01/UBIComp 2/44 • Peer-to-Peer (P2P) has a specific meaning in many fields, e.g. – Literature (e.g. P2P review) – Psychology (e.g. counceling) – Education e.g. (peer groups) • In computer science P2P used to describe – A small network without dedicated server – Files and peripherals are shared – Some access control • What are then these P2P tools my younger sister talks about? – Isn’t the internet just a peer-to-peer network (e.g.
    [Show full text]
  • Paul Collins Status Name/Startup Item Command Comments X System32
    SYSINFO.ORG STARTUP LIST : 11th June 2006 (c) Paul Collins Status Name/Startup Item Command Comments X system32.exe Added by the AGOBOT-KU WORM! Note - has a blank entry under the Startup Item/Name field X pathex.exe Added by the MKMOOSE-A WORM! X svchost.exe Added by the DELF-UX TROJAN! Note - this is not the legitimate svchost.exe process which is always located in the System (9x/Me) or System32 (NT/2K/XP) folder and should not normally figure in Msconfig/Startup! This file is located in the Winnt or Windows folder X SystemBoot services.exe Added by the SOBER-Q TROJAN! Note - this is not the legitimate services.exe process which is always located in the System (9x/Me) or System32 (NT/2K/XP) folder and should not normally figure in Msconfig/Startup! This file is located in a HelpHelp subfolder of the Windows or Winnt folder X WinCheck services.exe Added by the SOBER-S WORM! Note - this is not the legitimate services.exe process which is always located in the System (9x/Me) or System32 (NT/2K/XP) folder and should not normally figure in Msconfig/Startup! This file is located in a "ConnectionStatusMicrosoft" subfolder of the Windows or Winnt folder X Windows services.exe Added by the SOBER.X WORM! Note - this is not the legitimate services.exe process which is always located in the System (9x/Me) or System32 (NT/2K/XP) folder and should not normally figure in Msconfig/Startup! This file is located in a "WinSecurity" subfolder of the Windows or Winnt folder X WinStart services.exe Added by the SOBER.O WORM! Note - this is not the legitimate
    [Show full text]
  • Claude Chastagner Université Paul Valéry, Montpellier III
    Chastagner, Claude. « Rebels on the Net », Cercles 3 (2001) : 8-19 <www.cercles.com>. © Cercles 2001. Toute re- production, même partielle, par quelque procédé que ce soit, est interdite sans autorisation préalable (loi du 11 mars 1957, al. 1 de l’art. 40). ISSN : 1292-8968. Claude Chastagner Université Paul Valéry, Montpellier III REBELS ON THE NET What makes popular music popular is not only the nature and content of the songs or the identity of its performers; it is also its availability. Popular music is as much shaped and defined by advertising, marketing, distribution and re- tailing as by lyrics and chords sequences. The sheer amount of literature on the subject is a sobering reminder of how much of a truism this has become.1 However, it is also a field in which fast, permanent evolution necessitates constant monitoring. The development of the Internet was bound to have a momentous impact on popular culture, particularly on the accessibility of the words, sounds and images that define it. Throughout the 1990s, a series of technical innovations gradually made the distribution of music via the Internet more than a dream, and several commercial ventures were launched, probing the possibilities of making music accessible on-line.2 But none gene- rated such a fierce and heated debate as the new generation of digital music- promoting companies led by the much maligned and the much celebrated Napster, and a number of others that came in its wake, Gnutella, Scour, CuteMX, Freenet or iMESH, to name but a few. In the course of the last few months, the music business has indeed been challenged and questioned by companies like Napster that offer a revo- lutionary means to access music.
    [Show full text]
  • Reti E Applicazioni Peer-To-Peer Contesto
    Reti e applicazioni peer-to-peer Informatica Generale A.A. 2002/03 Mirko Innocenti Contesto Applicazioni di rete Applicazioni Applicazioni client/server peer-to-peer File Basi di Calcolo sharing dati distribuito 1 Reti client/server Client • Nodo centrale Client (server) Client • Nodi che dipendono dal server (client) Client Server • E’ possibile connettere server ad altri server • Comunicazione tra client e server di tipo “pull” Reti client/server - svantaggi • Allocazione iniqua delle risorse • risorse allocate solo sul server • client spesso sovradimensionati • problemi di capacità del server • Persistenza del server • troppe connessioni possono causare Denial of Service • Scalabilità • aggiornamento server costoso • supporto per un numero limitato di client 2 Reti peer-to-peer (P2P) • Non vi sono nodi peer peer (peer) privilegiati peer • Ogni nodo può fornire servizi e risorse peer • Connessioni punto a peer punto o tramite peer routing • Contenuti replicati ma ben distribuiti • Problema: ricerche non complete Reti P2P - generalità • Funzionalità principali • Individuare altri peer • Individuare le risorse condivise da un peer • Condividere le risorse con un peer • Ottimizzazione delle prestazioni • Si riduce lo spazio di ricerca • Si modella la rete secondo certi schemi 3 Reti P2P - tipi di rete • Rete peer-to-peer pura • Ogni nodo si occupa di • individuare i peer • individuare e condividere risorse • Rete peer-to-peer con discovery server • Discovery server: indirizzi dei peer • Peer: individuano e condividono risorse Reti P2P
    [Show full text]
  • When Code Isn't Law
    Columbia Law School Scholarship Archive Faculty Scholarship Faculty Publications 2003 When Code Isn't Law Tim Wu Columbia Law School, [email protected] Follow this and additional works at: https://scholarship.law.columbia.edu/faculty_scholarship Part of the Intellectual Property Law Commons, and the Science and Technology Law Commons Recommended Citation Tim Wu, When Code Isn't Law, VIRGINIA LAW REVIEW, VOL. 89, P. 679, 2003; UNIVERSITY OF VIRGINIA SCHOOL OF LAW PUBLIC LAW & LEGAL THEORY RESEARCH WORKING PAPER NO. 03-10 (2003). Available at: https://scholarship.law.columbia.edu/faculty_scholarship/1290 This Working Paper is brought to you for free and open access by the Faculty Publications at Scholarship Archive. It has been accepted for inclusion in Faculty Scholarship by an authorized administrator of Scholarship Archive. For more information, please contact [email protected]. UNIVERSITY OF VIRGINIA SCHOOL OF LAW 2003 SPRING PUBLIC LAW AND LEGAL THEORY RESEARCH PAPERS SERIES WHEN CODE ISN’T LAW TIM WU WORKING PAPER NO. 03-10 This Paper Can Be Downloaded Without Charge From The Social Science Research Network Electronic Paper Collection Http://Ssrn.Com/Abstract_Id=413201 101 102 Virginia Law Review Vol. 89:nnn 2003] Compliance & Code 103 VIRGINIA LAW REVIEW VOLUME 89 JUNE 2003 NUMBER 4 ARTICLE WHEN CODE ISN’T LAW Tim Wu* INTRODUCTION...................................................................................104 I. A THEORY OF CODE, CHANGE, AND AVOIDANCE ...........................110 A. Reactions to Law in General Theories of Regulation .............110 B. When Groups Get Sick of Complying.....................................112 1. Avoidance Mechanisms ...................................................112 2. Change Mechanisms........................................................116 3. Summary: The Change/Avoidance Choice .......................118 C.
    [Show full text]
  • Bandwidth Management and Monitoring for IP Network Traffic: An
    Bandwidth Management and Monitoring for IP Network Traffic: An Investigation Barry Vivian William Irwin Submitted in fulfilment of the requirements for the Master of Science in the Department of Computer Science Rhodes University January 2001 Abstract Bandwidth management is a topic which is often discussed, but on which rela- tively little work has been done with regard to compiling a comprehensive set of techniques and methods for managing traffic on a network. What work has been done has concentrated on higher end networks, rather than the low bandwidth links which are commonly available in South Africa and other areas outside the United States. With more organisations increasingly making use of the Internet on a daily basis, the demand for bandwidth is outstripping the ability of providers to upgrade their infrastructure. This resource is therefore in need of management. In addition, for Internet access to become economically viable for widespread use by schools, NGOs and other academic institutions, the associated costs need to be controlled. Bandwidth management not only impacts on direct cost control, but encompasses the process of engineering a network and network resources in order to ensure the provision of as optimal a service as possible. Included in this is the provision of user education. Software has been developed for the implementation of traffic quotas, dynamic firewalling and visualisation. The research investigates various methods for monitoring and management of IP traffic with particular applicability to low bandwidth links. Several forms of visualisation for the analysis of historical and near-realtime traffic data are also discussed, including the use of three-dimensional landscapes.
    [Show full text]
  • The Impact of Digital Audio Compression on Society
    LRN: 00D1491 Project Number: FWB-5544 The Impact of Digital Audio Compression on Society An Interactive Qualifying Project Report Submitted to the Faculty of Worcester Polytechnic Institute In Partial Fulfillment of the Requirements for the Degree of Bachelor of Science By Kevin andrigan Ryan Whitehouse Approved: Professor Frederick Bianchi Major Advisor Abstract Since the mid-90s, the audio CODEC has enhanced the distribution and ease of access to music. Along with this, the transfer of illegal audio CODECs and MP3s has exploded into colleges, businesses, and homes. However, this is a convenience that has steadily taken away from music industry profits and power. This project explores the effects of the audio CODEC in today's society, and looks forward to predict its future impact on artists, the record industry, and technology. Table of Contents 1 Introduction 4 1.1 Digital Audio and Computers 6 1.1.1 History of PC Sound 6 1.1.2 Analog to Digital Conversion 8 1.1.3 Data Compression 11 1.1.3.1 Source Coders 12 1.1.3.2 Perceptual Coders 13 1.1.4 MPEG 14 1.1.4.1 MPEG Layers 15 1.2 Audio Codecs 17 1.2.1 Background 17 1.3 Methodology 21 2 Technology 24 2.1 Software 24 2.1.1 MP3 24 2.1.2 CODEC Encoders and Decoders 27 2.1.3 lD3 30 2.1.4 MPEG-4 Structured Audio 33 2.1.5 MPEG-4 35 2.1.6 AAC and MS Audio 38 2.2 Hardware 43 3 Regulation 47 3.1 Pre-Regulation 47 3.1.1 Piracy 47 3.1.1.1 Who? 48 3.1.1.2 How ? 50 3.1.1.3 Where? 52 3.1.2 Music Sales 54 3.2 Regulation Attempts 60 3.2.1 The Recording Industry 60 3.2.2 Copyright 61 3.2.3 Collection Agencies
    [Show full text]
  • Why Napster Matters to Writing: Filesharing As a New Ethic of Digital Deliveryଝ
    Computers and Composition 23 (2006) 178–210 Why Napster matters to writing: Filesharing as a new ethic of digital deliveryଝ Danielle` Nicole DeVoss a,∗, James E. Porter b a Writing, Rhetoric, and American Cultures, Michigan State University, 235 Bessey Hall, East Lansing, MI 48824, USA b Writing, Rhetoric, and American Cultures, Michigan State University, 5 Olds Hall, East Lansing, MI 48824, USA Abstract This article discusses the Napster phenomenon and its cultural significance, traces some of the threads of the current “copyright crisis,” and connects these cultural and legal dynamics to show how the current filesharing context of digital environments pertains to issues affecting writing teachers. The article (1) urges writing teachers to view the Napster moment—and the writing practice at the center of it, filesharing—in terms of the rhetorical and economic dynamics of digital publishing and in the context of public battles about copyright and intellectual property and (2) argues that digital filesharing forms the basis for an emergent ethic of digital delivery, an ethic that should lead composition teachers to rethink pedagogical approaches and to revise plagiarism policies to recognize the value of filesharing and to acknowledge Fair Use as an ethic for digital composition. © 2006 Elsevier Inc. All rights reserved. Keywords: Delivery; Digital rhetoric; Ethics; Filesharing; Napster; Plagiarism We think that Napster matters, or should matter, to writing teachers. That’s not the same as saying that the technology necessarily and specifically matters—we need to draw that important distinction at the outset. Scholars in computers and writing have long recognized that the networked computer changes the fundamental rhetoric of communication, the writing process, writer–reader dynamics, the design of the page or screen, and so on.1 And, to a great ଝ Licensing: This work is licensed under an Attribution-NonCommercial-NoDerivs Creative Commons License (2.0).
    [Show full text]
  • I. Description II. Rationale III. Policy Administrative Manual
    Administrative Manual Policy Name Information Security Policy Number ADMIN 0082 Date this Version Effective September 2013 Responsible for Content UNC HCS Information Security Council I. Description UNC Healthcare System requirements for protecting confidential information, including but not limited to protected health information (PHI), from inappropriate access or disclosure and/or security breaches. II. Rationale UNC Healthcare System (UNC HCS) and its affiliates (collectively referred to in this policy as “UNC HCS”) continue to increase their dependence upon computer systems for storage, processing and transmission of information. As a result, information is now more readily available in all areas of UNC HCS. This availability, along with regulatory changes that define the requirements for protecting information and the penalties for failing to do so in the healthcare environment, has heightened the necessity for careful controls regarding information security. III. Policy A. Procedure 1. It is the policy of UNC HCS that information, as defined hereinafter, in all its forms--written, spoken, recorded electronically or printed--will be protected from accidental or intentional unauthorized modification, destruction or disclosure throughout its life cycle. This protection includes an appropriate level of security over the equipment and software used to process, store, and transmit that information. 2. All policies and procedures must be documented and made available to individuals responsible for their implementation and compliance. All activities identified by the policies and procedures must also be documented. All the documentation, which may be in electronic form, must be retained for at least 6 (six) years per HIPAA regulations, or more for certain documents if required by applicable laws and regulations, after initial creation, or, pertaining to policies and procedures, after changes are made.
    [Show full text]
  • Computer Services Technology Policy
    BOSSIER PARISH COMMUNITY COLLEGE COMPUTER SERVICES TECHNOLOGY POLICY With the rapid expansion of technology in the 21st century new concerns emerge. Because e-mail is the fastest way to communicate, problems arise regarding the receiving, and sending of un-solicited and un-wanted material. Receiving and opening e-mail from an unknown source can possibly shut down our systems. Distributing and receiving chain letters and jokes within our system can waste valuable time and resources; therefore, I would like to review our e-mail and technology policy with you. To make sure that every B.P.C.C. employee is familiar with the Technology Policy, we ask you to read the policy, sign the attached form, and return your signed form to Human Resources. NOTE The last page of this policy must be signed, dated, and returned to Human Resources Department. As employees of Bossier Parish Community College, we take pride in our work and in our school. Each time you click the send button, a representation of you and our school has been created. Please understand that once you send an e-mail it not only has the capability of being seen by the person you are sending it to, but also has the possibility of being seen by millions of people and virtually never going away. The following are some important rules to remember: a.) Sending harassing or discriminatory e-mail is strictly prohibited. Familiarize yourself with the school's harassment and disciplinary policies they also apply to e-mail and the Internet. b.) E-mail and Internet use should be limited to school-related functions.
    [Show full text]
  • RIAA V. Napster: a Window Onto the Future of Copyright Law in the Internet Age, 18 J
    The John Marshall Journal of Information Technology & Privacy Law Volume 18 Issue 3 Journal of Computer & Information Law Article 4 - Spring 2000 Spring 2000 RIAA v. Napster: A Window onto the Future of Copyright Law in the Internet Age, 18 J. Marshall J. Computer & Info. L. 755 (2000) Ariel Berschadsky Follow this and additional works at: https://repository.law.uic.edu/jitpl Part of the Computer Law Commons, Entertainment, Arts, and Sports Law Commons, Intellectual Property Law Commons, Internet Law Commons, Privacy Law Commons, and the Science and Technology Law Commons Recommended Citation Ariel Berschadsky, RIAA v. Napster: A Window onto the Future of Copyright Law in the Internet Age, 18 J. Marshall J. Computer & Info. L. 755 (2000) https://repository.law.uic.edu/jitpl/vol18/iss3/4 This Article is brought to you for free and open access by UIC Law Open Access Repository. It has been accepted for inclusion in The John Marshall Journal of Information Technology & Privacy Law by an authorized administrator of UIC Law Open Access Repository. For more information, please contact [email protected]. RIAA v. NAPSTER: A WINDOW ONTO THE FUTURE OF COPYRIGHT LAW IN THE INTERNET AGE by ARIEL BERSCHADSKYt TABLE OF CONTENTS I. OVERVIEW ........................................... 756 II. MUSIC AND THE INTERNET ......................... 758 III. THE BIRTH OF NAPSTER ............................ 759 IV. RECORDING INDUSTRY ASSOCIATION OF AMERICA'S LAWSUIT AGAINST NAPSTER ........... 762 V. COPYRIGHT LAW IN THE DIGITAL AGE ............. 763 A. BACKGROUND ........................................ 763 B. BASIc FORMS OF COPYRIGHT INFRINGEMENT .......... 764 1. Direct Liability ................................. 764 2. Contributory Liability ........................... 765 3. Vicarious Liability .............................. 766 C. ONLINE COPYRIGHT INFRINGEMENT LIABILITY LIMITATION ACT (TITLE II) .........................
    [Show full text]
  • Rampant Music Piracy May Hurt Musicians Less Than They Fear
    S E P T E M B E R 2 0 0 0 Rampant music piracy may hurt musicians less than they fear. The real threat -- to listeners and, conceivably, democracy itself -- is the music industry's reaction to it by Charles C. Mann A LITTLE while ago I heard that the future of music was being decided in a nondescript office suite above a bank in San Mateo, California. I couldn't get there in time, so I asked a friend to check it out. A crowd was milling in front of the entrance when he arrived. My friend parked illegally and called me on his cell phone. There are twenty or thirty television cameras, he said, and a lectern with a dozen microphones. Also lots of police officers. I asked about the loud noise in the background. "That," he explained, "is people smashing compact discs with sledgehammers." The compact discs contained music by the rock band Metallica. Three weeks earlier Metallica had sued a now-notorious Internet start-up called Napster, which is based on the fourth floor of the bank building. (The name comes from the founder's moniker in adolescence.) Far from being the colossus that its media prominence might lead one to expect, Napster is a surprisingly small outfit: it consists mainly of a Web site, about thirty-five hip, slightly disheveled employees, and a hundred or so of the powerful computers known as servers. By connecting to these computers with special software, Napster members can search one another's hard drives for music files, downloading gratis any songs they discover.
    [Show full text]