P2P Detection Service

Overview

To strengthen the prevention of copyright infringement via the School of Science and Engineering campus network, we provide a file-sharing software detection service. In this service, the contents of communication from on-campus to off-campus are processed automatically, and when software that may facilitate copyright infringement, or equivalent communication, is detected, the relevant communication is dropped.

* Background: On November 6, 2006, the Information Infrastructure Subcommittee approved the "introduction of file-sharing software detection."
* Following a report at the Council of Heads of Academic and Administrative Units on September 14, 2007, and a university-wide announcement on September 18, 2007, the service began university-wide on October 15, 2007.
* In June 2019, a failure of the equipment operating this service caused an incident, and the specifications were revised.
* The specification change was reported to and approved by the Network Special Committee held in September 2019.

Specifications

When prohibited communication is detected on a subnet you use, the system clears the detected session each time detection occurs. Unlike before, there is no need to individually block and unblock an entire IP address.

However, if P2P communication detection continues, the bandwidth of the laboratory's ingress NAT and so on may be consumed, and communication may become almost impossible. If you feel that communication in general is unstable on the IP address used by your laboratory, please check the usage status within your organization. (The symptoms will continue until each organization investigates and takes action. Because the response is automated, no individual notification will be sent to the responsible person. Please note that the NOC cannot identify the cause.)

Detection Targets

The detection targets are software and applications such as BitTorrent, Gnutella, Kazaa, Share, WinMX, Winny, eDonkey, Direct Connect, Perfect Dark, SoulSeek, Thunder (Xunlei), Kugou, and QQ, as well as communication equivalent to them.

It is the user's responsibility to understand what kind of communication the software they use performs. Each user should check the website of the provider or developer before use. Please note that we cannot respond to inquiries about the communication of, or configuration methods for, the software you use.

For reference, please also be aware of the following information that has been reported to us:

• On QNAP storage devices, firmware applications include some that perform communication equivalent to file-sharing software. If these features are enabled, the service will detect and block such communication.
• Software equivalent to Thunder (English name): Thunderbolt (English name), 迅雷 (Chinese name), 迅雷看看 (Chinese name).
• PandoraTV may be installed when installing the video player "KMPlayer."
• Please note that some software is available by default on, or installed alongside, distributions such as Ubuntu and Opera.
• Because they generate prohibited communication, .torrent files cannot be used on campus.
• Please note that an increasing number of online games perform prohibited communication such as BitTorrent during updates and so on, even when not downloading or playing.
• The Vietnamese browser "CocCoc" is reportedly good for downloads, but it may also perform BitTorrent communication.
• Some services and apps provided by Alibaba, Tencent, Baidu (百度), and QIHU360 (奇虎360) are very likely to perform prohibited P2P communication such as BitTorrent during normal communication or updates. Please confirm the communication methods at your own responsibility and use them with great care.
• Please refrain from using software, apps, or web services similar or related to Kugou, Xunlei, QQ, Baidu, or uTorrent, as they are very likely to perform prohibited communication.

Detection targets may vary by time period — even for the same software or communication — depending on the vendor and version of the operating equipment.

About Investigation Methods

If you experience communication problems — not limited to P2P — please consult the designated liaison of your organization and have the investigation and response handled within the organization. Routinely identifying who the designated liaison and consultation contacts are within each organization, as well as the network configuration and the responsibilities and scope of management of each, and disseminating this information, will lead to faster resolution when network problems occur.

For floor hubs/routers installed by each organization and devices installed within laboratories, there are often cases where there is no administrator or the configuration has been forgotten. We recommend clearly marking the responsible person and contact on the equipment installed (hubs, routers, servers, VPN devices, etc.), and separately recording the connection configuration, settings, and usage logs. (Please note that the NOC cannot resolve such issues even if consulted.)

Typically, to retain long-term logs from network equipment, a separate syslog server is prepared, and logs from network equipment are aggregated and managed there. Regarding routers that can store logs to a USB external memory on the device itself, we have investigated based on information provided by users, and provide guidance below.

Note that some models do not support IPSec for VPN, so please be careful. For matters other than log information retrieval, please check the YAMAHA official site yourself and configure the necessary communication settings.

Important Notes

While this service strengthens the prevention of copyright infringement at this university, please continue to keep the following in mind:

If you violate this university's security standards, depending on the degree of the violation, your use of the campus network may be restricted, and you may also be subject to disciplinary action under this university's work regulations, university regulations, or applicable laws.

Changes to the detection targets above — including additions/removals and changes to detection targets that would enable changes to the usage policy — are considered by the Information Infrastructure Coordination Office as the situation requires.

Frequently Asked Questions for Subnets

Q. I can no longer connect to networks outside the university.

A. Please first isolate the point of failure within your organization (terminal, room, floor, only external, only specific communication, and so on). Because blocking by this service applies to communication with outside the university, communication within the campus is still possible.

* Network equipment such as floor switches and NAT routers installed by each organization or laboratory may be malfunctioning. If there is network equipment in your room, please restart it. If that does not resolve the issue, please contact your organization's designated liaison.

Q. I don't know the designated liaison.

A. Please check the IP address you are using (such as 131.112.xx.yy, 10.xx.yy.zz, or 172.xx.yy.zz) before contacting us. We will tell you the designated liaison for each organization (unit level), so please consult that person.

If there is no problem with the backbone network, the investigation and response must be handled within each organization. Wiring within buildings and network equipment installed and used by each organization are not within our scope, so please identify the responsible person within your organization and address the issue there.

Q. I don't know the IP I am using.

A. On a regular basis, please confirm both the IP address you are using and your designated liaison. If neither the designated liaison nor the person responsible for the installed equipment is known, it is the responsibility of each user and organization. We cannot investigate from "I don't know anything," so we ask for your ongoing cooperation.

Please note that we cannot investigate even if you provide an IP address such as 192.xx.yy.zz or the IP address of the proxy server. We recommend that you record the IP address shown when accessing T2Box.

Q. Can I use software xxx?

A. It is each user's responsibility to confirm what kind of communication each piece of software or application performs, and we do not respond to inquiries about individual pieces of software. Please understand.

Also note that even for software that does not fall under P2P, communication may be restricted depending on the network you use and the policy of each organization. If you have any questions, please contact the designated liaison of your organization.