Just like the title reads. To simplify the argument, let's assume the router isn't wireless. Please don't provide argumentation such as "because it's the school's network" unless that is the sole reason. What kind of things are screwed up with a router is in place on a network on campus? I'm interested to know ho it interferes with the internet use, especially with that of other students and resources. I can't believe I am actually interested in learning this, but I am always looking to improve my ethics. Thanks!

The router will hamper their efforts to spy on you ??? I donno but I wouldnt doubt it :)

Well I could prevent that by using a VPN connection, which is allowed.

I know I was just kidding :)

lol ironically that is actually happening to me (spying), but that's why I use VPN ;-)

thats an odd policy... I sorta understand it but you can do anything you would do with a router using a PC. How many network drops do they give you? maybe they dont want people having server farms in their dorm rooms :-P

what if you stuck a switch on the network drop.... is that ok?

The policy states no user-supplied network hardware hubs, switches, etc., can be connected to the network. But that isn't really my concern as I work with whatever rules they give me. I was just wondering what a router would be able to do that they could get so upset about?

Honestly a router can not do anything you can not do with a single PC…. It COULD screw with dynamic layer 2 / layer 3 topology and also allow for filtering but you can do that with a single PC if you really wanted to… if I had to guess I would say there are 2 reasons….
1: you can use a hide nat to hide a bunch of computers behind one ip address so without proper logs from your router they have no way to identify the true source of traffic behind your ip address. If they say NO to using these types of devices then they will just blame you :)

2: also as much as you don’t want to hear it "because it's the school's network" is also a very valid reason and plays into #1


It may be a CYA type thing

the reasoning behind it is that every student pays for their internet... they dont want one student sharing the schools internet.

If I lived there I wouldn't care about policy, I'd use one anyways. I used to work as a tech @ A&M, and I've seen some of the BS that flies across the network, like the blaster worm. It was like a freakin wildfire. It's also full of kids trying to see who else is out there, and what they can hack. I would even go so far as to hide the router in my case if I had to, because I would not subject my computer (and thus my personal data) to any direct connection to the campus network.

What about this? Someone has a wireless router and enables it, no passwords, nothing. Completely open.

Where is their security?

What about this? Someone has a wireless router and enables it, no passwords, nothing. Completely open.

Where is their security?

exactly...

The reason that I know why is that it was my job to look for those routers. ;)

I'd hide it in my computer, or buy a PCIe router haha, but rules are rules, there to be followed.

For use it is money, pure and simple. The charge $15 dollars per network connection. So, if routers were allowed people in close proximity could share one connection. God forbid we spend our grants on research, vice getting nickel and dimed to death by the system.

The router will hamper their efforts to spy on you ??? I donno but I wouldnt doubt it :)

No.

It's because most people screw them up and wind up taking down half (or all) of the campus. (They're prohibited on corporate networks for the same reason. Well. That's one of the reasons, although there are other obvious security implications.)

If the school wants to spy on you, they're going to find a way; it's excruciatingly hard to make it so they can't. The basic rule of thumb is don't do anything you wouldn't want your Mom knowing about on the school network.

Please do not ask us how to circumvent your school's security. That is all.

I am not asking how to circumvent security at all, that is not the reason behind my post. I understand the sharing network aspect, but I live in a single apartment and just wanted to be able to use the internet on more than one computer (students can have multiple computers).

The whole school spying thing is more complicated than you think, so I'm not going to touch that subject any more than I have. My vpn secures my emails enough for me.

I just didn't know if the router at a default state would disable QoS or something and thus cause me to rob other students of bandwidth. Would a hub/switch be better if all I wanted was to have another connection in my room?

On my campus everyone paid the connected fee, so it didn't matter.

We weren't allowed to have them because it was a way that an outside source, not affiliated with the school could connect to their network. If you plugged into the school network or connected wirelessly, you had to register using your school ID and then it was tied to your mac.

It was also an interference issue. Some jack-hole took down a few school AP's with his linksys (took them down in the sense that you couldn't connect to them). They didn't know exactly which room it was coming from, so they unplugged the building until the router was shut off.

Some schools (and corporations) require that a computer meet certain requirements before being granted network access. Putting your computer behind a router can let you bypass those requirements or block you completely from the network (depending on the exact setup).

You mention the policy allows students to have multiple computers, but no network devices. How does the university allow this? Is it just one computer on the network at a time, or do they need to supply the ports? It might be something as simple as they want to control bandwidth usage by knowing how many computers might be on the network.

Really though the most likely reasons are just for security and network stability. If the university controls everything it is easier to troubleshoot problems, and control security. If every student starts connecting in different network devices in a hap hazard manner it will create an unstable network which nobody knows the real topology of.

On my campus everyone paid the connected fee, so it didn't matter.

We weren't allowed to have them because it was a way that an outside source, not affiliated with the school could connect to their network. If you plugged into the school network or connected wirelessly, you had to register using your school ID and then it was tied to your mac.

It was also an interference issue. Some jack-hole took down a few school AP's with his linksys (took them down in the sense that you couldn't connect to them). They didn't know exactly which room it was coming from, so they unplugged the building until the router was shut off.

Huh? How's that possible? All you'd have to do is get a certain Linux distro...

I'd hide it in my computer, or buy a PCIe router haha, but rules are rules, there to be followed.

You Sheeple. Please.

Huh? How's that possible? All you'd have to do is get a certain Linux distro...

If you set your wireless channel to be the same or an overlapping channel, you can screw up the other APs near you.

Huh? How's that possible? All you'd have to do is get a certain Linux distro...

His WiFi interfered with the schools wifi so as long as his was on, your connection would drop, etc. The air was just too flooded I guess.

The school ran on ch6.

Or how about network loops when spanning tree wasn't implemented on the switch you're connecting to? I've seen that cause problems (both schools and corporate).

Or how about network loops when spanning tree wasn't implemented on the switch you're connecting to? I've seen that cause problems (both schools and corporate).

I doubt that was the case, or it would go down all the time. I would imagine most universities wouldn't implement redundant trunks for student housing anyways...assuming we are still talking about student housing regions.

At my school they don't let people use routers because people leave dhcp on and apparently it interferes with their dhcp servers. Also, they don't want to let just anyone get onto their network. The wireless network is open, but your computer has to pass some test for vulnerabilities first. They let you use switches in dorms though. They gave me one for free :D

At my school they don't let people use routers because people leave dhcp on and apparently it interferes with their dhcp servers. Also, they don't want to let just anyone get onto their network. The wireless network is open, but your computer has to pass some test for vulnerabilities first. They let you use switches in dorms though. They gave me one for free :D

I don't see how if one has a router. NAT keeps DHCP for a given subnet on one side of the fence, so to speak. However, I do see where if the school was using 192.168.1.0 /24 and then you dropped a router in with 192.168.1.0 /24 as your subnet as well, you could cause yourself some problems. Seems like it would remain on your end though, not cause anyone else issues.

Well no I take back the DHCP issue. If the university is wireless and so are you, I can see how that might muck things up if 2 DHCP servers (or more) are trying to assign a wireless PC an IP.

If students would stay wired, this wouldn't be much of an issue though.

I don't see how if one has a router. NAT keeps DHCP for a given subnet on one side of the fence, so to speak. However, I do see where if the school was using 192.168.1.0 /24 and then you dropped a router in with 192.168.1.0 /24 as your subnet as well, you could cause yourself some problems. Seems like it would remain on your end though, not cause anyone else issues.

Well no I take back the DHCP issue. If the university is wireless and so are you, I can see how that might muck things up if 2 DHCP servers (or more) are trying to assign a wireless PC an IP.

If students would stay wired, this wouldn't be much of an issue though.
That actually was the problem. For some reason they use the same ips/subnets as a default linksys router. Great call on their part. I had my wireless router hooked up at the beginning of the year and it screwed up connections in another dorm building so they shut off my internet. lolz.

Gotcha. So did they ever give your connection back? LOL

I was using 192.168.17 range with DHCP, not static, but the school lan is 10 something. Outside of interfering with possible DHCP servers, anything else? I'll see if some one is in the ITS office tomorrow who has the authority to let me back into the network.

If you are wired only you should be ok from a technical standpoint. Gotta turn off wireless though if it has it. You could also change your subnet/DHCP pool to a 10.x.x.x network if they are using 192.168.x.x for their LAN. That would be double insurance that you would see no conflicts.

Gotcha. So did they ever give your connection back? LOL
Yea I talked to the IT head of my building and she said as long as I used a switch I was good, so she turned my ports back on and actually gave me a switch. Yay free switch :D

See, my school got around these issues by, A requiring every computer to register it's Mac address in your user CP to connect (so you can't even log onto the network without being a student - no user name or password to try to crack), and B, letting you connect an unlimited number of computers for free, and C properly wiring their apartments (besides the oldest ones but those were being renovated last I talked to someone about it) with multiple drops so you don't have to worry about it.

My school is pretty low key so I don't think they'd even complain about someone from off campus having their Mac address added unless they were downloading warez or causing trouble. My local CC is even more liberal about this. They let anyone connect, student or otherwise, all you have to do is agree to one of those "we're not liable, and don't look at porn" prompts before it lets you use the internet.

Or how about network loops when spanning tree wasn't implemented on the switch you're connecting to? I've seen that cause problems (both schools and corporate).


thats what i was thinking, spanning tree loops aren't the funnest part of the job ;)

If I lived there I wouldn't care about policy, I'd use one anyways. I used to work as a tech @ A&M, and I've seen some of the BS that flies across the network, like the blaster worm. It was like a freakin wildfire. It's also full of kids trying to see who else is out there, and what they can hack. I would even go so far as to hide the router in my case if I had to, because I would not subject my computer (and thus my personal data) to any direct connection to the campus network.

I work at Texas A&M in the Network Security/Systems group, still a newbie but loving it. Yes the blaster worm "blasted" the Texas A&M network but we now have systems in place to prevent such mass infections. Also as far as kids trying to see who else is out there we have that under control as well.

If the school wants to spy on you, they're going to find a way; it's excruciatingly hard to make it so they can't. The basic rule of thumb is don't do anything you wouldn't want your Mom knowing about on the school network.

I will not go into specifics, but at least at Texas A&M while on the campus network I would not do anything illegal.

I will not go into specifics, but at least at Texas A&M while on the campus network I would not do anything illegal.




haha, have someone run etheral or wireshark, see how long they last ;) we had to let campus IS know when we used them for expermients

I work at Texas A&M in the Network Security/Systems group, still a newbie but loving it. Yes the blaster worm "blasted" the Texas A&M network but we now have systems in place to prevent such mass infections. Also as far as kids trying to see who else is out there we have that under control as well.
That's good to hear. It was like the wild west back in 02-03 :beer:

1) Money
2) Security
3) Network integrity

The first is obvious, if each student pays this makes sure every student pays.
On my campus when I worked for housing network there were days when we had up to 70 DMCA violations a day. Whoever bought the connection was responsable and routers helped un-complicate things.
As mentioned above many other network things could come into play.

And for those who say they would just hide it in their cases, do you think network geeks bust down doors and give shake downs? There are better ways that are easier that can be run on the network. The one we used just emailed a list out every few days of people it had shut off.

I don't see how if one has a router. NAT keeps DHCP for a given subnet on one side of the fence, so to speak. However, I do see where if the school was using 192.168.1.0 /24 and then you dropped a router in with 192.168.1.0 /24 as your subnet as well, you could cause yourself some problems. Seems like it would remain on your end though, not cause anyone else issues.

If students would stay wired, this wouldn't be much of an issue though.

Actually it's still a problem. It's easy for a user's router to begin listening for DHCP broadcasts. If a user's workstation comes online, sends a DHCP broadcast and that router gets it first, it will assign the address, likely on a different subnet and that workstation no longer has access to the real network's resources.

The fact is that many users don't have a clue what a router really does or is capable of, let alone how to configure one properly. This is just another reason to add to the list of why organizations don't allow it. I had a client at a remote office do exactly this today and it screwed things up pretty good.