Research Wireless Blacklist Policy

Getting off the blacklist

Once you are blacklisted, there are 2 steps to get you off the blacklist.
  1. Find the email sent to you -- it was sent from "Research Wireless Blacklist System" and follow the instructions in the email. Email was sent to the email address you use to access Research Wirelessor to the default email destination you set for your_netid@rutgers.edu.

    • If you don't know where the default destination is, you can find out from site named: http://netid.rutgers.edu and click on Manage Email Addresses link on that page.

    • If you still don't have the email, you can check all registered blacklist incidents via: http://www.cs.rutgers.edu/resources/network/wireless/toptalkers.php?mac=insert_mac_address using computer that is not currently blacklisted. Make sure the MAC address is in this format: 01:23:ab:cd:ef with colons not dashes like 01-23-ab-cd-ef.

      If you need to find out how to locate your_mac_address, use an unblacklisted computer and go to: http://www.wikihow.com/Find-the-MAC-Address-of-Your-Computer.

    • If you were blacklisted on a computer you no longer own and can't find the email and Mac address, you will need to contact people in step 2. for help.

  2. Wait until after the blacklist penalty period has passed then GO to the following places to get access restored. There is no automatic delisting.

    For users of the following department:
    • School of Engineering, email: staff@jove.rutgers.edu
    • Computer Science or others, go to: CoRE 211 (do not email and do not call)

Penalty Period

Except for those who fall into immediate blacklist category below, if you respond to the original Research Wireless Usage email, no penalty is invoked. An Access Penalty is only invoked if you have not responded to the Usage email. Your blacklist penalty starts the day you respond to the query regardless when the incident occured. Email requests or phone calls to get off the blacklist will be ignored.

Penalties for not responding to query or for violation are as follows:

  1. First offense: Your access to Research Wireless resources will be restricted for at least 21 weeks (2 weeks).
  2. Second offense: You will be blacklisted for at least 22 weeks (4 weeks).
  3. Third offense: You will be you blacklisted for at least 23weeks (8 weeks).
  4. Fourth offense: You will be blacklisted for at least 24 weeks (16 weeks)
  5. Fifth or more offense: You will be blacklisted for 25 weeks and 2n weeks where n denotes number of offenses you did. That's a lot of weeks. Hopefully you know math.

Who gets blacklisted

Research Wireless system track usage of all machines and detect suspicious activities in order to better serve our users' community. When abnormal activities are detected, users are notified and/or queried to explain the activities. On some occasions, when the activities affect Research Wireless functionality (for instance if a machine on Research Wireless begins answering DHCP requests), immediate and programmatic action may be taken and no notification is sent. The user will only know about it when a blacklisted user/machine tried to access Research Wireless and get directed to blacklist notification page.

Abnomal activities on Research Wireless can include but not limited to: high daily download/upload, P2P activities, suspicious network activities, and/or violation of Research Wireless usage policy stated on the login screen or university Computing Policy and Guidelines.

Machines meeting the following conditions are subject to immediate blacklisting:

  • No response received 7 days after a TopTalker incident
  • 6000+ Unique connections and over 4000 MB Non RUNet traffic.
  • 3000+ Unique connections and over 6000 MB Non RUNet traffic.
  • Three incidents of over 4000 MB non RUNet transfer in 7 days.
  • Three incidents of over 5000 connections in 7 days.

    All Research Wireless traffic are recorded and an anonymized version of traffic is available online (RUNet accessible only) at:
    http://report.rutgers.edu/mrtg/wireless/

    For more specific machine activity, anonymized (that is, there's no username associated with the traffic logs, only an IP address.) can be seen at:

  • For Research Wireless users see: http://report.rutgers.edu/~ipaudit/cgi-bin/ipahttp?daily/traffic
  • For CCR-Research Wireless users see: http://report.rutgers.edu/~ipaudit/cgi-bin/ccripahttp?daily/traffic
  • For ECS-Research Wireless users see: http://report.rutgers.edu/~ipaudit/cgi-bin/ecsipahttp?daily/traffic

    For Other Research Wireless info, see Research Wireless Help