IT Access Policy - General

Please Read the following IIT Bombay IT Usage Policy CAREFULLY before acce ting!re"ecting the olicy# Peo le who $se the %&LI&E 'ersion for IT Policy Acce tance( need not sign the hardco y 'ersion#
Indian Institute of Technology Bombay Computer Centre Undertaking with respect to IIT Bombay IT Usage Policy Whom this Document Concerns All Users of IT infrastructure (Computers and the Network) at IIT Bombay. Reason for Policy This policy outlines the responsible use of the Information Technology Infrastructure at IIT Bombay. Statement of Policy All users of IIT Bombay will be subject to the following Acceptable Use Policy 1. [Content] I shall be responsible for all use of this network. In case I own a computer and decide to connect it to IIT Bombay network, I will be responsible for all the content on it, especially that which I make available to other users. (This provision will also apply to any computer or device for which I am responsible, and is included in the meaning of my computer.) In case I do not own a computer but am provided some IT resources by IIT Bombay, I will be held responsible for the content stored in the designated workspace allotted to me (examples: file storage area, web pages, stored/archived emails, on Computer Centre or Department machines). 2. [Network] I will be held responsible for all the network traffic generated by my computer. I understand that network capacity is a limited, shared resource. I agree that physically tampering with network connections/equipments, sending disruptive signals, or making EXCESSIVE USE of network resources is strictly prohibited. Repeated offenses of this type could result in permanent disconnection of network services. I shall not share the network connection beyond my own use and will not act as a forwarder/ masquerader for anyone else. 3. [Academic Use] I understand that the IT infrastructure at IIT Bombay is for academic use and I shall not use it for any commercial purpose or to host data services for other people or groups. Also, I shall not host or broadcast information that might harm others or may be otherwise considered objectionable or illegal as per Indian law. 4. [Identity] I shall not attempt to deceive others about my identity in electronic communications or network traffic. I will also not use IIT Bombay IT resources to threaten, intimidate, or harass others. 5. [Privacy] I will not intrude on privacy of anyone. In particular I will not try to access computers

(hacking), accounts, files, or information belonging to others without their knowledge and explicit consent. 6. [Monitoring] I understand that the IT resources provided to me are subject to monitoring, with cause, as determined through consultation with the IIT Bombay administration, when applicable. The monitoring may include aggregate bandwidth usage to effectively manage limited IT resources as well as monitoring traffic content in response to a legal or law enforcement request to do so. I authorize IIT Bombay administration to perform network vulnerability and port scans on my systems, as needed, for protecting the overall integrity and efficiency of IIT Bombay network. 7. [Viruses] I shall maintain my computer on this network with current virus detection software and current updates of my operating system, and I shall attempt to keep my computer free from viruses, worms, trojans, and other similar programs. 8. [File Sharing] I shall not use the IT infrastructure to engage in any form of illegal file sharing (examples: copyrighted material, obscene material). In particular, I have noted the following:

Electronic reso$rces s$ch as e)"o$rnals( e)boo*s( databases( etc# made a'ailable by the Central Library( IIT Bombay are for academic $se# These reso$rces can be searched( browsed( and material may be downloaded and rinted as single co ies of articles as is done in the case of rinted library material# +ownloading or rinting of a com lete boo* or an entire iss$e or a 'ol$me of one or more "o$rnals ,called systematic downloading- is strictly rohibited# Use of robots( s iders or intelligent agents to access( search and!or systematically download from the e)reso$rces is also rhibited# Any 'iolation of this olicy will res$lt in enal action as er the r$les and reg$lations of the Instit$te# I am aware that .ystematic downloading will res$lt in the $blisher bloc*ing the entire comm$nity of $sers at IIT Bombay from accessing these reso$rces#
9. [Security] I understand that I will not take any steps that endanger the security of the IIT Bombay network. Specifically, I will not attempt to bypass firewalls and access rules in place. This includes not setting up servers of any kind (examples: web, mail, proxy) that are visible to the world outside the IIT Bombay campus. In critical situations, IIT Bombay authorities reserve the right to disconnect any device or disable any account if it believed that either is involved in compromising the information security of IIT Bombay. 10. [Penalties] I understand that any use of IT infrastructure at IIT Bombay that constitutes a violation of IIT Bombay Regulations could result in administrative or disciplinary procedures.

Please use your LDAP/netmon Login to Accept/Reject above policy:

Your GPO/NE !ON/NE"#/$%G&O!E access 'ill be automatically suspen(e(/$LO)*ED )ompletely i+ t,e % %n+rastructure Access Policy is not A))EP ED by you+ata entry fields mar*ed with / are re0$ired#

&ote1 %nce yo$ selected an %PTI%&( it can not be $ndone# If yo$ choose to RE2ECT the olicy( yo$ will BARRE+ from all L+AP based ser'ices# E'en yo$r I&C%3I&4 mails will bo$nce bac* to sender#

Hostel Area Network Policy

Hits: 3230 Policy on IITB Hostel Area Network

1.All linux machines shall be allowed to access the internet directly through netmon/ a ro riate !! ser"er. #. $indows machines are not allowed to access the internet directly. %. $indows machines ha"e to &tunnel& through s eci'ied roxy ser"er(s)* located in the hostel com uter room* on which +TP* ,,H and -.ser"ing ha"e been set u . This set u will be monitored 'or er'ormance. As many ser"ices as can be set u with the a"ailable ex ertise will be made accessible. /ecisions regarding u grading or sto age o' ser"ices on these ser"ers will be taken by hostel.sysads0mlc0cc. 1x eriments on how to get the best out o' this o tion may be taken by some o' the hostel sysads with the hel o' ex ertise a"ailable within the student/hostel community. 2. No s ecial cases will be allowed access network "ia $indows to outside o' the Hostel Network. I' a "ery strong reason exists 'or an indi"idual to demand such access he/she will make an a lication to their hostel sysad who will 'orward with comments to the mlc* which in turn will 'orward it* with their remarks* to !! 'or consideration. 3. $indows users should generally be urged to kee their machines clean* u dated and atched as they can still cause in'ections and disru tions to their 'ellow residents on the intranet. 4. A enalty system will be im lemented* in case a hostel com uter is 'ound directly accessing internet

through $indows. The 'ollowing enalty rocedure shall be 'ollowed5 ............................................................................. +irst Time. $arning shall be issued. ,econd Time. 6ne $eek network disconnected. Third Time. 6ne ,emester network disconnected. +ourth Time. 1ntire ,tay without network. ............................................................................. Hostel ,ysads will be mailed a list o' de'aulters IPs regularly by the mlc/cc. They are su osed to en'orce a ro riate action. 7. All dis utes between mlc and indi"idual sysads (eg not im lementing stated olicies) will be brought to the notice o' Head* !! immediately* 'or resolution. 8. All these olicies will be ut on the 9:! Home age. Any signi'icant oint or remark made by the &general body& should be brought to the notice o' this mailing list.

5#

WIFI Use Policy For Resnet

Hits: 36 2

WiFi Use Policy !or Resnet

As yo" are aware ## $as recently i%&le%ente' a &olicy o! re(isterin( an' )in'in( yo"r resi'ential co%&"ter*s network $ar'ware a''ress to t$e IP n"%)er t$at yo"r co%&"ter "ses+ We e%&$asi,e t$at t$is %eas"re is to ens"re t$at no one a)"ses yo"r resi'ential network reso"rces+ In t$is connection- it is seen t$at %any resi'ents are "sin( %is-con!i("re' Wireless Access Points.Wireless Ro"ters at $o%e+ Wireless Access Points $a/e to )e con!i("re' /ery care!"lly in or'er to &re/ent &eo&le in yo"r nei($)or$oo' an' &ossi)le ro("e "sers !ro% "sin( t$e network a''resses an' reso"rces allote' to yo"+ Hence- t$e !ollowin( &olicy %"st )e a'$ere' to in or'er to &re/ent %is"se an' i%&le%ent &ro&er network sec"rity:

0+1H#P ser/ers $a/e to )e 'isa)le' on all Resi'ential %ac$ines an' Wireless Access Points.Wireless Ro"ters+ T$is %eans t$at yo" will $a/e to &ro/i'e static IPs to e/ery co%&"ter at $o%e- an' not let t$e 1H#P ser/er &ro/i'e t$e IP a"to%atically+ I! a 1H#P ser/er is r"nnin(- it (enerates )roa'cast o/er t$e entire network- anno"ncin( to ot$er "sers its &resence an' allocates yo"r ran(e o! IP a''resses to &otential tres&assers+ 2"c$ "sers will )e a)le to "se yo"r wireless e3"i&%ent to connect to t$e instit"te network an' any &ossi)le %is"se will )e attri)"te' to yo"+ 2+Access control lists $a/e to )e con!i("re' on t$e Wireless Access Points.Wireless Ro"ters to allow only s&eci!ic set o! %ac a''resses to )e a)le to "se yo"r wireless e3"i&%ent+ T$is will allow only yo"r own %ac$ines to "se t$e WiFi e3"i&%ent+ Wireless access &oints $a/e a access ran(e o! 000 %- an' any)o'y in t$at ran(e will )e a)le to connect /ia yo"r access &oint+ Hence- it is essential to con!i("re Access #ontrol 4User %ac a''ress !ilters5 on t$e wireless 'e/ices+

P67A27 A28 TH7 APPR9PRIAT7 :7N19R T9 #9NFIGUR7 ;9UR Wireless Access Points.Wireless Ro"ters AT TH7 TI<7 9F IN2TA66ATI9N+ TH7 A=9:7 F7ATUR72 <A; A629 =7 I<P67<7NT71 9N WiFi 7>UIP<7NT A6R7A1; 17P69;71 IN TH7 R72I17NTIA6 N7TW9R8+

WiFi $ar'ware o! /ario"s %akes.)ran's $as )een 'e&loye' in resnet+ It is not !easi)le !or ## to &ro/i'e any $ar'ware assistance in t$is %atter+ Access &oints not con!i("re' &ro&erly will not )e a)le to connect to t$e Instit"te network+

In /iew o! t$e IT laws in !orce- t$at re3"ire "sers to take res&onsi)ility !or t$eir own network "se- we are constraine' to i%&le%ent t$ese !eat"res on t$e IIT= network+

Aca'e%ic Area Network Policy

Hits: 20?@

P%LICY %& IITB ACA+E3IC AREA &ET6%R7

1 . ! 6 9 P ; T 1 < ! 1 N T < 1 ( ! ! ) I , < 1 , P 6 N , I B : 1 + 6 < T H 1 ! 6 < 1 I I T. B N 1 T $ 6 < = ( I N! : ; /1 , I NT1 < N1 T +A! I : I TI 1 ,5 1 9A I : * $ 1B 1 T! ) . #. !! will ro"ide connecti"ity to each /e artment* to the gigabit backbone* and also the necessary IP addresses* roxies* email relays etc. %. The o eration o' the network within each /e artment is the sole res onsibility o' the /e artment (Head > ,ysads) !! will only lay an ad"isory role. 2. I' a /e artment network ?misbeha"es@ and causes roblems 'or any other de artment or the entire cam us* or disru ts ser"ices* !! will noti'y the concerned Head > ,ysad and disconnect the /e artment 'rom the core network until the roblem is 'ixed satis'actorily. 3. To minimiAe the roblem o' disconnection* /e artments will se arate their network into # sub. networks (one 'or $indows and one 'or :inux/;nix). This will allow !! to turn o'' only the o''ending subnet in case o' "irus/worm attacks. 4. ;se o' irated/illegal so'tware is not acce table. It is the res onsibility o' the /e artments (Heads > ,ysads) to ensure com liance.