2009-08-17
More accidental BitTorrent on our network
We've recently had another interesting case of 'accidental BitTorrent' on our network, different from the previous times. This time around it was through our VPN server, and just from that alone you can probably guess what happened.
Suppose that you are a user, sitting at home running BitTorrent in the background on your home machine while you do other things. You need to access some restricted on-campus thing; our generally supported way to do this is to fire up a VPN connection so that you are 'inside' as far as our various access controls are concerned. So you do so and browse the library, or get at our Samba server, or whatever.
And all the time that you're doing this, all of your network traffic is flowing over the VPN and out our network to the outside world. Including that BitTorrent client you have running in the background. Whoops.
Like the first time, this is not the user's fault; I can't expect even our users to all understand network routing and the fine details of how our VPN behaves. (Yes, this is obvious to us, but that's because we spend all of our time immersed in these things.)
This makes a nice illustration of something else as well: the perils of a mismatch between the user's view of what's happening and what's really going on. If the user's view is that they're using the VPN to access some inside resource, how would they even think about what's happening with their traffic to regular things? At a conceptual level it's not even related to what they're doing.