Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision | ||
|
license_violation_procedures [2025/09/15 17:25] 73.47.190.103 [Boilerplate for message to OIT, patrons, and vendors] |
license_violation_procedures [2025/09/17 14:55] (current) 73.47.190.103 [License Violation Procedures] |
||
|---|---|---|---|
| Line 1: | Line 1: | ||
| ======License Violation Procedures====== | ======License Violation Procedures====== | ||
| - | Violations are reported by vendors via email or to DBHelp. The IP address and timestamp of the violation are often noted. Sometimes a vendor includes their logs containing the information. With the added security features of EZProxy v7 & the campus SSO, most violations are now use by UMass patrons, not compromised NetID credentials as was previously the case. | + | Violations are reported by vendors via email or to DBHelp. The IP address and timestamp of the violation are often noted. Sometimes a vendor includes their logs containing the information. With the added security features of EZProxy v7 & the campus SSO, most violations are now caused by UMass patrons, not compromised NetID credentials as was previously the case. |
| Our proxy server address is 128.119.201.53. This is the external IP address. | Our proxy server address is 128.119.201.53. This is the external IP address. | ||
| Line 16: | Line 16: | ||
| - For identifying off-campus users: review the EZProxy logs. | - For identifying off-campus users: review the EZProxy logs. | ||
| - | - If the vendor indicates the offending behavior came from the proxy server's IP address, it originated from outside the campus IP ranges. | + | - If the vendor's email or logs indicate the offending behavior originated from the proxy server's IP address, it came from outside the campus IP ranges. |
| - If investigating the abuse on the same calendar day it occurred, you can view the logs in EZproxy's admin website. | - If investigating the abuse on the same calendar day it occurred, you can view the logs in EZproxy's admin website. | ||
| - | - Log into https://login.silk.library.umass.edu/admin with the admin credentials. These can be obtained from Margaret or Jaime. [No! We need to add people to the shibuser.txt file as admins.] | + | - Log into https://login.silk.library.umass.edu/admin (If you cannot log in, you need to be added to the shibuser.txt file as an admin; contact Margaret or Jaime for this.) |
| - Navigate to **View ezproxy.log**>**all**. | - Navigate to **View ezproxy.log**>**all**. | ||
| - Find the user's NetID by searching with Ctrl+F for the timestamp or for the vendor's URL. | - Find the user's NetID by searching with Ctrl+F for the timestamp or for the vendor's URL. | ||
| Line 26: | Line 26: | ||
| - If you are working from off campus, you first need to be on the GlobalProtect VPN to get inside the firewall. For VPN installation, open a ticket with LTS. | - If you are working from off campus, you first need to be on the GlobalProtect VPN to get inside the firewall. For VPN installation, open a ticket with LTS. | ||
| - Click into the **logs** folder in the right pane. This folder contains hourly logs and daily logs for the previous seven days. | - Click into the **logs** folder in the right pane. This folder contains hourly logs and daily logs for the previous seven days. | ||
| - | - Open the log file that corresponds with the timestamp from the vendor. | + | - Open the log file that covers the timestamp from the vendor. Saved logs have timestamp of date/time they were saved in filename. |
| - | - Saved logs have timestamp of date/time they were saved in filename. | + | |
| - Find the user's NetID by searching with Ctrl+F for the timestamp or for the vendor's URL. | - Find the user's NetID by searching with Ctrl+F for the timestamp or for the vendor's URL. | ||
| - Close any open files, then exit WinSCP; do not save the session. | - Close any open files, then exit WinSCP; do not save the session. | ||
| Line 77: | Line 76: | ||
| -Log into the EZProxy Admin website. | -Log into the EZProxy Admin website. | ||
| -Restart the server by clicking on **Restart EZProxy**, then typing "restart" into the indicated box (capitalization does not matter) and clicking the **here** button. | -Restart the server by clicking on **Restart EZProxy**, then typing "restart" into the indicated box (capitalization does not matter) and clicking the **here** button. | ||
| - | ===== Flowchart [tktktk] ===== | + | ===== Workflow graph ===== |
| - | {{:new_image_filename_goes_here.jpg|}} | + | |
| + | {{:ezp_license_violation_procedures.jpg?740}} | ||
| Line 87: | Line 87: | ||
| ==EXAMPLE email to OIT asking them to identify an on-campus user====== | ==EXAMPLE email to OIT asking them to identify an on-campus user====== | ||
| - | [send to itprotect@umass.edu; must come from Camille, Margaret, or Jaime] | + | [send to [[mailto: itprotect@umass.edu|itprotect@umass.edu]]; must come from Camille, Margaret, or Jaime] |
| Hello, | Hello, | ||
| Line 98: | Line 98: | ||
| [Camille/Margaret/Jaime] | [Camille/Margaret/Jaime] | ||
| - | ==EXAMPLE email to OIT reporting violations to abuse@umass.edu with the subject line "Library proxy abuse." == | + | ==EXAMPLE email to OIT reporting exploited NetID credentials== |
| + | |||
| + | [Send to [[mailto: abuse@umass.edu|abuse@umass.edu]] with the subject line "Library proxy abuse." Note that this rarely happens since UMass started using 2FA & we updated to EZP v7.] | ||
| + | |||
| + | Hello, | ||
| We have identified suspected exploitation of a UMass NetID (below). This NetID has connected to the library's proxy server from at least [number] IP addresses in [timespan], [most/all] of which are in [country or region of the world]. Could you please force a reset of their password? | We have identified suspected exploitation of a UMass NetID (below). This NetID has connected to the library's proxy server from at least [number] IP addresses in [timespan], [most/all] of which are in [country or region of the world]. Could you please force a reset of their password? | ||
| Line 104: | Line 108: | ||
| NetID: XXXXXXXX | NetID: XXXXXXXX | ||
| + | Thanks, | ||
| + | [your name] | ||
| ==EXAMPLE email to patron asking them to cut out license violating behavior== | ==EXAMPLE email to patron asking them to cut out license violating behavior== | ||
| + | |||
| + | [you may want to create a DBHelp ticket and use LibAnswers to communicate with the patron] | ||
| Hi [name], | Hi [name], | ||
| - | [Vendor] has suspended our access to [resource] due to excessive use and suspected text & data mining activity. Our license terms with [vendor] do not allow for text and data mining, and the pattern of your recent use of the database suggests this kind of activity. Please do not perform text and data mining research with [database]. | + | [Vendor] has suspended our access to [database] due to excessive use and suspected text & data mining activity. Our license terms with [vendor] do not allow for text and data mining, and the pattern of your recent use of the database suggests this kind of activity. Please do not perform text and data mining research with [database]. |
| - | We are working with [vendor] and campus IT to resolve the issue. If you'd like to discuss this issue further, please reply to this email. If you would like to explore ways to use the Libraries' resources to accomplish your research goals within the bounds of our contractual obligations with our resource vendors, please [[https://www.library.umass.edu/about-the-libraries/liaisons/|contact your department's liaison librarian]]. | + | We are working with [vendor] and campus IT to restore UMass's access to [database]. If you'd like to discuss this issue further, or do not think that your research has violated our licesne with [vendor], please reply to this email. If you would like to explore ways to use the Libraries' resources to accomplish your research goals within the bounds of our contractual obligations with our resource vendors, please [[https://www.library.umass.edu/about-the-libraries/liaisons/|contact your department's liaison librarian]]. |
| Thanks, | Thanks, | ||
| Line 118: | Line 126: | ||
| ==EXAMPLE response emails to vendor requesting the block be lifted so UMA can regain access to a resource== | ==EXAMPLE response emails to vendor requesting the block be lifted so UMA can regain access to a resource== | ||
| + | |||
| + | Hello, | ||
| We have identified the patron responsible for this behavior, contacted them, and blocked their access pending response. Please restore UMass's access to [resource]. | We have identified the patron responsible for this behavior, contacted them, and blocked their access pending response. Please restore UMass's access to [resource]. | ||
| + | |||
| + | Thanks, | ||
| + | [your name] | ||
| OR | OR | ||
| + | |||
| + | Hello, | ||
| We have blocked the IP address(es) that this behavior was originating from. Please restore UMass's access to [resource]. | We have blocked the IP address(es) that this behavior was originating from. Please restore UMass's access to [resource]. | ||
| + | |||
| + | Thanks, | ||
| + | [your name] | ||
| ===== Databases that DO and DO NOT allow Text & Data Mining ===== | ===== Databases that DO and DO NOT allow Text & Data Mining ===== | ||
| Databases that DO NOT allow TDM: | Databases that DO NOT allow TDM: | ||
| Line 129: | Line 147: | ||
| * APS | * APS | ||
| * HeinOnline -- does not allow "downloading or printing an entire issue or issues of a publication or journal within the database." | * HeinOnline -- does not allow "downloading or printing an entire issue or issues of a publication or journal within the database." | ||
| + | * WestLaw, functionally. "...you may (a) download and print limited extracts of content from our Services solely for your own internal business purposes and...(1) such extracts do not reach such quantity as to have commercial value..." | ||
