Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision | ||
|
license_violation_procedures [2025/09/15 18:20] 73.47.190.103 [Databases that DO and DO NOT allow Text & Data Mining] |
license_violation_procedures [2025/09/17 14:55] (current) 73.47.190.103 [License Violation Procedures] |
||
|---|---|---|---|
| Line 1: | Line 1: | ||
| ======License Violation Procedures====== | ======License Violation Procedures====== | ||
| - | Violations are reported by vendors via email or to DBHelp. The IP address and timestamp of the violation are often noted. Sometimes a vendor includes their logs containing the information. With the added security features of EZProxy v7 & the campus SSO, most violations are now use by UMass patrons, not compromised NetID credentials as was previously the case. | + | Violations are reported by vendors via email or to DBHelp. The IP address and timestamp of the violation are often noted. Sometimes a vendor includes their logs containing the information. With the added security features of EZProxy v7 & the campus SSO, most violations are now caused by UMass patrons, not compromised NetID credentials as was previously the case. |
| Our proxy server address is 128.119.201.53. This is the external IP address. | Our proxy server address is 128.119.201.53. This is the external IP address. | ||
| Line 16: | Line 16: | ||
| - For identifying off-campus users: review the EZProxy logs. | - For identifying off-campus users: review the EZProxy logs. | ||
| - | - If the vendor indicates the offending behavior came from the proxy server's IP address, it originated from outside the campus IP ranges. | + | - If the vendor's email or logs indicate the offending behavior originated from the proxy server's IP address, it came from outside the campus IP ranges. |
| - If investigating the abuse on the same calendar day it occurred, you can view the logs in EZproxy's admin website. | - If investigating the abuse on the same calendar day it occurred, you can view the logs in EZproxy's admin website. | ||
| - | - Log into https://login.silk.library.umass.edu/admin with the admin credentials. These can be obtained from Margaret or Jaime. [No! We need to add people to the shibuser.txt file as admins.] | + | - Log into https://login.silk.library.umass.edu/admin (If you cannot log in, you need to be added to the shibuser.txt file as an admin; contact Margaret or Jaime for this.) |
| - Navigate to **View ezproxy.log**>**all**. | - Navigate to **View ezproxy.log**>**all**. | ||
| - Find the user's NetID by searching with Ctrl+F for the timestamp or for the vendor's URL. | - Find the user's NetID by searching with Ctrl+F for the timestamp or for the vendor's URL. | ||
| Line 26: | Line 26: | ||
| - If you are working from off campus, you first need to be on the GlobalProtect VPN to get inside the firewall. For VPN installation, open a ticket with LTS. | - If you are working from off campus, you first need to be on the GlobalProtect VPN to get inside the firewall. For VPN installation, open a ticket with LTS. | ||
| - Click into the **logs** folder in the right pane. This folder contains hourly logs and daily logs for the previous seven days. | - Click into the **logs** folder in the right pane. This folder contains hourly logs and daily logs for the previous seven days. | ||
| - | - Open the log file that corresponds with the timestamp from the vendor. | + | - Open the log file that covers the timestamp from the vendor. Saved logs have timestamp of date/time they were saved in filename. |
| - | - Saved logs have timestamp of date/time they were saved in filename. | + | |
| - Find the user's NetID by searching with Ctrl+F for the timestamp or for the vendor's URL. | - Find the user's NetID by searching with Ctrl+F for the timestamp or for the vendor's URL. | ||
| - Close any open files, then exit WinSCP; do not save the session. | - Close any open files, then exit WinSCP; do not save the session. | ||
| Line 77: | Line 76: | ||
| -Log into the EZProxy Admin website. | -Log into the EZProxy Admin website. | ||
| -Restart the server by clicking on **Restart EZProxy**, then typing "restart" into the indicated box (capitalization does not matter) and clicking the **here** button. | -Restart the server by clicking on **Restart EZProxy**, then typing "restart" into the indicated box (capitalization does not matter) and clicking the **here** button. | ||
| - | ===== Flowchart [tktktk] ===== | + | ===== Workflow graph ===== |
| - | {{:new_image_filename_goes_here.jpg|}} | + | |
| + | {{:ezp_license_violation_procedures.jpg?740}} | ||
| Line 87: | Line 87: | ||
| ==EXAMPLE email to OIT asking them to identify an on-campus user====== | ==EXAMPLE email to OIT asking them to identify an on-campus user====== | ||
| - | [send to itprotect@umass.edu; must come from Camille, Margaret, or Jaime] | + | [send to [[mailto: itprotect@umass.edu|itprotect@umass.edu]]; must come from Camille, Margaret, or Jaime] |
| Hello, | Hello, | ||
| Line 100: | Line 100: | ||
| ==EXAMPLE email to OIT reporting exploited NetID credentials== | ==EXAMPLE email to OIT reporting exploited NetID credentials== | ||
| - | [Send to abuse@umass.edu with the subject line "Library proxy abuse." Note that this rarely happens since UMass started using 2FA & we updated to EZP v7.] | + | [Send to [[mailto: abuse@umass.edu|abuse@umass.edu]] with the subject line "Library proxy abuse." Note that this rarely happens since UMass started using 2FA & we updated to EZP v7.] |
| Hello, | Hello, | ||
