Colocation Rules

These rules apply to all systems attached to the DoC network.

Failure to abide by "Mandatory" rules will result in network disconnection and powerdown.

Mandatory

• Copies of security syslogs will be sent to loghost.dis.org synchronously
• Systems will be kept up to date with current OS and patch level.
• Respect and follow DoC staff recommendations
• Do not run any login service with clear text passwords (eg: Ftp/Telnet (without S/Key), pop (without Apop), ftp, rlogin, rexec, rcommand)
• Ftp:
  • Anonymous FTP is allowed but uploads must undergo review before use. (ie: NO upload and compile scripts, etc..)
  • If you have a incoming directory, please configure it to securely so that it can not be used for Warz trading
• Will not run any service that allows DoC machines or other co-locates to be open for attack.
• Remove IP sniffer support from kernel (NIT/BPF etc...).
• Report any IP generating services (so staff can know not to worry when it shows on the logs). This includes WWW activity.
• Owners & administrators of co-locates will take full legal responsibility for their guest users (hold-harmless).
• Allow DoC network staff to IP scan and externally test their system.
• Owners & administrators of co-locates will keep there domain contact registration up todate
• Will not preform any illegal or "gray area" activity.
• No Spaming... (violators will be charged full commercial billing rate of DoC staff for the time it takes to "clean up" and reply to all complaints).
• Pay their access bills on time.
• Provide Doc Staff with a guest account with general shell access.
• Provide DoC staff with a password file so to test for weak passwords.

Recomended

• Permit amanda connections from operator@loca1host.dis.org (no guarantee is made on the backed up data)
• Turn off superfluous IP services (eg: echo discard chargen daytime tcpmux time, finger, snmp). Mandatory if service presents a Security or DOS risk.
• Provide Doc Staff with root password for emergency shutdown use. (Alternative is that DoC staff may disconnect or powerdown the system without shutdown.)

Misc:

• Collocates and Virtual domains can optionally be listed on the DoC "services" WWW page (at user disgregation
• Colocates will are asked to have a 10Nt or 100Bt connection. or provide adapter.
• PC based system should be configured not to requre a keyboard to boot (to aid in there stackability).
• Systems will be placed on a shared UPS and will be povided with 20 to 30 minutes of backup power.
• Occationaly there will be a sniffer running on the local net, this to for traffic analysis and risk assessment.
• If you are running a anonymous only ftp server then you should concider recompliling with as a "anonymous ftp only" server.
• We reserve the right to disconnect and/or power down any system at any time.

Failure to abide by "Mandatory" rules will result in network disconnection and powerdown. Violators of Mandatory may also be charged on a time and materals basis for repair any problems created by their not following Mandatory rules.

Failure to pay bill can result of forfeiture of co-located hardware.