Techical Info

Network traffic is processed by network switches and virtual LAN’s, which ensures that individual user’s network traffic cannot be eavesdropped by other users in the network. Student Village Network has a 1 Gbit/s (gigabits per second) nominal full duplex speed in all network sockets. Under ideal conditions, the maximum possible download speed is 940 Mbit/s and upload speed 760 Mbit/s. Fiber connections to buildings (FTTB) are either 1 Gbit/s, 2×1 Gbit/s or 10 Gbit/s, which ensures that the bandwidth will not choke even in the busiest hours.

Good to know facts

  • Student Village Network uses TCP/IP version 4. IPv6 support is coming in “near future”.
  • Connecting to the network is done via wall mounted Ethernet (RJ45) network sockets. All TYS apartments have at least one active network socket. You can connect any network enabled device directly, be it a computer, TV or a gaming console.
  • Network has a firewall, which blocks most connections (and attacks) from the outside world. All connections are open to the outside world, except port 25, to avoid spam bots.
  • IP addresses are dynamic. The DHCP server takes care of distributing addresses evenly.
  • Your IP address is public. Student Village Network does not use NAT.

Firewall

Student Village Network is protected with a firewall, which effectively blocks attacks and networms originating from outside world.

Student Village Network connections are intended for accessing on-line materials and services needed in your studies, and for normal internet usage. Firewall does not prevent normal usage, but it renders all server hosting functions invisible from outside world. For example you can not host an online multiplayer server if the server requires users to form a direct access to it. The firewall does not block instant messaging clients.

The firewall policy ensures that Student Village Network and its users are protected from outside threats, such as unauthorized access, port scanning, hacking attempts and exploitation of software vulnerabilities. The firewall policy can not be changed by user request. You can not get any ports open just by asking.

The firewall allows secure remote access protocols SSH, IPsec and OpenVPN. GRE is also allowed. This allows adept network users to gain remote access to their home computers, if they really need it. If you are hosting an SSH service, make sure that its security is updated regularly. Bruteforce attacks to open SSH services are common. You should take proper measures to ensure that your computer is secure. Hosting an SSH service is limited to households personal use. Hosting a service for public usage is forbidden.

Co-operation with other actors

University of Turku co-operates with the Finnish national Computer Emergency Response Team (CERT-FI) and Funet-CERT. In some cases Digital Services might forward messages from these sources to individual users on Student Village Network. Usually this happens because a threat to communications (networms, botnet zombies etc.) is detected on a users connection. There is no need to panic if this happens, it merely indicates that the threat has been detected in time.