2. Rules for using the IF LAN network and servers

The local computer network of the Institute of Physics and the Department of Applied Computer Science together with computers connected to it (including servers) is used by the employees and students of the Faculty to complete their didactic and scientific tasks. Currently, servers support about 1,200 people. In order to provide everyone with access to servers, good and reliable services and provide the necessary level of
system protection, the following rules for using the servers are introduced (see also the Computer Network Regulations of the Nicolaus Copernicus University).

2.1 Rules for using the IF LAN network

1. Only devices registered by the administrators may be connected to the wired IF LAN. New registrations can be submitted via the MAC address Registration form. Devices must have the autoconfiguration option enabled (DHCP client enabled).
2. It is prohibited to configure network devices connected to the IF LAN independently, set IP addresses, or change MAC addresses.
3. Only end devices may be connected to the IF LAN. Connecting intermediary devices such as routers, switches, access points, or devices that provide any access to the IF LAN is strictly prohibited.
4. If your computer does not have a wired network interface, you should purchase a USB network card or use the Eduroam network with OPEN VPN to connect it to the IF LAN infrastructure.
5. The USB network card must be registered like any other device (see point 1). The network card is assigned to a specific user, so sharing it with others is strictly prohibited, especially those not IF employees. Starting September 2025, USB network cards will be available for guest users in the IF secretariat and can be borrowed by inviting employees.
6. The default internet access method for short-term guests (less than one month) is EDUROM. Long-term guests can access the IF network under the same conditions as IF employees (see point 1).
7. External access to IF LAN resources is only possible via OPEN VPN. A certificate can be obtained by contacting the administrators (operator@fizyka.umk.pl).
8. Other methods of accessing the IF LAN from outside are prohibited and will be severely punished.
9. Connecting devices not belonging to the Institute of Physics employees to the IF LAN is strictly prohibited.
10. The only wireless network operating within the Institute of Physics may be administered and monitored by UCI (Eduroam, Konferencja, etc.).
11. Launching of any unauthorised wireless networks is prohibited for security reasons and potential interference. This applies to networks launched using any access points, routers (including GSM), printers, and network sharing from desktop computers, notebooks, or smartphones using hot spots or tethering.
12. The Institute of Physics will continue monitoring to detect and remove such networks.
13. Administrators will verify that users comply with the above-mentioned rules and take appropriate action in case of violations. The first step will always be to mitigate the threat by disconnecting the suspected device from the network.
14. If a violation of the above-mentioned rules is observed, the equipment suspected of operating in violation of applicable regulations will be subjected to a detailed threat assessment.

2.2 Prohibitions and recommendations

The user is prohibited from:

• Installing, running, storing and sharing programs (files) violating the license rules, copyright, etc. In particular, this applies to peer-to-peer programs used to exchange copyright-protected audio/video files.
• Installing, running, storing and sharing programs (files) that infringe the security of computer and network systems or user safety. This applies in particular to malware, such as viruses, Trojan horses and exploits, as well as programs monitoring network traffic.
• Launch password decryption programs, conduct actions to eavesdrop or capture information flowing in the network, violating the privacy of system resources (see below).
• Launching programs that may disrupt or prevent the proper functioning of computer systems and the local / wide area network.
• Connecting network devices, including desktop and laptop computers, to the local computer network without registering them first.
• Sending mass mail, ads (spam).
• Using servers to conduct business (advertisement of goods and services), political and to disseminate content or images that harm the University’s reputation, content and images that are vulgar, obscene, offensive to third parties, violate anyone’s personal rights (in particular, the content of websites ).
• Use cookies as part of the website to track user preferences, give him personalized ads, etc. (it is only possible to remember cookies related to the user session who logged in to the site).
• Lending your own account to third parties.
• Make attempts to use a foreign account and access restricted computer resources.
• Making any changes in the configuration of personal computers serving as public terminals and being the equipment of computer labs and installing their own software on these computers.
• Servers may be used to run long-running tasks but they must be run with the lowest priority, i.e. nice +19 command. If the task was started with the default priority, it can be changed using the command nice +19.

Failure to comply with the above prohibitions and recommendations will result in immediate loss of access to the server and other appropriate sanctions. The Dean of the Faculty will be informed of any significant violation of the rules of using the local computer network.

2.3 Choosing and changing the password

In order to protect your own data and protect the entire system from intrusions, each user MUST use a password that is difficult to guess.

When creating a password, do not use:

• names frequently encountered,
• common nouns,
• digits only at the beginning or end of the password,
• names associated with the place where the account is placed

The password must be at least nine characters long, including at least one capital letter and one number or special character (@!,:; “…).

When creating a password, it is recommended to use:

• numbers inside the password,
• different size letters,
• words not often found in colloquial language.

2.4 Available disk space

Due to the limited disk resources that can be allocated to users’ home directories, as well as a large number of users, one has to use these resources prudently. If it is necessary to store larger amounts of data for a short period of time, the /tmp space should be used.

Home directories are regularly archived. In the event of data loss, it is possible to recover them. Because no system is 100% sure, it is recommended to archive the most important data on your own. The system administrator is not responsible for the loss of data collected by users.