Battling Bittorrent
Here is an interesting problem/scenario that some sysadmins out there might enjoy:
An apartment building owner is giving away free internet access to his tennants. Basically he has a T1 coming to the building and every apartment has a CAT5 plug in the wall. The internet access is "free" (included in the rent or whatever) to the tennants.
The problem is, several of the tennants are downloading illegal movies/music via bittorrent. As a result, the MPAA and RIAA is sending "nastygrams" to the owner of the internet connection (ie. apartment owner) concerning the illegal downloads.
The apartment owner has blocked lists of torrent sites as well as several file extensions at the router level but the problem persists.
What I'd like to know is if anyone out there has a clever/inexpensive solution for this problem? QoS apparently only works up to a point because bittorrent can use pretty much any port it wants. Packet inspection doesn't work on encrypted connections, etc.
The apartment owner did say he would be happy if he could simply see the upload/download traffic (ie. potential abusers) of the individual apartment units.
Any ideas?
UPDATE: Not interested in discussing the legal/lawyer/social issues as much as the actual technical solutions (whatever they may be). I would kindly request you vote up the TECHNICAL discussions over the legal/social ones. Thanks!
ANSWER: Selected Justin Scott's answer as the correct answer because of his suggestion to use managed switches and MRTG. While it would have been nicer to block bittorrent or at least make it EXTREMELY difficult MRTG and a managed switch will allow us to easily identify the offender(s).
If each apartment has its own port on a managed switch somewhere in the building, seeing their traffic levels should be pretty simple with something like MRTG.
However, this seems like more of a legal issue than a technical issue. IANAL, but by trying to police the connection the owner is essentially giving up any sort of "common carrier" status he might have had (if any at all). If I were in this position, each apartment would get a static IP to get out to the Internet. If the MPAA/RIAA came knocking, I would politely direct them to the tenant who "owns" the IP address in question.
Is he authorized by his ISP to sublet the T1 to others? If so, then he is in effect a common carrier (like a phone company) and not responsible for the use of the service. As soon as he starts taking measures to prevent certain traffic he is assuming responsibility. I'd contact a lawyer before doing anything at all.
If he isn't authorized by his ISP to sublet their T1 then I wouldn't even get involved. "You're on your own pal."