Network weakness really pathetic, but school doesnt think so

[wetcat007]

Originally posted by: n0cmonkey
Did you try to notify them of the problem?

I told my cisco networking teacher but he didnt really care and was like yeah they dont got good security, that's not breaking news.

 

[alkemyst]

Originally posted by: wetcat007
Alright, on my high schools network, i found some hilarious bugs involving shortcuts, allowing u to bypass their security programs, and found login scripts on their servers to get other network drives and so on, well anyways, i had some of these shortcuts and stuff saved to my student folder, which I'll admit was not a bright idea on my part. Anyways, they went snooping through peoples drives, the next day i get called down to talk to the assistant principal and the network admins about the breach in security, they want to expell me and said they'd contact the Police or FBI(i have no idea what they are thinking lmao)???? lol I myself find it really funny that they completly freaked about this, so they got out the dumb network user agreement claiming i violated it, it states on the part they were showing, you can not malisciously destroy other users data, well bare in mind i did nothing of harm, and was finding weaknesses becuz well i was bored. So basically they are saying i deserved to be expelled because i can access a network drive by creating a shortcut targeting to it, I never did any damage or anything, they simply found this stuff while checking student network drives, since i saved it without really thinking that they do eventually look through network drives to delete games and junk. But does anyone here think expulsion is just a tad bit harsh for creating a shortcut?

-Mark

If you were *really* helping you should have contacted them and kept whatever backdoors hidden.

Your cry now is exactly the cry of every caught hacker/code kid.

So do we believe you were malicious or not?

 

[MercenaryForHire]

Originally posted by: wetcat007

Originally posted by: n0cmonkey
Did you try to notify them of the problem?

I told my cisco networking teacher but he didnt really care and was like yeah they dont got good security, that's not breaking news.

Did you stop after you told him?

- M4H

 

[MercenaryForHire]

This is why I'm glad I've been one of the "Good Kids" that ScoobMaster was so glad to have around. There's a weakness, we test, report, and go on with life. Admin is happy, we're happy, it's all one big happy network environment.

Plus, it makes it easier to get away with when you telnet into an unsecured Cisco 2514 and change the hostname to "Owned" in the middle of class on the big projector screen.

- M4H

 

[conjur]

Did any of your files contain a short story about a fictional hacker having a dream of destroying people's data?

 

[Rainsford]

You know, and it's just a crazy thought, just because you can do something doesn't mean you should. I'll admit in high school I did the same kind of stupid stuff just because I could, but in retrospect it's really stupid. Everyone is paranoid about computer security because they don't understand it, so you are a complete moron if you don't expect stiff consequences. Yes, I'm sure you are the leetest haxor ever. But the smart people don't show off.

 

[n0cmonkey]

Originally posted by: wetcat007

Originally posted by: n0cmonkey
Did you try to notify them of the problem?

I told my cisco networking teacher but he didnt really care and was like yeah they dont got good security, that's not breaking news.

Then you should have told someone else. Or just spread the information around. Getting caught is for llamas.

 

[Amorphus]

Originally posted by: conjur
Did any of your files contain a short story about a fictional hacker having a dream of destroying people's data?

:beer:

 

[Amorphus]

Originally posted by: conjur
Did any of your files contain a short story about a fictional hacker having a dream of destroying people's data?

:beer:

 

[HyTekJosh]

I remember years and years ago clicking the Network Neighborhood icon on the desktop and getting something like 5 hours of detention. LMAO

 

[ScoobMaster]

Originally posted by: Rainsford
You know, and it's just a crazy thought, just because you can do something doesn't mean you should. I'll admit in high school I did the same kind of stupid stuff just because I could, but in retrospect it's really stupid. Everyone is paranoid about computer security because they don't understand it, so you are a complete moron if you don't expect stiff consequences. Yes, I'm sure you are the leetest haxor ever. But the smart people don't show off.

Rainsford is correct in this. Because computers let us access information instantly and remotely, we tend to think it is "no big deal". How is accessing information from an area you *KNOW* you shouldn't any different from snooping in a filing cabinet that was foolishly left unlocked??? (and getting caught )

 

[GeekDrew]

Originally posted by: ScoobMaster
Hey - I AM a k-12 school district network admin (well my official title is senior PC-LAN technician, but I digress....) We're not ALL idiots SOME of us read and post on AT and ATOT For the record, we don't enjoy playing cat-and-mouse with bored students probing for every little hole that Novell, Microsoft, etc left open. We would rather spend our time building servers and keeping the network updated with the latest revisions and patches. However.................most of us that KNOW what we are doing were YOU guys in our past (and we remember what WE were capable of and how you think at your age ) That sad fact is that I was much more tech-savvy in my late teens and college years when I spent all my waking hours at a keyboard. Now being a husband, father, and homeowner takes up so much of my time that I just can't always play at home all the time and discover all these neat tricks like I used to. Of course, my secret weapon is to get some friendly honest kids that DO have the time to poke, probe , and discover these things (like many of you I am sure) to keep me up on them. The difference is in my district I *ASK* certain students for input and work with them when testing.

I'm in the same position as ScoobMaster... except I'm still a teenager. I'm one of the district's 4 technicians/admins. We do pride ourselves on security though. If someone does get through security... I look to see who is at fault for them getting thru. If it was out fault, the situation is corrected (is yet to happen). If it's because a teacher gave out a password or is letting a student use their account, then we deal with both the teacher and student.

We keep everything locked down... workstations cannot be booted from removable media & the BIOS is password protected. Of course, that won't prevent someone from resetting the BIOS password and booting from disk, but that brings tampering with school property into play, and that's immediate expulsion. And yes, 'guest' is disabled per workstation, and the local admin account has been renamed & disabled. Authentication to at least one server is required before you are able to use the workstation. We don't throw around network accounts, either. Especially not ones with many rights.

My entire department knows what is happening in the technology world (most of the time). We may not be informed of things that happen on a day-to-day basis, but we stay relatively "in-the-loop" with technology.

 

[Descartes]

Originally posted by: Rainsford
You know, and it's just a crazy thought, just because you can do something doesn't mean you should. I'll admit in high school I did the same kind of stupid stuff just because I could, but in retrospect it's really stupid. Everyone is paranoid about computer security because they don't understand it, so you are a complete moron if you don't expect stiff consequences. Yes, I'm sure you are the leetest haxor ever. But the smart people don't show off.

A lot of people feel that the lack of security gives them a right to make use of it. If this applied to the "real" world you'd have strangers watching tv in your living room because you left your door unlocked.

 

[AgaBoogaBoo]

I don't know what to say except that was very dumb to keep shortcuts to that kind of stuff. Are you in HS or MS?

 

[wetcat007]

Originally posted by: Descartes

Originally posted by: Rainsford
You know, and it's just a crazy thought, just because you can do something doesn't mean you should. I'll admit in high school I did the same kind of stupid stuff just because I could, but in retrospect it's really stupid. Everyone is paranoid about computer security because they don't understand it, so you are a complete moron if you don't expect stiff consequences. Yes, I'm sure you are the leetest haxor ever. But the smart people don't show off.

A lot of people feel that the lack of security gives them a right to make use of it. If this applied to the "real" world you'd have strangers watching tv in your living room because you left your door unlocked.

Well that is a little different, and a bit more creepy lol, although i can see what u mean. Honestly though, would u rather have some dude find a weakness in ur network security and not do anything with it, or have him sitting at ur house drinking beer watching tv while ur gone.

 

[her209]

you deserve to get expelled.