Re: Directory Trolling

[Daniel Bennett <dbennett () PCT EDU>]

I am interested to know if any university has seen student abuse of their online public directory?  I have seen some 
instances where students will use that directory to contact other students from a class and send a cancelation notice 
to the students in a class when in fact the class was not canceled.

Thanks,
Daniel Bennett
IT Security Analyst
Pennsylvania College of Technology
P:570.329.4989
E:dbennett () pct edu



-----Original Message-----
From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Ken 
Connelly
Sent: Tuesday, June 15, 2010 1:22 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Directory Trolling

Northwestern displays the e-mail address from a directory lookup as a
simplistic captcha image. I've been trying for a couple of years to get
a similar thing implemented here, but so far...

http://directory.northwestern.edu/

- ken

On 6/15/10 11:43 AM, Ravi Kumar wrote:
> Folks,
>
> Did any of you encountered Directory Trolling? Any thoughts on how to
> prevent this? In the Corporate world, we don't expose directories at
> all, so it was never a big issue! We are planning to have Captcha, but
> it might be a usability thing.
>
> Any help, greatly appreciated.
>
> Thanks.
>
> Ravi Kumar, CISSP
>
> Middleware Manager
>
> ITS, Enterprise Infra Services
>
> Boston College - St. Clement's
>
> P: 617.552.3382

-- 
- Ken
=================================================================
Ken Connelly             Associate Director, Security and Systems
ITS Network Services                  University of Northern Iowa
email: Ken.Connelly () uni edu   p: (319) 273-5850 f: (319) 273-7373