RE: I need the communities help........

["Craig Humphrey" <Craig.Humphrey () chapmantripp com>]

Can I suggest that this is a very quick way to get expelled.

While there is advice all over the internet (Google is your friend) on
hacking and privilege escalation, using these techniques within your
university network, or against your university's network (from outside),
is highly likely to be against university policy (which you probably
signed, or agreed to when you started there).

You should probably get the approval of both your lecturer and the
University IT department before you conduct such an experiment
(particularly if you're going to be this obvious about it).

Just my 2c.

Later'ish
Craig


> -----Original Message-----
> From: nmap-dev-bounces () insecure org 
> [mailto:nmap-dev-bounces () insecure org] On Behalf Of Joe Marinaccio
> Sent: Tuesday, May 31, 2005 3:19 PM
> To: nmap-dev () insecure org
> Subject: I need the communities help........
>
> To the community,
>
>             
>
>             I know this is more than likely uncommon for one 
> to post, but here we go.. My name is Joe Marinaccio, and I'm 
> in my first year at Vatterott. I'm working on a B.S. Degree 
> in Network Engineering. I'm very fascinated by Information 
> Security, and countermeasures to prevent attacks from within, 
> as well as from the outside. I'm new to a lot of aspects 
> posted in your mailings, but I try to do my part in 
> researching to understand topics discussed. My question is, I 
> would like to do an outside project relating to security, 
> simulating a real world situation, in the classroom.
> At school, we are on a windows 2000 professional LAN. The 
> students all have "limited" account privileges. We use a 
> virtual drive ran off the server, along with our own local 
> drive on our machine. Also, we share a local printer. If need 
> be, I can give further details of the network.
>
> I would like to get input from the nmap community, maybe some 
> insight, on different ways I could compromise security, and 
> gain root or admin rights.
> That is my goal or "purpose". I plan to record each step I 
> take along the way, and also, list all resources and 
> utilities I may have used to aid me.
> Then to finish it off, I plan on making a report consisting 
> of countermeasures an admin could take to prevent this same 
> form of attack. 
>
> I feel this would go very well in my personal portfolio, when 
> presenting to a potential employer. I'm not asking for 
> someone to do the work for me, rather, just to give me some 
> insight. I'm willing to totally do my part, but any help or 
> advice would be greatly appreciated... 
>
>  
>
>  
> Thanking you in advance,
>
>  
> Joe Marinaccio


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev