Educause Security Discussion mailing list archives
Re: How do you handle students who attempt to exploit internal resources?
From: Jeff Kell <jeff-kell () UTC EDU>
Date: Sat, 11 Nov 2006 16:32:33 -0500
Ben Spencer wrote:
Recently we had an adventurous student who decided that he would try some common web based exploits against our intranet website (which is available on the internet). He came to us and informed us what he found. Through the conversation, it was revealed that this action was intentional.
We had an interesting case of a network class being taught about nmap, leading to several scans of several of our production servers. Sometimes we must provide some steering for our faculty as well as our students :-) We have similar policies that others have mentioned, namely that our primary action is to pull access for the student (port shutdown and/or locking their account) and then refer the matter to the Dean of Student Development. Network access termination is a fairly universal response, but few policies (including ours) carefully enumerate how access is restored other than the Dean/Director/VC/VP "says it's OK". The initial action and response is clear, but what about the repeat offender? Jeff
Current thread:
- How do you handle students who attempt to exploit internal resources? Ben Spencer (Nov 11)
- <Possible follow-ups>
- Re: How do you handle students who attempt to exploit internal resources? Michael Cole (Nov 11)
- Re: How do you handle students who attempt to exploit internal resources? Sadler, Connie (Nov 11)
- Re: How do you handle students who attempt to exploit internal resources? Bob Ono (Nov 11)
- Re: How do you handle students who attempt to exploit internal resources? Jeff Kell (Nov 11)
- Re: How do you handle students who attempt to exploit internal resources? Willis Marti (Nov 12)
- Re: How do you handle students who attempt to exploit internal resources? Samuel Young (Nov 12)
- Re: How do you handle students who attempt to exploit internal resources? Theresa M Rowe (Nov 13)
- Re: How do you handle students who attempt to exploit internal resources? Russell Fulton (Nov 13)
- Re: How do you handle students who attempt to exploit internal resources? David Gillett (Nov 13)
- Re: How do you handle students who attempt to exploit internal resources? John C. A. Bambenek (Nov 13)