Re: How do you handle students who attempt to exploit internal resources?

[Jeff Kell <jeff-kell () UTC EDU>]

Ben Spencer wrote:
> Recently we had an adventurous student who decided that he would try
> some common web based exploits against our intranet website (which is
> available on the internet). He came to us and informed us what he found.
> Through the conversation, it was revealed that this action was
> intentional.
We had an interesting case of a network class being taught about nmap,
leading to several scans of several of our production servers.
Sometimes we must provide some steering for our faculty as well as our
students :-)

We have similar policies that others have mentioned, namely that our
primary action is to pull access for the student (port shutdown and/or
locking their account) and then refer the matter to the Dean of Student
Development.  Network access termination is a fairly universal response,
but few policies (including ours) carefully enumerate how access is
restored other than the Dean/Director/VC/VP "says it's OK".  The initial
action and response is clear, but what about the repeat offender?

Jeff