Educause Security Discussion mailing list archives

Re: consequences for student hacking

From: Doug Markiewicz <dmarkiew+educause () ANDREW CMU EDU>
Date: Wed, 20 Feb 2008 09:30:12 -0500

What do your institutions do when you catch a student sniffing the
wired or wireless network for userID's and passwords?


Our appropriate use policy does not prohibit the use of scanners.  It does say such activities should not significantly impact 
system/network performance.  In practice, if we detect someone scanning administrative systems, their machine is suspended unless 
they've requested approval for such scanning in advance.  Also if someone exceeds their monthly bandwidth allocation, 
they'll be suspended.

WRT to sniffers, our policy does not prohibit their use.  Like Valdis said, you can't detect a true passive scanner.  
You can analyze the behavior of not-quite-passive scanners but I would imagine thats pretty difficult and impractical.

Also, though this goes without saying, we prohibit anything illegal.  So if your activities go that far, appropriate 
action will be taken.

Scanning and sniffing are not synonymous with "hacking" and we're a learning/research institution so we try to stay 
true to that as much as possible.

Current thread:

consequences for student hacking Bob Henry (Feb 19)
- <Possible follow-ups>
- Re: consequences for student hacking Valdis Kletnieks (Feb 19)
- Re: consequences for student hacking Halliday,Paul (Feb 19)
- Re: consequences for student hacking Halliday,Paul (Feb 19)
- Re: consequences for student hacking Eric Case (Feb 19)
- Re: consequences for student hacking Bob Mahoney (Feb 19)
- Re: consequences for student hacking Valdis Kletnieks (Feb 19)
- Re: consequences for student hacking Bill Brinkley (Feb 20)
- Re: consequences for student hacking Doug Markiewicz (Feb 20)
- Re: consequences for student hacking Schley Andrew Kutz (Feb 20)
- consequences for student hacking Tom Siu (Feb 20)