Help - Search - Members - Calendar
Full Version: School Assignment
Linuxhelp > In The Community > General Discussion
docmur
Are schools really presenting a fair agurment on suspending kids for messing around on the computers?

For years now students have been told that messing around on the computers at school will lead to account suspensions or school suspensions but how are the school boards representing a fair agurment when they use a OS that is known for toruble.
I belong to the Waterloo Region school board up in Waterloo Ontario Canada and I for one find that the rules surounding the computers are unfair and never accually give the students a fair chance with safe defence and security. Every student here can probely back me.
Microsoft Windows is the OS that schools opt to use because of it's ease of use and extreme simple GUI. Microsoft Windows itself is fine for the user that does not plan to use the internet or network. Windows has an incridible ablitly to almost find viruses and download then into it's core so it can work as slow and buged as possible . Now I know that there are people who never have problems with Windows and think that the people like me who sit here and take cheap shots at it are really just trying to make are problem every one problems, however I see it different.
Well I myself used Windows every day up until last year when I discovered Linux and Before I started Linux no one could have told me Windows sucked because I never had problems with it. I in fact defended it up until the day when it crashed losing my work for the past 3 years. My Windows crashed because it got a virus from an unknown source and the virus corruped 3 main windows system files. When I tried to repair using the Windows XP repair system it did even more damage then I could want. With in minutes all my files from the past 3 year where gone, Bookreports, essays, music,games all gone and they were gone because someone found a way to go past the lack of windows security and overwrite 3 of the most important file in Windows. Now don't think that my only goal on this site is to bash Windows but I think that the points that I have stated above must be taken into direct consideration. It was after this situation that I moved over to Linux. More accuate Suse Linux. Now I didn't understand the system at first but as I explored I became more use to the interface and the way it reacted. Ever sence then I have been a Linux nut using Linux for every thing. The one thing that I did pick up on that even after 1 year with Linux I have no viruses no adware and no spyware and it's as fast as the day that I installed it. Linux is also equiped with a secuity system compairable to nothing else out there.
Going back to my eariler point on how the school board does not represent a fair agrument I can speak from my own experiance. Back in grade 9 I was pretty handy with computers and I found that to be a problem when I was at school. Being handy and using sort cuts at school is a way to get kicked off. For example, One day in my programing class I needed to access a file stored on the C: drive of the computer I was working on. I knew that accessing C: was a big problem as the school saw it. C: contained every thing that I a hacker , cracker or Virus would want to attack to give itself a starting point for destruction. So I asked the teacher if I could gain C: level access for 1 minute to get the file I needed on disk and that would be all but the answer was what I thought "No", I was then faced with the delema of needing a very important file but having no way to get it safely. Begin as handy as I was I made a web page in HTML to link into C: and get my file, an easy task taking no more then one minute but it turned out giving me 5 days suspension because the even using a link to C: with out entering it was appeartly still as bad as begin in C:. Following this point into the rules the AUG rules the school use are badly writen, The rule say "You may not gain access to drives other then your own." By the way it worded doesn't it sound that there say you can't open any other drive the your own. Well I take it to mean that and with that understanding I never violated the rule, the file was ran form my drive with out me ever seeing the C: drive, so why did I get kicked off? The question is simple, The administrators are to scared to admit that they for lack of a better word suck. If they don't want a user in C: then don't allow a user to link to C:, it kind of like telling someone You hate cigrattes because they cause cancer when you smoke them but you allow them access to chewing tobaco. Sure there not smoking but there chewing what will effectivly do the same thing.
It's almost like the administrator want to get students beacuse if they didn't want students kicked off they would try harder at the source
to block the activity's


WORK IN PROGRESS I WILL DELETE THIS LINE WHEN DONE
DS2K3
??? Do you want feedback?
Corey
I'm a firm believer that the institution (weather it be work or school) should take some responsibility when an end-user delves into parts of the network that are not allowed. Windows, by default, is not secure. Not so much with the latest XP service pack and Server 2003, but with Windows 2000 and earlier, Microsoft had the "allow first, deny later" mentality. The reason I believe the insititution should take some responsiblity is that it is up to the system administrator to secure the network so no end user can access information that they are not allowed to touch, and if they do, it should come down on the administrator, not the user. At my last job, one of the systems admins had a great idea, he would set the network up how he liked, and then asked me and a few others to do whatever we could to get into parts we weren't allowed, and then report back to him. That is the smart thing to do. If a user can get into parts of your network that you don't want him/her in, the last thing you want to do is to tell him he/she is not allowed on your network anymore, that will just cause more attempts from the outside in.

Just think, if one of your users can access information on your network that you don't want him to access, imagine what actual hackers can do. A company should embrace these "gifted" users, not try and shut them up.
docmur
I agree with you corey. The schools offer computer courses that teach students like myself network secuity. When a student learns network security he or she also learns how to get past badly made security. The biggest problem that I find with the school is that some times the courses them selfs which are on line can not be opened due to the course not responding. What is a student going to do if he need to read on the course but the course is not avilable well the answer is well known we will hack to get in and take what we need
Termina
QUOTE (Corey @ Feb 22 2005, 06:48 AM)
I'm a firm believer that the institution (weather it be work or school) should take some responsibility when an end-user delves into parts of the network that are not allowed. Windows, by default, is not secure. Not so much with the latest XP service pack and Server 2003, but with Windows 2000 and earlier, Microsoft had the "allow first, deny later" mentality. The reason I believe the insititution should take some responsiblity is that it is up to the system administrator to secure the network so no end user can access information that they are not allowed to touch, and if they do, it should come down on the administrator, not the user. At my last job, one of the systems admins had a great idea, he would set the network up how he liked, and then asked me and a few others to do whatever we could to get into parts we weren't allowed, and then report back to him. That is the smart thing to do. If a user can get into parts of your network that you don't want him/her in, the last thing you want to do is to tell him he/she is not allowed on your network anymore, that will just cause more attempts from the outside in.

Just think, if one of your users can access information on your network that you don't want him to access, imagine what actual hackers can do. A company should embrace these "gifted" users, not try and shut them up.

Sadly, public schools cannot get the best and the brightest. They generally find sysadmins who know enough to keep everything running (Network wise), and secure the computers up enough that the majority of students cannot break into them.

At my highschool, we were offered only one computer source (CISCO: Basic Networking). We were not allowed to do this until 11th grade though.

Our school was fortunate, that there were several hundred computers all over the school. In each study area (open space seperating 4 rooms that were at the corners) there were 3 compuers. There was usually 1-2 computers in each classroom as well. Two floors, 18 study areas.... and then 4 computer labs (each with 30 or so computers).

Angered that we would not be allowed into the computer class (though we considered ourselves qualified at the time... of course that's open to interpretation), me and a friend of mine decided to learn ourselves for the two years; when we were expected to sit quiety in this holding tank for teens, and not learn anything.

Each computer, by default, had the run command disabled, as well as MS-DOS, and anything besdies iexplorer.exe and wordpad.exe. IE had a proxy preventing you from accessing most sites, it didn't allow you to download files, nor go into internet options.

Pretty secure, right?

We started by learning what kind of software the computers used. Windows 98, Visual Casel (Novel). After some searching, we found that VCasel has an old (and still unpatched) exploit: any program the admin wishes to allow the students to run has a name. If you rename *any* executable to the same program name, you can run that program.

We brought in poledit.exe on a disk (a windows policy editor), and took away the majority of restrictions on one computer. We shared the C:, dropped poledit and netscape into c:windowstools, and enabled password caching.

Logging out would clear all changes we made *except* password caching.

We did this to rougly 40 machines, and would collect .pwl files in C:Windows every day. We ran these through dictionary files (and brute force) via Cain & Abbel.

After getting a list of virtually every student's password (and the majority of the teachers), we finnally got the Admin's password.

That's right, the sysadmin didn't find it strange that the computer request the password she had just entered in twice, or that (if you looked in network neighboorhood) most computers were shared. Which couldn't be done unless you removed restrictions.

After finding her password (spiderman), we created sysadmin accounts and settled down. Basically just playing games, checking email, etc. Feeling pretty damn good.

Apparently the account 'Han Johnson' and 'Termina Morte' never arroused suspicion, even with admin level access.

After about 4 months, the admin changed her password (good move). And fell for the password caching trick again.

Her password this time? "accident"

Unfortunately, my friend decided to give her password to a friend of ours who didn't have much control, and he ended up messing with the account of someone he didn't like.

He was caught, pointed the finger at us, and our computer priveleges were revoked. Since all our homework at school was done via the computers, it was basically a way to pressure us to leave the school. Which we did.

My question to you is this: Who should be help accountable? Both of us? The kids who did this? Or the sysadmin? All are at fault, but blaming it on the OS/admin is foolish.

Whoever breaks the rules and gets caught deserves to be punished.

While I agree with your 'should embrace these "gifted" users' comment, and while the sysadmin in this situation would have been better served with the help of these kids (who seemed to know her network better than she did), what do you expect?

The sysadmin who's network is breached by kids (or users/workers) feels slighted, and like all people, wants payback.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
Invision Power Board © 2001-2017 Invision Power Services, Inc.