Computer privacy at PC: Safe, but not sound
Paul Harvey
Issue date: 12/5/08 Section: News
|
All it took to compromise the Peninsula College PUB computers was the name of the program designed to keep malicious users at bay. "Deep Freeze," an industry standard in system administration and kiosk security, found itself vulnerable to a would-be hacker on campus grounds. According to Steve Baxter, director of Information Technology Services, this isn't the first time that pranksters have tampered with school computers.
"Every now and then we have someone who tests our network or will do something to the machines, but it tends to be for attention or thrills. Most of our campus computer security challengers get bored and go away on their own," Baxter said.
The PC IT department has ways of tracking malicious users on campus. Switch-level control tells the network administrators exactly from what building and area a malicious user might be accessing the network, particularly spikes in bandwidth usage. While individual websites are not logged by the campus systems, media access control (MAC) addresses are and that could spell big trouble for someone caught violating school policies.
A MAC address, for those outside the sphere of IT-speak, is essentially the physical address of a computer's hardware. Unlike IP addresses, a MAC address never changes as it's associated with the microchips used for network communication. With MAC addresses logged and network traffic monitored, IT staff can trace suspicious network activity down to a particular area on campus and even the model of the computer transmitting the data.
In the case of the recent PUB computer security issue, it was not the network compromised, but an exploit in the administration software done locally. "Once we figured out how they were getting into our system, it's easy to reload the machines affected," Baxter explained, citing the current PUB prankster as an irritation rather than a threat.
Viewing Comments 1 - 6 of 8
sven grammersdorf
posted 12/09/08 @ 6:28 PM PST
ahahahah. what the hell do MAC addresses have to do with this, unless you have distinct user logins and/or a camera watching whos on each computer so you can align the MAC data with video of who was using compy, and if someone used a timer or something, none of it would matter anyway. (Continued…)
michelle
posted 12/09/08 @ 8:33 PM PST
Im upset at the fact that some random student at college managed to hack those computers so easily. I check myspace and my back on those things. Are teh systems gonna get fixed? i dont want my myspace to get hacked, all my friends are online there
Harrison
posted 12/09/08 @ 11:41 PM PST
I do not feel comfortable signing in on ANY wepage that requires a password/username on those damn computers..They are so easily hacked on! For the sake of holy Caesars ghost, put some security on them! I guess the IT people in charge of that stuff must be a real head case. (Continued…)
IT.BrianH
posted 12/15/08 @ 9:18 AM PST
I could understand if this was a university and the students actually lived on campus and needed better security. This is a community college and most people have their own homes with their own internet connection. (Continued…)
Draco Red
posted 12/23/08 @ 9:50 AM PST
"I thought what I'd do was, I'd pretend I was one of those deaf-mutes. That way I wouldn't have to have any goddam stupid useless conversations with anybody. (Continued…)
SHODAN
posted 1/08/09 @ 10:13 AM PST
Look at you, hacker. A pathetic creature of meat and bone, panting and sweating as you run through my corridors. How can you challenge a perfect, immortal machine?
Post a Comment