Re: How do you handle students who attempt to exploit internal resources?

[Bob Ono <raono () UCDAVIS EDU>]

At UC Davis, this incident would be forwarded to the Student Judicial Affairs office for review as a possible 
acceptable use policy violation. This office is responsible for administering a fair disciplinary process that enforces 
student conduct standards while upholding student rights. Moreover, by centralizing the review, recurring incidents can 
be identified and an appropriate response taken.
 
Robert Ono, CISSP
IT Security Coordinator
University of California, Davis
530-754-6484

________________________________

From: Ben Spencer [mailto:ben.spencer () MOODY EDU]
Sent: Sat 11/11/2006 8:03 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] How do you handle students who attempt to exploit internal resources?



Recently we had an adventurous student who decided that he would try
some common web based exploits against our intranet website (which is
available on the internet). He came to us and informed us what he found.
Through the conversation, it was revealed that this action was
intentional.

He was let off knowing that we had other options but were not going to
pursue them. That was with the understanding that he would not continue
his activities.

Well, activities, though different now, continue. These second
activities apparently caused an outage of a public website.

How are these type of situations handled at your university?

These things tend to depend on the specifics of the situation and I
intentionally left a lot of them out.

Benji
---
Benji Spencer
System Administrator
Ph: 312-329-2288


The WatchGuard Firebox which protects your network detected a message which may not be safe.

Cause : The file type may not be safe.
Content type : application/ms-tnef
File name    : winmail.dat
Virus status : No information.
Action       : The Firebox deleted winmail.dat.

Your network administrator can not restore this attachment.