Educause Security Discussion mailing list archives
Re: Information Security Classes on the campus network
From: Jack Suess <jack () UMBC EDU>
Date: Mon, 19 Sep 2011 11:11:42 -0400
In general, I don't mind giving students the ability to do this without special access since those that want to compromise our network are doing it without permission. Some things they can't do without special access and we deal with those on a case-by-case basis in working with the instructor. We do ask the faculty to let us know since it will likely trigger some alarms and to discuss ethics with students prior to doing these exercises so the students understand their responsibility to protect anything they may find and work with us. We also highlight that as part of this if we find a student doing anything malicious after being a part of the course we will go after them with no leniency and they are likely to be suspended or expelled from the university. Jack Suess UMBC VP of IT & CIO jack () umbc edu 1000 Hilltop Circle 410.455.2582 Baltimore Md, 21250 Homepage: http://bit.ly/fSB5ID On Mon, Sep 19, 2011 at 10:49 AM, Weaver, Rob <weaver () kutztown edu> wrote:
I am curious how others are handling Information Security courses that want to run password auditors, packet sniffers, port scanners, and vulnerability scanners against the production network as part of their assignments.**** ** ** Thanks for your input…**** ** ** -Rob**** ** **
Current thread:
- Information Security Classes on the campus network Weaver, Rob (Sep 19)
- Re: Information Security Classes on the campus network Bradley, Stephen W. Mr. (Sep 19)
- Re: Information Security Classes on the campus network Matt Presser (Sep 19)
- Re: Information Security Classes on the campus network Mclaughlin, Kevin (mclaugkl) (Sep 19)
- Re: Information Security Classes on the campus network Jack Suess (Sep 19)
- Re: Information Security Classes on the campus network Jeff Kell (Sep 19)
- Re: Information Security Classes on the campus network Bradley, Stephen W. Mr. (Sep 19)