Re: Question for the group

[Blue Boar <BlueBoar () thievco com>]

Paul Schmehl wrote:
> Recently we discovered that some message boards in China were posting 
> the urls for web proxies at various universities, along with "login 
> credentials".  In our case that meant the url and a sixteen digit number 
> that represented our "Comet Card" IDs, smart cards that we issue to 
> every student, staff and faculty member when they arrive.
<snip>
> Is this something new?  And why the hell do they want to grab books and 
> periodicals?  Can they sell them?

But, you haven't told us what having an ID lets one do.  Does it give 
you proxy access to the Internet?  Or does it just let you access 
library resources, like you imply?

Thought about playing honeypot?  Maybe if you catch something brute 
forcing, you make it look like it gets a hit, and then you later 
blacklist any IPs that use that "hit".

                                                BB
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.