funsec mailing list archives
Re: Question for the group
From: Blue Boar <BlueBoar () thievco com>
Date: Sat, 11 Feb 2006 22:13:16 -0800
Paul Schmehl wrote:
Recently we discovered that some message boards in China were posting the urls for web proxies at various universities, along with "login credentials". In our case that meant the url and a sixteen digit number that represented our "Comet Card" IDs, smart cards that we issue to every student, staff and faculty member when they arrive.
<snip>
Is this something new? And why the hell do they want to grab books and periodicals? Can they sell them?
But, you haven't told us what having an ID lets one do. Does it give you proxy access to the Internet? Or does it just let you access library resources, like you imply?
Thought about playing honeypot? Maybe if you catch something brute forcing, you make it look like it gets a hit, and then you later blacklist any IPs that use that "hit".
BB _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Question for the group Paul Schmehl (Feb 11)
- Re: Question for the group Blue Boar (Feb 11)
- Re: Question for the group Paul Schmehl (Feb 11)
- Re: Question for the group Blue Boar (Feb 11)
- Re: Question for the group Paul Schmehl (Feb 11)
- Re: Question for the group TheGesus (Feb 12)
- Re: Question for the group Paul Schmehl (Feb 12)
- Re: Question for the group xyberpix (Feb 16)
- <Possible follow-ups>
- Re: Question for the group Fergie (Feb 11)
- Re: Question for the group Blue Boar (Feb 11)