funsec mailing list archives

Re: Question for the group

From: Paul Schmehl <pauls () utdallas edu>
Date: Sun, 12 Feb 2006 13:48:24 -0600

--On February 12, 2006 9:02:07 AM -0500 TheGesus <thegesus () gmail com> wrote:

On 2/11/06, Paul Schmehl <pauls () utdallas edu> wrote:

Recently we discovered that some message boards in China were posting the
urls for web proxies at various universities, along with "login
credentials".  In our case that meant the url and a sixteen digit number
that represented our "Comet Card" IDs, smart cards that we issue to every
student, staff and faculty member when they arrive.


Do you think maybe what they're after is the Comet Card # and they are
only using the proxy to generate & test valid #'s?

What else can you get with a Comet Card?

Nothing digital. The library proxy is the only use of that ID that allowsremote access. Everything else it's used for (like checking out books)requires a physical presence.

I suppose this is the place...

http://libproxy.utdallas.edu/login


Yes, that's it.

Paul Schmehl (pauls () utdallas edu)
Adjunct Information Security Officer
University of Texas at Dallas
AVIEN Founding Member
http://www.utdallas.edu/
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

Current thread:

Question for the group Paul Schmehl (Feb 11)
- Re: Question for the group Blue Boar (Feb 11)
  - Re: Question for the group Paul Schmehl (Feb 11)
    - Re: Question for the group Blue Boar (Feb 11)
- Re: Question for the group TheGesus (Feb 12)
  - Re: Question for the group Paul Schmehl (Feb 12)
- Re: Question for the group xyberpix (Feb 16)
- <Possible follow-ups>
- Re: Question for the group Fergie (Feb 11)