Educational Security/Networking Questions

From: Michael Bradley (
Date: 07/09/03

  • Next message: Markus E. Kippler: "Re: Educational Security/Networking Questions"
    Date: Wed, 09 Jul 2003 05:59:02 GMT

    Hey Guys,

    Sorry for the cross posting, but this is quite a scenario. It's a setup
    like a high school on an NT network with all the student and most the
    faculty workstations running W2k or XP and TCP/IP protocol with DHCP
    assigned addressess. I have several hundred machines all on the same
    backbone, but two domains (Each with their own PDC) one for the students and
    one for the administrators. How is the best way to ensure that traffic is
    not sent back and forth between the two domains (ie I want to make sure that
    student computers can only see other student computers), would subnetting be
    the best solution for this? If I subnet are there still ways to see one
    side from the other? Since the staff uses their accounts to work on student
    grades, tests, and other FERPA type of stuff, I want to be sure that
    information transmitted on the faculty side can not be picked up by some kid
    with an ethernet sniffer, which leads me to another question...

    How concerned should I be with standard networking tools like nbtstat being
    used to collect information about the network. If I catch someone using it
    should I be concerned? Is it easy to disable tools like nbtstat or the net
    commands (to prevent file shares from being setup) without losing
    functionality in my network? Also, is there a way to protect against the
    kind of hacking tools that can be downloaded from the internet? Especially
    programs like PWDUMP. At what point should I be concerned, as a Sysadmin,
    if I catch students looking at, downloading or using those kind of programs
    and what is the generally accepted procedure for dealing with that? Talk to
    the kid, give him detention, kick him out of school, have him arrested...?

    I have one lab that the students need local admin rights to complete their
    assignments. How's the best way to go about giving them this kind of
    access? Is there any reason I should be worried about the students having
    local administrative access to the student machines?

    My last question I guess is one of ethics. As a system administrator, where
    do I have to draw the line with privacy and other issues. How much latitude
    does the sysadmin have in monitoring network traffic? Does it make a
    difference if it is traffic strictly on our intranet vs. traffic to outside
    servers? Also, the students all have personal, private space on the file
    server. What kind of legal steps do I have to take before going through a
    cursory examination of a students private storage space? Before going into
    an in depth investigation (Pulling back up tapes, etc)? Also, if I believe
    I have evidence that someone has been trying to gain unauthorized access to
    my system, what are my first steps in:

    a. protecting the network
    b. protecting the evidence
    c. protecting users from being setup by a third party.

    Thank you for any help y'all can provide, I will appreciate it greatly!!!

    God Bless,


  • Next message: Markus E. Kippler: "Re: Educational Security/Networking Questions"