Re: Educational Security/Networking Questions

From: Markus E. Kippler (nonono_at_idontlikespam.com)
Date: 07/09/03 

Date: Wed, 9 Jul 2003 11:06:14 -0500

Here's a good solution: www.dnsredirector.com

Use it to block students from downloading such utilities, using IM,
downloading porn, or MP3s

I think they will give discounts to schools/libraries too.

"Michael Bradley" <LilAviator@hotmail.com> wrote in message
news:c3ba61c8d815ab66be63e971c7cebc7f@free.teranews.com...
> Hey Guys,
>
> Sorry for the cross posting, but this is quite a scenario. It's a setup
> like a high school on an NT network with all the student and most the
> faculty workstations running W2k or XP and TCP/IP protocol with DHCP
> assigned addressess. I have several hundred machines all on the same
> backbone, but two domains (Each with their own PDC) one for the students
and
> one for the administrators. How is the best way to ensure that traffic is
> not sent back and forth between the two domains (ie I want to make sure
that
> student computers can only see other student computers), would subnetting
be
> the best solution for this? If I subnet are there still ways to see one
> side from the other? Since the staff uses their accounts to work on
student
> grades, tests, and other FERPA type of stuff, I want to be sure that
> information transmitted on the faculty side can not be picked up by some
kid
> with an ethernet sniffer, which leads me to another question...
>
> How concerned should I be with standard networking tools like nbtstat
being
> used to collect information about the network. If I catch someone using
it
> should I be concerned? Is it easy to disable tools like nbtstat or the
net
> commands (to prevent file shares from being setup) without losing
> functionality in my network? Also, is there a way to protect against the
> kind of hacking tools that can be downloaded from the internet?
Especially
> programs like PWDUMP. At what point should I be concerned, as a Sysadmin,
> if I catch students looking at, downloading or using those kind of
programs
> and what is the generally accepted procedure for dealing with that? Talk
to
> the kid, give him detention, kick him out of school, have him arrested...?
>
> I have one lab that the students need local admin rights to complete their
> assignments. How's the best way to go about giving them this kind of
> access? Is there any reason I should be worried about the students having
> local administrative access to the student machines?
>
> My last question I guess is one of ethics. As a system administrator,
where
> do I have to draw the line with privacy and other issues. How much
latitude
> does the sysadmin have in monitoring network traffic? Does it make a
> difference if it is traffic strictly on our intranet vs. traffic to
outside
> servers? Also, the students all have personal, private space on the file
> server. What kind of legal steps do I have to take before going through a
> cursory examination of a students private storage space? Before going
into
> an in depth investigation (Pulling back up tapes, etc)? Also, if I
believe
> I have evidence that someone has been trying to gain unauthorized access
to
> my system, what are my first steps in:
>
> a. protecting the network
> b. protecting the evidence
> and
> c. protecting users from being setup by a third party.
>
> Thank you for any help y'all can provide, I will appreciate it greatly!!!
>
> God Bless,
>
> Mike
>
>

Relevant Pages

  • RE: Windows Vista current flaws
    ... You clearly are not protecting against one of your students running attack ... you can easily add a notification clause to the network access ... "In the event student chooses to run beta or other pre-release software, ...
    (Security-Basics)
  • Educational Security/Networking Questions
    ... used to collect information about the network. ... commands (to prevent file shares from being setup) without losing ... if I catch students looking at, downloading or using those kind of programs ... protecting the evidence ...
    (comp.os.ms-windows.nt.admin.security)
  • Re: TeXBook
    ... have the right to print the TeXbook from texbook.tex and distributing a copy to all of its students. ... speak about "private use" not just "private copying". ... I believe that privately patching the texbook and then print it does qualify especialy if you not change the content of the book. ... This is the same as downloading a digital music and then put it on a CD; which could imply modifying the format. ...
    (comp.text.tex)
  • Re: internet acces restriction on network
    ... :to prevent the students form downloading via kazaa etc. ... downloading via plain http connections (or via port 80, ...
    (comp.security.misc)
  • Re: how to stop a users internet access???
    ... the network administrator or maybe some policy was in the way. ... use of innocent students to do their dirty work.... ... I think we all agree that the internet can be addictive to people, ...
    (microsoft.public.windowsxp.general)