Re: Network Hacking
From: Kevin Davisł (zkevindavisz@cfl.rr.com)
Date: 02/22/03
- Next message: zavis shawn: "Window2000 Server Kernel Security"
- Previous message: Doug Fox: "a forensic question"
- In reply to: Privacy, please: "Re: Network Hacking"
- Next in thread: Privacy, please: "Re: Network Hacking"
- Reply: Privacy, please: "Re: Network Hacking"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Kevin Davisł <zkevindavisz@cfl.rr.com> Date: Sat, 22 Feb 2003 03:14:18 GMT
On Fri, 21 Feb 2003 14:28:36 -0500, "Privacy, please"
<no.spam@wanted.here> wrote:
>There are two entirely separate issues here:
>
>1. Network security. What teachers assign as homework is irrelevant.
Wrong. If the teacher's assignment includes activities that the sys
admin should be apprised of, they should be apprised of it. By
justifying the professor's and student's actions leads to the
justification of *any* student, no, make that *anyone* to hack into
their system unannounced. The professor and the students have made
themselves no different than external hackers - except they have the
advantage of being on the inside from square one. Again, justifying
the teacher's assignment is inherently giving him the authority to
conduct security assessments. Such activities could also interfere
with any security assessment that may be in progress at the same time.
>The
>network admin's job is to secure the network. Period. You and Daniel seem
>to be forgetting this trivial point. The job requires due dilligence to
>secure the network against any hacks, attacks, probes, infiltrations,
>intrusions, incursions, invasions, snoopings, compromises and exploits. In
>your rush to condemn the teacher you both are making a conscious choice to
>overlook this small point.
What you are overlooking is that the sys admin's security job and
activities should not be dictated by some professor that has a wild
hair.
>And yet
>for some reason you ignore the possibility here that a network was allowed
>to operate without basic patches for known exploits.
Not ignoring it. Just stating that it is the sys admin's job to find
and resolve those things, not some professor with some kind of
delusions of granduer.
>You are deliberately being obtuse and refusing to understand the point.
>Banks are not learning environments. Universities are.
The University network was not established to provide a test bed for
some professor teaching network security. It was established to
provide a legitimate service to students and faculty. He is
unnecessarily putting that resouce at risk. If the professor wishes
to teach the students some hands on security, as I have stated before,
he needs to obtain funding for a small test lab or foot the bill on
his own. *That* would be your learning environment. This professor
is being arrogant in that he feels that the sys admin needs his help
in securing his network or at the very least being extremely
presumptuous that the University's network is at his beck and call for
teaching his network security class.
---------------------------------------
What could possibly go wrong?
- Next message: zavis shawn: "Window2000 Server Kernel Security"
- Previous message: Doug Fox: "a forensic question"
- In reply to: Privacy, please: "Re: Network Hacking"
- Next in thread: Privacy, please: "Re: Network Hacking"
- Reply: Privacy, please: "Re: Network Hacking"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
