Home
Friday, September 22, 2017
7:59:28 PM
Users online: 0   You are here >> Home > Security

Forums | Security Forums search
Forum FAQ
   
 Previous Page 1 | 2  
[BUMPED!] School security failure... What now? (moral question)
bowiee 
2/6/08 11:15:10 AM
Hero
Guru


Please don't bump old threads, it is normally very frowned upon here. I am sure that by now he has made a decision.

Also welcome to atomic :) have fun,post often,play nice, and PLEASE read the FAQ it will answer all your questions on the rules here plus give you info on many other things about the site. :)
http://www.atomicmpc.com.au/forumfaq.asp



Edited by bowiee: 2/6/2008 12:06:45 PM

-----
"You do not really understand something unless you can explain it to your grandmother" - Albert Einstein.
"Note to self....Don't feed the trolls"




johnsee 
2/6/08 11:45:44 AM
Mod
SuperHero

Immortal


Given the lack of activity in Security, I'm reluctant to lock anything that was bumped without even leaved the front page :)

-----
Quote by Mac Dude
I love the smell of napalm in the Green Room.
------

mandalore 
11/7/08 5:27:53 PM
Banned
Quote by nnelson
While (carefully :D) messing around on the school computers today I managed to get the system-wide local administrator password through a fairly convoluted method involving booting into the network boot/install feature so I could read the pre-set configuration files.

Armed with this information I logged on as the local admin, dumped the wireless password to my USB and, just out of interest, checked to see if the internet would work without a network user being logged on. (it didn't)

The school homepage was still available though...
Again out of curiosity, I clicked the "Synergy" logo (Synergy is the database software my school uses to store student details/photos/grades).
I was amazed to find that it was possible to log into Synergy, personal details and all, with a local administrator password (which coincidentally was based on a dictionary word).
As I'm a responsible person I didn't browse / mess around with it but immediately logged out.

I feel like I should tell someone (I'm on good terms with one of the computer guys) about this possible security risk / breach of privacy but I'm worried that I could be putting myself at risk which I'd rather not do considering that this is my last year.

What would you recommend that I do?



Well done.

You could try using game theory to work out a good course of action - or perhaps I've just been watching too much NUMB3RS. Either way, Well Done!

-----
Trust no one. Least of all yourself...

 Previous Page 1 | 2  
Forums | Security