|archives ~ negative273 ~ chill ~ nathan ~ jim ~ mount athos ~ rob|
Unleashing plagueful packets on artsci
I didn't think my blog would come to this, but I cannot resist offering commentary on the policy of network usage in the "pooled" classrooms found in buildings "owned" by the College of Arts and Sciences (hereafter, abbreviated "C of A and Ss"). I have the pleasure of teaching in January Hall this semester, which has a nice video projection system, in-room computer, and Ethernet network connection. Although the room is "pooled" meaning that it can be scheduled for any University class, the room is "owned" by the C of A and Ss, which means that the video and network is under their control.
Now in previous semesters, espeically when teaching 101, I have had to dessicate the dreaded Chemistry Key Ogre, liquidate the Louderman Network Troll, and outwit the Earth and Planetary Sciences Demons -- these nemeses have been all too easily dispatched. But thise semester I have met my match in the DHCP Dragon.
Mkato , my humble laptop that can attack without notice, accompanied me a few days before classes started to try to get hooked up to the lecture hall's video projection system and network. The video projection system worked fine, but alas, the network....
I could not get an IP address from the DHCP server. I was told that C of A and Ss is concerned about security, so access via DHCP was restricted and I had to get registered to use it. I was asked to fill out this form with the MAC address of my Ethernet card and to supply the requisite information.
Now those of us in Engineering know that the Arts and Sciences computers have more security holes than Swiss Cheese running Windows '98. Students in C of A and Ss pick really tricky passwords like their first or last name. Outsiders then break into their accounts, sniff other passwords (like root), and then start attacking other machines on campus. It's a game the whole family can play.
The registration page to get DHCP access prompts me for my cec or artsci password. Who needs this to register my MAC address? And guess what? That page isn't transmitted using SSL -- they might as well auction off my password on eBay.
Meanwhile, the computer hooked up to the system in the room is completely open and anybody can use it. Also, the shutdown-feature of the room's projection system yanks power from that computer, leaving it in the sorry state of having to check its disk on the next reboot.
Security, right! I think C of A and Ss is starting a new collection -- professors' passwords.
The silliest thing about their wireless is the encrypted wireless isn't. It allegedy takes about 15 minutes of sniffing/crunching to snarf the key, or at least the system they used last year was that easy.
Posted by: Joe at September 6, 2002 2:58 PM
The campus wide wireless network is no longer encrypted. They just no longer allow you to to use any protocol that requires a password (telnet, ftp, etc.). If you want to use one of those protocols, you have to download their vpn client.
Posted by: david at September 6, 2002 4:14 PM
OK, I'm a little slow on the uptake here -- are you saying my wireless card will be served by (another) DHCP? That would solve my problem nicely. Yeeesh
Posted by: rkc at September 6, 2002 11:03 PM
|Copyright © 2002-2008 Ron K. Cytron ~ hosted by negative273 ~ powered by moveable type|