Kitz ADSL Broadband Information
adsl spacer  
Support this site
Home Broadband ISPs Tech Routers Wiki Forum
 
     
   Compare ISP   Rate your ISP
   Glossary   Glossary
 
Please login or register.

Login with username, password and session length
Advanced search  

News:

Author Topic: School security continued (cleaned from other post).  (Read 5679 times)

jabns

  • Reg Member
  • ***
  • Posts: 247
School security continued (cleaned from other post).
« on: December 19, 2007, 03:37:38 PM »

Quote
MCSE training (yes I know MCSE isn't exactly hard)

Thats what my old schools network administrator had and she was dumb as hell :lol: .

I used to torcher her.

She left the permissions on one of the file servers so that we could change ownership of files and folders. So i changed the ownership to IT06JAB@BAMBAM. She had then left a permission entry granting full access to "Owner" which i now was to every file! I then started to move folders around and rename them to "funny things". Then for my finalle i moved everything on the three file servers(WILMA, BAMBAM, DINO) to a differnt file server so they were all hosting the wrong files and then locked here from accessing them. Then i changed the ownership from me to IT06ARV who was a kid that hated PCs but i left my self a backdoor by leaving it set to allow ownership changes.  >:D .


Another thing she did was setup a webfilter that was stupidly strict. So i setup a website with a tool that converted everything they typed into hex or binnary. So for example open Internet Explorer(does not work in firefox) and copy the following into the address bar and hit enter:

%66%6f%72%75%6d%2e%6b%69%74%7a%2e%63%6f%2e%75%6b

This then bypassed the filter!


She also left the terminal server enabled on the domain controller so i remotly loged onto it using Windows RDC and then made a bat file that read:

@ECHO OFF
NET SEND st-aidans "This schools network is vunerable and need fixing by a pro"
MSG * "HA HA HA...."
loop.bat
//The above file just opened this one again :)

That basically sent a message to everyone in the domain repeatidaly and a message to her saying HA HA HA. I then schedualled it for everytime the the computer booted and also added it to the registry for good mesure  >:D

I then shutdown the server  :lol: . She must have got the shock of her life when she turned i back on but me and half the school and teachers were in stitches(everyone hated her).

All this because she banned me from the network for 2 months.


Sorry for getting of topic but as soon as as i saw MCSE i giggled and could not resist telling you. Also end of topic by the looks of things.

Hope you enjoyed the stories (i could make my own thread i have that many but i won't bore you! St Aidans was ace LOL.)

James
« Last Edit: December 19, 2007, 03:41:59 PM by jabns »
Logged

kitz

  • Administrator
  • Senior Kitizen
  • *
  • Posts: 33881
  • Trinity: Most guys do.
    • http://www.kitz.co.uk
Re: I don't see the point of what Opera want!
« Reply #1 on: December 19, 2007, 03:43:42 PM »

> St Aidans - she was dumb as hell

I take it ariff must have left then... but that is going back a few years.
Logged
Please do not PM me with queries for broadband help as I may not be able to respond.
-----
How to get your router line stats :: ADSL Exchange Checker

jabns

  • Reg Member
  • ***
  • Posts: 247
Re: I don't see the point of what Opera want!
« Reply #2 on: December 19, 2007, 03:58:20 PM »

YUP

That person was ssurpossed to be quite good according to a IT Teacher. He/she used novell which worked well.

The new one was called [removed]).


When i say she was dumb i mean double dumb.

We had to go to reception and write our username down if we forgot our password. She would reset them on a Monday. So whenever i needed to get away with something i would fill out a form as someone else and put it in the pigon hole on friday. It would then get changed on monday giving me a week of access to someone elses account before he/she could get it changed!

I left 1-2 years ago. and she was there for 3 i think.

-----
-name removed by admin
« Last Edit: December 20, 2007, 10:52:36 AM by kitz »
Logged

mr_chris

  • Kitizen
  • ****
  • Posts: 3774
Re: I don't see the point of what Opera want!
« Reply #3 on: December 19, 2007, 11:58:21 PM »

A few glaring errors made on that system by the sound of it eh James... although I'd hate you if you were at my school... although... hopefully I'd have tried to get you 'onside' as it were and work with you, rather than against you ;) You wouldn't get away with that on my network anyway, that's for sure!

Re server hijacking.. Windows servers are pretty easy to secure in the most basic form, certainly against schoolboy errors like leaving files and folders with Creator Owner and Everyone set to Full Control, etc.

I met Arif a few times, he seemed to know his stuff pretty well. Trouble with schools is they don't pay enough to keep anyone who's any good. (I have reasons for sticking around as long as I have done, they're mainly called holidays, lol!)
Logged
Chris

kitz

  • Administrator
  • Senior Kitizen
  • *
  • Posts: 33881
  • Trinity: Most guys do.
    • http://www.kitz.co.uk
Re: School security continued (cleaned from other post).
« Reply #4 on: December 20, 2007, 01:23:14 AM »

.
Logged
Please do not PM me with queries for broadband help as I may not be able to respond.
-----
How to get your router line stats :: ADSL Exchange Checker

jabns

  • Reg Member
  • ***
  • Posts: 247
Re: School security continued (cleaned from other post).
« Reply #5 on: December 20, 2007, 01:34:28 AM »

Quote from: Mr Chris
A few glaring errors made on that system by the sound of it eh James

She used ScriptLogic to control our permissions instead of group policies. So all i had to do was boot into a linux live boot and changed the local admin password to one i knew. Then i logged in as the local admin and noticed that the SLogic.exe process had ended. So i then wrote a exe file that mimiced the logon scripts screen output in Visual Studio and named it SLogic.exe and replaced the offical one with it. Then logged on as me an and then i had no restrictions. It was as simple as that to gain local access.

She also had telnet on the exchange server so i could lock anyone out including her(don't ask me why he had not ticked disable account lockout!). If you ever wanted to watch a film instead of having a english leson all i would have to do is lock out the admin and the teacher then they could not use the whiteboard(electronic) or get the password reset for 1hour (lockout policy).

EDIT: Yeh he ran on netware and it was actually secure. She botched up the Server 2000 migration.

Cheers for doing the bits i couldn't kitz.

James
Logged

jabns

  • Reg Member
  • ***
  • Posts: 247
Re: School security continued (cleaned from other post).
« Reply #6 on: December 20, 2007, 01:48:37 AM »

You can probably tell why i won this on the last day:

Linky

LOL  :lol:
« Last Edit: December 20, 2007, 01:56:28 AM by jabns »
Logged

kitz

  • Administrator
  • Senior Kitizen
  • *
  • Posts: 33881
  • Trinity: Most guys do.
    • http://www.kitz.co.uk
Re: School security continued (cleaned from other post).
« Reply #7 on: December 20, 2007, 10:24:11 AM »

>> She botched up the Server 2000 migration.

Thats a shame - because in 98 St Aidans iirc had one of the most advanced networks + equipment in the area.
Even more so at one point than B'pl tech.
I'm assuming that if you went there then you/your parents thought it was worth the treck for you each day too, as it must have added nearly a couple of hours a day if you went by their bus.

Arif was so proud of the microwave link it had with Lancaster Uni which at the time was unheard of for any of the schools in this area (in fact in the UK iirc) and they'd won awards and grants from several places for their network.

Logged
Please do not PM me with queries for broadband help as I may not be able to respond.
-----
How to get your router line stats :: ADSL Exchange Checker

jabns

  • Reg Member
  • ***
  • Posts: 247
Re: School security continued (cleaned from other post).
« Reply #8 on: December 20, 2007, 12:17:46 PM »

My sister went there before and i didn't have a choice. My mum knows a few of the govenours there and they were also known for there special needs support and i have Dyslexia(the hardest word to spell for a dyslexic person  :lol: ) aswell as aspergers(Anger Problem).

It took about 45mins each way depending on the traffic comming up to shard bridge.

She has changed alot of the equipment i think.

She spent £2000 on a celeron pc with 512mb(and it was only 2 years ago) to do the dinner card system. Back theen i could have got a dell server with 4gb of ram and 2 xeons for that price.


That link is still there. Its a 10mb one if i recall correctly. I think they used that because it was so remote(and on a hill) I know that the schools(primary) in fleetwood are done differently. They all share the costs of there joint network(not to sure on the details other than BT have something to do with it). I know this because my mum used to be chairman of the goveners at larkhome primary.

I got offered to do there network but kind of didn't make use of the oppertunity(because im silly and forgot how good experiance looks on a CV  :lol: )
Logged

jabns

  • Reg Member
  • ***
  • Posts: 247
Re: I don't see the point of what Opera want!
« Reply #9 on: December 20, 2007, 12:41:01 PM »

A few glaring errors made on that system by the sound of it eh James... although I'd hate you if you were at my school... although... hopefully I'd have tried to get you 'onside' as it were and work with you, rather than against you ;) You wouldn't get away with that on my network anyway, that's for sure!

Me and my mates went to tell here about stuff and she seemed to be embarrased and so would get me suspended for a day or something rarther than saying thanks and fixing it(kind of makes it hard to see right from wrong). So in the end it ended up with me getting revenge. I used to tell the deputy head everything i did thoe as we got along quite well(he did not seem to mind as long as i did'nt take it to far like messing with peoples work). I seemed to learn knoledge before ethics LOL.

It was probably the best thing that happened to me because it made me download Server 2003(Eval) and learn about DNS and i set my house up with a domain controller. I would actually recommend doing this to anyone with good knoledge already who wants to learn about servers or network security. All you would need is three old PCs(1 server, 2 desktops). I learnt more(and faster) from doing that than any book or site (bar http://www.petri.co.il/ ) could ever teach you.

PS: have any of you ever had a look at that petri site i linked to. It is a very good site. Probably more so for you Chris. I used it for tweaking exchange and for solving DNS problems that windows server 2003 come with  :( .
« Last Edit: December 20, 2007, 12:45:42 PM by jabns »
Logged