Oxford Students Hack University Network 662
An anonymous reader writes "Both The Guardian and BBC News are carrying the story that two students at the University of Oxford, Patrick Foster and Roger Waite, were able to easily hack into the university's internal network in minutes using only easily-available software. Once inside, they could find out anyone's email password, observe instant messenger conversations and control parts of the university's CCTV system. The students were investigating the university's network security for the student newspaper, The Oxford Student, which published a front page article and editorial on the matter. In the article, a university spokesperson is quoted as saying 'In some cases the wish to provide the widest possible computer access as cheaply as possible may mean deciding to go for a cheaper set-up, with potentially lower security.' The students now face disciplinary precedings from the university and could receive rustication (suspension) and a 500 pound fine. The matter has also been passed onto the police."
Yeah... and? (Score:4, Funny)
these people will be in charge someday (Score:1, Funny)
"How I Rooted Oxford University" (Score:5, Funny)
500 pound fine? (Score:5, Funny)
kebabs and bon jovi (Score:5, Funny)
They should be damn well "rusticated" for their tast in music alone!
Re:500 pound fine? (Score:5, Funny)
In Oxford, they call it the "Sisyphus Punishment".
Re:*Yawn* (Score:5, Funny)
SCO sues B
Re:Yeah... and? (Score:5, Funny)
All I got was this stupid t-shirt.
Re:Are there any adults in the house? (Score:5, Funny)
Re:500 pound fine? (Score:5, Funny)
For those of you that want to Cambridge this is a reference to rolling a heavy stone uphill over and over.
Yes, do call the Coppers, but.. (Score:3, Funny)
Then they can put Oxford Hack in the dictionary:
Someone who tattles, and gets in trouble too because of their guilt in the incident.
Re:Mod Parent Down (Score:5, Funny)
Erick
Re:500 pound fine? (Score:5, Funny)
Re:500 pound fine? (Score:5, Funny)
It's college, right? (Score:5, Funny)
We know how well that works with administrations (Score:1, Funny)
If it had been more widely publicized after the first WTC attack, then maybe they would have done something to prevent the second.
500 pound fine... (Score:5, Funny)
Couldn't figure out why they were snickering though?
Re:Yeah... and? (Score:1, Funny)
Re: Lets be scientific about this... (Score:1, Funny)
As an unemployed Unix Administrator currently working in a Zoo to pay the rent I can put this to the test.
Situation:
Pentium 3 750mhz, Knoppix boot CD, unswitched network, plain text protocols running over network, 3 Columbus Lemur Monkeys.
Test 1 Monkey sat infront of screen and left to own devices.
Result 1 Neither monkey acheives much, taking no interest in the screen.
Test 2 Console opened, "ethereal" typed in as hint, monkey sat infront of screen.
Result 2 Again monkeys take little interest, monkey 3 does paw at the screen for a few minutes. Monkey 1 is distracted by small child waving icecream in its face, result for monkey 1 discarded.
Test 3 Ethereal opened, required options selected, bit of banana left on the enter key.
Result 3 All monkeys successfully grab the banana, triggering the enter key, and starting the packet sniffing session, in each case all plain text data over the network is recorded - SUCCESS!
So kids, as we've shown, a monkey is quite capable of doing this kind of hack. Now nobody is safe.
Re:Are there any adults in the house? (Score:2, Funny)
We produce fine, upstanding journalists like Paxman.
Re:Yeah... and? (Score:5, Funny)
The sys-admin set up our CompSci server to log every command every user had made (lastcomm services). So one night, one student is waiting for the others in the group project team to arrive. Rather than constantly running between labs, he simply writes a shell script:
while 1
do
who
sleep 10
done
Harmless enough? After about 2-3 hours of use, the entire
Which burned up two large boxes of line printer paper. Needless to say, the sys-admin was furious and makes the student sign a form requiring him never to run an infinite-loop script without permission again.
Re:Yeah... and? (Score:4, Funny)
I thought the fantastic thing about that case -- assuming it's the same one I remember -- was that he was kicked out about two weeks before graduation, and was claiming that they should have detected his plagiarism earlier and thrown him out then, rather than ripping him off for three years' worth of fees first. Hey, at least if he flunks that course, with arguments like that he'll have a great career as lawyer.
Re:Yeah... and? (Score:3, Funny)
Of course, once people saw me doing that, everyone started taking the balls out and throwing them at each other...
When you were at what? (Score:5, Funny)
And, um, which collage did you go to?
Further quirks (Score:3, Funny)
There is also meant to be a law still in force by which you can request a glass of sherry be brought to you during Finals exams. I don't know if anyone has had the balls to try it - it's exactly the sort of thing the Proctors find unamusing.
Re:Yeah... and? (Score:4, Funny)
Art collage, presumably?
Heh. (Score:3, Funny)
They had it set up so that, to use a computer, you logged in as the computer, instead of as a user. I found out that, if you logged a pc into the network, using a username meant for a Mac, and if that Mac were not already logged in, it would completely screw up your priviledges, and let you do many things normally reserved for "Administrator".
Friend of mine wrote a batch script to send out an amusing system message once an hour. Unfortunately he didn't count zero correctly, and so the first one was an hour, but the second through 1000000th were somewhat quicker.
The first I knew of it was when I walked into a computer lab and heard this symphony of "beepbeepbeepbeepbeep" and saw a couple lab techs ripping the cables and stuff off of this poor little Mac while screaming, "ITS UNPLUGGED! WHY IS IT STILL SENDING MESSAGES?!?!"
Re:Yeah... and? (Score:2, Funny)
Darnit, got me all misty eyed.
The real trick was that one student hacked the system and his reward? He got to become System Administrator.
Universities encourage exploration. Thats the great thing.
Re:Yeah... and? (Score:2, Funny)