+ Post New Thread
Page 1 of 2 12 LastLast
Results 1 to 15 of 29
Windows Thread, Well it finally happened in Technical; One of our highschools were hacked. 2 kids finally found a way around our network. apperantly, the had full access ...
  1. #1

    Join Date
    Feb 2007
    Posts
    34
    Thank Post
    0
    Thanked 2 Times in 2 Posts
    Rep Power
    16

    Well it finally happened

    One of our highschools were hacked. 2 kids finally found a way around our network. apperantly, the had full access to the ENTIRE domain, had a few virsus ready. The school tech caught them, but not sure how much damage was done before they were caught. Now I have the luxury of the principal at my school asking me to try to figure out how they got access to our entire domain. I dont even know where to start.

  2. #2

    Norphy's Avatar
    Join Date
    Jan 2006
    Location
    Harpenden
    Posts
    2,492
    Thank Post
    56
    Thanked 346 Times in 267 Posts
    Blog Entries
    6
    Rep Power
    127

    Re: Well it finally happened

    Interogation of the culprits would be the first step. Read them the riot act, quote the Computer Misuse Act etc etc.

    I hope that those caught are being suitably punished.

  3. #3
    Oops_my_bad's Avatar
    Join Date
    Jan 2007
    Location
    Man chest hair
    Posts
    1,738
    Thank Post
    438
    Thanked 53 Times in 50 Posts
    Rep Power
    30

    Re: Well it finally happened

    holy sh!t!

    Wonder if they've got hold of priviledged account details somehow

    What network was this? NT? 2000? 2003!? :!:

  4. #4

    Join Date
    Feb 2007
    Posts
    34
    Thank Post
    0
    Thanked 2 Times in 2 Posts
    Rep Power
    16

    Re: Well it finally happened

    The details are pretty sketchy. From what I have been told, The one kid somehow got admin level rights, then gave his friend the same level of rights, and away they went. We just went to 2003 server roughly last year. The cops were call yesterday, so they're being charged, but thats about all the info I know. As of right now, all the techs are being left in the dark about this whole situtation. I dont even think that many techs know about this. I only know because the principal here is friends with the principal at the school that it happened. So only know of what he has told me.

  5. #5

    Join Date
    Feb 2007
    Posts
    82
    Thank Post
    21
    Thanked 3 Times in 3 Posts
    Rep Power
    16

    Re: Well it finally happened

    You dont wish it on anyone, its one of the worse things that can happen!

    I read somewhere majority of hacking is caused by people leaving machines logged on!! or someone knowing credentials of admin account.

    I always try and check my admin groups members every so often, as if they go undetected could simply use to gain infromation rather than damage.

    From the damage done you can normally track back to specific times etc, perhaps look at when files were deleted then you can tell how login was acheived from event logs etc.

    I take it you share the domain accross multiple sites ? Or have i miss understood? If so may be worth looking at creating sub domains and keep trusts between them, may limit damage.

    good luck!

  6. #6

    GrumbleDook's Avatar
    Join Date
    Jul 2005
    Location
    Gosport, Hampshire
    Posts
    9,992
    Thank Post
    1,359
    Thanked 1,828 Times in 1,135 Posts
    Blog Entries
    19
    Rep Power
    602

    Re: Well it finally happened

    First things to do depend on whether you want to contain any possible problem or search for the entry point.

    If you want to contain any problem and ock things down then what you need to do is to check any group with admin level access ... change passwords of all admin accounts on a machine known to be clean of viruses, trojans and so on.

    Then start looking at machines known to be logged on to by staff with admin level access. Check for key logging software. Ensure all your AV software is up to date. Get a trial of enterprise level anti-spyware software to run a clean of all machines.

    I know of one school that was worried about similar after a former tech left under a cloud and they had a few strange things happening. They asked Securus for a 2 week trial and put the old admin password (and a few other bit) in the monitor list to see if anyone was trying to log on with admin level accounts. They caught a few students, who had been given information by a friend of the former tech, trying to change a number of things ... and then they didn't bother with Securus after that, but it did the job :-)

    If the students have been charged then it is likely that the police (and someone at the school) has information about what was being done. Even if it means the Techies find out that they drop a ball somewhere it is important to get the information and clean house.

  7. #7

    mattx's Avatar
    Join Date
    Jan 2007
    Posts
    9,240
    Thank Post
    1,058
    Thanked 1,069 Times in 625 Posts
    Rep Power
    740

    Re: Well it finally happened

    The cops were call yesterday, so they're being charged,
    With what ? [ just out of interest ]
    How old were the kids ?

  8. #8

    Gatt's Avatar
    Join Date
    Jan 2006
    Posts
    6,765
    Thank Post
    873
    Thanked 673 Times in 442 Posts
    Rep Power
    502

    Re: Well it finally happened

    I would hope with violating the Computer Misuse Act.

  9. #9
    mrcrazy04's Avatar
    Join Date
    Nov 2006
    Location
    Bedfordshire/Cheltenham, UK
    Posts
    261
    Thank Post
    2
    Thanked 11 Times in 11 Posts
    Rep Power
    18

    Re: Well it finally happened

    Yeah, if I read the Computer Misuse Act right, they could get up to 15 years .
    up to 5 for attempting to get access
    up to 5 for unauthorised modification of data
    up to 5 for setting it up so they can get further access.
    For each time they got in!!

  10. #10

    GrumbleDook's Avatar
    Join Date
    Jul 2005
    Location
    Gosport, Hampshire
    Posts
    9,992
    Thank Post
    1,359
    Thanked 1,828 Times in 1,135 Posts
    Blog Entries
    19
    Rep Power
    602

    Re: Well it finally happened

    Articles under the same act tend to run consecutively for offences that carry up to 5 years or £3000 fines ... it is up to the sentencing judge and depending on the age this is very unlikely.

    Shame really ...

  11. #11

    localzuk's Avatar
    Join Date
    Dec 2006
    Location
    Minehead
    Posts
    18,141
    Thank Post
    522
    Thanked 2,550 Times in 1,979 Posts
    Blog Entries
    24
    Rep Power
    877

    Re: Well it finally happened

    They will more likely just get a slap on the rist, aka. an official caution. Unless they have a preior criminal record that is.

  12. #12

    mattx's Avatar
    Join Date
    Jan 2007
    Posts
    9,240
    Thank Post
    1,058
    Thanked 1,069 Times in 625 Posts
    Rep Power
    740

    Re: Well it finally happened

    What sort of punishment will fall on the manager who is overall responsible for the network to start with..... ?
    Of course - said Tongue In Cheek.... :-)

  13. #13

    Join Date
    May 2006
    Posts
    1,319
    Thank Post
    101
    Thanked 25 Times in 18 Posts
    Rep Power
    26

    Re: Well it finally happened

    Meh. I had access to the admin account when I was at school. And my friend did. We didn't have an ICT Technician at the time, the network was run by the ICT Teacher/Head of ICT and he never found out that we knew the password. It was an RM network and the admin account had some cool controls such as remote control of other networked PCs which we used reguarly to scare people (we used to randomly eject their CD drives and laugh in the corner as they became highly confused).

    We never attempted to damage the network in any way though. I wasn't -that- immature.

    The only reason we knew the password was because on the RM network they had installed, there was two admin accounts (administrator and admin2). The head of ICT used the administrator account with his own password, but even though he knew about the admin2 account, he never changed it from its default password, which, ironically was "removed". My friend and I of course found out about it and we had full admin rights for over two years. The head of ICT obviously believed in security though obscurity.

    [ password removed - just in case, plus used in a few things - tarquel ]

  14. #14
    Midget's Avatar
    Join Date
    Oct 2006
    Location
    In a Server Room cutting through a forest of Cat5e
    Posts
    1,298
    Thank Post
    5
    Thanked 59 Times in 49 Posts
    Rep Power
    40

    Re: Well it finally happened

    so it's a standard thing from RM to have "removed" then? Successmaker has it as default as well

    [ edited for the reason above - tarquel ]

  15. #15
    Grommit's Avatar
    Join Date
    Sep 2006
    Location
    Weston-super-Mare
    Posts
    1,335
    Thank Post
    31
    Thanked 54 Times in 31 Posts
    Rep Power
    25

    Re: Well it finally happened

    Quote Originally Posted by Gambit
    One of our highschools were hacked. 2 kids finally found a way around our network. apperantly, the had full access to the ENTIRE domain, had a few virsus ready. The school tech caught them, but not sure how much damage was done before they were caught. Now I have the luxury of the principal at my school asking me to try to figure out how they got access to our entire domain. I dont even know where to start.
    I pay the students for information.. an couple of pound here and there goes a long way...

    They grass up hackers, hacker tricks and rogue teacher passwords :-)

SHARE:
+ Post New Thread
Page 1 of 2 12 LastLast

Similar Threads

  1. Anyone know what's happened to the TES site?
    By becktonboy in forum General Chat
    Replies: 0
    Last Post: 3rd June 2007, 07:49 AM
  2. wii finally
    By plexer in forum Gaming
    Replies: 2
    Last Post: 9th May 2007, 03:34 PM
  3. What would've happened if Microsoft had made the iPod....
    By indiegirl in forum Jokes/Interweb Things
    Replies: 1
    Last Post: 1st March 2006, 01:08 PM
  4. Nurse! The screens! It's happened again!!
    By ajbritton in forum General Chat
    Replies: 11
    Last Post: 5th February 2006, 11:47 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •