Over the last few days, handlers at the Bethesda, Md.-based SANS Internet Storm Center (ISC) have shined a pretty harsh spotlight on this fellow, who they've nicknamed "Professor Packetslinger."
The professor apparently didn't require that students get permission before trying to penetrate someone's Internet server. The university has decided not to take action as long as students keep their probes out of its systems.
The handlers, who have kept the professor's identity anonymous along with that of his university, say the assignment encourages illegal behavior.
"In other words," ISC handler Deborah Hale wrote in her Web diary, "we won't discipline Professor Packetslinger, we won't stop the assignment from going forward. As long as the students don't scan our computers, it is OK. If they scan our computers they will be reprimanded and lose their privileges on campus."
"I really wish they would release the name of the school," he said. "Professors like this need to be smacked."
One of the professor's students, who goes by the online name "Warrior Poet," offered an inside perspective in a LiveJournal blog entry.
The student said the assignment was "to perform a remote security evaluation of one or more computer systems" which should be done over the Internet using "tools available in the public domain." The assignment is worth 15% of their final grade.
"[It] seems innocent enough," the student wrote. "However, this was forwarded in an alarmist e-mail to the LAN-Managers group on campus, which caught the attention of our Novell admin, Greg Riedesel. He posted about it. The assignment was then forwarded to the ISC at sans.org, which wrote a scathing diary entry that laid into our teacher for being 'irresponsible.' Some concerned geek thought it appropriate to forward the story on to Slashdot, which mostly thought ISC was full of it."
The student said the whole affair has become a class joke. Wanted posters for "Professor Packetslinger" have been pasted to university walls, along with "pictures of [the professor] with a Cat5 lasso and network card revolver."
In the end, Warrior Poet said, it's "kind of fun being part of the news."
Meanwhile, the blog kept by Riedesel, the Novell admin Warrior Poet referred to, has gone dark to the outside word. A message there reads, "I'm taking this blog campus-only for the time being. This is only temporary! Should be back in a week or two."
It's unclear if all the hubbub about Professor Packetslinger has anything to do with it.
What bears can teach us about security
Richard Bejtlich posted some priceless photos in his TaoSecurity blog demonstrating what nature can teach the world about security. The photos are of a bear successfully raiding a backyard bird feeder set up to be out of his reach.
"Every once in a while it's good to be reminded of certain principles," he said. "In my first book I outlined three lessons I've learned while monitoring intruders. Sometimes threats in nature provide examples of these lessons."
The connection between the bears and Bejtlich's three lessons needn't be explained here. The pictures speak for themselves.
Webroot loses its voice
Boulder, Colo.-based security firm Webroot Software Inc. has lost its public face with the departure of its VP of threat research, Richard Stiennon. Stiennon announced the departure in his Threat Chaos blog this week.
"A couple of weeks ago, on the first anniversary of this security blog, I hinted at some changes in the air," he said. "Here is the big news. As of [Wednesday], Threat chaos will have a new home. But that is not the only news. I am departing Webroot and launching a new venture."
That venture is a new company called IT-Harvest, which he described as "an independent IT research firm covering the security industry."