COLUMN

Security Blog Log: Hacking for grades causes a stir

By Bill Brenner 03 Mar 2006 | SearchSecurity.com Security Wire Daily News Digg This!     StumbleUpon     Del.icio.us

---------------------------------------------------------------------------------------------------------

Among the most colorful odds and ends from the blogosphere this week is the tale of a university professor who sent his students off to do a little attack reconnaissance.

Over the last few days, handlers at the Bethesda, Md.-based SANS Internet Storm Center (ISC) have shined a pretty harsh spotlight on this fellow, who they've nicknamed "Professor Packetslinger."

The professor apparently didn't require that students get permission before trying to penetrate someone's Internet server. The university has decided not to take action as long as students keep their probes out of its systems.

The handlers, who have kept the professor's identity anonymous along with that of his university, say the assignment encourages illegal behavior.

"In other words," ISC handler Deborah Hale wrote in her Web diary, "we won't discipline Professor Packetslinger, we won't stop the assignment from going forward. As long as the students don't scan our computers, it is OK. If they scan our computers they will be reprimanded and lose their privileges on campus."

About Security Blog Log Senior News Writer Bill Brenner peruses security blogs each day to see what's got the information security community buzzing. In this column he lists the weekly highlights. If you'd like to comment on the column or bring new security blogs to his attention, contact him at bbrenner@techtarget.com. Recent columns: Hey, Mac. Is that a worm in your Apple? A week of vulnerabilities Surprise! IE7 beta has a flaw Is Nyxem really that dangerous? Oracle makes Microsoft look good Symantec flaw parallels Sony BMG Plenty of opinions on WMF patching

She added: "This is incredible; this university is encouraging illegal activity. They are encouraging students to do something that is … illegal, unethical [and] immoral."

One self-described computer geek who lives in Illinois, works for the government and calls himself "Al," sided with the ISC handlers in his Random Thoughts blog.

"I really wish they would release the name of the school," he said. "Professors like this need to be smacked."

One of the professor's students, who goes by the online name "Warrior Poet," offered an inside perspective in a LiveJournal blog entry.

The student said the assignment was "to perform a remote security evaluation of one or more computer systems" which should be done over the Internet using "tools available in the public domain." The assignment is worth 15% of their final grade.

"[It] seems innocent enough," the student wrote. "However, this was forwarded in an alarmist e-mail to the LAN-Managers group on campus, which caught the attention of our Novell admin, Greg Riedesel. He posted about it. The assignment was then forwarded to the ISC at sans.org, which wrote a scathing diary entry that laid into our teacher for being 'irresponsible.' Some concerned geek thought it appropriate to forward the story on to Slashdot, which mostly thought ISC was full of it."

The student said the whole affair has become a class joke. Wanted posters for "Professor Packetslinger" have been pasted to university walls, along with "pictures of [the professor] with a Cat5 lasso and network card revolver."

In the end, Warrior Poet said, it's "kind of fun being part of the news."

Meanwhile, the blog kept by Riedesel, the Novell admin Warrior Poet referred to, has gone dark to the outside word. A message there reads, "I'm taking this blog campus-only for the time being. This is only temporary! Should be back in a week or two."

It's unclear if all the hubbub about Professor Packetslinger has anything to do with it.

What bears can teach us about security
Richard Bejtlich posted some priceless photos in his TaoSecurity blog demonstrating what nature can teach the world about security. The photos are of a bear successfully raiding a backyard bird feeder set up to be out of his reach.

"Every once in a while it's good to be reminded of certain principles," he said. "In my first book I outlined three lessons I've learned while monitoring intruders. Sometimes threats in nature provide examples of these lessons."

The connection between the bears and Bejtlich's three lessons needn't be explained here. The pictures speak for themselves.

Webroot loses its voice
Boulder, Colo.-based security firm Webroot Software Inc. has lost its public face with the departure of its VP of threat research, Richard Stiennon. Stiennon announced the departure in his Threat Chaos blog this week.

"A couple of weeks ago, on the first anniversary of this security blog, I hinted at some changes in the air," he said. "Here is the big news. As of [Wednesday], Threat chaos will have a new home. But that is not the only news. I am departing Webroot and launching a new venture."

That venture is a new company called IT-Harvest, which he described as "an independent IT research firm covering the security industry."

Stiennon has been Webroot's primary spokesman, appearing in numerous stories on the spyware threat this past year.

Tags: Security Testing and Ethical Hacking,  Vulnerability Risk Assessment,  VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Security Testing and Ethical Hacking Attackers zero in on Web application vulnerabilities What to do with network penetration test results Information security book excerpts and reviews H.D. Moore speaks about Metasploit Project deal, Release 3.3 Could Metasploit popularity erode? Metasploit Project acquired by vulnerability management firm Rapid7 Should management processes change based on a patch release schedule? Does an EULA make it truly illegal to decompile software? Screencast: BackTrack 4 offers an arsenal of penetration testing tools Security testing firm uncovers XML vulnerabilities Vulnerability Risk Assessment Disaster recovery plans and DLP solutions top 2010 priorities Information security book excerpts and reviews What patch management metrics does Project Quant use? Screencast: How to launch an OpenVAS scan Trusteer CEO criticizes Adobe, touts better patch deployments Patch management study shows IT taking significant risks Vulnerability mitigation study shows need for faster patching Microsoft to issue security report card, new tool at Black Hat Newest malware threats Are Web application penetration tests still important? Vulnerability Risk Assessment Research

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary Cyber Storm  (SearchSecurity.com) ethical hacker  (SearchSecurity.com) ethical worm  (SearchSecurity.com) gray hat  (SearchSecurity.com) honey pot  (SearchSecurity.com) honeynet  (SearchSecurity.com) war dialer  (SearchSecurity.com) white hat  (SearchSecurity.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary