As of Thursday Feb 7, 2007, I've decided to be the white hat hacker I was born to be.
The reason: SFU Surrey Campus' Library has the most insecure computer network as far as physical access goes. Believe me that I've seen worse.
Their mentality at the security end is to let crackers do their nasty, and then entrap them. In short, they wait for hacker deviants to break laws before they'd ban them, and then call police (maybe).
They'd let deviants walk in off the street and hack into the GigaPOP network and attack other computers using the Man-in-The-Middle strategy to bust into thir Radius servers to steal password.
How do I know this? I was given access to the Internet by a Library Assistant!
Within 2 minutes, I could surf anywhere. Within 30 seconds of rebooting the workstation I was assigned, I determined that I had access to floppy disk, CD ROM and HD, plus USB 2 ports.
I could boot off a floppy with trinux on it, a CD ROM disc with Linux LiveCD and even a USB ram drive with Puppy Linux on it!
If I wanted to, but being the professional, I told the assistant that I could do so. What did she do? She trusted me and gave me access!!
I even notified the head computer technician via the frontdesk assistant of the library. What did he say? "Oh, well. We'll monitor the situation."
How dumb is that? It appears that in Canada, all you need to do to get access is to buy a semester library card and crash the library catalog!!!!!
Ok, I didn't do that either. Rather, it was actually down. I didn't crash it; some student noobie did. Honest!
I like the UBC system better where they use Citrix and Internet terminals without computers to access the Internet.
The SFU system is easy to get "accidentally" infested with malware by just surfing to a website with trojan scripts to throw malware on their computers accidentally.
My rating on SFU Surrey's security: 7/10.
They get 1 point off for allowing me access to the Internet; 1 point for not securing all their workstations; and 1 point for using monitoring as a security precaution.
2 comments:
SFU OTS
Because SFU has gotten funding by Microsoft and a site license, they feel obligated to reduce security by using XP on most workstations.
This has led to infiltration of workstations by the so.big email trojan due to really dumb students using low impulse control to point and click without any intelligent design.
A solution to this problem is to run a limited Linux system like Puppy Linux LiveCD image from a thinware workstation using a
2 GB flash drive to replace the hard drive.
Another solution is to install UBUNTU as a LiveCD image on a 1.2GB HD with 256 MB as swap.
The fact that SFU allows open access to all comers is the reason why the workstations are infiltrated by viruses.
How easily preventable that problem is determined by how willing they are to switch to Linux to harden their workstations.
SFU feels that Microsoft should determine how slow their networks should be.
But in my opinion that's a form of slavery.
The good news is that SFU blocks IPs of workstations that can't show valid authentication to the router, automatically.
The bad news is that Windows XP will still get infested when given access to the Internet indiscriminately.
How? Via the email server.
The status of network security as of August 2003
I am not suggesting that Linux would solve their problems.
What I am urging is a more robust workstation environment so that Windows-based attacks are ignored by the OS.
A LiveCD environment might change that but limit the options available to the students.
How's that for market domination over the lives of students who don't really care, even though their uninformed activity causes the biggest headaches for them?
Post a Comment