A colleague told me today that her son was suspended from school for ‘hacking’ the school computers. It turns out that he had managed to bypass the Department of Education’s firewall by guessing the password to the local system and was browsing game websites that were blocked by said firewall.
I understand that he did something that was wrong, but I believe the suspension was a complete knee jerk and not appropriate for what had been committed. Firstly, the network administrator at the school had a password which was a name, a cat’s name to be specific. This breaks probably the simplest, if not the most important rule on passwords; Do NOT use names/single word for passwords! Secondly, he was only browsing websites. It’s not like he had broken into a database or was performing some malicious action against the school or another organisation. Punishment was necessary/required for breaking the rules, but suspension? Come on, he only highlighted the fact that the brain-dead administrator was stupid enough not to secure his network/systems properly.
It also tells me that not much has changed since I was at high school, when the staff tasked with the school’s network administration or even teaching of computer studies courses knew little about IT or computers in general. I don’t know if this is a funding issue or the fact that there just isn’t anyone with the required skillsets interested in working for schools, but something needs to change there.
Update: It turns out the passwords are a little more secure than I first understood. It turns out that another student discovered the staff member’s username then through a process of asking said staff member questions in general discussion worked out the answers to the three security questions required to access a ‘forgotten password’. This student then logged in as the staff member for my colleague’s son to use (an accessory after the fact as it were). This is a little more sinister, but still doesn’t change the fact that it was possible for a student to obtain the staff member’s password. More stringent precautions need to be in place for retrieving passwords (email confirmation etc).
The fact that the son in question was suspended when they weren’t the one who obtained the information is even more so a glaring insight into how much the school has got it wrong.
Well, to be quite honest, I haven’t defeated any trees, I’ve just gone around them. I relocated my wireless internet antenna yesterday so that I had a clear line-of-sight position to the Access point (AP).
I borrowed my Dad’s binoculars, and searched out the actual location of the AP and then chose the best place along the house to put the Antenna. However, I was limited to a reach of 1.8 metres as that was the length of the Antenna base pole which I’d bought.
Dad gave me a hand putting it up, and we did, just before it rained and I have a stable, normal connection again. Luckily, I live opposite a ‘T’ intersection so it is highly doubtful that anything will obstruct it’s new position.
I finally have sorted out my Internet sharing problems. Zebbie put me onto a Linux distro called Endian Firewall. It’s a small Linux distro that gives you the ability to run a firewall/gateway machine.
So, I whacked a second NIC into Stargazer and installed it, entered my PPPoE settings for the wireless antenna and it worked! It also had DHCP, a Firewall (currently turned off, as my machines all have firewalls of their own) and some other features I don’t really need. The primary thing is that it’s DHCP server won’t chuck a hissy fit whenever I turn my Mac on at home. I’ve tested both our laptops and both have worked fine.
My only problem now is that Stargazer is noisy!
I have been having trouble with my home network lately. The problem is that I cannot easily share my internet connection with my wireless and switched home network.
Connecting to Cirrus’ network requires setting up a PPPoE connection, with a username and password. In Windows, you can create a new connection that specifies a username and password, provide the providers name and you ‘dial’ it and it connects. The Wireless antenna works via a network cable, which is plugged into my switch, so my PC with it’s connection finds the antenna fine. You can then share this connection, like a dial up connection, which then turns on ICS (Internet Connection Sharing) which acts like a DHCP server.
However, the problem I have is that intermittently, my PC, which runs Vista, will shut off the DHCP server if it detects another DHCP server on the network. I finally figured out that it was because of my Mac. Because I run Parallels to run a Windows XP VM, it’s using a bridged network interface so that my WinXP VM uses NAT. Thus, whenever I connect my Mac to my home network, Vista detects the DHCP server running for Parallels and shuts off it’s DHCP, meaning internet access doesn’t work for anything else on the network (it stops handing out IPs). The stupid thing is that Parallels won’t assign an IP to anything other than a Parallels VM but Vista still thinks there will be confusion and shuts off.
I tried entering the connection details into my Wireless router, which has an WAN connection setting, but it’s overly simplistic and would not connect. I even tried plugging the network cable for the antenna into the WAN port on the router but that didn’t work either.
I looked into upgrading the firmware of my router but the manufacturer doesn’t support it any longer (I have a Belkin Wireless G router version 1000au – they now only support versions 2xxx and 3xxx).
Currently I have my router acting like a DHCP server handing out IPs (it won’t deactivate when my Mac connects) but nothing other than my PC can access the internet which is frustrating at times.
I have an old Epson TM-U210 receipt printer that I can’t seem to get to print anything. I’ve double checked drivers and the ports they’re installed on and nothing gets through. It’s a parallel model and the PC I’m using doesn’t have a parallel port, so I bought a PCI parallel adapter. The PC has ‘detected’ the printer (using XP, changing the port to the port it’s configured on raises the ‘Found New Hardware’ message), but the spool window displays ‘Not available’ after the printer name in the title bar.
I posted this on OCAU as well (this link, if you are a member). Hopefully I can get an answer to it.
A friend of mine has been renowned for pushing computers and their inner parts to their limits in the past. So when he destroyed 4 Gigabytes of RAM the other day, I automatically assumed he’d overclocked it.
I don’t understand why people want to change hardware from their default settings. Why bother get that extra 5 frames per second? Why bother risking the items destruction milking that extra little bit of performance out of it when the manufacturer has already set it to it’s most efficient setting? To me, it just sounds like a huge waste of money.
/discuss.
