Xatrix Security

[Fergie1]

So today I managed to guess an administrator password which is a default account but I assume when the school not a new version of Classlink installed they changed all the default account passwords to the one that is the same as the local admin password (fail) so any ideas on what to do with it? Theres obviously the idea of just destroying everything and making everyone admins but thats obvious and a bit stupid, so if anyone could reccomend something more subtle as I want to do something but i'm lacking ideas.

I don't want to log onto it very often as the system logs every log on and log off into a database and unless I want to clear the database of that each time its best I don't use it often.

[jd2kuk]

How about slightly tweaking the permissions that standard and restricted users have?

Allocate some extra programs to those groups too, like RM tutor...

[ICT Tech]

What kind of place does something like that?!

Anyway, I say go for it Fergie, give the people on your network some access rights, they will probably all be noticable in the end by the Admin, but so what, do it anyway

[Todd91]

when i got admin rights on my school server i used it to get into the fbi, since the ip address was the same for all of them. easy.

[heebyjeebys]

when i got admin rights on my school server i used it to get into the fbi, since the ip address was the same for all of them. easy.

if your right then the fbi have real secure headquaters... located in a school with the same admin for the school as the fbi... interesting..... and about the ip addresses being the same...im pretty sure that computers fight when you get two or more computers with the same ip address.....must be some dream network that your on about then

[heebyjeebys]

So today I managed to guess an administrator password which is a default account but I assume when the school not a new version of Classlink installed they changed all the default account passwords to the one that is the same as the local admin password (fail) so any ideas on what to do with it? Theres obviously the idea of just destroying everything and making everyone admins but thats obvious and a bit stupid, so if anyone could reccomend something more subtle as I want to do something but i'm lacking ideas.

I don't want to log onto it very often as the system logs every log on and log off into a database and unless I want to clear the database of that each time its best I don't use it often.

haha ... change the wallpaper on all the computers or something silly .... or make a GP object... find the setting that displays a message at the login screen... and type something .. tee hee!

[muto]

when i got admin rights on my school server i used it to get into the fbi, since the ip address was the same for all of them. easy.

if your right then the fbi have real secure headquaters... located in a school with the same admin for the school as the fbi... interesting..... and about the ip addresses being the same...im pretty sure that computers fight when you get two or more computers with the same ip address.....must be some dream network that your on about then

I think he was referring to the fact that the entire school only has one external IP, because it's using NAT, so they don't know which of several hundered computers the attack really came from...

[ICT Tech]

when i got admin rights on my school server i used it to get into the fbi, since the ip address was the same for all of them. easy.

if your right then the fbi have real secure headquaters... located in a school with the same admin for the school as the fbi... interesting..... and about the ip addresses being the same...im pretty sure that computers fight when you get two or more computers with the same ip address.....must be some dream network that your on about then

I think he was referring to the fact that the entire school only has one external IP, because it's using NAT, so they don't know which of several hundered computers the attack really came from...

Well now, we can trace that!

[muto]

The most you could trance it to is a computer, you can't actually see who's using the computer at the time, and if it's in an area with no witnesses, you have no proof..

[ICT Tech]

We can trace it to the computer, then check the cache for that machine, sometimes it will work, sometimes another 11 people have logged into the PC and we cannot check

But sometimes we can, lmost everything in RM Systems in logged