lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <4399F65C.30504@csuohio.edu>
Date: Fri Dec  9 21:27:33 2005
From: michael.holstein at csuohio.edu (Michael Holstein)
Subject: McAfee VirusScan vs Metasploit Framework v2.x

> Hmm,  when I was working at a state run institute, we had a policy of
> letting the students do things that helped them learn. What better way
> to learn about the importance of error handling than exploiting what
> happens when you dont learn about them?

(extracted) :

All Users of University Computing Resources must:

2) Use only those computing resources that they are authorized to use 
and use them only in the manner and to the extent authorized. Ability to 
access computing resources does not, by itself, imply authorization to 
do so. Users are responsible for ascertaining what authorizations are 
necessary and for obtaining them before proceeding. Accounts and 
passwords may not, under any circumstances, be shared with, or used by, 
persons other than those to whom they have been assigned by the university.
	
> Just let them mess around on a private network you say?

Classes where hacking topics do exactly that. Unfortunately the law does 
not provide an exception for "educational hacking". Doesn't matter if 
you were just "testing" a buffer overflow on somebody else's computer 
(without permission, outside a lab, etc) -- or you were trying to change 
your test score. Illegal access is exactly that -- illegal.

> You cant reproduce the internet (except inet2 =P). Also, if a school
> squashes creativity, or hampers research (in what ever form they may
> take) you will not be able to compete in the educational arena.

Telling students they can't hack into stuff they don't own doesn't 
squash creativity -- it enforces the law.

~Mike.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ