Jump to content

Recommended Posts

Posted

Hey, i recently found a bug in the college NAS, i logged off my pc and went to tell the tech's, anways about a week later i come back to college and everyone knows how to access peoples work.. i never thought anything of it, now a month later, people are saying there work has been deleted/renamed.. the bug is as follows, open ms office word, toolbars > web > \\nasdevice\username\work and explorer opens with their work. Now i have been told i have been watched(from a kid that got caught), is there anyway they could possibly do this? logs on the NAS?

I have no way to prove i'm innocent if they havent been watching/logging because i found this bug, even though i told them straight away, it hasnt been fixed..

now i'm just wondering about consiquences..

and anyway to possibly fix it?

Posted

After you found the bug, did you continue to access the NAS? If you kept going back afterward there would be little you could do to make it innocent looking. Personally, I would have kept this "bug" to myself. I guess write some sort of letter stating when you found the bug and who you spoke to about getting it fixed.

Posted

No I didn't keep accessing it other then my

Own work, also never told anyone.. I went straight to the server room and demoed it to them, they said thanks we'll fix it and that was the last I heard until now

Posted

If it hasn't been fixed then it would be polite to write a letter to them, detailing everything and some of the implications of it, then also send a copy to the headmaster (say that you are doing this in the letter), and keep a copy for yourself.

Remember to be polite and re-iterate that you are informing them because of the risks and possibly to see this as a free service that many companies and institutions pay for. You can also suggestion ways to resolve the problems if you can think of something.

If this doesn't worth then you may want to get the parent's association (or equivalent) involved if it is serious enough. I.e. you believe people could delete or alter other peoples work etc.

But what ever you do, do not tell any of your friends or people not previously mentioned in this post.

Posted

The thing is I have never told anyone about it but my fear is that it will come back to me.. The good guy always finished last I guess I will never help them securing there servers.. I just wanted to clarify can they log what you are doing nas side?? If not that may help me.. I know you can watch on rdp but I have never seenn the accept message

Posted

I hate when shit like this happens :( IMO Swathe is right about keeping what you find to yourself. By telling them they have a basis to blame *everything* on you... You pleaded guilty without even knowing it :unsure:

Posted

Plus that "backdoor" will get closed and it may have been something useful to have up your sleeve. When I find anything at work or wherever, I make sure it's noted and filed for potential future use.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...