Stupid School TECH Admin

[kickarse]

Problem is that there is a grain of truth in every generality. There are ton's of stupid school admins and a ton of smart ones. I had a couple really stupid ones in my day.

I'd always find a way around their security and share it with everyone. Then they'd lock that down and the cycle would continue. I would also use accounts from other students to do this, always. Using keyloggers to find passwords that they'd use for email. I figured that'd be probably what they use to get on their school accounts too. Worked well, plus if they were stupid enough to use their passwords for everything the school admins wouldn't suspect them.

[thespy]

Just be glad this kid aint in my school or he'd be banned from the computers completely just for saying that SLANDER.

I respect even the most computer illiterate, and that includes school admins.

I should have added that if i'd ever had a "Stupid School TECH Admin" i'd most likely report any security issues to them...

not intended as slander :-?

[Sparda]

I respect even the most computer illiterate, and that includes school admins.

Call me mad if you want, but really, he/she should be able to do his/her job.

If you are the only full time IT guy at a school/office, you should (essentially) be a jack of all trades when it comes to computers. You will end up been Tech Support (both over the phone and physically there), Security Analyst, Penetration Tester, Security Auditor, Network configuration guy and all around 'any thing computers' person. Perhaps I'm just a little bit mad, expecting some one who applied for an IT job to know things about computers ;).

[manuel]

I respect even the most computer illiterate, and that includes school admins.

I should have added that if i'd ever had a "Stupid School TECH Admin" i'd most likely report any security issues to them...

not intended as slander :-?

gee.... I guess my sarcasm stick is way out of alignment!  EMERGENCY!!!!!one one one one eleventeen 1111!

I know some admins are stupid and probably should not be admins, BUT there are also smart ones.  Then again there are also extremely busy or extremely bored admins who love to play games with people.

I tend to be all of the above, because I am extremely busy and can't secure everything, although I do try....  I also know about some loop holes and let some students use them to bury themselves deeper, so that when I present a case against them, I can pinpoint exactly who was responsible.

I am an evil admin when I want to be, but if you get on my good side you will be my friend for ever (or until I decide to get evil again >:) )

oh and btw... use a dictionary.... SLANDER is "harmful statement in a transitory form, especially speech" and the real term for word in writing is: libel (harmful statement in a fixed medium, especially writing but also a picture, sign, or electronic broadcast)

See:  http://en.wikipedia.org/wiki/Slander_and_libel

so that said... none of this writing is SLANDER.  SLANDER and LIBEL are both forms of defamation.

see... even this admin loves to educate users on things that may not even be tech related. 

[tanda333]

lol, i dont have a really stupid admin at our school, but he's done some remarkebly stupid things.

-like for example, we have deepfreeze, and so computer resets to previous state.

it resets to show his username upon login (lettsb) and some of the comps had his password remembered automatically and saved. i, along with the rest of the programming clas, immediatly hid this comp in the back rooms. he also left perfectly operational computers and parts lying around in the proggramming clas. like entire functioning pII's and enough parts to assemble approximately 3 PIII's

he eventually found out about the hidden comp.....

our usernameand pass system.. well its lastname followed by first initial, and a number if two accounts like that would exist. and example is howardn1

these usernames and there respective 5numbers and 2 letters passwords are stored in a book in the library. students can change their passes themselves, but are only given passes from the book when they need it. so if you arent in a computer class, u wont be using it in the first month or so.

so a freind and i waited till the librarian was in the back room, grabbed it and photcopied it (also did that to my gr. 12 physics exam)

we then changed anybody we didnt like who haddnt changed default yet.

most of our security at school revolves around deepfreeze and symantec's inet login junk.

so i found out what the pass the teachers use for inet is and used it till it was changed.

also, just by guessing, found out one of the teachers passwords was password, so i had ability to bypass deepfreeze.

that was fun...... i changed as many settings as i could before people got suspicous of someone messing around in folders that they dont know what they do. because at my school some of the teachers walked in on some of the programming students doing some work in the library, and tried to give us detention on the basis that they assumed we were hacking. we were writing code for a blackjack game in Turing.

anyways, after 3 years of me running rampant with the computer they have started cracking dow, the password book is now locked into the back room, the hidden computer where admin left his pass ass remembered was found, and all teachers changed thier passes.

i think my next escapade would be to set up a hardware keylogger,

cause a software error...... sys admin comes in. loggs in, fixes, and logs out. i come in later and whoops, guess who left a keylogger in the computer....

free full admin access.

but i haf to make one that handles ps/2 keyboards and is easily hidden. doint need long record time. just maybe 5 minutes of typing, mayber less, depending on if someone else trys to fixc it or not.

[Famicoman]

This makes me realize how different school networks are set up.

[tanda333]

this makes me realize some schools are fascist influenced. disabling right click, may as well buy macs you Nazis!

[Bullfrog838]

Ok when i was in high school are pass words and user names we set up like this

User name:  first letter of you first name, middle initial, the first three letter of your last and the last three numbers of your six number identification number.

Password was: the whole six number identification number.

So and example would be: Jeff Rig Marton 345361

User name: jrmar361

Password: 345361

ok so if you know the user name you know half the password but it gets worse every user that logged on to a given computer username is stored locally and its easy to retrieve this. next the 6 digit identification number is given by the school and you have to use it for ever thing getting lunch, on your id, on grade rosters, ect.... the best part about the grade rosters is if you know their username you know half their identification number so you can look up the first three on a grade roster not to mention the attendance rosters had you full name next to you identification number and those rosters were delivered by students.

needless to say it was very easy to get any student password if you had half a brain to connect the dots

[theSmiler]

My school admins password was 6uldv8

six-u-el dee-vee-eight.

sexual deviant.

That was a fun day.

[Guest ABC]

haha my admin left all the permissions uent, and i can go through the workgrop into the severs and steal all the log files :P

[Black Hawk]

Hmm seems to be many stupid admins around. At my school we choose our own password.

[Deveant]

haha the best admin password ive "found" is qwert, its just slack.

[tanda333]

wow, qwert is pretty good, but how about an admin pass of rm203. this was an old admin at my elementary school. the server room (thus his office) was in room 203.

he got canned later on and was replaced by the science teacher who knew little about adminning, buthad decent passwords. basically the admin does all the work setting this up.. gets canned, and the sci teacher gets paid extra to basically stay the course and leave what the admin did alone.

eventually the ass running the school realizes that you cant have a large computer network (the largest in the district, over 230 computers in 1998) without an admin.

so she hired another admin.

[Patt]

my schools local admin password was Computer. but the server crashed back in febuary and now its the same as the Domain Admin so now he wont tell us :( ... although i have my ways...

[Lord_Rob]

in my college we learn about novel and we wenrt tought how do do some things so we looked it up and we found out that you can send them over the network littel did we know that all 127 novel servers also had this message pop up that said read this dumb a$$

[thejapanesegeek]

My school network is very well done. Cisco Aironet 1100 in every class room, all buildings on campus blanketed by WiFi, complete Fiber backbone, ETC. And you know you will have security issues when you give each student a laptop.

Now I know the common rhetoric is "Physical Access means owned." But my tech team has it set so that the hard drive is first boot priority, and the BIOS is password locked. What would you do to circumvent this?

(I know this sounds like a 1337 h4xx0r the sk00l!!11!) kind of deal... But all the escalation hacks I've seen require either bootable CD or bootable floppy, neither of which are available. These guys know their stuff, too: all the defualts are changed, most of the common things (Mail server telnet etc.) have been disabled. How do you get admin privs on a locked down non-bootable system? (Without removing the hard drive or something else ridiculus like that).

[SomeoneE1se]

How do you get admin privs on a locked down non-bootable system? (Without removing the hard drive or something else ridiculus like that).

You can't, well you could try social engineering or removing the HDD cable to see if it will boot from something else.  But if you think removing the HDD is ridiculus there are not many options left.

[Sparda]

How do you get admin privs on a locked down non-bootable system?

Multi-boot menu?

[elmer]

The admins at my school have us locked out of almost everything. As someone was saying before, these admins are like freaking fascists! We can't right click, use the "F(1-12)" keys, nothing! It' s so annoying.

[Sparda]

As someone was saying before, these admins are like freaking fascists!

I don't give every one on the Internet root access to my web server. I must be the Internet equivalent of a Nazi!

[elmer]

I don't give every one on the Internet root access to my web server. I must be the Internet equivalent of a Nazi!

I don't want (or need) access to the root (or c drive), I just wish they would let me right click and use the function keys. That's all I need.