The professor in question has revised the assignment. The only networks the students can scan are those who the professor has received permission from. At a minimum this is the Computer Science network, but I know several of my collegues here who have thrown him an IP or two of test servers or other not-mainline servers that can stand probing.
And it has been stressful around here. The SANs posting on the topic just added heat to a fire that was already growing internally. Now that the key issue is handled, now we get to deal with the fallout. According to the SANs posting, there are those clamoring to release the organizational name of the Higher Ed institution at fault. Thanks to this blog, a bit of google will give them that without too much work.
By all accounts this particular prof knows his stuff. I'm convinced this was just a sin-of-omission, rather than ill intent on the part of the professor. Unfortunately it was a very key detail missing, but that has been fixed. With luck, none of the students have commited an illegal act as a result of it yet. We hope.
Also, as near as I can delve into wa.gov, port-scanning by itself isn't a crime in this state. Of course, I Am Not A Layer. This does not hold true in other states, however, so the risk is quite present. According to one class-member who works in our office the professor said to perform the scans (of the CS network) outside of WWU's router-cloud in order to not have an unfair advantage in identifying exposed ports. Being a university, we're pretty permissive about traffic coming into our network, so that will still get them useful information.
Aye. Long week.
Oh wait, it's Tuesday.
And it has been stressful around here. The SANs posting on the topic just added heat to a fire that was already growing internally. Now that the key issue is handled, now we get to deal with the fallout. According to the SANs posting, there are those clamoring to release the organizational name of the Higher Ed institution at fault. Thanks to this blog, a bit of google will give them that without too much work.
By all accounts this particular prof knows his stuff. I'm convinced this was just a sin-of-omission, rather than ill intent on the part of the professor. Unfortunately it was a very key detail missing, but that has been fixed. With luck, none of the students have commited an illegal act as a result of it yet. We hope.
Also, as near as I can delve into wa.gov, port-scanning by itself isn't a crime in this state. Of course, I Am Not A Layer. This does not hold true in other states, however, so the risk is quite present. According to one class-member who works in our office the professor said to perform the scans (of the CS network) outside of WWU's router-cloud in order to not have an unfair advantage in identifying exposed ports. Being a university, we're pretty permissive about traffic coming into our network, so that will still get them useful information.
Aye. Long week.
Oh wait, it's Tuesday.