A final practical test for a computer-security class has network administrators up in arms.
According to handlers at the SANS Institute, a professor at a university (both have been promised anonymity) has assigned his students homework requiring them to perform attack reconnaissance on an Internet server. The assignment could result in the students breaking laws, as the professor is not requiring that the students first get permission. The SANS Institute criticized the professor, who they dubbed "Professor Packetslinger," saying that the assignment, which is worth 15 percent of the final grade, could result in students being referred to the Student Dean of Corrections. The university has decided not to take action, unless students scan its systems.
"As long as the students don't scan our computers, it is ok" the university is saying, SANS Institute handler Deborah Hale wrote. "If they scan (the school's) computers they will be reprimanded and lose their privileges on campus. This is incredible: this University is encouraging illegal activity."
Universities and federal authorities have had no qualms about prosecuting students. In 2003, authorities charged a student at the University of Texas at Austin with stealing more than 55,000 social security numbers. And last year, a student was convicted of using a keylogger to get access to exams, which he sold to other students.
A recent update to the SANS Institute blog has indicated that the professor may be reconsidering the assignment.
Posted by: Robert Lemos