top | item 32949353

(no title)

dinedal | 3 years ago

> The problem is letting other people use it; of course it's nice to help people, and it's altruistic to do so for free, but some of those people might actually need this homework to learn, and you may have deprived them of that.

This, when the scope is limited to yourself, it's very different from when it impacts others.

Back when AOL Instant Messenger (AIM) was super popular, I was in university and had read about ARP poisoning. Our school was pretty cheap, so all the dorms had hubs instead of switches. This meant that it would be, theoretically, possible to ARP poison an entire dorm, MITM attack and read all the text being sent on AIM since it was sent in the clear. I had a bit of a cyber security passion lab in my dorm room, so I wrote a PoC and ran it on a LAN air-gapped from the rest of the network. I proved that it should work for myself, having confirmed that similar cleartext messages would get passed to the machine intending to listen in between two other machines.

I told my classmate of my project and he expressed interest, so I gave him a copy. Fortunately, I didn't add any authorship info, mostly because I forgot to. I did caution him that ARP poisoning is a pretty "noisy" attack, and someone who was paying attention would notice it. He foolish ran it on the university network, and confirmed he was able to see AIM messages flying back and forth for all the dorm, as well as all the other traffic. It didn't take long for our school's IT to notice that one dorm was funneling all traffic through one machine. A week later he was banned from having a computer in his dorm room for a school year. Thankfully he never gave me up, admitting it was his stupidity that brought it on himself, but nevertheless it was a lesson learned - if you're going to play in the grey space between ethical and not, do so responsibility and don't share the exploits with others.

discuss

nibbleshifter|3 years ago

> you're going to play in the grey space between ethical and not, do so responsibility and don't share the exploits with others

Aka "don't get caught".

One of the times I got in bother at the first university I attended was because I kept logging into their production servers as the root user every morning.

Their admins had left a few glaring holes open that I'd patched (and evicted some fellow travellers), but I kept their SSH keys to explore a bit.

One morning one of them happened to peruse the SSH logs, and spotted a pattern where someone on the student network was logging in every morning.

Didn't take them long to work out something was deeply fucked, and they cut my network access before pulling up the contact info they had on file for me and summoning me to their office for a bollocking.

Luckily for me they figured it would be better for their job security if they kept it purely informal as opposed to notifying the university proper and having me face a disciplinary committee.

They never rotated those ssh keys, and I learned the "don't get caught" lesson as opposed to the "don't do this" lesson.