Student suspended for bypassing network security
April 28, 2007 on 9:18 am | In General Nonsense |From the article:
The University of Portland handed a one-year suspension to an engineering major after he wrote a computer program designed to replace and improve Cisco Clean Access.
Maass noticed flaws in CCA that would allow it to be bypassed. Essentially, a program could be written that fooled CCA into thinking it was receiving correct information identifying a computer’s operating system and antivirus as current and up to date.
According to Information Services Director Bryon Fessler, a fundamental purpose of CCA is that it “evaluates whether computers are compliant with security policies (i.e., specific antivirus software, operating system updates, patches, etc.).”
In the design of his computer program, Maass looked at the functions CCA provides and identified vulnerabilities where it could be bypassed. He wrote a program that emulated the same functions as CCA and eliminated some security issues.
Maass says his intent was not malicious. Rather, the sophomore says he was examining vulnerabilities so that they could be fixed.
“I was planning on going to Cisco with the vulnerability this summer,” Maass says.
No Comments yet »
RSS feed for comments on this post.
Leave a comment
Disney
- Disney Cast Portal - View your paystub or schedule online, update personal info, etc.
Monorails
- Monorail Express.com - Disney Monorail News and Information
- Switchbeam.com - Mike’s Blog. News about the good, the bad, and the ugly.
- The Monorail Society - The Monorail Society is an all-volunteer organization founded to foster more awareness and promote this unique method of transportation.
Affiliates
Share pictures, hotlink from Ebay or your blog, all free.
Meta:
Powered by WordPress with Pool theme design by Borja Fernandez.
Valid XHTML and CSS. ^Top^