Looking for WebCT security information.
Results 1 to 6 of 6

Thread: Looking for WebCT security information.

  1. #1
    Junior Member
    Join Date
    Apr 2002
    Posts
    5

    Looking for WebCT security information.

    Greetings all,

    I am a software engineering supporting an install of WebCT on our campus. I'm looking for any good sites that might list any WebCT exploits or if you know of any to help harden our box and keep the system running smooth. Thanks for any info you may have!

  2. #2
    Member
    Join Date
    Aug 2003
    Posts
    41
    \"Not everything that counts can be counted, and not everything that can be counted counts.\" (Sign hanging in Einstein\'s office at Princeton)

  3. #3
    Senior Member
    Join Date
    May 2003
    Posts
    747
    I really hope your not trying to hack WebCT, i am a current student on that program. I wish they allowed you to use a stronger password on there, the one they make you use about pathetic.

  4. #4
    Senior Member
    Join Date
    Jan 2003
    Posts
    3,914
    Originally posted here by FrameWork
    I really hope your not trying to hack WebCT, i am a current student on that program. I wish they allowed you to use a stronger password on there, the one they make you use about pathetic.
    Umm... they don't make you use anything. We also make use of WebCT at my college. Our login is our student number and our default password was also our student number, however as soon as we logged in we had the option of changing the password, which we all did. Mine was 8 character alpha-numeric, upper and lowercase. For something like WebCT I'd think that was more than secure enough.
    IT Blog: .:Computer Defense:.
    PnCHd (Pronounced Pinched): Acronym - Point 'n Click Hacked. As in: "That website was pinched" or "The skiddie pinched my computer because I forgot to patch".

  5. #5
    Senior Member
    Join Date
    May 2003
    Posts
    747
    Umm... they don't make you use anything. We also make use of WebCT at my college. Our login is our student number and our default password was also our student number, however as soon as we logged in we had the option of changing the password, which we all did. Mine was 8 character alpha-numeric, upper and lowercase. For something like WebCT I'd think that was more than secure enough.
    Hmm.. I will look into that, i havent seen anywhere in WebCT that allows me to customize my password.

    Edit: Nope, you're right HT, i just wasnt looking hard enough. It's my first week using WebCT.

    I'm glad you mentioned that.

  6. #6
    Junior Member
    Join Date
    Apr 2002
    Posts
    5
    No, I'm not trying to hack it, trying to beef it up as much as possible. I had enough of a nightmare integrating the user accounts and courses with our data warehouse that the last thing I need now is for some person to decide to get crash happy and try to bring the system down or get into other people's accounts. Our server manager does a good enough job at locking down the box with restricted IPs to anything other than the web port and I think a couple others, but I was looking into any potentials with exploiting the (IMHO) lousy programming behind the scenes to get into things or bug out the system.

    In regards to passwords, that depends on the administrator's settings after the initial login. We make it a minimum of 8 characters and then its kind of in their hands on how "smart" to make the password. Thanks for the link by the way, I'm looking into some resources off that now.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •