Process Detection?

Droby10, I don't quite understand your last post.

Anyways, here's the update: I finally logged into the server, checked it all out, and took my tests. I was able to open IE windows, and have IMs, and still continue the test. I first filled in all the answers, and then did everything just in case. Nothing happened. There is a link, "submitted exams." I clicked that link before submitting mine. Nothing showed up there. I hit back on my browser, the submit my test, and went back to the submitted exams page, and it was updated. It was all BS. He only said things to scare us. I saved the source of the site also, just to see if there was any Javascript. Here's all I got:
<script language=JavaScript>
<!-- HIDE
function check() {
return true;
}
// STOP HIDING FROM OTHER BROWSERS -->
</script>

I hope that shows up. Anyways, it's nothing. I think that's some code to submit data to the server, or something, but not to view active processes.

Also, my teacher was bragging in class about how no one ever hacked that site, but just by looking at it it seemed insecure. The passwords are delivered to your E-Mail in plain text, you can alter information by changing things in the URL. He says that if you want to change anything on your account, E-Mail him through a Perl form on the site. Haha. Could he make it any easier to forge an E-Mail. And get this, your password is saved in the value of an HTML text box. And I wasn't even trying! Now comes the decision whether you tell someone about all the insecurities or not...

Ramzi

People are stupid.
However teachers (esp highschool age) seem to be the peak of dumb IT ness, when thier students usually know more.

Classic example,
I use to cheat at school, no one would let you install anything on the computers and registry etc was very locked down.
I did it by using net send..
Of cause they didnt have any firewalls between any of the subnets so if i knew the machine a friend was on, i could send a winpopup to him (alerter was running on every box) and he would reply.

Cheating didnt get me anywhere, i mean hell, i still passed the final exam, i just had better things to do than study (like a real coding job).

However it got more fun when i decided to send broadcasted winpopup messages.. Ok, i was new to computer security, and could of done alot more advanced attack now, but hey it worked fine.. I wrote a small bat file and added it into the startup of 10 computers around the campus. Then rebooted one by one,

somthing like

do while(1) {
net send * $random-message
}


The admin **** himself as every computer in the camus was dos'd by millions and millions of messages.. The same dude had even bragged to me that his network was so secure.. The sad thing is the admin pass on every pc was the ****ing schools name =)

People are stupid, too many people teach IT yet dont fully understand it themselfs..
Your case of 'scaring' the students is the classic way, why not make the students find a way to stop themselfs from cheating? Teach security at highschool i say, too many dumb it admins out there.

Quote:

---

Good points Ramzi. Can you imagine an instructor accusing people of cheating on such spurious evidence? Can you say "entirely circumstancial"?

---

Where I went to school, if a teacher says you cheated, YOU CHEATED. What does evidence have to do with it? ;)