Page 1 of 7 123 ... LastLast
Results 1 to 10 of 61

Thread: School Trouble

  1. #1
    Senior Member
    Join Date
    Dec 2002
    Posts
    127

    School Trouble

    Ok. At school there are these guys who keep messing with the computers in some of the computer labs, i guess you would call them that. My teacher came to me for help to getting them to stop. I have been helping her to lock down some of the computers but not all of them. Now the thing is that they are using trojans and somehow getting them onto computers in other rooms. My teacher wants to catch them red handed but they are always on the look out for the teacher when she is near. I was able to lock them out of a couple of computers, with the teachers permission, but am asking you all on other ways to lock them out. Here are some things i did so far,

    1. Ive have set the computers to boot from the hard drive and not let them access the CMOS or boot procedures.

    2. The school uses fortress 101. They were able to get the password via key logger, and looking over the tech's shoulder. So i have changed the password on some of the computers.

    3. I have turned on all the virus scans on some of the computers to deleat the trojans they have installed or use.

    Now my quesiotns are, is there a better program than frotress 101? Is there any other steps to lock down the computers? And what can we do to catch them red handed to use as evidence for the school athorities?

    Thanks in advance.
    The only four things i need are food, water, a computer, and the internet.

  2. #2
    There are ways to see what people are doing in your network. In fact, there is software to monitor all activity including grabbing screenshots. Here is more info:

    http://www.rhombustechnologies.com/w...g_software.htm

    furthermore, it would not hurt to have logs on activity, because you know who was at the workstation(s) at a particular time, IP addresses, admin log in attempts, etc....

    Hope this helps,

    Jack

  3. #3
    Senior Member
    Join Date
    Sep 2001
    Posts
    1,027
    I take it these are win95/98 boxes?

    Ammo
    Credit travels up, blame travels down -- The Boss

  4. #4
    Senior Member
    Join Date
    Dec 2002
    Posts
    127
    They are windows 98. And i know about those programs too. Which ones are good though to get good evidence on them. Plus, i dont really know much about those programs Linuxguy.
    The only four things i need are food, water, a computer, and the internet.

  5. #5
    Junior Member
    Join Date
    Jan 2003
    Posts
    8
    You said that the possibility of the kids getting the passwords via key logging isn't possible? We'll, just as a precaution I would suggest checking the keyboard connection on the back of the towers because it could be possible they put a physical key logger on there... like KeyKatcher (sp?) or the like.

  6. #6
    They are windows 98. And i know about those programs too. Which ones are good though to get good evidence on them. Plus, i dont really know much about those programs Linuxguy.
    If they are Windows98, there is very little if no security at all. As for the monitoring programs, I have never used them myself, but have seen them ina action. They are pretty nifty. The admin was showing me box after box on what each user was doing.

    Jack

  7. #7
    Senior Member
    Join Date
    Dec 2002
    Posts
    127
    They havent installed any hardware key loggers. They put in keylogging trojans to get them. Another thing i should have said is that they are mainly using sub 7. I have removed the server programs many times but they keep installing it.
    The only four things i need are food, water, a computer, and the internet.

  8. #8
    Then download The Cleaner http://www.moosoft.com. If Sub7 is installed, security measures are pretty moot.

    You have a big job on your hands... however, since the servers are installed, why not see what they are doing by using a dummy server? http://www.xploiter.com/tambu/tambudummy.shtml and see what commands they use. Then save it to a log file

  9. #9
    Senior Member
    Join Date
    Dec 2002
    Posts
    127
    I know. I clean them often, but they keep on installing it. What we need is a program that is pretty cheap, preferably free, to catch them and be able to use it to show as evidence if ever needed. Also, they somehow have gotten the server onto other computers that arn't in that room, so i have no access to those computers. The only way i know to take out the server file is to use the trojan client program also, and remove it that way, but i dont want to be brought back down to their level and also i dont want to get in trouble.
    The only four things i need are food, water, a computer, and the internet.

  10. #10
    The only way i know to take out the server file is to use the trojan client program also, and remove it that way, but i dont want to be brought back down to their level and also i dont want to get in trouble.
    The client part is "harmless", it's the server that is harmful... if you have specific permission form the admin to use it to disable, log or disarm the users, then I do not see any harm in using it (If not, then forget it!!). However, I would do that as an absolute last resort; The Cleaner and manual methods of removal is probably the best way to go.

    Good luck

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •