I would like everyone's opinion on something:

Back when I was in high school, I found (as the Webmaster) a series of security loopholes that could let anyone get admin or teacher access within minutes of just browsing the network, as we're supposed to do, and do on a daily basis. They were running Windows 98 machines with NT Scripts (that self-reportedly didn't work). That's one of the causes of the problem.

So I reported the problem, and was immediately suspended, had my network access taken away, and had a bunch of other things shoved onto my permanent record. I was also forced to drop two classes. Luckily, it went on my transcript the day after I had it sent off to colleges, and was still accepted into a very good school.

Now the same thing is beginning to happen. I've noticed a few problems in the school's network, this time much bigger, more complex, and with people on who it are largely unmonitored and more clever than the folks back in high school.

I don't know whether or not I should go ahead and report it. I'm good friends with my CS Professor, a few other CS Professors, and the Network Admin knows me, although he's still leary. Because I asked him about the legality of getting my FTP Server to be available outside the network he may not trust me, and may pin these things (quite wrongly) on me.

What do you all think? Should I report these flaws or not? Keep in mind, I haven't exploited or explored them much beyond seeing that the cracks are there.

Opinions?