Posted by
CmdrTaco
on from the i've-seen-this-before dept.
Zendar writes "idg has an article about how students at the 151-year-old Tufts University were paid as little as $20/month to relay spam from computers in their dorms. Interestingly enough, the students approached the spammers about this scheme and not vice-versa."
Re:Tracked using MAC address
by
Frater+219
·
· Score: 5, Informative
Interesting that they tracked the individuals down using MAC addresses for computers in their dorms...
I've never heard of any other Uni having the foresight to record this and it seems like a valid piece of info to have to include in any registration document (as per cable modem setup)
You don't even need to copy it down at sign-up time... just take it out of the DHCP server logs, or the ARP tables on the building router, then look for the MAC address on a switch port in the hall switch. Provided you know your wiring -- and know what switch port goes to what dorm room -- you just narrowed your problem down to the spammer and his roommate.
(Why yes, I did used to be a sysadmin at a college with a bandwidth hogs problem.)
Re:Tracked using MAC address
by
JackAsh
·
· Score: 3, Informative
Actually, I was a student at Tufts at the time they implemented the student network. At the time, ACS (Acedemic Computing Services) did require students to register MAC addresses, and I think I recall them assigning static IPs via DHCP or BOOTP (This was back in 95, DHCP was not very popular yet). You could let the network take care of everything for you, or you could enter it manually if you knew what you were doing...
I really don't remember if they used managed hubs/switches, but I recall it was a fairly trivial exercise to figure out where people were in a dorm by counting the IPs assigned (they had some pattern).
-Jack Ash (Miguel if anyone else from Tufts is reading)
Re:Tracked using MAC address
by
garcia
·
· Score: 5, Informative
at BGSU they started doing registration for the DHCP server via MAC in 1999 or 2000. When you started up after connecting your computer to the ethernet jack you would get a registration page. You would enter your student ID and your email login/passwd. Your MAC was recorded and a hostname that included your email id was given along w/a static IP. If you logged on from another other port on campus it would show as a "roam" address but it still knew you were authenticated so it still knew your MAC.
If you wanted to register another computer you would either have to use someone else's student ID + login/passwd or call up the people for help.
A side note, they were less than familiar about doing it w/alternative OSs that did not automatically bring up the registration page. You either had to use Windows to do it or have them do it manually. I used Windows;)
The School is very liberal..this isn't surprising
by
Migelikor1
·
· Score: 5, Informative
I'm a current student at tufts, and I'm not that surprised that there is some abuse of the system. The University is overall pretty laid back about student computing. The only things the sysadmins monitor for is virii that may cause systemwide problems (they send a person to your room with virus software if one's detected) and excessive bandwidth usage (over a gig per day for more than 3 days in month.)
While it is troubling to know that some of my fellow students abused the policy, it really isn't that hard. Though it pisses me off a little that they used University bandwidth for their little endeavor, the school has plenty, due to massive infrastructure installation in the late nineties. It hadn't caused any issues for the school (nobody I know has complained about a slowdown) so it's my opinion that the fact it's a university isn't a big deal. The kids are entrepreneurs, even if it's in a business I despise, taking advantage of the resources they've paid for. The real question is wether the school will add a clause to the acceptable use policy and start to monitor for spammers. Wouldn't be surprising.
-- My Karma is so good, I'm the Dalai Lama...or something.
only 20 boxes of mac & cheese? I'm a college student and I sure as hell don't buy that kind of extravagant mac & cheese. Kroger regularly puts its "kroger brand" mac & cheese on sale for 25 cents a box!
-- "Question with boldness even the existence of a god." - Thomas Jefferson
Slashdot Mirror
(Why yes, I did used to be a sysadmin at a college with a bandwidth hogs problem.)
Actually, I was a student at Tufts at the time they implemented the student network. At the time, ACS (Acedemic Computing Services) did require students to register MAC addresses, and I think I recall them assigning static IPs via DHCP or BOOTP (This was back in 95, DHCP was not very popular yet). You could let the network take care of everything for you, or you could enter it manually if you knew what you were doing...
I really don't remember if they used managed hubs/switches, but I recall it was a fairly trivial exercise to figure out where people were in a dorm by counting the IPs assigned (they had some pattern).
-Jack Ash
(Miguel if anyone else from Tufts is reading)
at BGSU they started doing registration for the DHCP server via MAC in 1999 or 2000. When you started up after connecting your computer to the ethernet jack you would get a registration page. You would enter your student ID and your email login/passwd. Your MAC was recorded and a hostname that included your email id was given along w/a static IP. If you logged on from another other port on campus it would show as a "roam" address but it still knew you were authenticated so it still knew your MAC.
;)
If you wanted to register another computer you would either have to use someone else's student ID + login/passwd or call up the people for help.
A side note, they were less than familiar about doing it w/alternative OSs that did not automatically bring up the registration page. You either had to use Windows to do it or have them do it manually. I used Windows
I'm a current student at tufts, and I'm not that surprised that there is some abuse of the system. The University is overall pretty laid back about student computing. The only things the sysadmins monitor for is virii that may cause systemwide problems (they send a person to your room with virus software if one's detected) and excessive bandwidth usage (over a gig per day for more than 3 days in month.)
While it is troubling to know that some of my fellow students abused the policy, it really isn't that hard. Though it pisses me off a little that they used University bandwidth for their little endeavor, the school has plenty, due to massive infrastructure installation in the late nineties. It hadn't caused any issues for the school (nobody I know has complained about a slowdown) so it's my opinion that the fact it's a university isn't a big deal. The kids are entrepreneurs, even if it's in a business I despise, taking advantage of the resources they've paid for. The real question is wether the school will add a clause to the acceptable use policy and start to monitor for spammers. Wouldn't be surprising.
My Karma is so good, I'm the Dalai Lama...or something.
only 20 boxes of mac & cheese? I'm a college student and I sure as hell don't buy that kind of extravagant mac & cheese. Kroger regularly puts its "kroger brand" mac & cheese on sale for 25 cents a box!
"Question with boldness even the existence of a god." - Thomas Jefferson