Yea i'd approach the school with the security hole and tell them to fix it before they find you out you saw the hole. White hat cracking :). I don't know much about networking though. <div> On 11/15/06, Eric O'Neal <<a href="mailto:fyedernoggersnodden@gmail.com">fyedernoggersnodden@gmail.com</a>> wrote:<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;"> Mmkay, at my University, SSH access to the UNIX servers (With limited privilidges, of course) is dolled out freely to all students (I don't think it should be, but whatever).  All they have to do is log onto a web interface, set a shell, and voila.  A friend and I, for some reason or another, logged on the other night.  Out of sheer curiosity, I cd'd into the root directory to see what all I had read access to.  Just about everything, it seems.  Being a comp. sci. student interested in how things are secured, I view the /etc/passwd file.  Shaddowed.  Good. Here's the kicker.  My buddy, with the same non-malicious curiosity, typed "ypcat". Wham.  The encrypted passwords of 9,000 or so users hit his LCD, coming stright from the NIS Domain server, core of the University's authentication system (The Windows domain copies the NIS domain). !!?! I downloaded John the Ripper and had some fun with it, finding 30 or so blank passwords, among others.  However, I have no reason to keep those passwords, as I've never been tempted to try and feel "powerful" by holding such data.  I deleted the encrypted pass's from my hard disk an hour later, but the security hole is still there. I don't know much about NIS, so I installed a server on my Ubuntu box, and cliented my FreeBSD box to test it.  When I do "ypcat" from my client here at home, it doesn't display the passwords, but a little friendly 'x' instead amongst the user data.  They seem to be shaddowed off, or something of that sort. Like I said, NIS is a black box to me.  Is my Ubuntu ypserve really immune to getting passwords via ypcat?  And, if so, would there be a simple way to shaddow off the passwords on a Solaris 7 server, which seems to be what they're running? This whole situation sounds dangerously similar to the gig Red_Herring got himself into a while back at his high school... how'd his hearing go, btw?  I work programming for one the departments, and my friend works in campus IT, so I think we'll be okay if we go talk to the admin about it (I'd like to know it's solvable first), though we may have technically violated the policy already. Cheerio and advice welcome, SigmaX PS:  Sry I haven't made it to a meeting.  I'm in SW Michigan, remember, and so bogged down with classes that I didn't even realize there was a chat meeting 'till it was too late... -- My home page:  <a href="http://www.SigmaX.org" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">http://www.SigmaX.org</a> "ttocs laeno cire oshkosh b'gosh fyedernoggersnodden nicht stein bon probiscus" "Education is what remains after one has forgotten everything he learned in school"               -- Albert Einstein -- Ubuntu-us-chicago mailing list <a onclick="return top.js.OpenExtLink(window,event,this)" href="mailto:Ubuntu-us-chicago@lists.ubuntu.com">Ubuntu-us-chicago@lists.ubuntu.com</a> <a onclick="return top.js.OpenExtLink(window,event,this)" href="https://lists.ubuntu.com/mailman/listinfo/ubuntu-us-chicago" target="_blank"> https://lists.ubuntu.com/mailman/listinfo/ubuntu-us-chicago</a> </blockquote></div> -- -Freddy Martinez- Kubuntu. [GNU/]Linux for human beings. </message>