On 5 Feb 2003 at 10:25, Ralph Los wrote: > for signs of mis-use, abuse, or "hacking". What I DID find was a student's > directory which had *explicit deny* for the administrators group to all > rights. I had to go and "take ownership" to get a view into this student's > directory. > > Now, this is as close to a "smoking gun" as I have. I'm trying to This is nothing of the sort. This could be a user concerned for their privacy (regardless of whether they have any legitimate expectation of privacy in the system) or one who has played with the permissions out of curiosity. You do not say what activities you consider to be 'misuse' or 'hacking'. Before looking, you need to know what activities you are looking for. Unless the rules for use of the system are defined, it is quite possible for a user to be engaged in an activity which you consider wrong, but they consider to be legitimate use, and they will have obvious grounds for complaint if you accuse them of doing something they had no way of knowing was wrong. ----------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Sat Feb 08 2003 - 15:11:36 PST