<HTML>
<HEAD>
<TITLE>Re: [Year 12 SofDev] U4O2 KK - Techniques for testing network security</TITLE>
</HEAD>
<BODY>
<FONT FACE="Calibri, Verdana, Helvetica, Arial"><SPAN STYLE='font-size:11pt'>User access to other areas<BR>
Users being able to change their permissions (e.g. Student has full permissions to their home directory and then removes administrator and system from their directory and thus no supervision and no control and can add any one else!!)<BR>
Running exe files from sticks<BR>
Denial of service<BR>
Auto scans on file open<BR>
“sniffing” for hidden shares – esp ones set up by students<BR>
Wireless access to strays? (e.g. Google street view cars) - incidentally I have not heard anything about “war chalking” for a few years<BR>
Access to resources – e.g. Do your students have access to the printer in the staff room?<BR>
<BR>
Andrew<BR>
<BR>
-- <BR>
</SPAN></FONT><FONT SIZE="4"><FONT FACE="Apple Casual"><SPAN STYLE='font-size:14pt'>Andrew Shortell<BR>
</SPAN></FONT></FONT><FONT FACE="Calibri, Verdana, Helvetica, Arial"><SPAN STYLE='font-size:11pt'><BR>
Heidelberg Teaching Unit<BR>
Ph 9470 3403<BR>
Fax 9470 3215<BR>
<BR>
c/o Reservoir High School<BR>
855 Plenty Rd<BR>
Reservoir 3073<BR>
<BR>
<BR>
On 23/08/11 10:56 AM, "Mark KELLY" <<a href="kel@mckinnonsc.vic.edu.au">kel@mckinnonsc.vic.edu.au</a>> wrote:<BR>
<BR>
<FONT COLOR="#0000FF">> Hi all. I'm working on a theory slideshow and can't think of much to<BR>
> say about testing techniques apart from:<BR>
> <BR>
> • Simulate known threats and measure system response in terms of<BR>
> speed, accuracy and effectiveness of its reaction<BR>
> • Hire an expert outsider (e.g. a “grey hat”) to test the security and<BR>
> report its weaknesses<BR>
> <BR>
> What else can one do? Any ideas?<BR>
> <BR>
> --<BR>
> Mark Kelly<BR>
> Manager of ICT, Reporting, IT Learning Area<BR>
> McKinnon Secondary College<BR>
> McKinnon Rd McKinnon 3204, Victoria, Australia<BR>
> Direct line / Voicemail: +613 8520 9085, Fax +613 9578 9253<BR>
> <a href="kel@mckinnonsc.vic.edu.au">kel@mckinnonsc.vic.edu.au</a><BR>
> VCE IT Lecture Notes: <a href="http://vceit.com">http://vceit.com</a><BR>
> Moderator: IT Applications Edulist<BR>
> <BR>
> Want a good time? Call 0112358. Ask for Mr Fibonacci.<BR>
> <BR>
> _______________________________________________<BR>
> <a href="http://www.edulists.com.au">http://www.edulists.com.au</a> - FAQ, Subscribe, Unsubscribe<BR>
> IT Software Development Mailing List kindly supported by<BR>
> <a href="http://www.vcaa.vic.edu.au">http://www.vcaa.vic.edu.au</a> - Victorian Curriculum and Assessment Authority and<BR>
> <a href="http://www.vcaa.vic.edu.au/vce/studies/infotech/softwaredevel3-4.html">http://www.vcaa.vic.edu.au/vce/studies/infotech/softwaredevel3-4.html</a> <BR>
> <a href="http://www.vitta.org.au">http://www.vitta.org.au</a> - VITTA Victorian Information Technology Teachers <BR>
> Association Inc<BR>
</FONT><BR>
</SPAN></FONT>
</BODY>
</HTML>