[funsec] Question for the group
pauls at utdallas.edu
Sun Feb 12 13:48:24 CST 2006
--On February 12, 2006 9:02:07 AM -0500 TheGesus <thegesus at gmail.com> wrote:
> On 2/11/06, Paul Schmehl <pauls at utdallas.edu> wrote:
>> Recently we discovered that some message boards in China were posting the
>> urls for web proxies at various universities, along with "login
>> credentials". In our case that meant the url and a sixteen digit number
>> that represented our "Comet Card" IDs, smart cards that we issue to every
>> student, staff and faculty member when they arrive.
> Do you think maybe what they're after is the Comet Card # and they are
> only using the proxy to generate & test valid #'s?
> What else can you get with a Comet Card?
Nothing digital. The library proxy is the only use of that ID that allows
remote access. Everything else it's used for (like checking out books)
requires a physical presence.
> I suppose this is the place...
Yes, that's it.
Paul Schmehl (pauls at utdallas.edu)
Adjunct Information Security Officer
University of Texas at Dallas
AVIEN Founding Member
More information about the funsec