I'm getting the blame for hacking

[compaq]

I wouldn't get a lawyer quiet yet, apart from just to let them know you might need them in the future. I'm guess that the school might have contacted a police, but with the admins maybe not following assurance and intgrity steps the case would be on hold.
I'm betting that a student has got access to a VPN cert/pass and logged in using your account.

Question, with the admin accounts that were deleted, was one of them your account?

Maybe find some questions like that to ask the admins there, and what there answers are.

[Isohump]

Wish u the best of luck man i know how that feels got kicked out of my school just for showing my computer class teacher what i can do.


P.S never show people backdoors

I NOW I F***ED UP.

[3l33t1]

Are you sure someone in you home didnt do this mistake?
You use wep at home and make numerous Security mistakes ,There is too many whatifs here. Are you sure you didnt really do this mistake and looking for answers? You should think more evil and learn better security practices.
My job we use cisco vpn password and then use a grid challenge.
I have admin rights, and dont see how a cracker could find all these security loops. So they logged onto your router(must be someone close by). Used wepbuster,Do you have file sharing on? If they search your desktop find cisco vpn.password saved to a text doc and use that to log on,it could work, But why were certain accounts deleted? I would have created another account and replace it and have full access. Maybe they tried deleting a account and tried replacing it with a new one,but blotched it up. Just my opinion.

[D3ADLiN3]

Quote:

Originally Posted by Morbius

I work in a school as an IT technician so I have access to the server and all PCs there.

Im assuming this is a Windows domain. Are you a Domain Admin?

Quote:

One of the things we have is Cisco VPN so teachers can take their laptops home, connect securely through the Internet back into the school network.

Im assuming you have the Cisco VPN client installed on your Home PC?
Is the Cisco Username/Password different to your Domain Account?

Quote:

The other day, someone used a VPN, got onto a server and started maliciously deleting accounts.

Are these random accounts, or specific accounts? Was anything else changed?

Quote:

The security team became involved and it has been traced back to MY home broadband. How can this be?

What has pointed back to your Home broadband? VPNd Logs?

Quote:

Is it possible someone has used my broadband username and password and logged into their router as me from another property and it's linked the IP address as belonging to me?

Highly unlikely. Assuming you are using A/DSL, another user would have to be with the same ISP. Also the ISP logs would indicated the phone number which the connection was established from.

Quote:

Could someone have VPN'd in from somewhere else and somehow spoofed my IP address?

Impossible to spoof public IP address (to establish a VPN Connection), Possible you are being used as a proxy.

Quote:

My wireless has wep encryption - not strong, I know but they would still have needed the VPN client, no?

If somebody has hacked your Wireless they could be sniffing your network. FakeIKEd maybe? Cisco VPN is available to download from Ciscos website.

Quote:

I found that my router had remote access enabled so could someone have come in from outside, accessed my PC and VPN'd in from there?

Depending on your Router you may have Firewall rules setup to allow external access; also possible (again depending on your Router) somebody has created a VPN to your Home Router.

Quote:

Whoever's done it has hacked the servers at the school and it's all pointing back to my IP address ! I am in big trouble right now.

Have any other changes occured on the Schools network?


Few questions to ask:

How has the "Security Team" linked the IP address to you? Do you have a Static IP?
What is the time & date the accounts disappeared?
(Assuming its a Windows Domain) Is Active Directory Auditing turned on? If so what do the Security logs say? (The deletion of objects will be logged)

Quote:

Originally Posted by Isohump

i know how that feels got kicked out of my school just for showing my computer class teacher what i can do.

I got excluded from School for hacking too