Remote Desktop Connection and Cantankerous Computer Science Kids

Status
Not open for further replies.
S

star_topology

In Runtime
Messages
195
I haven't been making a big deal out of this, but maybe an outside opinion or two (or three, etc.) will help me out.

Here's the situation:
I work in IT for a local school district. In our new High School, we have brand new HP machines, all of which come default with Remote Desktop Connection in the Accessories folder.
RDC is very handy for making changes to our server, which is generally locked away in a book room for safe keeping.

In the library (my base of operations for a particular project) the other day, I noticed a foreign IP address in the RDC address bar, an IP address not of our IP scheme. So I pressed "enter" and it took me to a student's computer's login screen (I know this because the domain name of his PC was his name).

Upon further inspection (asking around), I found out that he and a handful of Computer Science geeks were using RDC to remote into their computers to watch videos, play games/music, but more importantly using their Internet Explorer to bypass the school's filter.

This isn't a huge concern (YET) because they aren't viewing pr0n or anything they aren't supposed to. It's just a nuisance to have kids going around the rules set forth by the librarian (use computers only for research).

The way I see it, kids will always do what they are told NOT to do. So I told the kid that I didn't have a problem with you goofing off in your free time, as long as you don't fark anything up. You can browse your Ebay (a site that is blocked), check your e-mail, use AIM, and whatnot; just don't do anything stupid or I threaten to have some "legislation" passed to prevent this from happening. Heh.

So what I did (only in the library because the librarian expressed concern) was deny access to RDC via "Student" accounts on our domain. But the campus is full of these new HPs and I can't watch them all, so I figure it's up to the teacher to not let them do what they aren't supposed to; the teacher=babysitter concept is a whole other thread not suited for this message.

But that's my rundown, should I be worried about anything in particular? At least they aren't illegally using bandwidth to download music/videos etc, it's just a bother that these CompSci geeks (I was one once) think they are "outsmarting" me, which they aren't. :p
 
that's a tough call,
and here's my thoughts:

1. when do you pull the plug
  • how much can you trust the kids
  • how much trust do you give them
  • at what point does the schools's saftey become in jeperdy
  • at what point does the safety of other students come into play
  • who is liable and for what
    [/list=a]
    2. wait for something to happen?
    • what could happen?
    • download porn and offend a young girl - girl files sexual harasment
    • who does she file against, the kid and his parents?
    • do they take it a step further to take on the school for not doing something about this?
    • virus is transfered, as you cant' garuntee the safety of every students' home PC
    • virus disables server at school... boss mad
    • one of these little wise guys tries to "hack" something and it's traced back to the school
      [/list=a]

      it's about risk and CYA...
      true "what are they hurting" (NOW)
      just like i would take away netsend, so that they can't pop message windows up on pc's or bog the network by sending them to every computer on the domain... i personally would do away with the privleges... or even make it a "reward" for those trusted students whom you can monitor and perform well... an incentive of sorts, and a privlege to be earned (but that's putting you @$$ on the line if you know what i mean...)

      it's a tough call, but if it were me, i'd put my job and safety first... the kids can play when they get home. school is for learning. not learning to get around the rules.
 
Thanks for the feedback. It's good to have another opinion.

"it's a tough call, but if it were me, i'd put my job and safety first... the kids can play when they get home. school is for learning."

That's what I think to myself.
He tells me "I check my e-mail and ebay orders every 5-10 minutes even when I'm at home."
Therefore, I should tell him to 'play when he gets home,' but--back to my kid-psychology comment, he'd go and do it anyway just to spite me. Plus, I'm not on campus all the time to watch him--just for this week.

The High School (not our IT department--we are only consultants) have the kids sign waivers at the beginning of the year that say "don't do anything wrong" pretty much. Maybe we should add rules as they become problems. Once again, thanks for the feedback.
 
having the ability to adapt the defenition of "what is wrong activity" on the network as problems, technology, ect ect... is an essential part of keeping controll in your hands.
DO NOT let these kids have the upper hand, as i'm starting to realize there are kids half my age that may know more than i do... not a good feeling when i'm trying to put food on the table.

they are smart and they will try to spite you. but, if they don't have the ability, there is nothing they can do...
why not remove the remote connection from all PC's except for those "teacher/it/administrative" workstations... all the pc's the kids should not be on...

and if a kid has to check his ebay account every 5 min. there is something phycologically wrong!!
and why would a highschool kid need to check an ebay account that often? what are they selling?
 
He mostly checks EBay and NewEgg for his computer parts as he's in the process of building/souping-up a computer. You know how kids are.
I've disabled RDC in the Library, but taking the time to do the whole campus would be counter-productive.

I still like the idea of making 'amendments' to computer policy waivers, but that's not up to me.
 
my school doesnt block things like ebay and email (hotmail was but not any more) why don't you unblock ebay and and most email sites, and then get rid of the remote assistance on non admin log ons. This would stop them doing anything that might offend anyone (unless if they have porn on their email...
 
You can use Group Policy to control that as well. Seems like Active Directory would be used in a school with a lot of PC's so if it is, look at using the GPO's to shut down access for the student logins. Also turn off regedit capability so they can't alter the setting by changing the registry entry.
there are ways around it, but it takes a lot more know how than I suspect you are dealing with there...
 
"You can use Group Policy to control that as well. Seems like Active Directory would be used in a school with a lot of PC's so if it is, look at using the GPO's to shut down access for the student logins."

This could be utilized in the Computer Labs, in which the students have their own IDs. However, when they go to another teacher's classroom, the teacher is logged in as well, and most students can sweet talk to the teacher into their administrative privileges.

"there are ways around it, but it takes a lot more know how than I suspect you are dealing with there..."

Good point. Then again, they are smart enough to look up loopholes on the internet. I'm only 21, so I'm still "in touch" with the state of mind, I guess. :p
 
that's right, they can google it and spend a few days trying this and that till it works.... at which point they have very much violated even the most slack of wavers they may have signed and are def. busted as the ip addresses are logged and user ID can be traced... then it's up to the administration to make an example out of the first little hacker you catch... just like they did to... umm a friend, of mine who thought he was that smart back in the day... it was nothing like what you're dealing with, we were simply changing a few things around in win95 and win98... wow, are we getting that old? i'm only 22, so i know what you mean "in touch"
pardon if i'm not to simpathetic with them, i spend most of my time trying to outsmart people like that all day... the ones that want to bend the rules and walk on the wild side, wanabe ubergeeks...
 
"at which point they have very much violated even the most slack of wavers they may have signed and are def. busted as the ip addresses are logged and user ID can be traced... then it's up to the administration to make an example out of the first little hacker you catch..."

Exactly. With all this feedback, my boss and I have decided to write up a little "notice" that they are, in fact, in direct violation of the district's computer use policy rule "Computers are to be used for educational purposes only."
I definitely don't want to punish them (there are a handful of kids, but just this one in particular is a little brat about it). The other remotes in a plays his music.
We'll just give a warning that they are in defiance of the rules and if they are seen doing this particular thing again, they will be punished.

I do know that kids go to the library in their free time to play games, this is understandable. I don't really want to be "pot meet kettle" about this, but you really don't need to be using the RDC at school...

Thanks for all the comments! This board isn't as unpopulated as I thought. :p
 
Status
Not open for further replies.

Similar threads

bL4cKh4T
windows not allowing any type of connection
Replies
0
Views
362
bL4cKh4T
bL4cKh4T
richardwilson
Is it legal to use spy apps and software to monitor our kids or spouses' digital activity?
Replies
3
Views
576
pete.i
P
ikonix360
Computer problem
Replies
2
Views
353
ikonix360
ikonix360
ikonix360
Computer build
Replies
7
Views
364
ikonix360
ikonix360
G
Are remote desktop graphics generated locally or remotely?
Replies
2
Views
1K
gib88
G
Back
Top Bottom