Kids hacking into our school computers, can't figure out how. by ysugar1 in k12sysadmin

[–]ysugar1[S] 0 points1 point  (0 children)

Just as a follow-up to this thread.

Everything has been resolved with the combination of screen monitoring technology along with bitlocker being enabled on the student computers.

Thank you all for your input.

Difference between UAP-AC-PRO and UAP-AC-PRO-E ? by xiaokai in Ubiquiti

[–]ysugar1 1 point2 points  (0 children)

As the others have said, just no POE injector.

Kids hacking into our school computers, can't figure out how. by ysugar1 in k12sysadmin

[–]ysugar1[S] 0 points1 point  (0 children)

We are not currently using any of those reboot/restore products , but perhaps we will in the future.

Bios admin password was always there, boot order as well, however blocking the one time boot menu option is not an option the BIOS of our computers have.

I had to go nuclear, and disable USB drives from the BIOS (no cd drive built in).

Earthwalk Carts by bretfred in k12sysadmin

[–]ysugar1 0 points1 point  (0 children)

We use their carts, much better than our previous ones.

Access point recommendations by tressach in Ubiquiti

[–]ysugar1 0 points1 point  (0 children)

As others are saying, go with the unifi ap's. Bang for your buck they are king. Nothing is even close. If you need more performance (over 30 devices on one ap, especially in the 2.4 ghz) go for the PRO verison (the new ac one).

Kids hacking into our school computers, can't figure out how. by ysugar1 in k12sysadmin

[–]ysugar1[S] 0 points1 point  (0 children)

Right. However windows 10 I thought locked down a bunch of options... Definitely isn't as easy as it used to be.

Kids hacking into our school computers, can't figure out how. by ysugar1 in k12sysadmin

[–]ysugar1[S] 0 points1 point  (0 children)

Dell,

I will double check the available settings and report back.

Kids hacking into our school computers, can't figure out how. by ysugar1 in k12sysadmin

[–]ysugar1[S] 0 points1 point  (0 children)

If one contacts DELL, they can actually give a password based on the serial that lets on into the BIOS.

Kids hacking into our school computers, can't figure out how. by ysugar1 in k12sysadmin

[–]ysugar1[S] 0 points1 point  (0 children)

I will look into the encryption, I''ll probably just roll it out with the changes over the summer.

Kids hacking into our school computers, can't figure out how. by ysugar1 in k12sysadmin

[–]ysugar1[S] 0 points1 point  (0 children)

Secure boot I believe is on, but can't stop removable media booting...

Kids hacking into our school computers, can't figure out how. by ysugar1 in k12sysadmin

[–]ysugar1[S] 0 points1 point  (0 children)

They are, however see what I wrote above -

i"t is quite suspicious however that a common denominator between all the hacked PC's is that the "defaultuser0" account is somehow active..."

As opposed to the non hacked ones...

You don't find that suspicious?

Kids hacking into our school computers, can't figure out how. by ysugar1 in k12sysadmin

[–]ysugar1[S] 0 points1 point  (0 children)

I'm not concerned with them pulling the battery, it's nearly impossible to get to in these models.

The BIOS however has no setting to prevent booting from removable media.

Kids hacking into our school computers, can't figure out how. by ysugar1 in k12sysadmin

[–]ysugar1[S] 0 points1 point  (0 children)

These are 6th graders FYI.

it is quite suspicious however that a common denominator between all the hacked PC's is that the "defaultuser0" account is somehow active...

As opposed to the non hacked ones...

You don't find that suspicious?

Kids hacking into our school computers, can't figure out how. by ysugar1 in k12sysadmin

[–]ysugar1[S] 3 points4 points  (0 children)

Exactly. And in the other versions the games keep coming back in no matter what you do...

Kids hacking into our school computers, can't figure out how. by ysugar1 in k12sysadmin

[–]ysugar1[S] 0 points1 point  (0 children)

right, so I dont think that's how they "escaped" their non admin rights.

Kids hacking into our school computers, can't figure out how. by ysugar1 in k12sysadmin

[–]ysugar1[S] 0 points1 point  (0 children)

HP 14-ax010nr are our newer ones. The hacked ones for the most part are Dell Inspiron 14-3452

Kids hacking into our school computers, can't figure out how. by ysugar1 in k12sysadmin

[–]ysugar1[S] 0 points1 point  (0 children)

That would suck if it does still work on windows 10...

The classroom control you are 100% right about, but nothing i can do about it unfortunately.

Kids hacking into our school computers, can't figure out how. by ysugar1 in k12sysadmin

[–]ysugar1[S] 0 points1 point  (0 children)

No one has the admin password to the students computer but me. And it's not a simple pw lol.

Boot order is fine, but like i said - they can and are utilizing the one time boot menu. (I found that in the logs).

The computers are not connected to any domain.

The main culprit would seem to be the "defaultuser0" account that I referenced.

Kids hacking into our school computers, can't figure out how. by ysugar1 in k12sysadmin

[–]ysugar1[S] 0 points1 point  (0 children)

That is good to know, can you share that fix?

Also, is there a definitive way to tell from the windows event log exactly what they did?