ccastmg@prism.gatech.EDU (Michael G. Goldsman) (06/12/91)
I just read this on ga.general... ---------------------------------------------------------------- ---From: mcovingt@athena.cs.uga.edu (Michael A. Covington) ---Newsgroups: ga.general ---Subject: Student suspended for helping hackers ---Summary: Student deliberately compromised security of athena.cs.uga.edu ---Date: 11 Jun 91 04:21:01 GMT ---Organization: University of Georgia, Athens The University will soon be issuing a news release about this incident. In the meantime, here is a summary: (1) A number of unauthorized users have been using various University of Georgia computers. Most of them have left much more of a trail than they realized and will be hearing from us. (2) The first person actually caught as part of this incident has now been sentenced to 2 quarters' suspension, plus a probated expulsion, by the Student Judiciary. This was a U.Ga. student whose name cannot be released due to confidentiality of educational records. What this student did was mail a copy of /etc/passwd from athena.cs.uga.edu to a "hacker" who had already penetrated another system, and who wanted to use a password-guessing program to break into athena. The student was fully aware that he was assisting in a break-in. Two points that everyone may need to be reminded of: (1) Unauthorized computer use is a felony under Georgia law (which is about to become even stricter, on this point, than it is already). (2) We cannot presume that any intruder is harmless. To keep the machine safe for everyone, we have to presume that every unauthorized user intends something destructive. It's very common for an intruder to say "I meant no harm" when in fact a transcript of his session shows that he was trying to crash the machine or delete people's files. The University of Georgia has no public-access UNIX machines. If anyone gives you a password on one of our machines, please contact me. ---------------------------------------------------------------- I didn't know that doing things with an /etc/passwd would be considered unauthoprized use. the file is readable by the world after all. The uga student was not the one who broke in. I have some serious problems with UGA supending him. I am a little too "exam-week-weary" to articulate my feelings well, but I thought that you guys should know about this. What if a student runs cops on /etc/passwd... would this be considered intent to break into a system and could he thus be suspended? Well, you guys can mull it over today, I need some sleep. -Mike Goldsman -- ------------------------------------------------------------------------ Mike Goldsman 36004 Georgia Tech Station Atlanta Georgia, 30332, 404-872-5146
bernie@metapro.DIALix.oz.au (Bernd Felsche) (06/12/91)
In <31124@hydra.gatech.EDU> ccastmg@prism.gatech.EDU (Michael G. Goldsman) writes: [ quoting from a ga newsgroup ] >Two points that everyone may need to be reminded of: >(1) Unauthorized computer use is a felony under Georgia law (which is >about to become even stricter, on this point, than it is already). >(2) We cannot presume that any intruder is harmless. To keep the machine >safe for everyone, we have to presume that every unauthorized user intends >something destructive. It's very common for an intruder to say "I meant no >harm" when in fact a transcript of his session shows that he was trying to >crash the machine or delete people's files. >---------------------------------------------------------------- [ end partially quoted quote ] >What if a student runs cops on /etc/passwd... would this >be considered intent to break into a system and could he thus >be suspended? Is there reasonable proof that it was the particular _natural_ person who mailed the file? It is possible for a cracker to login as the accused and mail the passwd file. IMHO this leaves the situation wide open, in terms of "reasonable doubt". There is usually no _evidence_ which points the finger at the natural person, only his account. Is a student therefore guilty of the felony, simply because of a bad choice of password? The big-brother tactics of watching everything that everybody does would no doubt restrict creative experimentation. I'd say it's counter to the aims of an institution that calls itself a University. Also, how can one be sure that the logs used as "evidence" have not been fabricated or forged? How did they find out that /etc/passwd was being mailed? Do they routinely peek at e-mail? Are all the users aware that e-mail is not private? What springs to mind, regarding this is the issue of appropriate security. If you keep sensitive data on a machine/network which is accessible by students, then you're asking for trouble. There are students out there who are far more intelligent, experienced and creative than many system administrators. If students, using a machine, are made aware of the level of security which you expect of the machine and why this level has been chosen, then they will be more supportive in maintaining security. The primary objective is after all to protect _their_ work, not to create yet another ivory tower. I administer a public-access UNIX system with almost 200 registered users. Everybody is aware that it is _not_ secure, although every reasonable effort is taken to protect data. I have set the policy that I will only read the headers of mail messages, and only do so to determine appropriate actions. As far as I'm concerned, e-mail is private. Only under exceptional circumstances, and with the approval of the originator or designated recipient, do I ever look at the body of a message. -- Bernd Felsche, _--_|\ #include <std/disclaimer.h> Metapro Systems, / sold \ Fax: +61 9 472 3337 328 Albany Highway, \_.--._/ Phone: +61 9 362 9355 Victoria Park, Western Australia v Email: bernie@metapro.DIALix.oz.au
crissl@rulcvx.LeidenUniv.nl (Stefan Linnemann) (06/12/91)
In article <31124@hydra.gatech.EDU> ccastmg@prism.gatech.EDU (Michael G. Goldsman) writes: > I just read this on ga.general... > ---------------------------------------------------------------- [ deleted for brevity ] > What this student did was mail a copy of /etc/passwd from athena.cs.uga.edu > to a "hacker" who had already penetrated another system, and who wanted > to use a password-guessing program to break into athena. The student was > fully aware that he was assisting in a break-in. [ deleted for brevity ] > I didn't know that doing things with an /etc/passwd > would be considered unauthoprized use. > the file is readable by the world after all. > The uga student was not the one who broke in. Then you're the most naive person I've ever encountered. Read the following carefully: in /etc/passwd there are passwords. Encrypted, I admit, but to a hacker with the general encryption mechanism on his box (any Unix) and a database of words (any Unix: see spell(1)), and some loose computer time on his hands, this is no great problem. This means, that the hacker can find passwords for some or (heaven forbid) all userid's including root, just by matching encrypted words against the encrypted passwords, unless ALL the passwords are thoroughly difficult. In practice there's always a simple password: the hacker can enter the system as someone he is not, namely a legitimate user. In the mean time users have to be able to read /etc/passwd in order to get a home directory, a login shell, etcetera. /etc/passwd is a security risk, that has not been plugged, yet. > I have some serious problems with UGA supending him. > I am a little too "exam-week-weary" to articulate my feelings well, > but I thought that you guys should know about this. I could have sympathised with them hanging him from the highest tree ;-) or something like that. Giving /etc/passwd to anyone, including yourself, is in Unix terms the most heinous crime anyone can commit, because you (can) compromise the whole system. > What if a student runs cops on /etc/passwd... would this > be considered intent to break into a system and could he thus > be suspended? It could be, yes, because cops could be used to find passwords. However, you could write your own program that would do this. If anyone would do this and uses or distributes the passwords, and it would come out (as it usually does) all bets are off: the person in question will be suspended and/or denied all access to computers. YOU CAN GO TO JAIL even, nowadays, for such a stunt. > Well, you guys can mull it over today, I need some sleep. > -Mike Goldsman Hope this has explained some of the finer points concerning the password file. Do not access it directly: use finger(1), chsh(1) and the like if you want to know or change things. Users have no business accessing /etc/passwd directly. > -- > ------------------------------------------------------------------------ > Mike Goldsman > 36004 Georgia Tech Station > Atlanta Georgia, 30332, 404-872-5146 Greetings, Stefan. Stefan M. Linnemann | The cutest .sig System programmer | is not so big. Leiden University, the Netherlands. | Email: crissl@rulcvx.LeidenUniv.nl | SMiLe 1991
davis@usenet.INS.CWRU.Edu (Palmer Davis) (06/12/91)
In article <1991Jun12.112633.14888@rulway.LeidenUniv.nl> crissl@rulcvx.LeidenUniv.nl (Stefan Linnemann) writes: > >in /etc/passwd there are passwords. > Not always. System V moves the password information out of /etc/passwd and into /etc/shadow, using /etc/passwd only for the other information it stores about users, like groups and login shells. Since they suspended this guy, I assume that it was a BSD system's /etc/passwd, though.... -- PTD -- -- Palmer Davis <davis@po.cwru.edu> I'm probably wrong, so don't blame INS. CWRU Information Network Services Life is short. "Delaware has 1.1 million corporations -- I mean chickens." (sct)
woodcock@mentor.cc.purdue.edu (Bruce Sterling Woodcock) (06/12/91)
In article <1991Jun12.112633.14888@rulway.LeidenUniv.nl> crissl@rulcvx.LeidenUniv.nl (Stefan Linnemann) writes: > >/etc/passwd is a security risk, that has not been plugged, yet. Depends on where you are. Many places have implemented the /etc/shadow system and it seems to have plugged most of the security hole. While I agree that the student did a *very* stupid and harmful thing, I would still like to note that to the student, the /etc/passwd file was readable. It could be very likely that a large percentage of UNIX users haven't been told that the /etc/passwd file is "off-limits" and that allowing someone to read it is a security risk. The only thing, IMHO, that condemns the student to such discipline in this case is that he knew that mailing out the /etc/passwd file was assist someone in breaking into the system. At least they say he knew; how this was determined I don't know. In any case, I can imagine a similar situation, wherein a truly clueless user could make copies of the /etc/passwd file without any knowledge that what they were doing was wrong. In such cases it would be difficult to support punishing the user so severely. Perhaps if more time had been put into educating the user of the guidelines, the problem would not arise. Bruce -- | woodcock@mentor.cc.purdue.edu | "That's Bruce for ya, always jumping | | sirbruce@gnu.ai.mit.edu | on the bandwagon, even if it's | | sterling@maxwell.physics.purdue.edu | running over him." -- Xeno | | Bruce@Asylum/CaveMUCK/FurryMUCK | "I view muds as dying." -- Firefoot |
smeadf@lafcol.UUCP (Bill Smead) (06/13/91)
[Stuff about UofGa student distributing passwd file removed.] Stefan Linnemann writes: > In the mean time users have to be able to read /etc/passwd in order to > get a home directory, a login shell, etcetera. > > /etc/passwd is a security risk, that has not been plugged, yet. Sorry Stefan, maybe it is not distributed in the Netherlands (see other discussions re: crypt), but this HAS been "plugged": Under Unix System V, there is an "/etc/shadow" feature which masks the decrypted passwords from nosey users. In the /etc/passwd file, only a single x is shown in the second field. The rest of the /etc/passwd is straight from the old days (userid, UID, GID, full name, $HOME and login shell). The /etc/shadow contains the userid, the encrypted password, and the password aging, in days. This feature is turned on with a one- time command ("pwconv", I believe), which creates /etc/shadow and alters /etc/passwd. The defaulr permissions for /etc/shadow restrict access for all but root. The concept, and proper use of shadow passwords take some time to get used to, but after a short while, they become second nature. Regards, -Bill Smead Platform Manager AT&T attmail!fsmead
dpassage@soda.berkeley.edu (David G. Paschich) (06/13/91)
In article <2718@lafcol.UUCP> smeadf@lafcol.UUCP (Bill Smead) writes: [Stuff about UofGa student distributing passwd file removed.] Stefan Linnemann writes: > In the mean time users have to be able to read /etc/passwd in order to > get a home directory, a login shell, etcetera. > > /etc/passwd is a security risk, that has not been plugged, yet. Sorry Stefan, maybe it is not distributed in the Netherlands (see other discussions re: crypt), but this HAS been "plugged": [description of /etc/shadow in sysV] The hole has been plugged in the Unix sold by AT&T after a certain date, not everywhere that it exists in older software, obscure software, etcetera. BTW, is AT&T demanding a license fee to use the code which implements /etc/shadow? If so, they're certainly not doing everything they can to promote the security of the Unix community. -- David G. Paschich Open Computing Facility UC Berkeley dpassage@ocf.berkeley.edu "But I'd rather be a fish, 'cause a fish is an animal" -- Gener Fox
igb@fulcrum.bt.co.uk (Ian G Batten) (06/13/91)
In article <1991Jun12.112633.14888@rulway.LeidenUniv.nl> crissl@rulcvx.LeidenUniv.nl (Stefan Linnemann) writes: > /etc/passwd is a security risk, that has not been plugged, yet. Really. If you run a machine which has the shadow mechanism in any of its flavours, and don't use it, you get what's coming to you. ian
thurlow@rlgvax.Reston.ICL.COM (Scott Thurlow) (06/13/91)
In article <1991Jun12.112633.14888@rulway.LeidenUniv.nl> crissl@rulcvx.LeidenUniv.nl (Stefan Linnemann) writes: >/etc/passwd is a security risk, that has not been plugged, yet. Not true, in System V.4, passwords are kept in a shadow password file which which readable only by root. The password entries in the regular password file are left empty. -- Scott Thurlow International Computers Limited, Reston, Virginia, USA Primary: thurlow@rlgvax.reston.icl.com or thurlow@getafix.oasis.icl.co.uk Alternate: thurlow@utcs.utoronto.ca or thurlow@utorgpu.bitnet
pcg@aber.ac.uk (Piercarlo Grandi) (06/15/91)
On 12 Jun 91 11:26:33 GMT, crissl@rulcvx.LeidenUniv.nl (Stefan Linnemann) said:
crissl> In article <31124@hydra.gatech.EDU> ccastmg@prism.gatech.EDU
crissl> (Michael G. Goldsman) writes:
ccastmg> What this student did was mail a copy of /etc/passwd from
ccastmg> athena.cs.uga.edu to a "hacker" who had already penetrated
ccastmg> another system, and who wanted to use a password-guessing
ccastmg> program to break into athena. The student was fully aware that
ccastmg> he was assisting in a break-in.
The latter point is essential, I guess, if proven.
ccastmg> I didn't know that doing things with an /etc/passwd would be
ccastmg> considered unauthoprized use.
ccastmg> the file is readable by the world after all.
ccastmg> The uga student was not the one who broke in.
This is immaterial. Waiting for somebody with your engine running is not
in itself a crime, unless they are bank robbers on a getaway and you
know it.
crissl> Then you're the most naive person I've ever encountered.
No. The point is: what the student did was not improper. There was a
file readable to all. He took a copy of it, and gave it to somebody
else. Had he had done so with /etc/motd, would that have been a breach
of security? Clearly not. So this guy was suspended for having done
something that was thoroughly harmless.
Actually I think that he could get into trouble for aiding and abetting
a penetrator, not for the mere act of giving somebody else a copy of a
publicly readable file. Unless it is proven beyond reasonable doubt that
the purpose of giving away this file was to aid and bet the perpetrator.
The giving away of the contents of /etc/passwd is not *in itself*
anything objectionable, and everything else has to be *proven*.
crissl> Read the following carefully:
crissl> [ ... /etc/passwd can be searched for obvious password ... ]
crissl> /etc/passwd is a security risk, that has not been plugged, yet.
This is only true for system administrators that are not that careful
about security. There are at least two freely available /etc/shadow
implementations. Kerberos is freely available too. If your /etc/passwd
does contain the encryptions of actual password, you have *chosen* to do
so, or you are very much behind the times, and you should not be a
sysadmin.
ccastmg> I have some serious problems with UGA supending him. I am a
ccastmg> little too "exam-week-weary" to articulate my feelings well,
ccastmg> but I thought that you guys should know about this.
crissl> I could have sympathised with them hanging him from the highest
crissl> tree ;-) or something like that. Giving /etc/passwd to anyone,
crissl> including yourself, is in Unix terms the most heinous crime anyone
crissl> can commit, because you (can) compromise the whole system.
No, the most heinous security crime one can commit is employing a
sysadmin that instead of knowing his system and how to fix obvious
problems, yells and screams and creates ex-post rules to cover his
inadequacy.
ccastmg> What if a student runs cops on /etc/passwd... would this
ccastmg> be considered intent to break into a system and could he thus
ccastmg> be suspended?
Only if there are a-priori fascistic rules that say *explicitly* that
this is presumed to be, without need of proof, intent to commit a crime.
crissl> It could be, yes, because cops could be used to find passwords.
NO. You have to *prove* that intent. It cannot be *presumed* in the
absence of suitably fascistic legislation. And the "crime" would be
intent to break, not running cops.
crissl> However, you could write your own program that would do this.
crissl> If anyone would do this and uses or distributes the passwords,
crissl> and it would come out (as it usually does) all bets are off: the
crissl> person in question will be suspended and/or denied all access to
crissl> computers. YOU CAN GO TO JAIL even, nowadays, for such a stunt.
I would send to jail inadequate, opportunistic sysadmins. These cause a
lot more damage than a few hackers. I have seen in some other country
sysadmins that were unable to run a large mainframe with more than a
dozen users, when it could support hundreds. These people were wasting
millions of dollars of University money, and the damage was much greater
than that could have been done by a determined hacker.
It's not always true, but the shrillest screams about "hackers" often
come from the sysadmins that know they are inadequate.
--
Piercarlo Grandi | ARPA: pcg%uk.ac.aber@nsfnet-relay.ac.uk
Dept of CS, UCW Aberystwyth | UUCP: ...!mcsun!ukc!aber-cs!pcg
Penglais, Aberystwyth SY23 3BZ, UK | INET: pcg@aber.ac.ukdpassage@soda.berkeley.edu (David G. Paschich) (06/15/91)
In article <PCG.91Jun14182440@aberdb.aber.ac.uk> pcg@aber.ac.uk (Piercarlo Grandi) writes:
crissl> Read the following carefully:
crissl> [ ... /etc/passwd can be searched for obvious password ... ]
crissl> /etc/passwd is a security risk, that has not been plugged, yet.
This is only true for system administrators that are not that careful
about security. There are at least two freely available /etc/shadow
implementations. Kerberos is freely available too. If your /etc/passwd
does contain the encryptions of actual password, you have *chosen* to do
so, or you are very much behind the times, and you should not be a
sysadmin.
Unless you're running a very strange proprietary OS, like Apollo's
Domain/OS, which makes it impossible to replace the standard login,
passwd, etc. programs because they use an unpublished, proprietary
format.
Please don't make blanket statements that having passwords in
/etc/passwd is always the administrator's fault. I would very much
like to run shadow password software on the system I run, but my
group's lack of funds to buy a better machine with a better OS
prevents me from doing so.
--
David G. Paschich Open Computing Facility UC Berkeley
dpassage@ocf.berkeley.edu
"But I'd rather be a fish, 'cause a fish is an animal" -- Gener Foxolapw@olgb1.oliv.co.uk (Tony Walton) (06/16/91)
IMHO either 1) the student knew that /etc/passwd was a security risk, so should have been suspended or 2) didn't know enough about the system to know what they were doing, so should at least have had their system access blocked. Having been given access the assumption IMHO was that they should have known what they were doing, so see 1). as others in this thread have said, of course, /etc/shadow would have removed the problem before it became a problem -- Think of salad days, they were folly and fun, they were good, they were young
marchany@vtserf.cc.vt.edu (Randy Marchany) (06/17/91)
In article <PCG.91Jun14182440@aberdb.aber.ac.uk> pcg@aber.ac.uk (Piercarlo Grandi) writes: > >No. The point is: what the student did was not improper. There was a >file readable to all. He took a copy of it, and gave it to somebody >else. Had he had done so with /etc/motd, would that have been a breach >of security? Clearly not. So this guy was suspended for having done >something that was thoroughly harmless. >It's not always true, but the shrillest screams about "hackers" often >come from the sysadmins that know they are inadequate. >-- Yes, it's not true. I suspect that the screams come from sysadmins who were once "hackers" themselves. A simple extension of the "it takes one to know one" maxim, frankly, I would think that while it is true that /etc/passwd is world readable, there really isn't any reason why someone should pass copies of it around. If there was a legitimate reason, certainly a note to the sysadmin telling him why it was being copied would clear the air, eh? :-) Once again, sites need to DEFINE their policy and EDUCATE their user community and if the users AGREE to abide by that policy, we have no right to denigrate a particular site's handling of a policy violation. Sysadmins need to formulate a DRAFT policy and obtain the support of their administration (pres., vice-pres., dean, etc.) to enforce it. -Randy Marchany VA Tech Computing Center Blacksburg, VA 24060 INTERNET: marchany@vtserf.cc.vt.edu "my opinions are my own"
bud@eecs.cs.pdx.edu (Bud Hovell) (06/18/91)
In article <1911@vtserf.cc.vt.edu> marchany@vtserf.cc.vt.edu (Randy Marchany) writes:
<Once again, sites need to DEFINE their policy and EDUCATE their user
<community and if the users AGREE to abide by that policy, we have no
<right to denigrate a particular site's handling of a policy violation.
<Sysadmins need to formulate a DRAFT policy and obtain the support of
<their administration (pres., vice-pres., dean, etc.) to enforce it.
Yep -- it's that simple. And has no substitute.
Bud Hovell
-------------------------------------
bud@eecs.ee.pdx.edu -or- bud@mtek.com
The Policy Hacker :-)Irving_Wolfe@happym.wa.com (06/19/91)
In <PCG.91Jun14182440@aberdb.aber.ac.uk> pcg@aber.ac.uk (Piercarlo Grandi) writes: >... the most heinous security crime one can commit is employing a >sysadmin that instead of knowing his system and how to fix obvious >problems ... >I would send to jail inadequate, opportunistic sysadmins. These cause a >lot more damage than a few hackers. Well, well, well. The normally brilliant Piercarlo Grandi, who is one of the very few people in the world to qualify for "global select" in my newsreader, has a destructive, childish side! Hmmm. I suppose, according to his line of argument, if I fail to use the latest, high-tech lock on my front door, or if I'm so backward as to have a sliding glass door at all, then when Mr. Holy Hacker comes in and rapes my daughter _I'm_ the one to be killed. Fortunately, our backward country has slightly saner laws than those in Mr. Grandi's current home, which recognize my right to shoot the intruder to death even before he touches my daughter, an act which I am well trained and fully prepared emotionally to perform. I trust most sane people would applaud my public-spirited action in such a case. I am not concluding that passing along /etc/passwd should be considered even mildly criminal. But it is entirely reasonable to kick him off the system completely for a term or two, so that some work in the real world might give him more prudent judgment. A year's delay in the student's career is of minor consequence, compared with the valuable gift of maturity, insight, and consideration for others that the suspension might encourage.
pcg@aber.ac.uk (Piercarlo Grandi) (06/20/91)
On 17 Jun 91 14:03:41 GMT, marchany@vtserf.cc.vt.edu (Randy Marchany) said: marchany> I would think that while it is true that /etc/passwd is world marchany> readable, there really isn't any reason why someone should marchany> pass copies of it around. If there was a legitimate reason, This is entirely backwards. Users are not there at the sufferance of the syadmin. They don't have to prove they are innocent before copying a file: marchany> certainly a note to the sysadmin telling him why it was being marchany> copied would clear the air, eh? :-) This is just a bit fascistic. But it can lead on to all sorts of nastiness. It's not the user that has to find a legitimate reason; it's the sysadmin that must find a good reason to forbid it. Or do you believe that the Government knows best? marchany> Once again, sites need to DEFINE their policy and EDUCATE marchany> their user community and if the users AGREE to abide by that marchany> policy, we have no right to denigrate a particular site's marchany> handling of a policy violation. I was denigrating people who characterized copying /etc/passwd as a security violation in itself. If the file is readable, and there is no explicit rule that prohibits copying it, it can be copied, unless the purpose of the copying is to aid trespass, if *proven*, after the fact, not before. There are places where only registered locksmiths can legally own lock breaking equipment, and it is a crime for anybody else to carry them, without any need to prove any criminal intent. These places may not be pleasant to live in. marchany> Sysadmins need to formulate a DRAFT policy and obtain the marchany> support of their administration (pres., vice-pres., dean, marchany> etc.) to enforce it. This is OK, as long as the policy is not the default of "everything is forbidden, just in case, and while in general we don't give a damn, whenever we want we can nail you for one thing or another". This is a very nasty habit of many governments and organizations, especially Universities. It is used to lop the head off troublemakers... If everybody is made into a criminal, those who decide whom to prosecute can put anybody they choose behind bars. In a University it may well happen that the students that break windows to celebrate graduation get away with it, while those that stand on a patch of grass while they protest some administration policy get suspended for damaging University property. -- Piercarlo Grandi | ARPA: pcg%uk.ac.aber@nsfnet-relay.ac.uk Dept of CS, UCW Aberystwyth | UUCP: ...!mcsun!ukc!aber-cs!pcg Penglais, Aberystwyth SY23 3BZ, UK | INET: pcg@aber.ac.uk
jb3o+@andrew.cmu.edu (Jon Allen Boone) (06/20/91)
Irving_Wolfe@happym.wa.com writes: > I am not concluding that passing along /etc/passwd should be > considered even mildly criminal. But it is entirely reasonable to > kick him off the system completely for a term or two, so that some > work in the real world might give him more prudent judgment. A > year's delay in the student's career is of minor consequence, > compared with the valuable gift of maturity, insight, and > consideration for others that the suspension might encourage. Of course, this is an opinion, which, as usualy, some people will not agree with. Paternalism sucks (I think). I think that a year setback in a student's carreer IS a big thing. I know - I'm one of those students. Of course, I'm also a sys-admin, but I don't play one on T.V. (yet!) Some people would argue that I've matured since my suspension from classes for inattentiveness, etc. I don't agree - I've not learned anything new about maturity or responsiblity or any other of the supposedly wonderful benefits of suspension. The only pros are that I have learned a lot more about Unix-like systems, I have learned to think better of myself and that others CAN care about me, and I have showed that if I try, I CAN make a 4.0 and work a full-time job at the same time, all without assitance from my parents. (Note: I have not learned anything new, I've known this since my junior year in high-school (5 years ago!) - I just was so busy REACTING to other people and not acting like I wanted to that I couldn't show them that I was right!) ----------------------------------|++++++++++++++++++++++++++++++++++++++++ | "He divines remedies against injuries; | "Words are drugs." | | he knows how to turn serious accidents | -Antero Alli | | to his own advantage; whatever does not | | | kill him makes him stronger." | "Culture is for bacteria." | | - Friedrich Nietzsche | - Christopher Hyatt | -+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-