Harvard's computers are managed in the same way as Stanford's, where a central computer group is responsible for the main system, but academic departments maintain their own internal systems.

The computers used by the hackers were not on the Stanford campus, but at a small oceanographic division in a nearby county.

"Hopkins was the name of the Internet link that was used," Brumley said. Stanford runs the Hopkins network for a national oceanographic organization.

"All the [networks] on the main campus have been proofed against this type of thing," said Stephen E. Hansen, Stanford's computer security officer.

But the hackers took advantage of the normal workings of the system.

"Unfortunately, the bad guys out there scan for networks configured to allow this," Hansen said.

The attackers brought down eBay and other sites using a method called "denial of service," or DOS. On a regular computer network, one computer sends a packet, or a bit of information, to another computer, and waits for a "ping" in return to verify that the information was received.