In 2000, someone used a Kansas University computer to break into the Web site of a Texas-based manufacturing firm.

That same year, a hacker used computers from several universities — including Stanford, Oregon State and James Madison — to wreak havoc on big-name Web sites such as Yahoo!, Amazon.com and cnn.com.

Last year, an admissions director at Princeton University hacked into a Yale University computer to learn about Yale applicants.

Universities, experts say, are a haven for hackers.

“University computers are always the first to be hit,” said Chey Cobb, author of “Network Security for Dummies.” “I think of it as a grand central station for networks. It’s a huge gathering place for people all over the world. From there, (hackers) can go to lots of other places very easily under the guise of a trusted source, the university.”

Universities often don’t have enough money to pay highly trained and experienced network administrators, Cobb said. And some hire students, though KU officials say administrators there are paid full-time staff.

KU officials say they get hundreds of hits each day from potential hackers. Most are turned away by firewalls, but a few make it into the system.

Cobb, a former computer security worker for several government intelligence agencies, said university computer systems made good targets because they were so large and have so many users. A hacker could find a password for an inactive account and no one would suspect anything out of the ordinary, she said.

“With the huge number of accounts that are held by the university system, it’s very difficult to keep track of,” she said. “Universities also usually have trusted connections to businesses and government networks.”

Gary Minden, a KU professor of electrical engineering and computer science, said the open nature of information at universities made installing restrictions difficult.

“Universities tend to be, by intention, fairly open,” he said. “They tend to do a lot of experimental things and new things we want to try out. We’re also fairly independent — if I want to put a system up, I put a system up. It’s not as hierarchical as a business.”