When I was in grade school (over a decade ago) they used Novell Netware. Our Middle School, High School, and Public Library were all within walking distance from each other, and all on the same giant network. One oversight was that the middle school library computers all logged in using the same account, and there was no password to it, and there was nothing stopping me from logging into that account from the high school.
One day I was really bored in one of my classes, I can't remember whether it was a C++ class or my A+ Certification class, but we had a substitute and I had already gotten all my work done ahead of time. I didn't do anything too crazy, like shutting down computers, but thank god I didn't. I logged in as if I was at the middle school library, and then sent out a mass message to all of the computers. I only sent "Hi.", but as far as I know it popped up in a dialog box on every computer in the Middle School, High School, and Library. Unfortunately, dumbass me turned around and logged back in as myself on the same computer, and they traced the message via IP and it was pretty easy for them to figure out it was me. I didn't get in any real trouble, they basically just told me not to do it again. But I sure am glad I didn't try anything crazy, I've heard other stories of people making CD drives eject or playing sound files.
It was pretty funny though, listening to kids talking about it on the school bus. One kid said his teacher was in the middle of showing the class a video when it happened.
I was also the first person at my school to figure out how to use proxies to bypass the school web filtering.