At this point you don't know where this guy falls, if he's trying to steal serious information, and could wind up in jail for it, or is just messing around, or trying to protect the class himself. If it's the worse case and he's actually looking for stuff like bank account information to steal from people you might not want to expose yourself at all.... On the other hand if people are able to track logs of server activity, or is watching the activity on the server themselves you could be in a bad spot yourself...
You might consider going to, or at least calling the real police about it if you think you won't get a fair hearing from campus police.
I'd be sort of wary of the situation at this point...
I think it's important that you do think over the situation, maybe try to watch the guy to see if he tries it again, or stops.
Stealing someone's passwords isn't illegal or wrong in my mind, let alone using the tools that allow you to. Security testers use those tools to do penetration testing on networks, and that's exactly what you did, and him as well really at this point. Their actions aren't illegal. To be a good network security person you have to be knowledgeable and be able to use the tools and security methods that the hackers use to be sure you're safe. It would take someone who doesn't know anything about the subject to react against you for ferreting the guy out.
I don't see the problem with coming forward if you think this guy isn't doing anything serious. I think this depends also on where you live what the laws on this sort of thing might be. But normally it's what he might do with them that is illegal. You might do some research on exactly what is illegal in your area. In the end though you don't have any evidence that he's doing anything other than being a white hat at this point and trying to point out the insecurity himself. You need to find out that he's actually logging into other peoples accounts and damaging them somehow. He might just be looking for a way to cheat in class or something, which would be a concern for a teacher.
Man in the middle attacks are script kiddie stuff that practically anyone can perform, and everyone using a wireless device should be aware of it. It's why you'd never find me logging into my email or anything important in a crowded wi-fi hotspot. Youtube is full of how to's of how to do this type of attack. He might just be playing around to see what is possible at this point, which is no big deal.
One options might be to go to him, and tell him, that he should turn himself in to the teacher, and or either he come forward that people need to be more mindful of security in the class, and that more than likely everyone's passwords in the class have been stolen, or you will. Or you can maybe do it anonymously somehow as well.
If people have money being stolen from their bank accounts or something really serious that way you can limit your involvement.
You might find this page interesting. This is as of 2005, and I can't find anything newer that says it's illegal.
http://www.packetsniffers.org/bitbucket/legality_of_wardriving.htmConcerning packet sniffers, " My philosophy: they are bombarding you with 2.4GHz radiation, if you choose to collect it with an antenna and decode the modulation, it's your own business."
Edit: After considering what you said that he's friends with the IT department, my feeling is that he's probably a white hat, and I'd ignore it unless you see him trying it again, or find out that someone in the class's bank account suddenly got emptied, or he gets nailed for plagarism or something.
The fact that he was visibly slowing down the network shows that he's fairly inexperienced and doesn't really know how to cover his tracks well. He might get caught on his own. If you noticed it, hopefully someone else in IT will as well. The situation might sort itself out.
