Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
Re: [Full-disclosure] Shell accounts
From: Ron DuFresne (dufresnewinternet.com)
Date: Wed Apr 12 2006 - 16:19:44 CDT
On Tue, 11 Apr 2006 Valdis.Kletnieksvt.edu wrote:
> On Tue, 11 Apr 2006 23:48:41 BST, Ian stuart Turnbull said:
> > Ha Ha. Yes, not a proper fiend hey. But I take it that I would be anonymous
> > technically.
> Hint - if you send a packet *out* from the shell account, it's probably as a
> result of another packet going *in* to the shell account.
> Even the stupidest of cops can figure out that "wow - every time a packet
> heads out from here to the Pentagon, a split second before, a similar packet
> came in from some bozo on a cablemodem in Idaho. Maybe the Idaho guys need
> to pay this guy a visit"....
> Yes, you can obfuscate it with setting cron jobs and tunnelling data via covert
> channels and other neat tricks, but the basic point remains - if you connect
> *to* the shell, you're no longer anonymous, and if you don't connect to the
> shell, you can't use the shell....
Another issue to consider is that a mere user level shell likely lacks
privs to do some of the nasties referenced in some of these posts. thus,
the friend would not oonly have to allow shell access, but also give away
root on the server as well.
Just a minor point.
"Sometimes you get the blues because your baby leaves you. Sometimes you get'em
'cause she comes back." --B.B. King
***testing, only testing, and damn good at it too!***
OK, so you're a Ph.D. Just don't touch anything.
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/