Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: Shell accounts
From: Valdis.Kletnieks () vt edu
Date: Tue, 11 Apr 2006 19:24:48 -0400

On Tue, 11 Apr 2006 23:48:41 BST, Ian stuart Turnbull said:
Ha Ha. Yes, not a proper fiend hey. But I take it that I would be anonymous 
technically.

Nope.

Hint - if you send a packet *out* from the shell account, it's probably as a
result of another packet going *in* to the shell account.

Even the stupidest of cops can figure out that "wow - every time a packet
heads out from here to the Pentagon, a split second before, a similar packet
came in from some bozo on a cablemodem in Idaho.  Maybe the Idaho guys need
to pay this guy a visit"....

Yes, you can obfuscate it with setting cron jobs and tunnelling data via covert
channels and other neat tricks, but the basic point remains - if you connect
*to* the shell, you're no longer anonymous, and if you don't connect to the
shell, you can't use the shell....

Attachment: _bin
Description:

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]