Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: Shell accounts
From: Ron DuFresne <dufresne () winternet com>
Date: Wed, 12 Apr 2006 16:19:44 -0500 (CDT)

On Tue, 11 Apr 2006 Valdis.Kletnieks () vt edu wrote:

On Tue, 11 Apr 2006 23:48:41 BST, Ian stuart Turnbull said:
Ha Ha. Yes, not a proper fiend hey. But I take it that I would be anonymous


Hint - if you send a packet *out* from the shell account, it's probably as a
result of another packet going *in* to the shell account.

Even the stupidest of cops can figure out that "wow - every time a packet
heads out from here to the Pentagon, a split second before, a similar packet
came in from some bozo on a cablemodem in Idaho.  Maybe the Idaho guys need
to pay this guy a visit"....

Yes, you can obfuscate it with setting cron jobs and tunnelling data via covert
channels and other neat tricks, but the basic point remains - if you connect
*to* the shell, you're no longer anonymous, and if you don't connect to the
shell, you can't use the shell....

Another issue to consider is that a mere user level shell likely lacks
privs to do some of the nasties referenced in some of these posts.  thus,
the friend would not oonly have to allow shell access, but also give away
root on the server as well.

Just a minor point.


Ron DuFresne
"Sometimes you get the blues because your baby leaves you. Sometimes you get'em
'cause she comes back." --B.B. King
        ***testing, only testing, and damn good at it too!***

OK, so you're a Ph.D.  Just don't touch anything.

Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]