lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed Apr 12 00:30:28 2006
From: ian.t7 at hotmail.co.uk (Ian stuart Turnbull)
Subject: Shell accounts


And I thought I could do it all Telepathically!!

>From: Valdis.Kletnieks@...edu
>To: Ian stuart Turnbull <ian.t7@...mail.co.uk>
>CC: full-disclosure@...ts.grok.org.uk
>Subject: Re: [Full-disclosure] Shell accounts Date: Tue, 11 Apr 2006 
>19:24:48 -0400
>MIME-Version: 1.0
>Received: from turing-police.cc.vt.edu ([128.173.14.107]) by 
>bay0-pamc1-f1.bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.1830); Tue, 
>11 Apr 2006 16:24:49 -0700
>Received: from turing-police.cc.vt.edu (localhost [127.0.0.1])by 
>turing-police.cc.vt.edu (8.13.6/8.13.6) with ESMTP id k3BNOmkr027724;Tue, 
>11 Apr 2006 19:24:48 -0400
>X-Message-Info: JGTYoYF78jEHjJx36Oi8+Z3TmmkSEdPtfpLB7P/ybN8=
>X-Mailer: exmh version 2.7.2 01/07/2005 with nmh-1.1-RC3
>References: <BAY112-F130B09733642A883AF695F99CD0@....gbl>
>Return-Path: Valdis.Kletnieks@...edu
>X-OriginalArrivalTime: 11 Apr 2006 23:24:49.0402 (UTC) 
>FILETIME=[209E4DA0:01C65DBF]
>
>On Tue, 11 Apr 2006 23:48:41 BST, Ian stuart Turnbull said:
> > Ha Ha. Yes, not a proper fiend hey. But I take it that I would be 
>anonymous
> > technically.
>
>Nope.
>
>Hint - if you send a packet *out* from the shell account, it's probably as 
>a
>result of another packet going *in* to the shell account.
>
>Even the stupidest of cops can figure out that "wow - every time a packet
>heads out from here to the Pentagon, a split second before, a similar 
>packet
>came in from some bozo on a cablemodem in Idaho.  Maybe the Idaho guys need
>to pay this guy a visit"....
>
>Yes, you can obfuscate it with setting cron jobs and tunnelling data via 
>covert
>channels and other neat tricks, but the basic point remains - if you 
>connect
>*to* the shell, you're no longer anonymous, and if you don't connect to the
>shell, you can't use the shell....
>


><< attach3 >>

_________________________________________________________________
Are you using the latest version of MSN Messenger? Download MSN Messenger 
7.5 today! http://join.msn.com/messenger/overview

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux - Powered by OpenVZ