lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Wed Apr 12 01:50:25 2006
From: j.schipper at math.uu.nl (Joachim Schipper)
Subject: Shell accounts

On Tue, Apr 11, 2006 at 11:48:41PM +0100, Ian stuart Turnbull wrote:
> Ha Ha. Yes, not a proper fiend hey. But I take it that I would be anonymous 
> technically.
> If I were to do it for real I'd probably set up an internet connection in 
> an assumed name complete with a fake bank account so there'd be no one for 
> the cops to berate, just the computer [with no logs] to kick.

Not leaving log files is not that easy. And it becomes harder when
someone can get physical access to install all sorts of nifty add-ons.

Also, note that log files are only useful if the police arrive with a
search warrant or something along those lines - the ISP will just
terminate the account, keep the money, and tell your friend to f**k off.
It would be difficult to do something about this, especially since the
ISP is likely able to wave around some logs of their own.

Come to think of it, that's one more log file that will be difficult to
clear. Whether or not it is made at all depends on the ISP, and mostly
on the domestic laws whereever you live.

		Joachim

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ