[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Full-disclosure] Shell accounts

Hmm! I use google many times a day. Though you're right there are some things that aren't quite so specifically spelt out. Mass scans - I think you're probably right on that. Ehat is disturbing is that the router has a firewall and it is on but its the XP firewall that is logging them. Not much of a firewall in the router I guess. 

Netflow - I'll google that - thanks for the tip.


From: Bacso Ferenc <very@xxxxxxxxxxxxx>
To: <full-disclosure@xxxxxxxxxxxxxxxxx>
Subject: RE: [Full-disclosure] Shell accounts
Date: Wed, 12 Apr 2006 00:42:22 +0200
MIME-Version: 1.0
Received: from lists.grok.org.uk ([195.184.125.51]) by bay0-pamc1-f4.bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.1830); Tue, 11 Apr 2006 15:43:40 -0700 Received: from lists.grok.org.uk (localhost [127.0.0.1])by lists.grok.org.uk (Postfix) with ESMTP id 42F139D8;Tue, 11 Apr 2006 23:42:47 +0100 (BST) Received: from felipe.hu (jump.felipe.hu [195.228.157.209])by lists.grok.org.uk (Postfix) with ESMTP id 9EA693C7for <full-disclosure@xxxxxxxxxxxxxxxxx>;Tue, 11 Apr 2006 23:42:22 +0100 (BST) Received: from DORKA (amazonas-2185.adsl.datanet.hu [195.56.240.153])by felipe.hu (Postfix) with ESMTP id 5494C623Cfor <full-disclosure@xxxxxxxxxxxxxxxxx>;Wed, 12 Apr 2006 00:51:44 +0200 (CEST) 
X-Message-Info: JGTYoYF78jGFNiwjAdX72B6y70+ggOAltipOekuII4U=
X-Original-To: full-disclosure@xxxxxxxxxxxxxxxxx
Delivered-To: full-disclosure@xxxxxxxxxxxxxxxxx
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook, Build 10.0.2627
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180
X-BeenThere: full-disclosure@xxxxxxxxxxxxxxxxx
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: An unmoderated mailing list for the discussion of security issues<full-disclosure.lists.grok.org.uk> List-Unsubscribe: <https://lists.grok.org.uk/mailman/listinfo/full-disclosure>, <mailto:full-disclosure-request@xxxxxxxxxxxxxxxxx?subject=unsubscribe> 
List-Archive: <http://lists.grok.org.uk/pipermail/full-disclosure>
List-Post: <mailto:full-disclosure@xxxxxxxxxxxxxxxxx>
List-Help: <mailto:full-disclosure-request@xxxxxxxxxxxxxxxxx?subject=help>
List-Subscribe: <https://lists.grok.org.uk/mailman/listinfo/full-disclosure>, <mailto:full-disclosure-request@xxxxxxxxxxxxxxxxx?subject=subscribe> 
Errors-To: full-disclosure-bounces@xxxxxxxxxxxxxxxxx
Return-Path: full-disclosure-bounces@xxxxxxxxxxxxxxxxx
X-OriginalArrivalTime: 11 Apr 2006 22:43:41.0100 (UTC) FILETIME=[61654EC0:01C65DB9] 

> After reading some info on hacking it refernces getting a Shell
> account. Is this a unix type bash/bourne shell? It mentions that to
> remain anonymous you will need a Shell account.

I can put myself into your place and I know for sure that unless
somebody tells you nicely you need to google, you're going to keep
asking questions about subjects that are answered / discussed all over
the web. So please, do use google.


> got him to set me up a username. As long as his machine didn't do any
> logging [and he pretended not to know of anyone using this account]
> would I - using sssh to connect] be traceable.

Yes. Google netflow.

> No I'm not planning on doing any hacking or causing mischief. Though
> I'd love to know who's trying to get into my machine... but thats
> another story!!

  A 90% bet: it's the story of mass scans that your firewall detects -
that you take for somebody trying to 'hack you'.

php0t


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


_________________________________________________________________
Are you using the latest version of MSN Messenger? Download MSN Messenger 7.5 today! http://join.msn.com/messenger/overview 

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/