Re: Tunnelling via SSL anonymously to connect to remote host(s)

From: Nico Kadel-Garcia (nkadel@bellatlantic.net)
Date: 03/28/02

  • Next message: Peter Boosten: "Re: scp logged anywhere? (ftp-like logs)" 

    From: "Nico Kadel-Garcia" <nkadel@bellatlantic.net>
Date: Thu, 28 Mar 2002 05:07:52 GMT

    "Anonymous" <nobody@noisebox.remailer.org> wrote in message
    news:5dde3817c2cd4c9f0a87f6a9844d084f@noisebox.remailer.org...
    > >Define "trail stops". By running your ssh session to the
    > intermediate
    > >machine, running your commands from there, *and making
    > sure to
    > >zero the disk when you reboot it*, you obscure most
    > obvious traces
    > >and make forensics very difficult
    >
    > Again viewing from a purely hypothetical angle-->:
    >
    > What I meant by "trail stops" is "for practical purposes"
    > the original IP address is lost as the intermediate server
    > would clear its logs regularly (some daily, some 7 days,
    > we're talking about servers run by free thinkers, not
    > AOL!), so the ultimate targeted m/c would only be able to
    > get back to the IP address of the intermediate server. The
    > idea is that if you could get hold of a cash-paid or a free
    > shell a/c, this could be feasible, however as you state
    > rightly that its extremely difficult to pay cash for a/cs
    > these days and the free shell a/cs block most outgoing
    > traffic (enlighten me if you disagree). Would you mind
    > elaborating on what you mean by "*and making sure to zero
    > the disk..". Presumably you're talking about PGPwiping any
    > logs on the intermediate server and one's local client (as
    > this is the only m/c one would be able to reboot)?

    No, I mean erasing the entire disk by replacing it with zeros. Unmount swap,
    replace it with a bootable OS image that has one command: erase the rest of
    the disk. Replace the MBR to boot only to that former swap space, reboot,
    let it wipe the drive, then
    resick it to wipe the swap space and leave itself completely wiped.

    Deleting files is unsufficient: Doing "dd if=/dev/zero of=/dev/sda" is much,
    much more effective in wiping out on-line traces.

    > >...rude and illegal anyway.
    >
    > As you do not know the facts, I don't see how you can come
    > to the conclusion that it is "rude". As regards, illegal,
    > I have stated many times in this thread that I have no
    > intensions of doing anything illegal, I am interested in
    > the procedures for personal applications, whereby I (like
    > many consultants who spend a lot of time on client sites)
    > need to access their personal systems without the worry of
    > their activities being logged by the proxy server of the
    > client OR if they dial-out using an ISP, they wish to avoid
    > being monitored by their ISP. Remember its not rude or
    > illegal to air a debate, if you do not wish to participate,
    > keep your fingers off your keyboard! No one is forcing you
    > to contribute, especially if you think its illegal!

    You're discussing diving into someone's systems to interfere with their
    business. This is a felony in the US under Electronic Communications Privacy
    Act, and the mere act of examining files there without the owner's
    permission may be felonious. Since you don't have explicit permission to be
    there and the owner of the system would be really pissed if they knew what
    you were planning, legal or not, it's rude.

    > As regard your comment "***", well *** you MR high and
    > mighty, if you had been defrauded as I and others I know
    > have (who by the way are leading consultants at the top of
    > their profession and not some cowboys) by some unscrupulous
    > Managers, you too would feel justified in venting your
    > anger (and possibly suffering any "deformation"
    > consequences, as I have made it perfectly clear that I do
    > not wish to hack them which would be the serious danger)!

    I've *been* fucked by "Managers". And VP's. And priests and janitors and
    plumbers and doctors. Getting screwed over doesn't make you special, it
    makes you human. You're asking how to commit a felony on a security
    newsgroup. I've even explained some of the details of approaches, but you're
    missing out on the point. *Don't tell anybody if you're planning something
    like this*. You've left yourself vulnerable to prosecution by expressing an
    interest so publicly.

    > As regards using tools produced by others, the essence of
    > this thread is not to get "tools", as I am certainly no
    > "script kiddie" and am cable of generating complex code for
    > myself. The essence of this thread is to understand
    > sophisticated techniques. Once one understands the
    > subtleties, one is then able to produce the relvant toolset
    > for oneself! I concur with the rest of your comments ONLY
    > to the extent which limits it to "hypothetical scenarios".
    > Thanks for your contribution to the discussion. Do you
    > have any views on the following quesion:

    Well, good. You're welcome.

    > Q - For free sheel a/cs often ther server admin specifies
    > that they do not allow socks out of their box. What is the
    > use of a Shell Account if you are not allowed to route out
    > of it to another server? OR AM I misinterpreting this? If
    > I can find a server which will enable me to install stunnel
    > in my Shell Account, do you think it is feasible to assume
    > that they will let a user have a process such as stunnel
    > run in the background for the duration of your connection?
    > Does anyone know of a reliable FREE Shell Account service
    > which will enable one to run stunnel?

    Shell accounts allow local email and news handling, compilation of code for
    testing, and generally poking around to see how things are done. Allowing
    routes out of the box is a completely reasonable restriction, because when
    people misbehave (and they do!) it means they don't have to prove criminal
    intent, just the use of restricted capabilities. Note that I've never seen
    an account with such shell access that would not allow stunnel, but I
    haven't purchased a shell account in some years.

    I know of no reliable "FREE Shell Account services" except those stolen from
    poorly administered sites, of which there are far too many. The heavy misuse
    of shell accounts by spammers, script kiddies, and crackers prevents them
    from being broadly available.

    >
    > TIA
    >
    >