This is a case of social engineering, not of a security auditor, but of the post... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		blackboxxx on July 23, 2011 \| parent \| context \| favorite \| on: Our security auditor is an idiot. How do I give hi... This is a case of social engineering, not of a security auditor, but of the poster. The poster wants to know an easy way to collect public and private SSH keys and fake 6 months of inbound traffic. There is no auditor. Maybe the poster is writing a book on cracking systems? Who knows. But it smells like a hoax.

pyre on July 23, 2011 [–]

What is 'hard' about harvesting public and private keys? Especially if you are the sysadmin.

What purpose would faking 6 months of inbound traffic serve? If he just wanted to cover his tracks, wouldn't he just erase logs rather than trying to make them look legit? That would seem like doing things the hard way.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact