>To one of our junior sales staff:-
>Please enter your password to see a (fill in the blanks). Followed
>by sending the password, login name and machine to me.
>Other attacks, like creating a .rhost file become (at the best) a
>social engineering problem. And perhaps it can be done directly.
I prefer the:
Open a socks/proxy connection thru the firewall to my listener and start a
PPP link from the internal PC and attached to a virtual interface on my
external machine. Send me email so I can then telnet into your nets.
Whilst sipping my hot java.