==Phrack Inc.== Volume Four, Issue Forty, File 1 of 14 Issue 40 Index P H R A C K 4 0 Augu
==Phrack Inc.==
Volume Four, Issue Forty, File 1 of 14
Issue 40 Index
___________________
P H R A C K 4 0
August 1, 1992
___________________
~ Baby's Got Back! ~
Welcome to the special 40th Anniversary issue of Phrack Magazine! A month
later, we are just barely recovering from the fun at the amazingly successful
SummerCon '92. It was the largest turnout ever seen at a SummerCon and the
full details can be found in a special report by Knight Lightning and myself
with help from Holistic Hacker and Dr. Williams.
Brian Oblivion, whose name is regularly seen in the pages of Phrack returns
with part two of his file on Cellular Telephony (part one seen in Phrack 38).
Also relating to telephones in this issue is "The Fine Art of Telephony" by
Crimson Flash. This equally in depth and detailed file focuses of RC/MAC,
FACS, and MARCH.
Even though the arrogant bastards at Southwestern Bell and BT Tymnet boast
about their great security, it appears that they had almost nothing to do with
the tracking down and apprehension of the MOD in New York. As a few of us
already know, MOD was brought in by hackers. Gee, imagine that.
I'm not going to play politics and make judgments about this, instead I'll let
you read all about it in Phrack World News, Part 2 and then you can draw your
own conclusions.
Since we're on the subject of Tymnet, I felt it appropriate to include
3 articles on the subject by Toucan Jones. A special "kissy, kissy" to Dale
Drew (aka The Dictator aka Blind Faith aka Bartman) for his help and assistance
in getting us this valuable information. Could a file on TRW be 'round the
corner? Hmmmmmm could be. :-)
Starting with this issue, Mind Mage will be assisting with Phrack Loopback as
our Technical Advisor. He will handle questions regarding technical problems
both for publication or for private response. Feel free to send your questions
to phracksub@stormking.com and they will be forwarded and answered.
This issue's Loopback has a very special message from Jester Sluggo as he
gives notice of his official retirement from the hacking community. Sluggo
remembers the past and give advice about the future; I continue my pursuit on
the so-called professionals in the anti-virus community and exposes their real
agenda; and, Sarlo takes us on a tour of the 1992 Consumer Electronics Show in
Chicago and there is lots more.
The Racketeer (Rack of The Hellfire Club) takes the reigns of the continuing
Network Miscellany column and Rambone returns with the latest on what is
happening in the underground world of computer software traders in Pirates
Cove.
Taran King is back for a special Phrack Pro-Phile with Lex Luthor, the founder
of the Legion of Doom and perhaps the most legendary underground hacker ever.
"If it's older than a week, then we won't have it online."
You are invited to check out a great new BBS called Planet 10. If you have
half a brain, you might even get access. Planet 10 is run by Control C and
features messages and xfers that are timed to expire after 1 week maximum.
Give it a call at (313)683-9722.
"Phrack is a bad influence..."
-- TriZap, July 1992 :-)
DISPATER, Phrack Editor
or
Editor-In-Chief : Dispater
Eleet Founders : Taran King and Knight Lightning
Technical Consultant : Mind Mage
Network Miscellany : The Racketeer [HFC]
Pirates Cove : Rambone
News : Datastream Cowboy
Photography : Restricted Data Transmissions
Publicity : AT&T, BellSouth, and the United States Secret Service
Creative Stimulus : Camel Cool, Jolt Cola, and Taco Bell
Shampoo : Mudge
Other Helpers : Apollo, Brian Oblivion, Control C, Dr. Williams,
Dokkalfar, The Gatsby, Gentry, Guido Sanchez, Holistic
Hacker, Jester Sluggo, Legacy Irreverent, Lex Luthor,
Mr. Bigg, Nihil, The Omega, The Pope,.The Public,
Sarlo, TriZap, Tuc, Voyager, and White Knight
We're Back and We're Phrack!
"Phrack. If you don't get it, you don't get it."
"Whaddya mean I don't support the system? I go to court when I have to!"
-= Phrack 40 =-
Table Of Contents
~~~~~~~~~~~~~~~~~
1. Introduction by Dispater 06K
2. Phrack Loopback by Dispater and Mind Mage 50K
3. Phrack Pro-Phile on Lex Luthor by Taran King 36K
4. Network Miscellany by The Racketeer [HFC] 32K
5. Pirates Cove by Rambone 57K
6 Cellular Telephony, Part II by Brian Oblivion 72K
7. The Fine Art of Telephony by Crimson Flash 65K
8. BT Tymnet, Part 1 of 3 by Toucan Jones 57K
9. BT Tymnet, Part 2 of 3 by Toucan Jones 55K
10. BT Tymnet, Part 3 of 3 by Toucan Jones 91K
11. SummerCon 1992 by Knight Lightning and Dispater 35K
12. PWN/Part 1 by Datastream Cowboy 50K
13. PWN/Part 2 by Datastream Cowboy 48K
14. PWN/Part 3 by Datastream Cowboy 48K
Total: 702K
"Phrack. The magazine the PHONE COMPANY doesn't want you to read!"
_______________________________________________________________________________
==Phrack Inc.==
Volume Four, Issue Forty, File 2 of 14
[-=:< Phrack Loopback >:=-]
By Dispater & Mind Mage
Phrack Loopback is a forum for you, the reader, to ask questions, air
problems, and talk about what ever topic you would like to discuss. This is
also the place Phrack Staff will make suggestions to you by reviewing various
items of note; magazines, software, catalogs, hardware, etc.
In this issue:
Retirement of a Hacker : Jester Sluggo
Truth Is Out Of Style : Dispater
Tim Foley Virus : Guido Sanchez
The Hacker Files (from DC Comics) : Newsbytes
Sneakers (from Universal Pictures) : Press Release
Pirates v. AT&T: Posters : Legacy Irreverent and Captain Picard
Telco Trashing Yields Big Rewards : Anonymous
Anonymous Mail On IBM VM Systems? : Apollo
WWIV Link Hack : Mr. Bigg
The Day Bell System Died : Anonymous
The 1992 Consumer Electronics Show : Sarlo
_______________________________________________________________________________
x x x
| | |
+------------+
| Retirement |
| of a |
| Hacker |
+---+------------+---+
| by Jester Sluggo |
+-+--------------------+-+
| Released: July 9, 1992 |
+------------------------+
I would like to begin by saying "Hello" to all readers of this file, but
unfortunately it will be my last time. I've been a member of the "hacker
underground" for over a decade and am one of the few extremely lucky hackers
who has successfully hacked a great number of computer systems, phone systems,
and other technologies, yet has never been caught. I wish to take this last
opportunity to reflect on my experiences, and express many personal views,
because although there are feelings of sadness, it is my pleasure to announce
my formal retirement from this "underground" community.
My decision to retire has been a carefully planned path which began several
years ago. During the early 1980's, the innocence of hacking and exploring
computer systems for my quest of knowledge was a great thrill. Every system
was like an unexplored door which lead to unlimited opportunities; various
computer systems, operating systems, languages, networks, software, and data.
But it was in the later part of the 1980's when I began to realize that I had
to focus my interests, knowledge and experience towards a legitimate career.
It's nearly impossible to earn a living solely within the resources of the
hacker underground, and the idea of abusing technology for monetary gain is
against the (unwritten) code of hacker ethics. Also at this time, the
innocence of exploring various systems was being replaced by the realities of
ruining my entire future at such a young age if I was caught and convicted by
the United States' legal system.
The media and law-enforcement agencies have almost always been biased against
hackers, and these are two powerful entities that influence society. Hackers
have always been presented in a negative context, whereas their discoveries,
efforts, creativeness, and hard work have been ignored except among fellow
hackers. In a way, it's similar to how the U.S. government and corporations
support research and development: A group of researchers discover, explore,
refine, or exploit a certain technology over a period of many years, yet their
efforts go unnoticed unless their research results in a product acceptable to
society. The researcher's results are shared, respected, and challenged among
the scientific community and journals long before they ever result in a product
(if they ever result in a product). In the same way that researchers and
scientists relentlessly pursue their interests, I pursued answers to my
curiosities and interests.
It is the groups that want to control the society (the legal system, and
police) which have labeled "hackers" as notorious people. Hackers can use
technology to access a variety of information which was previously accessible
only to these groups, and these controllers are afraid of losing their
advantages and control. Currently in US, the FBI is afraid of losing their
ability to easily tap fiber optics so they're proposing to make it mandatory
for central offices to make it easier for them. If people knew how common
illegal wiretaps occur, they'd be upset at the abuse of power. Police are
making illegal search and seizures, and district attorneys are filing
outrageous affidavits to protect their control of power and access to
information.
It was in the middle to late 1980's when the legal system and law enforcement
agencies increased efforts to severely penalize hackers, when the risk of
getting caught began to outweigh the excitement of discovering. It is
unbelievably difficult to carry the burden of a "serious" criminal record
throughout one's life when you're 20 years old (or for that matter 16 years
old), as well as the eternal monetary debt which comes with these consequences.
In the 1970's, the founders of Apple computer were caught selling Blue Boxes
while they were in college and got off with a minimal fine. With todays laws,
the potential jail time, monetary damages, and lawyer fees, the system would
have wasted and banned the brilliance of Steve Wozniak and Steve Jobs. Apple
Computer (and microcomputers) might not have been born (IBM would have loved
that).
Technology has changed faster than the legal system and society can adapt, so
for now, unapproved exploring of these technologies has been declared a serious
offense. Society trusts the legal systems' judgement, but even in 1992 law-
makers are just barely beginning to understand technology: "Is software
patentable (do not confuse with copyrightable), and to what degree?", "What
privacy and freedom of speech should we have with electronic mail and
communications?" Don't let unqualified law makers make decisions about
technology-related issues that will affect you, without them knowing what you
have to say.
So it was in the late 1980's when I began preparing for my retirement. I
outlined a set of goals and a plan to achieve them. Unfortunately this plan
required several years to fulfill, but I knew it was the right time of my life
to begin this ambitious plan. The goals I wanted to achieve were:
1) Pass the knowledge I've gained onto others.
2) Keep the "hacker" movement active.
3) Prepare myself to be legitimately successful so that I can help to
influence society's views about technology as a member of the
society.
Due to the increasing danger of getting caught, and to become successful, I
was forced to hide from the mainstream hacker community and make my actions and
efforts unknown. The first two goals were closely related and took slightly
longer to complete than my original plan. However, they were a much greater
financial sacrifice than I ever imagined. The third goal will probably require
the rest of my lifetime, but it's a challenge I accept.
To complete goals 1 and 2, I've spent the last 5 years preparing a "tomb" of
information and knowledge used within the hacker community. Not all of the
information is complete, but neither is the seed that grows to become a tree.
Anyone with a telephone can guess ("hack" according to the media and law
enforcement) 4-digit passwords to telephone calling cards or PBX out-dial
lines, but I wanted "real" hackers. I talked and met with 100's of hackers
world-wide to find the right individuals who can responsibly learn and append
to this "tomb" -- people who have the desire, respect, effort and ability to
encourage new generations of hackers. This group has been selected and
trained, and I feel they are some of the best prospects. Their international
mixing should give them an almost unlimited number of opportunities, and some
protection. I wish them the best of all luck in their endless journey of
learning and knowledge.
To become legitimately successful meant getting a respectable job. Obviously,
with my interests, I knew it would have to be in the high technology
industries. Unfortunately, getting a job interview or a job offer with these
companies is difficult because the Human Resources departments always shun the
hiring of hackers. This is ironic, because many of the engineers and
programmers within these companies are made of ex-hackers, or people who share
a similar intense interest in technology. Also, since some of best experiences
of a hacker are discovered non-legitimately they can't be presented on a
resume.
My first step towards completing this goal was instinctive; to keep my
excitement and enjoyment focused intensely on technology. This may sound
strange, but many hackers know friends who "burn out" on hacking or working
in the high-tech companies, and I didn't want to 'burn out' at 20 years of age,
so I had to slow down my hacking activity.
The next step was getting a college education, which I've completed. College
is not the answer to everything... in fact it's not the answer to anything,
however, college is an experience I wish everyone could experience -- it's a
unique experience. A college degree will not guarantee a job, but it might get
you past the Human Resources department. If you have the chance to attend
college, don't miss this chance. I realize employers prefer experienced
workers over inexperienced "fresh" college graduates, but if you have a focused
interest on a certain technology, then you will find a way to keep updating
yourself while suffering through college. And like me, you will find the
college degree combined with the results of your focused efforts will open the
best job opportunities to you. Be focused and patient... it worked for me!
I am currently working on the inside of a technology-related company, enjoying
the work I do for a living. In fact, sometimes I think to myself, "Wow, I get
paid for doing this!?" It's a thrill to be doing what I do, yet I must work
hard, and continue working hard to achieve the highest position I am able to
reach to make the most of my abilities. In doing this, I hope someday to give
something back to the non-hacking society which may show them that hackers are
constructive to society, thus, changing their negative view which has labeled
hackers synonymous to "criminals." I would like to see mature, legitimately-
successful hackers, form an interest group to help cultivate the energy of the
younger hackers.
Although I am retiring from the community, I can never retire the curiosity and
intense interest I have about technology. Instead, I now focus these aspects
legitimately into my daily work and will continue to do so. I've immensely
enjoyed my involvement in the hacking community and will always treasure it. I
also hope to eventually persuade people to accept hackers and to not persecute
them. This last goal is the most ambitious goal, but I feel it's the most
important goal, because those groups that control society are wasting a group
of young and talented individuals who could be inventors of future
technologies. Now, I will formally say "goodbye" to my friends in the hacking
community... but not for the last time.
Persevere,
Jester Sluggo
_______________________________________________________________________________
"Truth Is Out Of Style"
An Investigative Report Into Computer Security Corruption
by Dispater
It seems that these days the anti-virus industry/community has brainwashed the
public into thinking that any use of a modem will put you in contact with an
unfathomable array of dangers. It sounds like something your mom said, when
she didn't want you to stay out after dark doesn't it?
As it turns out the anti-virus community has all the moral fiber of television
evangelists. As they preach on about the horrors of accessing information
(without purchasing one of their products), they are engaging in the activity
that they claim should be made a federal offense, in Congress. That is the
"distribution of computer viruses. Not only have they been involved in this
type of activity since they industry began, but now there is a self proclaimed
"elite" [smirk] group of so-called professionals within the industry that wish
to keep a monopoly on the virus trade, by ruining the reputation and lives of
independent researchers. So in a way, we now have a "virus cartel" within the
computer security industry.
The Little Black Book of Computer Viruses
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
The Little Black Book of Computer Viruses is a printed text that has been
around for a few years, but is finally making waves with people who think
Prodigy and CompuServe are the best networks ever invented. Anyway, this book
contains printed out versions of viruses. Gee, viruses are SO difficult for
people to get their hands on aren't they? Well, one of the information
dinosaurs got his name in print for condemning such immorality.
"Professional virus fighters such as Alan Solomon at S&S
International are madder than angry hornets over the publication.
They are encouraging anti-black book campaigns that include
PICKETING THE AUTHOR'S HOUSE, boycotting shops that sell the book,
petitioning Congress, and even bringing in lawyers."
-- ComputerWorld, June 29, 1992, page 4 (emphasis added)
Well isn't it interesting to note that while Mr. Solomon is encouraging
personal and economic harassment of Mr. Ludwig, his close friend and business
associate, Sarah Gordon is doing the dirty work for him.
The Con
~~~~~~~
The National Computer Security Association's 1st Annual Conference on Viruses
took place in Washington, D.C. this past June. Alan Solomon and Sarah Gordon
were there in full force. Gordon has often been referred to as being Solomon's
sidekick and nowhere did she live up to this distinctive title more than at
this conference.
At the conference, Gordon purchased not one, but two copies of Ludwig's book
and then immediately ran to the conference organizer to make a dramatic scene
over how immoral it was for Mr. Ludwig to be selling such a thing. As it turns
out this is not the first time Sarah Gordon has engaged in such hypocritical
behavior.
Another interesting thing to note at the conference is the fact that one
evening, Knight Lightning and a couple of others noticed some people sitting
around a room and walked in out of curiosity to what was going on. As it
turned out what was going on was a "midnight meeting" of sorts. KL and friends
were asked to leave because "it was not appropriate that be here." Why
wasn't it appropriate? It's because what these people were doing was
discussing the ways they were going to "take down bulletin boards" and damage
people's career's who distribute viruses.
Sometime after this conference, I learned about their plan to use "the media to
ruin these sysops. For example, to use influence with the media to call
attention to this type of activity." These people even went so far as to
compile a list of BBSes that they wish to "take down."
The Hit List
~~~~~~~~~~~~
Phrack received anonymous mail containing the BBS "hit list" that the self-
proclaimed "elite" group of modem vigilantes put together to target first.
Upon our receipt of this list, Phrack staff members contacted the sysops of
these boards and as a result, many of the numbers have since been changed.
+1-206-481-2728 The Festering Pit of Vile Excretions
[This phone number belongs to a construction company
called Custom Building Co.]
+1-213-274-1333 West Coast Technologies (Tymnet 311021300023)
+1-213-274-2222 DII
+1-213-PRI-VATE\
)BBS-A-Holic
+1-ITS-PRI-VATE/
+1-301-PRI-VATE\
)Digital Underground
+1-301-913-5915/
+1-301-948-7761 Cornerstone III
[ ]
+1-305-669-1347 The Penthouse
+1-516-466-4620\
)Hamburger Heaven: this was down for
+1-517-PRI-VATE/ software problems, was titled Sentinel's Gate
+1-602-491-0703 The Final Frontier
+1-708-541-1069 Pirate's Guild
+1-717-367-3501 Night Eyes
+1-818-831-3189 Pirate's Cove
+1-901-756-4756 Silicon Central
+1-916-729-2112 The Welfare Department
[This is an insurance companies phone number]
+1-213-274-1333 West Coast Technologies (Tymnet 311021300023)
+1-213-274-aaaa DII
+1-313-LIM-ITED Canterbury Woods
+1-409-372-5511 The Crowbar Hotel
+1-514-PRI-VATE\
)The Sacred Reich
+1-514-975-9362/
+1-516-328-0847 The Grave of the Lost
+1-516-541-6324 Realm of Heroes
+1-708-459-7267 Hell Pit
+1-713-464-9013 South of Heaven
+1-818-831-3189 Pirate's Cove
+1-819-PRI-VATE Brain Damage
It is unclear as to whom is directly responsible for the organization of this
group or who is responsible for creating and distributing the list, however
there were representatives from CERT, ISPNews, and several other well known
individuals who are self-proclaimed security experts as well as a slew of
nobodies who wish to make a name for themselves.
The Hell Pit BBS
~~~~~~~~~~~~~~~~
The Hell Pit is a BBS system in Chicago and operated by a sysop named Kato.
Kato has a legitimate curiosity (as if a curiosity needs to be validated) about
the inner-workings of viruses. I shall let him relate his experience:
"I have been running The Hell Pit BBS for the past 3 years. It's gone
through many phases in that time, but the most recent has been my affection
for computer viruses. I became interested in viruses about one and a half
years ago and I set up a virus file base on my system. At first I had a
mere 5 or 6 viruses that I had collected from a system in the area. My
collection has grown to about 700 IBM computer viruses."
"It seems to be their objective to shut down my bulletin board system and
therefore eliminate my virus database. Considering these anti-virus
personnel claim to be interested in aspects of computer security, I find
their tactics highly questionable. There was recently a NCSA anti-virus
conference. I learned from sources that one of the people attending the
conference [Sarah Gordon] had committed certain acts on my BBS. This person
claimed to have called up, uploaded 3 fake viruses, gained access to my
virus database and then downloaded several viruses. This is their proof
that I do not adequately control virus access on my system. The anti-virus
personnel do not allow me to defend myself."
"Anti-virus personnel themselves have committed the same mistakes as I did,
probably much more often. There is no set of rules that determines what
makes someone an anti-virus authority. Certain people that seem to fit the
mold are allowed to exchange viruses with anti-virus personnel. What are
the criteria for these people? Is there any? It has been my experience
that if you get involved with the right circles, you are considered an anti-
virus authority. However, there are many places in the anti-virus community
for viruses to leak out. For one thing, you can never be certain who you
are dealing with. Just because someone is smart and claims to hold an anti-
virus attitude is no guarantee that that person isn't an "in the closet"
virus writer.
"At anti-virus conferences such as the NCSA anti-virus conference, guests
were exchanging viruses like they were baseball cards. That isn't what I
would consider controlling access."
"They do help a lot of people with computer troubles. However, to criticize
me for not properly controlling access to my collection of viruses is being
hypocritical."
"If anyone would like to call my system to check things out, feel free. I
have a lot more to offer than just computer viruses. I have a good number
of text files and some pretty active message bases. The Hell Pit BBS -
(708)459-7267" - Kato
Conclusions
~~~~~~~~~~~
It seems there is a move afoot in the anti-virus community to rid the world of
bulletin board systems that disseminate viruses openly and freely. The anti-
virus professionals believe that they must "defend the world" from this type of
activity. Even though during a recent conference in Washington, D.C., it was
disclosed that an anti-virus researcher recently uploaded three (3) viruses
onto a virus BBS (Hell Pit). Why was this done? To "expose the fact that the
sysop was not as careful as he claims to be." The person that did this was
then able to download viruses which was against the policy the sysop claimed
was in place (of course this statement is based upon the integrity of the anti-
virus community and their integrity is obviously suspect).
So, the anti-virus community set-up this sysop and made an example of him in a
national conference without allowing him the opportunity to defend himself. In
fact, the sysop may still be totally unaware that this event has even occurred,
until now that is.
These anti-virus researchers were openly exchanging copies of viruses for
"research purposes only." It seems okay for them to disseminate viruses in the
name of research because of their self-proclaimed importance in the anti-virus
community, but others that threaten their elite (NOT!) status are subject to be
framed and have examples made of them.
Do As I Say, Not As I Do
~~~~~~~~~~~~~~~~~~~~~~~~
This type of activity raises a very interesting question. Who gives private
sector computer security employees or consultants carte blanche to conduct this
type of activity? Especially when they have the gall to turn around and label
hackers as criminals for doing the exact same thing. The answer is not who,
but what; money and ego. Perhaps the most frightening aspect of this whole
situation is that the true battle being fought here is not over viruses and
bulletin board systems, but instead the free dissemination of information. For
a group of individuals so immersed in this world, there is a profound ignorance
of the concepts of First Amendment rights.
Phrack Magazine is ready to stand tall and vigorously keep a close watch and
defend against any incursion of these rights. We've been around a long time,
we know where the bodies are buried, our legion of followers and readers have
their eyes and ears open all across the country. Those of you in the security
industry be warned because every time you slip up, we will be there to expose
you.
Dispater
_______________________________________________________________________________
Tim Foley Virus
~~~~~~~~~~~~~~~
By Guido Sanchez
Right after I moved from 512 to 708, I had the misfortune to realize that Steve
Jackson Games, a company whose games I readily buy and play, had a BBS up in my
home town called the Illuminati BBS. This was my misfortune as I could have
called it locally in Texas, but now instead had to spend my phone bill on it
from Illinois.
A good year after the Secret Service assault of Steve Jackson Games, after most
of the "evidence" was returned with nifty little green stickers on it, a text
file was put up on the BBS called FOLEY.TXT, a simple copy of the lawsuit that
Steve Jackson Games had filed against the government, also known as
JACKSUIT.TXT, distributed by the EFF I believe.
[Editor's Note: We have been unable to confirm that EFF ever released a file
called JACKSUIT.TXT, however details of the EFF's
participation in the Steve Jackson Games lawsuit can be found
in EFFector Online 1.04.]
It was called FOLEY.TXT obviously because of Timothy Foley, a big-shot
government guy [actually an agent for the U.S. Secret Service] who is one of
the defendants in the case. I downloaded the file, and zipped it into a file
called, surprisingly enough, FOLEY.ZIP.
Within the next week, I was gleefully spreading information as usual, and
uploaded the FOLEY.ZIP file along with a batch of viral files to a local BBS
with a beginning virus base. The theory here is to spread viruses about,
accessible to all so that wonderful little Anti-Viral programmers cannot
succeed.
Unfortunately, the FOLEY.ZIP file was put into the viral file base, and before
I could warn the sysop to move it into the appropriate file base, about 8 lame
warezwolves had downloaded it and by the end of the week it was widely spread
around the 708 NPA.
The moral of this story? None really, it's just an amusing vignette of what
can happen when people become involved in the intense bartering of information
that takes place via modem, and can get ridiculed if they're not sure of their
commodity. That's all this huge business is, everyone is a courier. Whether
they're pirated files, adult files, sound files, viruses, or text files; 90% of
the time they're just downloaded from one 1.2 gig board and uploaded to the
next one for more credits to download more files, etc.
It's a great big cycle, just like life. So, to risk sounding cliche, my rally
to all is this: "Slow down! Sit back and pick the roses, eat them, digest them,
and eventually excrete them!" Mr. Warhol, my fifteen minutes are
up. The soapbox is now free.
_______________________________________________________________________________
The Hacker Files June 22, 1992
~~~~~~~~~~~~~~~~
By Barbara E. McMullen & John F. McMullen (Newsbytes)
NEW YORK -- DC Comics has announced the introduction of a new twelve-issue
series, "The Hacker Files." DC spokesperson Martha Thomases said that the
first issue will ship on June 23rd.
The series, created by science fiction author Lewis Shiner, deals with the
adventures of "super-hacker" Jack Marshall who, prior to the events chronicled
in the series, unjustly lost his job at Digitronix and now operates as a free-
lance consultant.
The first story line, covering the first four issues of the series, deals with
Marshall's attempt to uncover those responsible for jamming ARPANET (Network of
Advanced Research Projects Agency) and causing NORAD's Space Surveillance
Center inside Cheyenne Mountain, Wyoming to malfunction, bringing the United
States to the brink of nuclear war.
In the course of his investigation, Marshall, AKA "Hacker," is assisted by a
number of members of the hacker community -- "Master Blaster," "Sue Denim," and
"Spider" (Master Blaster, whose real name is Mikey is a student at New York
City's Bronx High School of Science).
Fiction comes close to reality when it appears that the person responsible for
the virus that caused the damage is Roger P. Sylvester, a student at Columbia
University and the son of a high ranking official at the National Security
Agency (NSA); on November 2, 1988 Robert T. Morris, Jr., a Cornell student and
son of NSA's chief computer scientist, caused the crippling of the Internet
through his release of the "Internet Worm."
Shiner told Newsbytes, "The similarity of the characters was, of course done
intentionally -- you might even note the somewhat subtle connection of the
names: 'Sylvester The Cat' and 'Morris The Cat.' I did it partially to show
those somewhat knowledgeable about computers that the plot was not made out of
whole cloth but was the result of a good deal of research."
Shiner continued, "When reading comics, I look for information density and I
tried to make the Hacker Files rich in that regard. I'm hoping to attract some
computer-literate young people to comics -- comics were one of the earliest
forms of expression to make great use of computers and I hope, with the Hacker
Files, to involve more computer types in the medium."
Shiner also told Newsbytes that his experience as a programmer with a small
Dallas software firm provided him with an ongoing interest in computer and
communications technology. He added, "The firm was sold to EDS (Electronic
Data Services), Ross Perot's firm, and, with long hair and jeans, I didn't fit
into the EDS mold so I left and concentrated on writing."
_______________________________________________________________________________
"Sneakers" by Universal Pictures June 24, 1992
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Taken from PR Newswire
Follow A Team of High-Tech Security Experts
Into The Complex World of Computer Crime
"I was trying to break into Protovision. I wanted to get the programs for
their new games." -- David Lightman (Matthew Broderick, "WarGames").
"The world isn't run by weapons anymore, or energy or money. It's run by
little ones and zeros. Little bits of data. It's all just electrons." --
Cosmo (Ben Kingsley, "Sneakers").
In 1984, screenwriters Walter F. Parkes and Lawrence Lasker received an Academy
Award nomination for their script which followed the adventures of a young high
school hacker (Matthew Broderick) whose computer made contact with the
mainframe computers at North American Air Defense Command (NORAD).
A critical and box office success, "WarGames" was the first major motion
picture to explore the emerging worlds of computer games, hacking, crashing and
data piracy. It soon found a legion of fans who had also discovered the vast
frontiers available through their personal computer.
Eight years later, Parkes and Lasker along with writer-director Phil Alden
Robinson ("Field of Dreams") have collaborated on "Sneakers," a Universal
Pictures release which follows a team of high-tech security experts into the
complex world of computer crime. The caper film, directed by Robinson, stars
Robert Redford, Dan Aykroyd, Ben Kingsley, River Phoenix, Sidney Poitier, David
Strathairn, James Earl Jones, and Mary McDonnell.
Parkes and Lasker first heard the term "sneakers" at a computer convention in
1981 as a nickname for IBM's kid programmers. Months later, they met the
editor of a small computer magazine who had a very different definition of the
word. "Sneakers," their source explained, is a term that is synonymous with
"black hatters" and "tiger teams," or individuals who are hired to break into
places in order to test the security of the installation.
Teaming up with Robinson, the trio wrote the basic outline of a story about a
team of sneakers whose questionable pasts had brought them together. Robinson
then embarked on some extensive research, but what had begun as basic fact-
finding about computer outlaws soon evolved into clandestine meetings with
underground hackers, FBI men, cryptologists, wire tappers, professional
penetrators and an endless stream of cyberpunks who were the pioneers in system
break-ins.
The "Sneakers" research led to meetings with numerous characters, ranging from
the notorious Captain Crunch (John Draper) to renowned mathematician Leonard
Adelman, called the father of public-key encryption. Using computer
encryption as a plot device, the writers were able to concoct an intricate
"what if" story which explored the possibility of a "black box" that could
potentially crack the code of any electronic information in the world.
"'Sneakers' has to do with a new age... the information age," said Redford.
"It's quite possible that a war in the future will be a war of information.
Whoever has it, wins."
Coming to theaters this September.
_______________________________________________________________________________
Pirates v. AT&T: Posters
~~~~~~~~~~~~~~~~~~~~~~~~
Special thanks to Legacy Irreverent and Captain Picard
On May 24 1992, two lone pirates, Legacy (of CyberPunk System) and Captain
Picard (of Holodeck) had finally had enough of AT&T. Together, they traveled
to the AT&T Maintenance Facility (just west of Goddard, Kansas) and claimed the
property in the name of pirates and hackers everywhere.
They hoisted the Jolly Roger skull and crossbones high on the AT&T flagpole,
where it stayed for two days until it was taken down by security.
This event was photographed and videotaped by EGATOBAS Productions, to preserve
this landmark in history. And now you can witness the event. For a limited
time they are offering full color posters and t-shirts of the Jolly Roger
Pirate flag flying high over AT&T, with the AT&T logo in plain view, with the
caption; "WE CAME, WE SAW, WE CONQUERED."
Prices: 11" x 17" Full Color poster........................... $ 7.00 US
20" x 30" Full Color poster $20.00 US
T-shirts $20.00 US
If you are interested in purchasing, simply send check or money order for the
amount, plus $1.00 US for postage and handling to:
CyberPunk System
P.O. Box 771027
Wichita, KS 67277-1072
Be sure to specify size on T-shirt.
A GIF of this is also available from CyberPunk System, 1:291/19, 23:316/0,
72:708/316, 69:2316/0. FREQ magicname PIRATE
_______________________________________________________________________________
Telco Trashing Yields Big Rewards July 20, 1992
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
by Anonymous
A few days ago, I was faced with a decision about what to do that fine evening:
Try and make amends with my girlfriend or go dumpster diving down at the Bell
Central Office. Well I guess I am a true lamer since I opted for the telco,
but my choice did not go unrewarded as I found a nice little treasure.
The building is a old 1940's brick place with almost no security whatsoever,
not even a guard on Sunday nights. So, it was no problem to jump the barbed
wire fence that surrounded the truck lot where the dumpster was located. After
rooting around through the dumpster for something worth my while, I came across
a medium sized box that apparently had been used by one of the employees for
moving since written on the were the words "pots and pans, kitchen."
Naturally intrigued by this strange box in a telco dumpster, I opened it and
found quite a surprise! There, staring up at me, was a binder with a label
stuck on it that read "Phrack 23." Inside I found the entire collection of
Phrack 1-39, Informatik 1-4, and LOD/H Technical Journals 1 and 2 (apparently
they were too cheap to print out the rest). They were poorly printed on a
laser printer (or well printed on a ink jet), but they were much better than
the cheesy job I had done printing out mine. :-)
Apparently someone at the telco is a phreaker that infiltrated the ranks of
South Central Bell or they have been reading up on the latest and greatest in
the phreaker/hacker community.
Perhaps not as valuable as a list of COSMOS passwords or dialups, but still it
was quite a find.
_______________________________________________________________________________
Anonymous Mail On IBM VM Systems?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Date: Tue, 28 Apr 92 14:54:58 EST
From: Apollo
Subject: Anonymous Mail
To: Phrack Staff
Dear Phrack Staff,
I was reading a past Phrack issue and noticed that you can send anonymous
mail from a UNIX system. I know that there is a way to send it from a VM
system. However, the people at my node don't want anonymous mail sent, so they
do not tell us how it's done. Can someone PLEASE tell me how I can send
anonymous mail via a VM system?
-- Apollo --
From: Mind Mage
Subject: Anonymous Mail
To: Apollo
I assume that you know you can telnet to any VM system on the Internet and send
anonymous mail using port 25 and a commands that are very similar to that of
the UNIX SMTP.
If you want to send it from your particular system, you can try telneting to
port 25 of your own machine and doing it from there.
Mind Mage
_______________________________________________________________________________
WWIV Link Hack
~~~~~~~~~~~~~~
By Mr. Bigg (Rebel-*-Jedi)
Not that many people care but here is a nice little trick I happened to come
across and feel like sharing.
Hack for WWIV Systems Using Multi-Net v1.0 Mod
Usually used for LinkNet
Main Login: @-!NETWORK!-@
Link Login: 1 (or whoever is sysop)
//edit config.dat
find system password in file
abort editing
//dos
enter system password
Viola, access to Dos :)
Lamely enough there is no password. Check for users when using this mod.
_______________________________________________________________________________
The Day Bell System Died
~~~~~~~~~~~~~~~~~~~~~~~~
Sung to the tune of American Pie (with apologies to Don McLean)
Long, long, time ago,
I can still remember,
When the local calls were "free".
And I knew if I paid my bill,
And never wished them any ill,
That the phone company would let me be...
But Uncle Sam said he knew better,
Split 'em up, for all and ever!
We'll foster competition:
It's good capital-ism!
I can't remember if I cried,
When my phone bill first tripled in size.
But something touched me deep inside,
The day... Bell System... died.
And we were singing...
Bye, bye, Ma Bell, why did you die?
We get static from Sprint and echo from MCI,
"Our local calls have us in hock!" we all cry.
Oh Ma Bell why did you have to die?
Ma Bell why did you have to die?
Is your office Step by Step,
Or have you gotten some Crossbar yet?
Everybody used to ask...
Oh, is TSPS coming soon?
IDDD will be a boon!
And, I hope to get a Touch-Tone phone, real soon...
The color phones are really neat,
And direct dialing can't be beat!
My area code is "low":
The prestige way to go!
Oh, they just raised phone booths to a dime!
Well, I suppose it's about time.
I remember how the payphones chimed,
The day... Bell System... died.
And we were singing...
Bye, bye, Ma Bell, why did you die?
We get static from Sprint and echo from MCI,
"Our local calls have us in hock!" we all cry.
Oh Ma Bell why did you have to die?
Ma Bell why did you have to die?
Back then we were all at one rate,
Phone installs didn't cause debate,
About who'd put which wire where...
Installers came right out to you,
No "phone stores" with their ballyhoo,
And 411 was free, seemed very fair!
But FCC wanted it seems,
To let others skim long-distance creams,
No matter 'bout the locals,
They're mostly all just yokels!
And so one day it came to pass,
That the great Bell System did collapse,
In rubble now, we all do mass,
The day... Bell System... died.
So bye, bye, Ma Bell, why did you die?
We get static from Sprint and echo from MCI,
"Our local calls have us in hock!" we all cry.
Oh Ma Bell why did you have to die?
Ma Bell why did you have to die?
I drove on out to Murray Hill,
To see Bell Labs, some time to kill,
But the sign there said the Labs were gone.
I went back to my old CO,
Where I'd had my phone lines, years ago,
But it was empty, dark, and ever so forlorn...
No relays pulsed,
No data crooned,
No MF tones did play their tunes,
There wasn't a word spoken,
All carrier paths were broken...
And so that's how it all occurred,
Microwave horns just nests for birds,
Everything became so absurd,
The day... Bell System... died.
So bye, bye, Ma Bell, why did you die?
We get static from Sprint and echo from MCI,
"Our local calls have us in hock!" we all cry.
Oh Ma Bell why did you have to die?
Ma Bell why did you have to die?
We were singing:
Bye, bye, Ma Bell, why did you die?
We get static from Sprint and echo from MCI,
"Our local calls have us in hock!" we all cry.
Oh Ma Bell why did you have to die?
_______________________________________________________________________________
The 1992 Consumer Electronics Show
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
By Sarlo
The Consumer Electronic Show is the annual event held in Chicago, Illinois,
that gives a sneak peek at the electronic products to come to market, as well
as products that are currently on the market.
The show is usually closed to the public. This year however, for a MEASLY $10
fee, the common shmoe can waltz his ignorant ass right up to the door, get a
green stamp on his hand, and walk up to several displays, oohing and ahhhing,
and gape like landed fish at the wonderous booths set up by various
participating companies such as AT&T, most major bell companies, IBM, Prodigy,
dozens of cellular manufacturers, Nintendo, Sega, and more software producers
than I really have the patience to list.
I take a taxi to the McCormick center, a convention haven, and enter through
the underground entrance. I walk down the nondescript hallway, noting that for
a center that is supposed to be housing the latest in the future technology,
nothing was that awe-inspiring. Expecting a lame show with shoddy video
graphics, I purchased my ticket, got my hand stamped and entered the doors.
Into an enormous room, filling my senses with an array of Lights and Sound.
You could almost smell the silicon as I made my way down the aisle displaying
the giant Phillips Digital Compact Cassettes screen. Not being a huge fan of
stereo equipment, I head over to the Sharp Electronics Display. It was a turn
in the right direction, as it brought me face to face with one of the clearest
and, per the name, sharpest video displays I have seen in my life. Their LCD
big-screen televisions, displaying a aquarium scene. Even close up, distortion
of the images were at a minimum. Along the north wall, a smaller, gutted
version of the LCD display was shown, giving electronics buffs a firsthand look
at the inner workings of the viewscreens. Turning a corner, I came face to
face with their dual-projection wallscreen television. Instead of ghost images
and a fuzzy, indistinct picture, I found that it may have very well be the
highest quality video projection system I have ever come in contact with.
Cellular Mania
~~~~~~~~~~~~~~
The highlight of the Cellular Phone section was the Motorola Cordless/Cellular
display area with a large sign showing the spokesperson for Motorola, the eye-
catching slogan above him:
"Cordless Phone Eavesdroppers Are Everywhere."
Immediately catching my interest, I wandered over to check out the smaller
print:
"But with my Motorola Secure Clear (tm) Cordless Phone, my private
conversations stay private."
Secure Clear, as the literature explains it, is an exclusive technology that
assures you that no eavesdroppers will be able to use another cordless phone,
scanner or baby monitor to listen to your cordless conversations.
As most of us know, security codes and multi-channels don't always prevent
eavesdropping. With the latest technology these days, security codes, one of
65,000 possible codes that are randomly assigned every time you set the handset
into the base, keeps someone from using your phone base as an outgoing
phoneline.
Using the Auto Channel Scan (ACS), the Secure Clear Cordless Phones
automatically skip any channels that register noise or interference. Three
guesses what Sarlo is getting himself for Christmas.
For more information on this or any other Motorola product, call their Consumer
Products Division at (800)331-6456.
On other notes, Technophone had a wide variety of cellular accessories,
including a Desk stand, spare batteries, an in-car charger, a new life of
antennae, QuickCharge AC chargers, and a hands-free unit for safe operation in
a car.
Omni Cellular had one of their Model "A" V833k Portable Hand-Helds open for a
demonstration, giving a static-free conversation with one of the salesmen.
Many of the features of this phone were:
o 90 Minutes of Talk Time
o 10 hours of Stand-by Time.
o and a sturdy design built right here in the USA.
Other features included Auto-Power Shutoff, Electronic Lock, 50 number memory,
and signal strength indicator.
East Building Hipster Hi-Jinx
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Growing bored, I headed over to the map. Searching it, I found, almost
literally, my green light. On their illuminated map display, the green section
of the map beamed out to me.
"Computers"
Hauling ass to the door, stopping for a quick inspection of my bags by the
security guard, I strolled over to the east building (purchasing a way-keen
CES-92 T-Shirt along the way), I burst into the building with a renewed vigor.
Right smack-dab in the front of the entrance there is the awful stench of men
in business suits and cheap computer services. Right away, I knew I had found
the Prodigy display.
With free trials and the salesmen prodding the consumers to subscribe to their
system, I decided to take a look.
"Where else can you get such a great service, allowing you access to such a
wide variety of things such as an online message service, up-to-date news, an
online encyclopedia, and thousands of interesting users, people just like
yourselves?" The Online-Conman peddled his wares to the unsuspecting
consumers, not only misinforming them as to think that Prodigy is a useful
service at all, but to actually have the gall to shove a PS/1 in their faces
and tell them it's a quality computer.
"Umm... what about any Public Access Unix Site with an Internet or Usenet
feed," I asked. The clod then got on his high-horse and addressed me.
"Perhaps. But most Public Unix's, or bulletin boards, for that matter don't
have high-quality graphics to accompany the information." The man had
definitely done his homework. But apparently IBM and Sears soaped the man's
brains out thoroughly enough to the point where he actually bought the bull
that they were forcing down peoples throats.
"Yea," I said. "But most public access sites don't waste a quarter of your
screen space with worthless advertisements. I wasn't aware that pretty
pictures made the news or messages any more informative, either. But I might
also point out that they don't charge you a extra amount of money for every
message over the 30th one, read your mail or censor your public posts, or, many
times, even charge you a fee at all, other than possibly an optional
subscription fee, around $50 a YEAR at most, nor do they have small datafiles
that collects information from the fat table from the subscribers." As I was
speaking, the salesman was trying to interrupt me, finally succeeding at this
point.
"Well, I can see you have a lot of questions," the salesman evades rather well.
"So I'm sure this gentleman over here will be glad to answer any of your
questions, while I can take this lady's question...Yes?"
I was approached by another salesman who asked me what questions I needed
answered. I said none, seeing as I didn't have much interest in his system
anyhow, and that I was just seeing how good the Prodigy salespeople worked
under pressure. He said he would be glad to answer any questions I had, but if
I were only there to harass people, to please take it elsewhere.
Then it was off to the various other setups. Magazines were on display and
free for the taking here, including Mobile Office, Various Nintendo/Game System
magazines, and Audio Equipment. Walking down one of the back isles, I heard a
bit of conversation that caught my ears.
Star Trek Straight To Your Home
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
"Computer. Recognize Picard, Jean-Luc. Kitchen Lights ON, Turn ON the VCR and
hit RECORD. Close the Curtains, and turn on the Extasy Channel. Prepare to
record "Chicks with Dicks."
- Jean Luc Picard
Stardate 1992.4, 2:45 A.M.
Such a Scenario is something you would think you could find only on Star Trek,
right? Wrong. With the Mastervoice, the "Ultimate in Home Automation", the
mastervoice is much like your own personal butler, telling the correct time,
activating and operating any device in your household, and even with it's own
alarm system. All of this, at the command of your voice.
Mastervoice can be designed to be used by up to four people, can be trained in
any language. It distinguishes who is speaking, obeys the commands, but also
speaks back to you -- in a HUMAN sounding voice. Male or Female. You can add
or delete voices from it's recognition systems, you can also create new
response words as well.
Featuring control over lights, stereo, TV, coffee maker, heating and cooling
systems. It also has a Household Noise Override that allows you to have stupid
children racing around your home in an obnoxious manner without disturbing the
unit.
Plus, it is also a speakerphone/telephone with stored numbers. At the sound of
your voice, it will dial or answer incoming calls and allow you to carry on a
conversation without ever having to touch the system. It also interfaces with
your PC for memory storage or control operations.
Built in infrared sensor and intrusion detection systems are another highlight
of this demonstration. As it recognizes up to four voices, you can assign a
password for each voice, being anything from "I am home" to
"Supercalafragilisticexpialidoshes". If all fails, it can call the police for
you. Nutty as all hell.
Mastervoice operates thru carrier current modules. This model, as one of the
top of the line voice-recognition home-use systems, it is up there in the
$4,000 plus range, but seeing all the stuff it does, it's well worth the price.
Skipping the Game Module Section (Nintendo/Sega/TurboGraphix/etc) entirely, I
ran into an interesting palmtop known as the Psion Series 3, and their new
interlink software. Windows Compatable, the palmtop not only has communication
software for a link between your PC and Palmtop, but also will support standard
Hayes and Hayes compatible modems. Sporting a qwerty style keyboard and a
romcard port, 128k and a 40 column screen, the Series 3 may be limited, but
provides an acceptable amount of access to other online services. Though for
now, a Windows based software package is only available, at the time of this
writing, there will be DOS and UNIX compatible packages available to the public
in 5 to 6 months.
_______________________________________________________________________________
==Phrack Inc.==
Volume Four, Issue Forty, File 3 of 14
==Phrack Pro-Phile==
Written and Created by Taran King (1986)
Welcome to Phrack Pro-Phile. Phrack Pro-Phile is created to bring info to
you, the users, about old or highly important/controversial people. This
month, I bring you perhaps the most famous all underground hackers and the
founder of the Legion of Doom.
Lex Luthor
_______________________________________________________________________________
Personal
~~~~~~~~
Handle: Lex Luthor
Call me: I really no longer identify with "Lex Luthor" and don't ever
expect me to use the handle again with regards to calling
boards so you CAN call me "Johnson."
Past handles: I was too status conscious to have more than one handle. All
my effort went into just one persona.
Handle origin: From the Superfriends/Justice League of America (ABC TV)
cartoon series where the Legion of Doom (LOD) kicked their
asses until the series writers thought up some lame way for
them to win, but of course, LOD always escaped to fight another
day.
Date of Birth: You should know better than that.
Height: You should know better that that.
Weight: Approximately 610 Newtons plus or minus a few.
Eye color: With or without colored contact lenses?
Hair color: With or without my wig disguise?
Computer: Apple //+ collecting dust and a soon to be obsolete IBM 286.
Email address: lex@stormking.com
The Interview Of Lex Luthor!
~~~~~~~~~~~~~~~~~~~~~~~~~~~~
by Taran King
TK = Taran King
LL = Lex Luthor
TK: So Lex, why have you finally relented to a Pro-Phile/interview when I have
been after you to do one for about 5 years now?
LL: Well, I have to admit that I am still reluctant. This whole issue of
computer security/insecurity, hacking/phreaking, philes/electronic
publishing, etc. is still quite controversial and I would prefer to
concentrate on strictly legitimate activities. Especially areas where the
importance of opinions are negligible and the importance of facts are
paramount, as in Science and Engineering. However, I realize that Phrack
won't be around forever, so I thought that if I had any last words left to
say I'd better say it now so here I am.
TK: How did you get started into hacking/phreaking?
LL: It was easy. I had a delicious shake for breakfast, one for lunch and oh
sorry. No really, it WAS easy. I had a friend who bought an Apple and I
used to go over to his house and watch him play Ultima I, a fantasy/
adventure game. After drooling over Ultima long enough, I took all my
savings and bought a system, which was in excess of $1000 at the time.
Being penniless, I had nothing else to do but learn the machine. My
friend then purchased a modem and started calling boards. I followed
suit. He was interested in cracking software and became rather well known
using the handle "The Punk". After he gave me some codes for various LD
companies I started calling around. A short while later, I noticed that
there were boards, sections of boards, and most importantly INFORMATION
that I was not permitted to use/see. I was unhappy about being excluded
especially from RACS III (Tuc eventually came around though) and took it
upon myself to learn what was involved in accessing these systems and
getting more information. I realized as most have, that providing
information that others do not possess allowed me to be noticed and
therefore gain more information. By the way, I still play Ultima, I
BOUGHT Ultima VI two years ago but am just getting around to playing it
now.
TK: What was more important to you, getting noticed or getting information?
LL: The information was undoubtedly the goal. I realize now, as many hackers
and phreaks have in retrospect, that I am an INFORMATION JUNKIE. The
notoriety was simply the means to be trusted with more information and
knowledge. Unfortunately back then I was unaware that most of the
information that I seeked was available LEGALLY. I was blinded by the
information itself, and did not concentrate on the *methods of obtaining
information*. Now with the advent of CD rom databases, and also online
databases, the information is readily found. The problem is that the
service providers are pricing the disks and online time out of the reach
of common people, which of course puts me back to square one in a way.
TK: Why do you need information?
LL: Look, if there is one thing that prevents people from doing things or
pursuing their dreams, its INFORMATION. Not money, not guts, not
anything. With the right information just about everything else can be
obtained with the exception of health and happiness I suppose.
TK: Give me an example.
LL: Okay. If you have ever been up late watching TV and 'ol Dave Del Dotto or
Carlton Sheets or whomever gets on and is trying to sell you their
"courses" on Real Estate, Buying at Government Auctions, etc. then you
know what I am talking about. These guys made millions simply by
obtaining information that the majority of people were not aware of and
put it to use, they could have been anybody.
TK: What types of information do you look for?
LL: Although I always look to learn new ways of how to obtain information in
general, i.e., what new databases are available and how to use them, etc.
I am currently concentrating on scientific data since I am working on my
Master's Thesis and a comprehensive literature search is required to
prevent me from duplicating what has already been accomplished. The
"don't re-invent the wheel" philosophy.
TK: You mention a thesis, what schooling have you had/are pursuing?
LL: I don't want to be too specific, however, I have an undergraduate
engineering degree and am currently in the process of completing dual
Master's degrees, one in Quantum Physics and the other in Engineering.
TK: Sounds heavy, but why be vague, you must have a computer-type or
electrical engineering degree?
LL: No, and I get that a lot from old friends: "You are so good with
computers, why aren't you doing that?" My interest in computers now is
simply to make them calculate equations and do simulations of physical
systems. And to help me get more information.
TK: Let's get back to the H/P subject, there's a few people who have always
contended that you and the guys in LOD really didn't know much of
anything, is that true?
LL: Well I can't speak much about the old members, but their expertise
satisfied me and other members (we would usually vote on new members, I
wasn't a dictator you know). As for me, I realized early on that only
certain people can be trusted with certain information, and certain types
of information can be trusted to no one. Giving out useful things to
irresponsible people would inevitably lead to whatever thing it was being
abused and no longer useful. I was very possessive of my information and
frequently withheld things from my articles. By not providing much data,
some people may conclude that I didn't know anything at all. Its just
that I didn't release it to just anyone and that dismayed various people
probably to the point of lashing out at me and LOD.
Some People to Mention
~~~~~~~~~~~~~~~~~~~~~~
Taran King: You were always hounding me for a Phrack Pro-Phile. Hope
you are enjoying it.
Knight Lightning: Great guy, but how did he get so famous even though he never
even broke into the E911 computer? Sad to see him get
screwed by overzealous "professionals." Wish I had some
money to donate to his defense fund.
The Blue Archer: Always wanted to meet him. I never got a chance to meet him
face to face although I have known him for 8 years. To be
honest, he was better at getting into systems than I was.
Tuc: Always willing to bend over backwards to help you out. I
still use the briefcase he bought me in NYC many years ago.
Paul Muad'Dib: The one in New York. He is one of the smartest people I've
ever met. I hope he is doing something worthwhile.
Bioc Agent 003: Talked to him quite a number of times and met him at TAP
meetings, but we never got to be friends.
Cheshire Catalyst: I still owe him $20. He lent it to me in NYC.
Control-C: A wildman with the women. I hope he gives me his STARGATE
videogame when he gets tired of it. I don't play it every
day like him, but I still can kick his ass.
Phantom Phreaker: He has a spiritual side to him that most people never
realize.
The Videosmith: A fun person with talent. I was sad to see him leave the
scene so early. Met with him in his home state two years
ago just to say hello.
Dr. Who: Here is a guy who loved hacking and exploring systems. I
mean he really enjoyed it. He got quite good at it too.
Telenet Bob: Met him up in Massachusetts at Dr. Who's conference.
Jester Sluggo: Met him up in Massachusetts along with The Sprinter.
Obviously he knew more than he let on even way back then.
Compu-Phreak: I liked listening to his pirate radio station while he
operated it. The FCC never did catch on.
Silver Spy: A very smart guy with a future. Someone who knows when to
stop, but was a little bit panicky at times.
Erik Bloodaxe: Part of the original LOD group. I think he always wanted my
job. I consider him a friend even though we had our
misunderstandings.
Mark Tabas: Part of the original LOD group and sysop of Farmers of Doom
(FOD) for the short time it was up. I hope he isn't in any
trouble again.
Flash Hoser: A fellow information junkie in the Great White North (GWN).
Gary Seven: Probably one of the least known yet talented hackers around
except that I mentioned him in the acknowledgement section
of many of my files. He has since quit.
Digital Logic: Ran a good board for quite a while. An idealist who could
give a great speech. Too bad no one would listen.
The Ronz!: Old friend who no one ever heard of unless they called
Digital Logic's Data Service BBS.
Al Capone: Should have been born a few years earlier so he could have
gotten into hacking when it was fun. He got into it too
late and the risk became a little too high for him.
Quasi Moto: Sysop of Plovernet. Was a good sysop, but not much of a
hacker. Still talk to him on the net.
King Blotto: Known him a long time. Glad he never put me on
TeleTrial!
The Mentor: A fantastic writer. He ran a great board (Phoenix Project).
The last time I talked to him was a few years ago, but he
wasn't very talkative. I think he fell for the 'ol Lex is a
rat rumors.
The Leftist: I hitched a ride with him to one of the SummerCons in
St. Louis. Haven't talked to him since his trouble began, I
hope he's cleaned up his act. I thought he was cool until I
heard he was making stuff up about me to the investigators.
The Prophet: A kindlier gentler hacker. Sorry to see him get screwed by
the system.
The Urvile: Met him at SummerCon '89. Definitely seemed to be the type
who you could trust not to screw you over.
Sir Francis Drake: Met him at SummerCon '87. I'm glad I got a chance to.
Sir Knight: What a character.
Shooting Shark: I appreciate the favorable comments he made about me in HIS
Phrack Pro-Phile.
A Few Other Things
~~~~~~~~~~~~~~~~~~
While I'm on the subject of people, there is one thing that I have not see
published in any form, and that's a "Where are they now" type of thing for
ex-hacks/phreaks. Just so people know, there are a number of us who are doing
quite well at lawful pursuits.
For example:
Silver Spy - Completing a Master's Degree in Electrical Engineering.
Knight Lightning - Working to become a lawyer.
The Unknown Soldier - A high level manager at a successful software company.
The Mentor - Creating games at a well known game company.
Jester Sluggo - Working for a 'high technology' company.
The Disk Jockey - Working in the computer business.
Gary Seven - Chief engineer at a radio station.
The Interview With Lex Continues
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
TK: In an early issue of Phrack you were referred to by the following:
"There is paranoia and beyond paranoia there is Lex." How do you respond
to that?
LL: Ha Ha, I remember that one. Well of course there is some truth to it.
And the saying, "better paranoid than sorry." is true as you can see since
I am not behind bars... not that I ever did anything illegal of course,
ahem. I should mention that I met two individuals early in my hacking
career that had a significant influence on me, and both are the absolute
epitome of paranoid.
One was "Eliott Ness" who was probably in his late 30's to 40's by the
sound of his voice. He used to call LOD, I met him on a local board. He
was extremely knowledgeable, but always knew when to stop giving general
information, never gave out ANY personal information, and never
communicated for any length of time.
The other guy was "Number 6" from TAP meetings in NYC. I met him a few
times. Six was another older gentleman. He was very calm until anyone
showed up with a camera. Then he "went off" until the camera threat was
negated. This guy had a way of extracting information out of you without
you even realizing what he was up to.
As I recall people would ask him a question and he would simply turn it
around and say, "well, what do you think (or know) about so and so" and
the hapless phreak would spill his guts with Six taking notes and
sometimes making corrections to what the phreak said much to the phreak's
surprise. But Six never really gave out much information although it was
completely apparent to me that he knew a great deal just by the way he
carried himself.
A few phreaks would try to follow him after the TAP meetings, but he
always lost them without ever letting on that he knew he was being
followed. It should be mentioned that paranoia can destroy you (as the
song goes). A number of times I ran into real problems trying to escape
from suspected problems that probably weren't anything to worry about.
TK: What memorable H/P BBSes do you recall?
LL: OSUNY: Caught the tail end when I first started. I was impressed.
Plovernet: That BBS was crazy. Constantly busy since it had hundreds of
active users and Quasi Moto let everyone post whatever they
wanted and never deleted messages unless there was no disk
space left. We helped start the "philes" trend there also.
It was easy to spot who knew what they were talking about so I
invited them onto the LOD BBS. Some of the people on the LOD
BBS were then asked to join the now infamous LOD group.
TK: (*Interrupts*) Did you ever think the group you started would become a
household name in security and hack/phreak circles?
LL: Although I knew the guys in the group were good hacks/phreaks, I had no
clue of where it was leading. Since we did not tolerate destructive/
malicious behavior nor things like credit card fraud I did not think there
was much risk in the group as a whole getting any real attention. Of
course, all that changed with time.
TK: Sorry for the interruption. Please continue.
LL: Metal Shop Private: The users were idealistic and good natured which was
refreshing. I liked it most because it was a good
source of information/files and we were the first to
see new Phrack issues.
Farmers Of Doom: Mark Tabas did a fantastic job with this one. It was
quite busy, but did not remain up very long.
Phoenix Project: Again, another fantastic job. The Mentor had some
rather unconventional ideas like letting security people
on, which I thought was a good idea.
RACS III: Tuc didn't give me the time of day at first, but eventually I
got on. Then he took it down.
Pirates Cove: The board in 516 (Long Island, NY). One of the classics.
It's where I met Emmanuel Goldstein and invited him onto
Plovernet to help sell 2600 subscriptions.
Catch-22: Absolutely positively the most secure BBS I ever encountered.
Besides passwording subboards along with requiring users to
have a high enough security level to access them, it made use
of many concepts from the "basic security model" introduced by
Lampson and later augmented by Graham and Dorothy Denning. Of
course Silver Spy and I had no clue what an access matrix was
and things of that nature. A duress password was implemented
so if someone got nailed they could enter the password, not
compromise the system, yet appear as to be cooperating with the
authorities who we presumably thought would ask the hacker to
call. It was never used but nice to have.
BlottoLand: Good board for a while, but he let too many of his "loyal
subjects" on the system who were locals and they eventually
overran it.
TK: Do you REALLY think you are ELITE or what?
LL: I really don't know how anyone got the idea that I considered myself
elite. The only people who said I thought I was elite were those who I
never met or talked to. Contrary to some people's belief, I never
considered myself as elite. I was just a guy who liked to pass
information on to others so I wrote some files. The files did help me get
access to more information by making me more well known. When I read the
newspaper, I'm one of those annoying people who keeps interrupting your
breakfast to tell you details about all the neat stories.
TK: Speaking about the group, what do you think about Erik Bloodaxe and others
starting ComSec Data Security?
LL: When I first called Bloodaxe after I saw them in the papers/magazines he
thought I would be mad, maybe that he took my idea or something. I told
him I am familiar with the computer security consulting business and don't
want any part of it. It's too tough to get people to pay money for
something that they cannot get a verifiable return on their investment.
Besides, getting them to trust you with their inner most secrets is
extremely difficult.
I told ComSec to write articles about security until their fingers fell
off. Legitimize themselves as soon as they can. There was too much
prejudice out there against them with ComputerWorld leading the pack. I
really think they could have helped some companies if given a chance. But
I don't think they had enough knowledge about the whole security picture,
i.e., Physical Security, Environmental Systems (fire suppression, UPS,
etc), Administrative Security (Hiring/firing policies, etc.), what goes on
in big IBM shops MVS, CICS, ROSCOE, etc. There is a lot involved.
TK: How did you feel when Knight Lightning and Phrack erroneously insinuated
that you might have informed on other hackers, maybe even the Atlanta
Legion of Doom members a few years ago?
LL: Well as you now know, Craig (KL) has seen all the documents and records
from his trial and many documents from the Atlanta case and there was no
mention whatsoever of me in regards to providing information, being a
witness, testifying, etc.
Although I haven't talked to the Atlanta guys since before their trial I
am sure they know I had absolutely nothing to do with what happened to
them. The real story has since come out. If there is one thing I hate,
it's being accused of something you didn't do.
If someone does something they are accused of, he should be man enough to
admit it. I have said this before a number of times, I have never
provided information to anyone about other hacks/phreaks that directly nor
indirectly led to them being visited, arrested, or prosecuted. It's just
not my way. What goes around comes around and that kind of boomerang is
something I knew I didn't want to play with.
My success in avoiding trouble is fairly straightforward: Most of all it
was secrecy and misdirection (ala Stainless Steel Rat), avoiding phone
company computers especially those in which I was a customer of (i.e., my
local RBOC) because if you get THEM pissed at you, they'll get you one way
or another. Also, lots of LUCK and not intentionally making any enemies
although there have been a few hackers mad at me whom I never even talked
to and I have no idea as to why they didn't care for me.
TK: Do you have any advice for people out there who may want to begin hacking
or phreaking?
LL: I am not one to dictate what people should or should not do, but I
wouldn't if I were them. The technology to prevent and detect security
breaches and then to track down their source is ever improving. The
Cuckoo's Egg (by Cliff Stoll) provides a good example of that. But that
shouldn't even come into the picture.
I think they should examine objectively why they want to do it. Then make
an honest attempt at finding other legal ways to accomplish whatever they
were trying to do. I don't care how you justify it, its dishonest.
Forget about the law part of it. It just causes other people problems. I
didn't know how much until my school's systems were hacked and I was
unable to read my e-mail for a week. I was angry and thought to myself
that I'd like to get my hands on that asshole hacker. Then I laughed for
quite awhile realizing what I was thinking and the irony of it all.
Poetic justice I suppose. None of my data was touched, but I was denied
service and denial of service can be just as damaging. As for the
challenge of it, well I can't deny that that was very addicting, but there
are many legal ways to challenge yourself.
TK: What conventions/involvements outside of phone calls have you done?
LL: TAP meetings were probably the first. Then a Con in Massachusetts, the
Con in Philly with Videosmith et al. and of course the few SummerCons
(1987 and 1989) in St. Louis. There were some computer security
conferences that were interesting also. Those helped to sensitize me to
the "other side."
TK: I remember at SummerCon '89 that you were accidentally caught on video
tape for about 2 seconds and requested that it be erased, which it was.
What is the deal with cameras?
LL: It may sound a little odd, but I don't think anyone has the right to take
another person's picture without their permission. Especially when the
person who is on film has no idea where the picture will end up.
I predict within 5-10 years maximum that states will start using video
cameras to digitize your picture when you go for a new driver's license.
The digitized image will be stored with the rest of your personal
information and probably be available to people like private investigators
and others who gain access to the information illegally. With ISDN,
Multi-Media, etc., it will be possible to "set up" people very easily by
altering images via computers, etc. to make them look like they are doing
just about anything you can think of. When things like that start to
happen I will not look crazy but smart, at least to my friends who think
my avoidance of cameras is abnormal.
Most Memorable Experience
~~~~~~~~~~~~~~~~~~~~~~~~~
TK: What are your most memorable experiences (funny things that happened to
you during your phreaking/hacking or not so funny)?
LL: Dr. Who in Massachusetts had a conference in which me, Tuc, and The
Videosmith drove up at 4 AM in Tuc's VW Beetle hydroplaning all the way
due to the rain, and dead tired. We were all in a silly mood and had a
lot of laughs.
Also, the time when I was in NYC with Paul Muad'Dib and we had no money to
eat. He was the first person I know of who had any real knowledge of
phone company switching systems. He engineered a switch in Manhattan to
put call forwarding on a pay phone. Once this was done, all the money put
into the phone would remain in the phone but would not drop into the coin
box. Those who put money in didn't really have to since the phone was
converted to a POTS (Plain Old Telephone Service). Alas, humans are
creatures of habit. So after a couple of hours (since it was a busy
phone) he had the guy put the phone back to the way it was. When this was
done, all the money held in the phone was returned. It was like hitting
the jackpot in Las Vegas. We then proceeded to McDonald's.
The story about me running around naked in a Motel 6 parking lot that
Control-C has tried to get people to believe is, of course, grossly
exaggerated. His girlfriend hooked me up with a friend of her's. Dan and
his girl were in another room. He called me to come over, but I was in my
underwear. We had been drinking so I ran the 8 feet or so to his room (we
were on the 2nd floor with a solid balcony so no one from the ground could
see anyway), I said hello and then ran back to my room to go another
round.
Probably my favorite memory is relatively recent. J.J. Bloombecker,
Director of the National Center for Computer Crime Data, spoke at my
school. I sat in the very back as usual (I hate to have anyone sitting
behind me, anywhere) in a room of about 40 people and listened to his
speech which basically was to promote his book, "Spectacular Computer
Crimes." I spoke to him but never let on who I really was. He talked
about Craig's (Knight Lightning) case and then he went on about whomever
named LOD, the Legion of Doom, should have named them something like the
"Legion of Ineffectual Pansies." The reason being that, what prosecutor
in his/her right mind would go to a judge and say how dangerous a group of
ineffectual pansies are.
I sat there trying not to blush and thinking that of all the hundreds of
people he said that to, he probably never expected to say it to the person
who really named the group.
I did meet Donn B. Parker, whom I consider the father of computer
security, twice. The first time I just shook his hand. The second time
was relatively recently and we spoke for 20 minutes or so. I never told
him who I really was, not that he would know anyway. But I complimented
him enough so even if he found out, he couldn't have gotten too mad at me.
TK: What were some of your memorable accomplishments (newsletters/files/etc.)?
LL: The REAL accomplishments (non-files) will remain anonymous, but my
favorite files were the IBM VM/CMS series because they were well written
along with the Attacking, Defeating, and Bypassing Physical Security
Devices series. Before I wrote a file I scoured boards and other
traditional sources for the information I sought. If I came up empty
handed, I researched it and wrote about it myself.
Although the COSMOS files helped me get started, they were a complete
joke. They provided enough information to be dangerous and didn't help my
standing with the RBOC's. The VAX/VMS files got better as they
progressed, but except for some of Part III they didn't provide much that
wasn't available in manuals. I enjoy writing, but it usually takes me
many revisions to get it just right. As for newsletters, the LOD/H
Technical Journal is another thing that I was involved in.
TK: What is the story behind the LOD/H Technical Journal?
LL: The LOD/H Technical Journal almost never was. As you are aware, LOD had
gotten a group of files together to be published in PHRACK as an "all LOD
issue," but some of the members thought we should put out our own stuff.
The idea grew on me and I said okay. I should let it be known that you
helped us out for the first issue by spell checking it and performing some
editing and critique. But we were only able to produce 4 issues since it
was difficult in getting quality non-plagiarized or non-highly paraphrased
material.
After the third issue, I realized that I was probably not doing anyone any
favors by exposing security holes and weaknesses in systems. Some people
may not believe hearing this from ME, but I don't agree with those hackers
who think they are doing people a service by exposing their system
vulnerabilities. Nobody needs someone checking their door at night to see
if its locked. And although the old door analogy isn't exactly the same
as the pseudo-physical computer login, its close enough. Sorry about
getting off the subject a little.
TK: That's okay. Why did you quit the H/P community?
LL: I wrote a letter to 2600 Magazine about a year ago that goes into it a
little. Between that and what I've said here, it should be fairly
apparent. In brief, I realized I was mainly in it for the purpose of
getting information. It got too dangerous and I decided to direct my
energy to graduating instead of how to defeat security systems. The
thought processes involved in hacking and those in solving problems in
Engineering Design are remarkably similar and I think my hacking experience
makes me a much better designer and problem solver. Not that I am
advertising for a job or anything...
Lex's Favorite Things
~~~~~~~~~~~~~~~~~~~~~
Women: Without Diseases.
Cars: So fast that you are terrified to put the pedal all the way down to
the floor.
Foods: Anything that does not contain pesticides, herbicides, heavy metals,
radioactive elements, toxic chemicals, harmful microorganisms,
artificial colors, or preservatives. I guess that rules out fish,
produce, meat, processed foods, drinking water, and so on. In other
words there's nothing left to eat. In all seriousness, I do like
great big salads and if I was rich I would have an awesome wine
cellar.
Music: Heavy Metal, some Punk, and Classical.
Authors: Richard P, Feynman, Isaac Asimov, Stephen Hawking, Jane Roberts, Budd
Hopkins, Jacques Valee, Bruce Sterling, K. Eric Drexler, and Matthew
Lesko.
Books: I liked the Cuckoo's Egg, anything about physics, and non-kook
metaphysical books. The only thing I collect these days are books.
I have hundreds of them.
Games: Atari's ASTERIODS DELUXE was probably the most difficult videogame
ever (even though it's more than ten years old) and which I am one of
the best there is at playing it. When it comes to this, I admit I AM
Elite. There's almost no one on this planet who can beat me.
Defender and Stargate are also great. They don't make games like
they used to. And of course, the Ultima series.
Actors: Dana Carvey, Bill Moyers, Patrick Stewart (ST:TNG), Jonathan Frakes
(ST:TNG), Andy Griffith (Matlock), and too many movie stars to
mention.
The Interview Concludes
~~~~~~~~~~~~~~~~~~~~~~~
TK: Is there anyone specifically that you want to say a few things to?
LL: To all those who subscribe to the "Once a thief, always a thief" mentality
and to those few die-hard law people who would love to get their hands on
me and other ex-hackers: Don't bother, people are basically good and can
be "rehabilitated" without going to prison.
LL: The other thing that I have never understood about the hack/phreak
community is some of the obsession with tracking people down. I could
understand it a little better when the reason was to check out others to
make sure they were not feds.
I never compiled lists of who I talked to with anything except their
handle, first name, and phone number. I never CNA'd them for their last
names, or tried to find out where they worked.
But some guys just had to know everything about everyone. Don't they have
anything better to do? I was careful yes, but not to the point of
invading everyone's privacy especially when the person stated they just
wanted to be left alone. I am not saying I NEVER invaded another's
privacy, but I don't now and almost never did it in the past.
I left an Internet mailing address at the beginning of this Pro-Phile so
people can contact me. I don't mind talking to people, but I just don't
think it's fair to harass and threaten people who don't want to be
bothered. I am open to useful and constructive conversations via email,
but I really don't think it's necessary to compile individual's personal
information. I never did it and will never understand why people do it.
Besides, it's no great accomplishment to find people these days. The ways
of getting information are numerous and many are legal, so how much skill
does it really take to get someone's info? Almost none. Anyone can do
it... on just about anyone they want.
TK: What do you think about the future of the hack/phreak world or telecom
communications in general?
LL: As for the hack/phreak aspect, every time I think hacking is dead and
people would have to be deranged to break into computers or make phone
calls illegally for free, I read about another hapless person or group of
people who have done it. Don't they realize there are better and easier
ways of going about whatever they are doing? Don't they realize that the
technology to CATCH you is such that you have lost the fight before you
even get started?
Yes there will be new technologies that will help both sides, but there is
the law of diminishing returns. As for what hackers should be doing, if
anything they should keep an eye on our right to privacy. If it weren't
for hackers, TRW would still be screwing people over (worse than they do
now) and would have never apologized for not correcting invalid credit
information.
TK: And of course the question that no Phrack Pro-Phile does without...
Of the general population of phreaks you have met, would you consider most
phreaks, if any, to be computer geeks?
LL: Absolutely NOT. I don't judge people on how they look anymore (yes I used
to). As The Mentor so eloquently put it in his Hacker Manifesto (Phrack 7
and again in Phrack 14), of which this is, but a lame paraphrase, it's
more important to relate to people on what they know and on their ideas
than what they look like or what color their skin is, etc. And the vast
majority have non-geeky ideas.
TK: Thanks for your time, Lex.
LL: Thank you for letting me ramble on for so long.
_______________________________________________________________________________
==Phrack Inc.==
Volume Four, Issue Forty, File 4 of 14
Network Miscellany
*******************************************************
< How to Acquire Information on Internet Computers >
*******************************************************
Compiled from Internet Sources
by The Racketeer
of The Hellfire Club
Network Miscellany created by Taran King
Generally speaking, information is everything. A lot of hacking any computer
on a network is being able to gather information about the machine and its
vulnerabilities. This file is about using the available resources on the
Internet network in order to gain important information about any perspective
sites.
A large amount of information has been printed in Phrack recently about the
Internet, most of it copied straight from manuals and in my opinion lacking
hacking flair. Therefore, I'm going to take you straight into the heart of the
heart of the matter with this file on acquiring information!
Now, the Internet is notorious for not having an instruction manual. Most
people who find out what the Internet is learn from their friends. It used to
be that there was only one real landmark on the Internet, and that was the
SIMTEL-20 FTP archive. Now, the Internet is probably the largest free network
in existence. In fact, it's a hacker's paradise!
Unfortunately, you have to know about "public" sites on the network before you
can use them. Likewise, how are you going to hack an organization if you don't
know any machines on it? Sort of like trying to complain to Packard-Bell about
your computer equipment not working when the bastards don't supply their name,
address, or phone number. You are going to have to find another way to get that
information if you want to get anything done.
There is not any one particular way to learn about a site. In fact, you'll
have to combine several unusual methods of gathering information in order to
obtain anything resembling a "complete picture." However, using the
combinations of techniques described in this file, you can maneuver through any
network on the Internet and learn about the machines within.
The first stop on this journey is the ARPANet Network Information Center
(frequently called "NIC" by experienced network users). NIC's purpose is
simply to keep track of all the network connections, fields, domains, and hosts
that people wish to be told about.
To connect to NIC, you would issue a command from your Internet connected
machine similar to this:
.----------------------- command
\/
[lycaeum][1]> telnet nic.ddn.mil
This will (within a short period of time) route you to the Network Information
Center and grant you access. There isn't a straight forward login/logout
system on NIC like other Unix computers; it will just connect you to the
Information System upon connection. The message you will get will be similar
to this:
* -- DDN Network Information Center --
*
* For TAC news, type: TACNEWS
* For user and host information, type: WHOIS
* For NIC information, type: NIC
*
* For user assistance call (800) 235-3155 or (415) 859-3695
* Report system problems to ACTION@NIC.DDN.MIL or call (415) 859-5921
SRI-NIC, TOPS-20 Monitor 7(21245)-4
@
Great, now we are in. Essentially, since NIC is just a great big telephone
book, we need to let our fingers to the walking. Let's demonstrate a few
simple commands as I go after one of the government contract giants, the
corporation known as UNISYS. Let's start by entering WHOIS.
@WHOIS
SRI-NIC WHOIS 3.5(1090)-1 on Tue, 22 Aug 91 15:49:35 PDT, load 9.64
Enter a handle, name, mailbox, or other field, optionally preceded
by a keyword, like "host sri-nic". Type "?" for short, 2-page
details, "HELP" for full documentation, or hit RETURN to exit.
---> Do ^E to show search progress, ^G to abort a search or output <---
Whois:
Okay, now we are in the database. Since Unisys is our target, let's go ahead
and ask it about "Unisys."
Whois: unisys
Cartee, Melissa (MC142) unisys@email.ncsc.navy.mil (904) 234-0451
Ebersberger, Eugen (EE35) UNISYS@HICKAM-EMH.AF.MIL (808) 836-2810
Lichtscheidl, Mark J. (MJL28) UNISYS@BUCKNER-EMH1.ARMY.MIL (DSN) 634-4390
Naval Warfare Assessment Center (UNISYS) UNISYS.NWAC.SEA06.NAVY.MIL
137.67.0.11
Navratil, Rich (RN74) UNISYS@COMISO-PIV.AF.MIL (ETS) 628-2250
There are 28 more matches. Show them? y --> of course
Peterson, Randy A. (RP168) UNISYS@AVIANO-SBLC.AF.MIL (ETS) 632-7721
Przybylski, Joseph F. (JP280) UNISYS@AVIANO-SBLC.AF.MIL (ETS) 632-7721
UNISYS Corporation (BIGBURD) BIGBURD.PRC.UNISYS.COM 128.126.10.34
UNISYS Corporation (GVLV2) GVL.UNISYS.COM 128.126.220.102
UNISYS Corporation (MONTGOMERY-PIV-1) MONTGOMERY-PIV-1.AF.MIL 26.5.0.204
Unisys Corporation (NET-MRC-NET)MRC-NET 192.31.44.0
Unisys Corporation (NET-SDC-PRC-CR) UNISYS-ISF-11 192.26.24.0
Unisys Corporation (NET-SDC-PRC-LBS) UNISYS-ISF-9 192.26.22.0
UNISYS Corporation (NET-SDC-PRC-NET) UNISYS-ISF-7 192.12.195.0
Unisys Corporation (NET-SDC-PRC-SA) UNISYS-ISF-10 192.26.23.0
Unisys Corporation (NET-SDC-PRC-SW) UNISYS-ISF-8 192.26.21.0
Unisys Corporation (NET-UNISYS-CULV) UNISYS-CULV 192.67.92.0
Unisys Corporation (NET-UNISYS-PRC) UNISYS-PRC 128.126.0.0
Unisys Corporation (NET-UNISYS-RES1) UNISYS-RES1 192.39.11.0
Unisys Corporation (NET-UNISYS-RES2) UNISYS-RES2 192.39.12.0
Unisys Corporation (NET-UNISYS2)UNISYS-B2 129.221.0.0
Unisys Corporation (STARS) STARS.RESTON.UNISYS.COM 128.126.160.3
Unisys Corporation (UNISYS-DOM) UNISYS.COM
Unisys Linc Development Centre (NET-LINC) LINC 143.96.0.0
UNISYS (ATC-SP) ATC.SP.UNISYS.COM 129.218.100.161
Unisys (FORMAL) FORMAL.CULV.UNISYS.COM 192.67.92.30
UNISYS (KAUAI-MCL) KAUAI.MCL.UNISYS.COM 128.126.180.2
UNISYS (MCLEAN-UNISYS) MCLEAN-UNISYS.ARMY.MIL 26.13.0.17
UNISYS (NET-UNISYS-RES3) UNISYS-RES3 192.67.128.0
Unisys (NET-UNISYS-SP) UNISYS-SP 129.218.0.0
UNISYS (SALTLCY-UNISYS) SALTLCY-UNISYS.ARMY.MIL 26.12.0.120
UNISYS (SYS-3) SYS3.SLC.UNISYS.COM 129.221.15.85
Wood, Roy (RW356) UNISYS@LAKENHEATH-SBLC.AF.MIL
0044-0638-522609 (DSN) 226-2609
As you can see, the details on these computers get fairly elaborate. The first
"column" is the matching information, second column is the network name or
title, then it is followed by a phone number or IP port address. If the phone
number has an area code, then it is of a standard phone nature; however, if it
is (DSN) then it's on the "Data Security Network," aka Autovon (the military
phone system).
Now, as you can tell from the above list, there are several UNISYS accounts at
military machines -- including a military machine NAMED after Unisys (mclean-
unisys.army.mil). This stands to reason since Unisys deals mostly in military
computer equipment. Since it is a secretive military group, you'd figure an
outsider shouldn't be able to gain much information about them.
Here is what happens if you center on a specific person:
Whois: cartee
Cartee, Melissa (MC142) unisys@email.ncsc.navy.mil
7500 McElvey Road
Panama City, FL 32408
(904) 234-0451
MILNET TAC user
Record last updated on 18-Apr-91.
Hmm.. Very interesting. This user obviously has access to military computers
since she has a TAC card, and goes under the assumed identity as "Unisys" in
general. Could this person be a vital link to the Unisys/U.S. Defense
connection? Quite possibly. More likely she is a maintenance contact, since
she can use her TAC card to contact multiple (confined) military networks.
I've gone ahead and requested specific information about kauai.mcl.unisys.com,
which as far as I know is a focal point for the Unisys Networks. Of course,
the information on this machine is non-classified (or if it IS classified,
Unisys will probably be chewed out by Uncle Sam). Notice all the great
information it gives:
Whois: kauai.mcl.unisys.com
UNISYS (KAUAI-MCL)
Building 8201, 10th Floor Computer Room
8201 Greensboro Drive
McLean, VA 22102
Hostname: KAUAI.MCL.UNISYS.COM
Nicknames: MCL.UNISYS.COM
Address: 128.126.180.2
System: SUN-3/180 running SUNOS
Coordinator:
Meidinger, James W. (JWM3) jim@BURDVAX.PRC.UNISYS.COM
(215) 648-2573
domain server
Record last updated on 05-Aug-91.
No registered users.
Aha! The Coordinator on this machine doesn't use it! There are no registered
users! Namely, if you wanted to hack it, you aren't screwing with the higher
ups (this is good). Since when does Unisys buy computers from other companies?
Can't they just grab a few off the assembly line or something? The computer is
stationed in McLean, Virginia! That's where the CIA is! Could Unisys be
developing computers for the international espionage scene? Obviously, there
is a great deal of information to be sucked out of this machine.
How? The answer was listed there. The machine is a DOMAIN SERVER. That means
this computer holds the network information used to identify all the computer
systems on its network and all we need to do right now is figure out a way to
squeeze that information out! But first, let's see if our hunch was correct in
assuming the bigwigs are far away by checking out the head honcho, "Mr.
Meidinger."
Whois: jim@burdvax.prc.unisys.com
Meidinger, James W. (JWM3) jim@BURDVAX.PRC.UNISYS.COM
Unisys Corporation
Computer Resources
Room g311
P.O. Box 517
Paoli, PA 19301-0517
(215) 648-2573
Record Last Updated on 04-Jul-90.
Yup, Mr. Meidinger is far away -- Pennsylvania, to be exact. Not exactly
keyboard's length away, is he? Besides, being in the "Computer Resources"
department, I'd suspect he is just an accountant. Accountants are to computing
as beavers are to trees (unless, of course, they actually like computers, which
isn't a foregone conclusion in the business world).
I'm going to skip the rest of the information on NIC, since it has been
overkilled in this particular magazine anyway. The only hint I have is to read
CERT's and DDN's news blurbs, since they give out some interesting information
which would be useful and educational. Besides, messing around with the CIA's
hired goons sounds much more fun.
Now is the time for a little bit of a lesson in critical reasoning: the
Internet isn't exactly a "free to the public" network, meaning you just can't
attach your computer to a machine on the Internet and expect it to work all of
a sudden. You need to configure your machine around the computers in the
network domain you are linking into, and if you have their permission, then
everything is cool. But once you're configured, and your router and/or server
has been notified of your existence, does that mean anyone else has that
information? The answer is yes, although that info won't be forwarded to a
place like NIC -- it will have to be obtained another way.
All packets of data on the Internet need to be routed to and from valid
computer hosts. Therefore, all of this information is stored on the network's
gateway. But the routing information stored is simply in numeric format, such
as 128.126.160.3. At least, that is as understandable as it gets, since
Ethernet addresses are even more elaborate and in binary.
However, as Internet users know, there is more than a single way of describing
a computer. "telnet 128.126.160.3" would be one way of connecting to a
computer, or "telnet aviary.stars.reston.unisys.com" would be another way of
connecting to the same computer. These names are chosen by the owner of the
network, and are described through the use of "domain servers."
As you recall, kauai.mcl.unisys.com was listed by NIC as a domain server. This
means that the names of the computer systems on that network are stored on that
particular host. Of course, that's not the only thing. The domain server
presents the computer name and IP number to the connecting machine allowing you
to connect to the computer by using a "domain style name." Ultimately,
everything is converted to IP numbers.
Most network software allows compatibility with domain servers, meaning if you
want to connect to nic.ddn.mil, and you specify a command "telnet nic.ddn.mil"
then you will connect to nic.ddn.mil. Sadly, this isn't true of all computers
(which require IP numbers only), but at least it is true enough that the
general user is likely to have such computer resources.
Reaching back to the Dark Ages, there is a computer program that allows
machines that don't directly interpret domain style addresses to IP addresses
to still find out what the name of a machine is. This program is called
"nslookup" and is usually found in the Unix operating system (at least, I
haven't used it anywhere else -- it might only work on Unix).
"nslookup" stands for Name Server Lookup (there has been some debate, it seems,
if a domain server is really a name server, or visa versa; in fact, both
describe what they do well enough to have conflict). Regardless, let's go
ahead and work on learning how to use nslookup.
[lycaeum][2]> nslookup
Default Name Server: lycaeum.hfc.com
Address: 66.6.66.6
Now, going back to that NIC information we got earlier, let's continue to hack
on poor old Unisys, which is giving up its info every step we make. We
determined that the kauai.mcl.unisys.com was a domain server, so let's jump
ahead to that by changing our server to their server (after all, the computers
we are after aren't on our machine).
> server kauai.mcl.unisys.com
Default Server: kauai.mcl.unisys.com
Address: 128.126.180.2
Okay, now we have connected to the server. This isn't a constant connection,
by the way. It will only establish a connection for the brief instant that it
takes for it to execute commands. It doesn't require a password or an account
to get this information off of a nameserver.
Let's start off by having it give us a list of everything about Unisys that
this server knows. "Everything" is pretty much a good place to start, since we
can't go wrong. If we come up with nothing, then that's what's available. The
basic command to list machines is "ls" like the Unix directory command.
> ls unisys.com
[kauai.mcl.unisys.com]
Host of domain name Internet address
unisys.com server = burdvax.prc.unisys.com 3600
burdvax.prc.unisys.com 128.126.10.33 3600
unisys.com server = kronos.nisd.cam.unisys.com 3600
kronos.nisd.cam.unisys.com 128.170.2.8 3600
unisys.com server = kauai.mcl.unisys.com 3600
kauai.mcl.unisys.com 128.126.180.2 43200
unisys.com server = io.isf.unisys.com 3600
io.isf.unisys.com 128.126.195.20 3600
reston.unisys.com server = aviary.stars.reston.unisys.com 3600
aviary.star.reston.unisys.com 128.126.160.3 3600
aviary.star.reston.unisys.com 128.126.162.1 3600
reston.unisys.com server = kauai.mcl.unisys.com 3600
kauai.mcl.unisys.com 128.126.180.2 43200
rosslyn.unisys.com server = aviary.stars.reston.unisys.com 3600
aviary.stars.reston.unisys.com 128.126.160.3 3600
aviary.stars.reston.unisys.com 128.126.162.1 3600
rosslyn.unisys.com server = kauai.mcl.unisys.com 3600
kauai.mcl.unisys.com 128.126.180.2 43200
rmtc.unisys.com server = rmtcf1.rmtc.unisys.com 3600
rmtcf1.rmtc.unisys.com 192.60.8.3 3600
rmtc.unisys.com server = gvlv2.gvl.unisys.com 3600
gvlv2.gvl.unisys.com 128.126.220.102 3600
sp.unisys.com server = dsslan.sp.unisys.com 3600
dsslan.sp.unisys.com 129.218.32.11 3600
sp.unisys.com server = sys3.slc.unisys.com 3600
sys3.slc.unisys.com 129.221.15.85 3600
cam.unisys.com server = kronos.nisd.cam.unisys.com 3600
kronos.nisd.cam.unisys.com 128.170.2.8 3600
cam.unisys.com server = burdvax.prc.unisys.com 3600
burdvax.prc.unisys.com 128.126.10.33 3600
prc.unisys.com server = burdvax.prc.unisys.com 3600
burdvax.prc.unisys.com 128.126.10.33 3600
prc.unisys.com server = kronos.prc.unisys.com 3600
kronos.prc.unisys.com 128.170.2.8 3600
prc.unisys.com server = walt.prc.unisys.com 3600
walt.prc.unisys.com 128.126.2.10 3600
walt.prc.unisys.com 128.126.10.44 3600
culv.unisys.com server = formal.culv.unisys.com 3600
formal.culv.unisys.com 192.67.92.30 3600
culv.unisys.com server = kronos.nisd.cam.unisys.com 3600
kronos.nisd.cam.unisys.com 128.170.2.8 3600
slc.unisys.com server = sys3.slc.unisys.com 3600
sys3.slc.unisys.com 129.221.15.85 3600
slc.unisys.com server = dsslan.sp.unisys.com 3600
dsslan.sp.unisys.com 129.218.32.11 3600
slc.unisys.com server = nemesis.slc.unisys.com 3600
nemesis.slc.unisys.com 128.221.8.2 3600
bb.unisys.com server = sunnc.wwt.bb.unisys.com 3600
sunnc.wwt.bbs.unisys.com 192.39.41.2 3600
bb.unisys.com server = burdvax.prc.unisys.com 3600
burdvax.prc.unisys.com 128.126.10.33 3600
isf.unisys.com server = orion.ISF.unisys.com 3600
orion.ISF.unisys.com 128.126.195.7 3600
isf.unisys.com 128.126.195.1 3600
isf.unisys.com server = burdvax.prc.unisys.com 3600
burdvax.prc.unisys.com 128.126.10.33 3600
isf.unisys.com server = io.isf.unisys.com 3600
io.isf.unisys.com 128.126.195.20 3600
gvl.unisys.com 128.126.220.102 172800
gvl.unisys.com server = gvlv2.gvl.unisys.com 3600
gvlv2.gvl.unisys.com 128.126.220.102 3600
gvl.unisys.com server = burdvax.prc.unisys.com 3600
burdvax.prc.unisys.com 128.126.10.33 3600
mcl.unisys.com 128.126.180.2 43200
mcl.unisys.com server = kauai.mcl.unisys.com 43200
kauai.mcl.unisys.com 128.126.180.2 43200
mcl.unisys.com server = burdvax.prc.unisys.com 43200
burdvax.prc.unisys.com 128.126.10.33 3600
mcl.unisys.com server = kronos.nisd.cam.unisys.com 43200
kronos.nisd.cam.unisys.com (dlen = 1152?) 4096
ListHosts: error receiving zone transfer:
result: NOERROR, answers = 256, authority = 0, additional = 3.
Bummer, an error. Funny, it claims there isn't an error, yet it screwed up the
kronos address and knocked me out. Apparently, this domain server is screwed.
Oh well, I guess that's really their problem because in the information it gave
us, it was able to provide all the answers we needed to figure out the next
step!
Quick analysis of the above information shows that most of the servers were
connected to at LEAST two other servers. Quite impressive: A fault-tolerant
TCP/IP network. Since it is fault tolerant, we can go ahead and use a
different machine to poke into the "mcl.unisys.com" domain. Since "mcl" stands
for McLean, that's where we want to go.
Remember that NIC told us that kauai.mcl.unisys.com had an alias? It was also
called "mcl.unisys.com". Looking at the above list, we see toward the bottom
that mcl.unisys.com is also domain served by the computers
burdvax.prc.unisys.com and kronos.nisd.cam.unisys.com. Let's connect to one of
them and see what we can gather!
Whenever a server starts acting screwy like kauai was doing, I make it a habit
of using IP numbers when they are available. I'm going to connect to
burdvax.prc.unisys.com through its IP address of 128.126.10.33.
> server 128.126.10.33
Default server: [128.126.10.33]
Address: 128.126.10.33
Now that we are connected, let's see the network information again, but this
time let's try something different and possibly more useful. This time we will
use the -h command, which happens to describe the computer type (CPU) and the
operating system it runs on (OS) which will give us a better idea of what we
are dealing with.
> ls -h mcl.unisys.com
Host or domain name CPU OS
maui.mcl.Unisys.COM SUN-2/120 UNIX 43200
cisco.mcl.Unisys.COM CISCO GATEWAY CISCO 43200
kauai.mcl.Unisys.COM SUN-3/180 UNIX 43200
voyager.mcl.Unisys.COM SUN-4/330 UNIX 43200
dial.mcl.Unisys.COM SUN-3/260 UNIX 43200
astro.mcl.Unisys.COM SUN-3/60 UNIX 43200
hotrod.mcl.Unisys.COM Unisys 386 SCO/UNIX 43200
oahu.mcl.Unisys.COM VAX-11/785 UNIX 43200
lanai.mcl.Unisys.COM SUN-3/160 UNIX 43200
mclean_is.mcl.Unisys.COM 386 NOVELL 43200
WOW! Look at all those Suns! I guess Unisys has no faith in their own
computers or something! If only President Bush could see this display of a
company backing their product! In fact, the only Unisys computer in this whole
lot is a cheesy 386 clone which probably is some guy's desktop machine.
Once again, there is some fascinating information here. Let's run through it
really quick:
Maui is a Sun 2, which is a really old RISC computer. You don't see many of
these around but they still can be useful for storing stuff on. But then
again, it probably is faster than a PC!
Oahu is a Vax-11 which is apparently running Ultrix. This may be where Unisys
hoards all their programmers since it isn't being used for serious networking
(at least, as far as we can tell).
Mclean_is happens to be the file server for a PC network. We can't really tell
from this point how many computers are on this network, but it could be
possible it is used for public information trade, where secretaries or
receptionists use it to confirm trade and scheduling.
Hotrod is also a 386, made by Unisys even! Oddly, it is running a copy of SCO
Unix, which means it is, no doubt, a personal computer someone uses for Unix
programming. If Unisys were itself a part of the government, I'd think this
computer would have been a kludged bidding contract which they got stuck with
because they were aiming for lowest bid and were unfortunately not very picky.
Voyager is an interesting machine, which is apparently the most modern on this
network. Since it is a Sun-4 computer (probably IPX) it would be a high-speed
graphics workstation. This could be the machine where many CAD applications
are stored and worked on. Another possibility is that Sun 4 computers were
extremely expensive when they purchased this network of Suns, and they
purchased this one machine to be the file server to the other Sun 3s and the
Sun 2. If you were to gain access to one of the other machines, it's possible
you would have access to all of them.
Cisco is just a standard Cisco Router/Gateway box, linking that particular
network to the Internet.
Kauai is a messed up domain server, big deal. It might work on the same
network as Astro and Lanai.
Dial is a Sun-3. Is there something in a name? This could be the
telecommunications dial-in for the network. Maybe the same computer system has
a dialout attached to it. It might even be possible that "dial" has a guest
account for people logging in so that they can easily connect to other
computers on the same network (probably not).
Astro and Lanai are also Sun 3 computers. It isn't quite obvious what their
purpose is. Essentially, we have the impression that they were all purchased
about the same time (explaining the large number of Sun-3 computers in this
network) and it is quite possible they are just linked up to the Sun 4 in a
file sharing network. It is also possible they are older and fundamental to
the operation of Unisys's communication platform at this particular site.
There is one flaw that makes using the -h switch somewhat unreliable:
Sometimes people realize you can do this and take the time to remove or never
include the information about the individual machines on the network.
Therefore, it is always best for you to do a "ls " and check everything
out in case a computer has been removed. Using "telnet" to connect to the
computer is usually a foolproof method of finding out what computer it is they
are talking about.
> ls mcl.unisys.com
[[128.126.10.33]]
Host or domain name Internet address
mcl.Unisys.COM server = kauai.mcl.unisys.com 3600
kauai.mcl.unisys.com 128.126.180.2 3600
mcl.Unisys.COM server = burdvax.prc.unisys.com 3600
burdvax.prc.unisys.com 128.126.10.33 3600
mcl.Unisys.COM server = kronos.nisd.cam.unisys.com 3600
kronos.nisd.cam.unisys.com 128.170.2.8 3600
mcl.Unisys.COM 128.126.180.2 43200
maui.mcl.Unisys.COM 128.126.180.3 43200
cisco.mcl.Unisys.COM 128.126.180.10 43200
kauai.mcl.Unisys.COM 128.126.180.2 3600
voyager.mcl.Unisys.COM 128.126.180.37 43200
dial.mcl.Unisys.COM 128.126.180.36 43200
LOCALHOST.mcl.Unisys.COM 127.0.0.1 43200
astro.mcl.Unisys.COM 128.126.180.7 43200
hotrod.mcl.Unisys.COM 128.126.180.125 43200
oahu.mcl.Unisys.COM 128.126.180.1 43200
lanai.mcl.Unisys.COM 128.126.180.6 43200
mclean_is.mcl.Unisys.COM 128.126.180.9 43200
Well, running down the list, it appears that there aren't any more computers
important to this domain that we don't know already. LOCALHOST is just another
way of saying connect to where you are, so that isn't a big deal. Hotrod being
separate from the rest of the machines seems apparent since its IP address is
x.x.x.125, which is quite separate from the others. Even though this doesn't
have to be, it seems it is a wiring kludge -- probably for an office like I
surmised.
The next step? Go ahead and hack away! This is where all those system hacks
people trade on the net and all those CERT Advisories become useful. If you
become good hacking a single machine (Suns, for example), using nslookup will
help you identify those machines and make it easier for you to hack.
Looking for annex computers, libraries, guest machines, and other such
computers also becomes easy when you use nslookup, because the names and
computer types are there for your convenience. Checking on sites by selecting
interesting "special purpose" machines with nslookup first can yield good
results. People have called this "netrunning," and it sounds like as good a
name as any.
Of course, the other big problem when dealing with domain servers is trying to
identify them. The largest list of domain servers can be found off of the
Department of Defense Network Listing (usually called hosts.txt) which is
available almost everywhere on the Internet through anonymous FTP. Here is a
rundown on how to get the file:
[lycaeum][3]> ftp wuarchive.wustl.edu
220 wuarchive.wustl.edu FTP server (Version 6.24 Fri May 8 07:26:32 CDT 1992)
ready.
Remote host connected.
Username (wuarchive.wustl.edu:rack): anonymous
331 Guest login ok, send your complete e-mail address as password.
Password (wuarchive.wustl.edu:anonymous):
230- This is an experimental FTP server. If your FTP client crashes or
230- hangs shortly after login please try using a dash (-) as the first
230- character of your password. This will turn off the informational
230- messages that may be confusing your FTP client.
230-
230- This system may be used 24 hours a day, 7 days a week. The local
230- time is Wed Jun 3 20:43:23 1992.
230-
230-Please read the file README
230- it was last modified on Mon Mar 2 08:29:25 1992 - 93 days ago
230-Please read the file README.NFS
230- it was last modified on Thu Feb 20 13:15:32 1992 - 104 days ago
230 Guest login ok, access restrictions apply.
ftp> get /network_info/hosts.txt
200 PORT command successful.
150 Opening ASCII mode data connection for /network_info/hosts.txt (1088429 bytes).
226 Transfer complete.
Transferred 1109255 bytes in 182.95 seconds (6063.29 bytes/sec, 5.92 KB/s).
ftp> quit
221 Goodbye.
Now let's convert it to a file we can use effectively: let's take out of that
huge list of only the machines that are domain servers:
[lycaeum][4]> grep -i domain hosts.txt > domains
Okay, now that we have done that, let's prove that this is a way of finding a
domain server without connecting to anyplace. Let's just use the grep command
to search the file for a server in the mcl.unisys.com domain:
[lycaeum][5]> grep -i mcl.unisys.com domains
HOST : 128.126.180.2 : KAUAI.MCL.UNISYS.COM,MCL.UNISYS.COM : SUN-3/180 :
SUNOS : TCP/TELNET,TCP/FTP,TCP/SMTP,UDP/DOMAIN :
[lycaeum][6]>
And there you have another way. Everything we looked at is here: IP number,
the name, the "alias," the computer type, the operating system, and a brief
list of network protocols it supports, including the domain server attribute.
However, none of the other machines on the mcl.unisys.com network were
displayed. The DoD isn't a complete list of network machines, only the network
machines that are vital to the functioning of the Internet (in the last year,
this list has grown from about 350K to 1.1 megabytes -- and this only reflects
the "new" networks, not including the addition of new machines onto old
networks; the Internet is definitely "in;" I believe it was estimated 25%
growth per month!).
Obviously, this is very effective when going after university sites. It seems
they have too many machines to take good care of security on. Essentially, the
DoD list contains much the same information as NIC does, and is about a million
times more discreet. I'm not sure if NIC is fully logged, but it does have a
staff Head of Security (*snicker*).
Well, that will pretty much wrap it up for this file. Hope some of it was
useful for you.
_______________________________________________________________________________
==Phrack Inc.==
Volume Four, Issue Forty, File 5 of 14
Pirates Cove
By Rambone
Welcome back to Pirates Cove. My apologies for not providing you with this
column in Phrack 39. However, in this issue we take a look at some recent
busts of pirate boards and the organization most to blame for it all... the
Software Publishers Association. Plus we have news and information about
Vision-X, game reviews, BAD Magazine, and more. Enjoy.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
FBI Raids Computer Pirate; SPA Follows With Civil Lawsuit June 11, 1992
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
BOSTON -- The Federal Bureau of Investigation raided [on June 10] "Davy Jones
Locker," a computer bulletin board located in Millbury, Massachusetts, which
has allegedly been illegally distributing copyrighted software programs.
The Davy Jones bulletin board was a sophisticated computer bulletin board with
paying subscribers in 36 states and 11 foreign countries.
A computer bulletin board allows personal computer users to access a host
computer by a modem-equipped telephone to exchange information including
messages, files, and computer programs. The system operator (or sysop) is
generally responsible for materials posted to the bulletin board.
For a fee of $49 for three months or $99 for one year, subscribers to Davy
Jones Locker were given access to a special section of the bulletin board that
contained copies of more than 200 copyrighted programs including popular
business and entertainment packages. Subscribers could "download" or receive
these programs for use on their own computers without having to pay the
copyright owner anything for them.
The business programs offered were from a variety of well-known software
companies, including: AutoDesk, Borland International, Broderbund, Central
Point System, Clarion Software, Fifth Generation, Fox Software, IBM, Intuit,
Lotus Development, Micrografx, Microsoft, Software Publishing Corp., Symantec,
Ventura Software, WordPerfect and X-Tree Co. Entertainment programs included
Flight Simulator by Microsoft, and Leisure Suit Larry by Sierra.
Seized in the raid on Davy Jones Locker were computers, telecommunications
equipment, as well as financial and other records.
"The SPA applauds the FBI's action today," said Ilene Rosenthal, director of
litigation for the Software Publishers Association (SPA). "This is one of the
first instances that we are aware of where the FBI has shut down a pirate
bulletin board for distributing copyrighted software. It clearly demonstrates
a trend that the government is recognizing the seriousness of software
copyright violation. It is also significant that this week the Senate passed
S.893, a bill that would make the illegal distribution of copyrighted software
a felony."
For the past four months, the Software Publishers Association has been
investigating the Davy Jones Locker bulletin board and had downloaded |