::::::::::::::::::::::::::::::::::::::::::::::::::::::::May/99 ::: The Discordant Opposition Journal ::: Issue 5 - File 2 ::: :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :Quenching the Source: cronus Any hacker who has ever hacked anything more immpressive then his Linux partition will tell you that the most important part of hacking is hiding your own location. It is so essential to hide your location that it becomes instinctive for hackers. I shall discuss some techniques, both new and old, of hiding you real location. ISP The most important part of your hacking sequence is going to be your net account. If you are traced back to your ISP, then their logs will be able to tell the victim who you are, where you live and what you eat for breakfast. You can avoid being traced back to your own account by hacking someone else's net account and using that. Some Internet Providers allow you to set up a Guest account so you can test their services. If you can’t hack another account on an ISP, then you should try to get your hands on a Guest account to hack from. It is necessary that you don’t hack from your own account so that you aren’t traced to your name and address. Getting a Guest account should be easy enough. Contact an ISP and ask about their services. Then ask if you can have a Guest account to see if it compares to the others. You will need to give false information to the ISP so that you are safe. Bounce After all this, you are still possibly being traced to your city and general location. So next you want to hide your geographical location, as well as your net location. There are several ways to hide your physical location. First is a practice that has essentially vanished from the mainstream. Wingate is a software package that allows many computers to connect to the internet through a single internet connection. A hole in the Wingate system was found that allowed people to bounce thier connection from the Wingate machine. Wingating can be used to 'bounce' your data packets off another system, to hide your IP address. Back Orifice is a trojan hacking program that allows people to take control on certain functions on infected computers. The 'redirect' option allows for IP redirects to be set up. A redirect is set up on an infected computer. Any packets that are sent to the redirect port on the infected machine will be bounced to the new destination without being logged. This is a very anonymous way of bouncing a connection. And several infected computers can be strung together to add greater protection. Also the 'system password' option in Back Orifice allows people to view any cached passwords on the infected system. This can often render ISP passwords, letting you attack from a false account. Also many companies over the net offer free shell accounts and these are perfect ways to hide your IP address. You connect to the shell account and do your hacking from there and so hide where you are coming from. Again you will need to give false information for that to so that you are totally safe. Phone You may want to take the added precaution of hacking from a different phone line. By this I mean with a laptop at a pay phone or even in an Internet cafe. Preferably one that allows you some privacy. You can connect a laptop to the side of pay phone or even the side of a house. This is called beige boxing and is used widely by phreaks. Next is out-dials. These are diminishing fast, because of their use by hackers, but some universities still run them for their students. An out-dial is a computer that is set up to let you dial out over its modem to another computer. These can be used to call another system and from their you can hack away. This means that the trace can only go as far as the out-dial and then it would slow down any trace allot as anyone tries to move the trace to the university line. If the University is logging the connection then they will have your IP address. But if you are spoofing your IP address or if you are using another net account that isn’t yours then this isn’t a problem. Spoofing IP spoofing is an extremely complex and difficult technique used by hackers to hide their IP address. I can and will only skim the surface of spoofing, giving you enough information so that you can go and search for more information on your own. If you have root access on an UNIX machine, then you can program a program to hide your IP address in data packets. By creating custom made packets you can choose what information to include, so you can obscure your connection address. IP spoofing takes a huge ammount of skill as you must adhere to known Internet standards. My site at http://homepages.iol.ie/~cronus has some excellent files on IP spoofing. Systems As a hackers repertoir of hacked computers grows, it can be very useful to route your connection through them. The more connections you have and the more often you rearrange the stops, the less likely you are of being traced to your originating connection. The more connections you can make between you and the victim, the better you have hidden your location, your identity and your freedom. All this may seem like basic ideas that you would have used anyway. But you'd be surprised at how many elite hackers have been arrested because they got too big headed and neglected to use any protection. Also remember that you should change the route you take each time. This is so that over a few different hacking sessions you aren't slowly traced section by section. If you change the route often then you will make each trace a brand new one. ... intoxicated with the madness ... cronus (at) iol (dot) ie ___________ ____ ____ __ __ ______ _/ ___\_ __ \/ _ \ / \| | \/ ___/ \ \___| | \( <_> ) | \ | /\___ \ \___ >__| \____/|___| /____//____ > \/ \/ \/ http://homepages.iol.ie/~cronus