[ 28 63 29 20 31 39 39 39 20 63 72 75 63 69 70 68 75 78 20 68 77 61 ] =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-= ========================================================================== = <=-[ HWA.hax0r.news ]-=> = ========================================================================== [=HWA'99=] Number 10 Volume 1 1999 March 20th 99 ========================================================================== Synopsis -------- The purpose of this newsletter is to 'digest' current events of interest that affect the online underground and netizens in general. This includes coverage of general security issues, hacks, exploits, underground news and anything else I think is worthy of a look see. This list is NOT meant as a replacement for, nor to compete with, the likes of publications such as CuD or PHRACK or with news sites such as AntiOnline, the Hacker News Network (HNN) or mailing lists such as BUGTRAQ or ISN nor could any other 'digest' of this type do so. It *is* intended however, to compliment such material and provide a reference to those who follow the culture by keeping tabs on as many sources as possible and providing links to further info, its a labour of love and will be continued for as long as I feel like it, i'm not motivated by dollars or the illusion of fame, did you ever notice how the most famous/infamous hackers are the ones that get caught? there's a lot to be said for remaining just outside the circle... @HWA =-----------------------------------------------------------------------= Welcome to HWA.hax0r.news ... #10 =-----------------------------------------------------------------------= ******************************************************************* *** /join #HWA.hax0r.news on EFnet the key is `zwen' *** *** *** *** please join to discuss or impart news on techno/phac scene *** *** stuff or just to hang out ... someone is usually around 24/7*** ******************************************************************* =-------------------------------------------------------------------------= Issue #10 =--------------------------------------------------------------------------= [ INDEX ] =--------------------------------------------------------------------------= Key Content =--------------------------------------------------------------------------= 00.0 .. COPYRIGHTS ...................................................... 00.1 .. CONTACT INFORMATION & SNAIL MAIL DROP ETC ....................... 00.2 .. SOURCES ......................................................... 00.3 .. THIS IS WHO WE ARE .............................................. 00.4 .. WHAT'S IN A NAME? why `HWA.hax0r.news'?.......................... 00.5 .. THE HWA_FAQ V1.0 ................................................ 01.0 .. GREETS .......................................................... 01.1 .. Last minute stuff, rumours, newsbytes ........................... 01.2 .. Mailbag ......................................................... 02.0 .. From the editor.................................................. =--------------------------------------------------------------------------= 03.0 .. The Mitnick trial update......................................... 03.1 .. Mitnick to plead guilty.......................................... 03.2 .. Federal Prosecutors Leak Info on Mitnick......................... 03.3 .. News from www.kevinmitnick.com................................... 04.0 .. Is Microsoft vulnerable to their own holes? ..................... 05.0 .. Tiny linux packs wallop in Pre-0.49 release...................... 06.0 .. Still think your NT is secure? case insensitivity issues......... prove otherwise, again........................................... 07.0 .. Fast friends, faster foes, from uebereleet to delete ,........... life in the underground.......................................... 08.0 .. Voicemail fraud in Australia..................................... 09.0 .. Government Y2K Readiness......................................... 10.0 .. Voice mail fraud warning......................................... 11.0 .. The iButton , is YOUR costume complete with decoder ring?........ 12.0 .. Courier and Press Newspaper hacked............................... 13.0 .. Youths busted in Backorifice fiasco.............................. 14.0 .. Reno Looks To Curb Internet Crime................................ 15.0 .. offtopic: Matter transportation in your future?.................. 16.0 .. Hacking class?................................................... 17.0 .. A blast from the past ........................................... 18.0 .. Spam is ICQ's latest headache ................................ 19.0 .. AOL cracked (so what else is new?) cracker busted................ 20.0 .. Stolen calling card numbers are big business..................... 20.1 .. More 'hackers' steal phone service............................... 21.0 .. Promail freeware mail agent is really a trojan in disguise....... 22.0 .. Hackers taking toll on web sites ................................ =--------------------------------------------------------------------------= AD.S .. Post your site ads or etc here, if you can offer something in return thats tres cool, if not we'll consider ur ad anyways so send it in. .......................................................................... HA.HA .. Humour and puzzles ............................................ HA.HA1 .. Humourous newsbytes from Innerpulse.com (www.innerpulse.com). HA.HA2 .. Pasty Drone's take on Bill Gates' new book (www.Newstrolls.com). .......................................................................... HOW.TO .. New section: "How to hack" by our illustrious editor ........... ......................................................................... H.W .. Hacked Websites ............................................... A.0 .. APPENDICES...................................................... A.1 .. PHACVW linx and references...................................... =--------------------------------------------------------------------------= @HWA'99 00.0 (C) COPYRIGHT, (K)OPYWRONG, COPYLEFT? V2.0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ THE OPINIONS OF THE WRITERS DO NOT NECESSARILY REFLECT THE OPINIONS OF THE PUBLISHERS AND VICE VERSA IN FACT WE DUNNO WTF IS GONNA TAKE RESPONSIBILITY FOR THIS, I'M NOT DOING IT (LOTS OF ME EITHER'S RESOUND IN THE BACKGROUND) SO UHM JUST READ IT AND IF IT BUGS YOU WELL TFS (SEE FAQ). Important semi-legalese and license to redistribute: YOU MAY DISTRIBUTE THIS ZINE WITHOUT PERMISSION FROM MYSELF AND ARE GRANTED THE RIGHT TO QUOTE ME OR THE CONTENTS OF THE ZINE SO LONG AS Cruciphux AND/OR HWA.hax0r.news ARE MENTIONED IN YOUR WRITING. LINK'S ARE NOT NECESSARY OR EXPECTED BUT ARE APPRECIATED the current link is http://welcome.to/HWA.hax0r.news IT IS NOT MY INTENTION TO VIOLATE ANYONE'S COPYRIGHTS OR BREAK ANY NETIQUETTE IN ANY WAY IF YOU FEEL I'VE DONE THAT PLEASE EMAIL ME PRIVATELY current email cruciphux@dok.org THIS DOES NOT CONSTITUTE ANY LEGAL RIGHTS, IN THIS COUNTRY ALL WORKS ARE (C) AS SOON AS COMMITTED TO PAPER OR DISK, IF ORIGINAL THE LAYOUT AND COMMENTARIES ARE THEREFORE (C) WHICH MEANS: I RETAIN ALL RIGHTS, BUT I GIVE YOU THE RIGHT TO READ, QUOTE AND REDISTRIBUTE/MIRROR. - EoD Although this file and all future issues are now copyright, some of the content holds its own copyright and these are printed and respected. News is news so i'll print any and all news but will quote sources when the source is known, if its good enough for CNN its good enough for me. And i'm doing it for free on my own time so pfffft. :) No monies are made or sought through the distribution of this material. If you have a problem or concern email me and we'll discuss it. cruciphux@dok.org Cruciphux [C*:.] 00.1 CONTACT INFORMATION AND MAIL DROP ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Has it occurred to anybody that "AOL for Dummies" is an extremely redundant name for a book? - unknown Wahoo, we now have a mail-drop, if you are outside of the U.S.A or Canada / North America (hell even if you are inside ..) and wish to send printed matter like newspaper clippings a subscription to your cool foreign hacking zine or photos, small non-explosive packages or sensitive information etc etc well, now you can. (w00t) please no more inflatable sheep or plastic dog droppings, or fake vomit thanks. Send all goodies to: HWA NEWS P.O BOX 44118 370 MAIN ST. NORTH BRAMPTON, ONTARIO CANADA L6V 4H5 WANTED!: POSTCARDS! YESH! POSTCARDS, I COLLECT EM so I know a lot of you are ~~~~~~~ reading this from some interesting places, make my day and get a mention in the zine, send in a postcard, I realize that some places it is cost prohibitive but if you have the time and money be a cool dude / gal and send a poor guy a postcard preferably one that has some scenery from your place of residence for my collection, I collect stamps too so you kill two birds with one stone by being cool and mailing in a postcard, return address not necessary, just a "hey guys being cool in Bahrain, take it easy" will do ... ;-) thanx. Ideas for interesting 'stuff' to send in apart from news: - Photo copies of old system manual front pages (optionally signed by you) ;-) - Photos of yourself, your mom, sister, dog and or cat in a NON compromising position plz I don't want pr0n. - Picture postcards - CD's 3.5" disks, Zip disks, 5.25" or 8" floppies, Qic40/80/100-250 tapes with hack/security related archives, logs, irc logs etc on em. - audio or video cassettes of yourself/others etc of interesting phone fun or social engineering examples or transcripts thereof. If you still can't think of anything you're probably not that interesting a person after all so don't worry about it Our current email: Submissions/zine gossip.....: hwa@press.usmc.net Private email to editor.....: cruciphux@dok.org Distribution/Website........: sas72@usa.net @HWA 00.2 Sources *** ~~~~~~~~~~~ Sources can be some, all, or none of the following (by no means complete nor listed in any degree of importance) Unless otherwise noted, like msgs from lists or news from other sites, articles and information is compiled and or sourced by Cruciphux no copyright claimed. HiR:Hackers Information Report... http://axon.jccc.net/hir/ News & I/O zine ................. http://www.antionline.com/ *News/Hacker site................. http://www.bikkel.com/~demoniz/ *DOWN!* News (New site unconfirmed).......http://cnewz98.hypermart.net/ Back Orifice/cDc..................http://www.cultdeadcow.com/ News site (HNN) .....,............http://www.hackernews.com/ Help Net Security.................http://net-security.org/ News,Advisories,++ ...............http://www.l0pht.com/ NewsTrolls (HNN)..................http://www.newstrolls.com/ News + Exploit archive ...........http://www.rootshell.com/beta/news.html CuD ..............................http://www.soci.niu.edu/~cudigest News site+........................http://www.zdnet.com/ +Various mailing lists and some newsgroups, such as ... +other sites available on the HNN affiliates page, please see http://www.hackernews.com/affiliates.html as they seem to be popping up rather frequently ... * Yes demoniz is now officially retired, if you go to that site though the Bikkel web board (as of this writing) is STILL ACTIVE, www.hwa-iwa.org will also be hosting a webboard as soon as that site comes online perhaps you can visit it and check us out if I can get some decent wwwboard code running I don't really want to write my own, another alternative being considered is a telnet bbs that will be semi-open to all, you will be kept posted. - cruciphux http://www.the-project.org/ .. IRC list/admin archives http://www.anchordesk.com/ .. Jesse Berst's AnchorDesk alt.hackers.malicious alt.hackers alt.2600 BUGTRAQ ISN security mailing list ntbugtraq <+others> NEWS Agencies, News search engines etc: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ http://www.cnn.com/SEARCH/ http://www.foxnews.com/search/cgi-bin/search.cgi?query=cracker&days=0&wires=0&startwire=0 http://www.news.com/Searching/Results/1,18,1,00.html?querystr=cracker http://www.ottawacitizen.com/business/ http://search.yahoo.com.sg/search/news_sg?p=cracker http://www.washingtonpost.com/cgi-bin/search?DB_NAME=WPlate&TOTAL_HITLIST=20&DEFAULT_OPERATOR=AND&headline=&WITHIN_FIELD_NAME=.lt.event_date&WITHIN_DAYS=0&description=cracker http://www.zdnet.com/zdtv/cybercrime/ http://www.zdnet.com/zdtv/cybercrime/chaostheory/ (Kevin Poulsen's Column) NOTE: See appendices for details on other links. http://news.bbc.co.uk/hi/english/sci/tech/newsid_254000/254236.stm http://freespeech.org/eua/ Electronic Underground Affiliation http://www.l0pht.com/cyberul.html http://www.hackernews.com/archive.html?122998.html http://ech0.cjb.net ech0 Security http://net-security.org Net Security ... Submissions/Hints/Tips/Etc ~~~~~~~~~~~~~~~~~~~~~~~~~~ All submissions that are `published' are printed with the credits you provide, if no response is received by a week or two it is assumed that you don't care wether the article/email is to be used in an issue or not and may be used at my discretion. Looking for: Good news sites that are not already listed here OR on the HNN affiliates page at http://www.hackernews.com/affiliates.html Magazines (complete or just the articles) of breaking sekurity or hacker activity in your region, this includes telephone phraud and any other technological use, abuse hole or cool thingy. ;-) cut em out and send it to the drop box. - Ed Mailing List Subscription Info (Far from complete) Feb 1999 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~ ~~~~~~~~ ISS Security mailing list faq : http://www.iss.net/iss/maillist.html THE MOST READ: BUGTRAQ - Subscription info ~~~~~~~~~~~~~~~~~~~~~~~~~~~ What is Bugtraq? Bugtraq is a full-disclosure UNIX security mailing list, (see the info file) started by Scott Chasin . To subscribe to bugtraq, send mail to listserv@netspace.org containing the message body subscribe bugtraq. I've been archiving this list on the web since late 1993. It is searchable with glimpse and archived on-the-fly with hypermail. Searchable Hypermail Index; http://www.eecs.nwu.edu/~jmyers/bugtraq/index.html About the Bugtraq mailing list ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ The following comes from Bugtraq's info file: This list is for *detailed* discussion of UNIX security holes: what they are, how to exploit, and what to do to fix them. This list is not intended to be about cracking systems or exploiting their vulnerabilities. It is about defining, recognizing, and preventing use of security holes and risks. Please refrain from posting one-line messages or messages that do not contain any substance that can relate to this list`s charter. I will allow certain informational posts regarding updates to security tools, documents, etc. But I will not tolerate any unnecessary or nonessential "noise" on this list. Please follow the below guidelines on what kind of information should be posted to the Bugtraq list: + Information on Unix related security holes/backdoors (past and present) + Exploit programs, scripts or detailed processes about the above + Patches, workarounds, fixes + Announcements, advisories or warnings + Ideas, future plans or current works dealing with Unix security + Information material regarding vendor contacts and procedures + Individual experiences in dealing with above vendors or security organizations + Incident advisories or informational reporting Any non-essential replies should not be directed to the list but to the originator of the message. Please do not "CC" the bugtraq reflector address if the response does not meet the above criteria. Remember: YOYOW. You own your own words. This means that you are responsible for the words that you post on this list and that reproduction of those words without your permission in any medium outside the distribution of this list may be challenged by you, the author. For questions or comments, please mail me: chasin@crimelab.com (Scott Chasin) Crypto-Gram ~~~~~~~~~~~ CRYPTO-GRAM is a free monthly newsletter providing summaries, analyses, insights, and commentaries on cryptography and computer security. To subscribe, visit http://www.counterpane.com/crypto-gram.html or send a blank message to crypto-gram-subscribe@chaparraltree.com.  To unsubscribe, visit http://www.counterpane.com/unsubform.html.  Back issues are available on http://www.counterpane.com. CRYPTO-GRAM is written by Bruce Schneier.  Schneier is president of Counterpane Systems, the author of "Applied Cryptography," and an inventor of the Blowfish, Twofish, and Yarrow algorithms.  He served on the board of the International Association for Cryptologic Research, EPIC, and VTW.  He is a frequent writer and lecturer on cryptography. CUD Computer Underground Digest ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ This info directly from their latest ish: Computer underground Digest    Sun  14 Feb, 1999   Volume 11 : Issue 09                             ISSN  1004-042X        Editor: Jim Thomas (cudigest@sun.soci.niu.edu)        News Editor: Gordon Meyer (gmeyer@sun.soci.niu.edu)        Archivist: Brendan Kehoe        Poof Reader:   Etaion Shrdlu, Jr.        Shadow-Archivists: Dan Carosone / Paul Southworth                           Ralph Sims / Jyrki Kuoppala                           Ian Dickinson        Cu Digest Homepage: http://www.soci.niu.edu/~cudigest [ISN] Security list ~~~~~~~~~~~~~~~~~~~ This is a low volume list with lots of informative articles, if I had my way i'd reproduce them ALL here, well almost all .... ;-) - Ed Subscribe: mail majordomo@repsec.com with "subscribe isn". @HWA 00.3 THIS IS WHO WE ARE ~~~~~~~~~~~~~~~~~~ Some HWA members and Legacy staff ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ cruciphux@dok.org.........: currently active/editorial darkshadez@ThePentagon.com: currently active/man in black fprophet@dok.org..........: currently active/IRC+ man in black sas72@usa.net ............. currently active/IRC+ distribution vexxation@usa.net ........: currently active/IRC+ proof reader/grrl in black dicentra...(email withheld): IRC+ grrl in black Foreign Correspondants/affiliate members ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ATTENTION: All foreign correspondants please check in or be removed by next issue I need your current emails since contact info was recently lost in a HD mishap and i'm not carrying any deadweight. Plus we need more people sending in info, my apologies for not getting back to you if you sent in January I lost it, please resend. N0Portz ..........................: Australia Qubik ............................: United Kingdom system error .....................: Indonesia Wile (wile coyote) ...............: Japan/the East Ruffneck ........................: Netherlands/Holland And unofficially yet contributing too much to ignore ;) Spikeman .........................: World media Please send in your sites for inclusion here if you haven't already also if you want your emails listed send me a note ... - Ed http://www.genocide2600.com/~spikeman/ .. Spikeman's DoS and protection site Contributors to this issue: ~~~~~~~~~~~~~~~~~~~~~~~~~~~ Spikeman .........................: daily news updates+ ******************************************************************* *** /join #HWA.hax0r.news on EFnet the key is `zwen' *** ******************************************************************* :-p 1. We do NOT work for the government in any shape or form.Unless you count paying taxes ... in which case we work for the gov't in a BIG WAY. :-/ 2. MOSTLY Unchanged since issue #1, although issues are a digest of recent news events its a good idea to check out issue #1 at least and possibly also the Xmas issue for a good feel of what we're all about otherwise enjoy - Ed ... @HWA 00.4 Whats in a name? why HWA.hax0r.news?? ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ "Can I see you naked?" - Bob Barker Well what does HWA stand for? never mind if you ever find out I may have to get those hax0rs from 'Hackers' or the Pretorians after you. In case you couldn't figure it out hax0r is "new skewl" and although it is laughed at, shunned, or even pidgeon holed with those 'dumb leet (l33t?) dewds' this is the state of affairs. It ain't Stephen Levy's HACKERS anymore. BTW to all you up and comers, i'd highly recommend you get that book. Its almost like buying a clue. Anyway..on with the show .. - Editorial staff @HWA 00.5 HWA FAQ v1.0 Feb 13th 1999 (Abridged & slightly updated again) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Also released in issue #3. (revised) check that issue for the faq it won't be reprinted unless changed in a big way with the exception of the following excerpt from the FAQ, included to assist first time readers: Some of the stuff related to personal useage and use in this zine are listed below: Some are very useful, others attempt to deny the any possible attempts at eschewing obfuscation by obsucuring their actual definitions. @HWA - see EoA ;-) != - Mathematical notation "is not equal to" or "does not equal" ASC(247) "wavey equals" sign means "almost equal" to. If written an =/= (equals sign with a slash thru it) also means !=, =< is Equal to or less than and => is equal to or greater than (etc, this aint fucking grade school, cripes, don't believe I just typed all that..) AAM - Ask a minor (someone under age of adulthood, usually <16, <18 or <21) AOL - A great deal of people that got ripped off for net access by a huge clueless isp with sekurity that you can drive buses through, we're not talking Kung-Fu being none too good here, Buy-A-Kloo maybe at the least they could try leasing one?? *CC - 1 - Credit Card (as in phraud) 2 - .cc is COCOS (Keeling) ISLANDS butthey probably accept cc's CCC - Chaos Computer Club (Germany) *CON - Conference, a place hackers crackers and hax0rs among others go to swap ideas, get drunk, swap new mad inphoz, get drunk, swap gear, get drunk watch videos and seminars, get drunk, listen to speakers, and last but not least, get drunk. *CRACKER - 1 . Someone who cracks games, encryption or codes, in popular hacker speak he's the guy that breaks into systems and is often (but by no means always) a "script kiddie" see pheer 2 . An edible biscuit usually crappy tasting without a nice dip, I like jalapeno pepper dip or chives sour cream and onion, yum - Ed Ebonics - speaking like a rastafarian or hip dude of colour also wigger Vanilla Ice is a wigger, The Beastie Boys and rappers speak using ebonics, speaking in a dark tongue ... being ereet, see pheer EoC - End of Commentary EoA - End of Article or more commonly @HWA EoF - End of file EoD - End of diatribe (AOL'ers: look it up) FUD - Coined by Unknown and made famous by HNN - "Fear uncertainty and doubt", usually in general media articles not high brow articles such as ours or other HNN affiliates ;) du0d - a small furry animal that scurries over keyboards causing people to type wierd crap on irc, hence when someone says something stupid or off topic 'du0d wtf are you talkin about' may be used. *HACKER - Read Stephen Levy's HACKERS for the true definition, then see HAX0R *HAX0R - 1 - Cracker, hacker wannabe, in some cases a true hacker, this is difficult to define, I think it is best defined as pop culture's view on The Hacker ala movies such as well erhm "Hackers" and The Net etc... usually used by "real" hackers or crackers in a derogatory or slang humorous way, like 'hax0r me some coffee?' or can you hax0r some bread on the way to the table please?' 2 - A tool for cutting sheet metal. HHN - Maybe a bit confusing with HNN but we did spring to life around the same time too, HWA Hax0r News.... HHN is a part of HNN .. and HNN as a proper noun means the hackernews site proper. k? k. ;& HNN - Hacker News Network and its affiliates http://www.hackernews.com/affiliates.html J00 - "you"(as in j00 are OWN3D du0d) - see 0wn3d MFI/MOI- Missing on/from IRC NFC - Depends on context: No Further Comment or No Fucking Comment NFR - Network Flight Recorder (Do a websearch) see 0wn3d NFW - No fuckin'way *0WN3D - You are cracked and owned by an elite entity see pheer *OFCS - Oh for christ's sakes PHACV - And variations of same Phreaking, Hacking, Anarchy, Cracking, Carding (CC) Groups Virus, Warfare Alternates: H - hacking, hacktivist C - Cracking C - Cracking V - Virus W - Warfare CT - Cyber Terrorism *PHEER - This is what you do when an ereet or elite person is in your presence see 0wn3d *RTFM - Read the fucking manual - not always applicable since some manuals are pure shit but if the answer you seek is indeed in the manual then you should have RTFM you dumb ass. TBC - To Be Continued also 2bc (usually followed by ellipses...) :^0 TBA - To Be Arranged/To Be Announced also 2ba TFS - Tough fucking shit. *w00t - 1 - Reserved for the uber ereet, noone can say this without severe repercussions from the underground masses. also "w00ten" 2 - Cruciphux and sAs72's second favourite word (they're both shit stirrers) *wtf - what the fuck *ZEN - The state you reach when you *think* you know everything (but really don't) usually shortly after reaching the ZEN like state something will break that you just 'fixed' or tweaked. @HWA -=- :. .: -=- 01.0 Greets!?!?! yeah greets! w0w huh. - Ed ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Thanks to all in the community for their support and interest but i'd like to see more reader input, help me out here, whats good, what sucks etc, not that I guarantee i'll take any notice mind you, but send in your thoughts anyway. Shouts to: * Kevin Mitnick * demoniz * The l0pht crew * tattooman * Dicentra * Pyra * Vexxation * FProphet * TwistedP * NeMstah * the readers * mj * Kokey * ypwitch * kimmie * tsal * spikeman * YOU. * #leetchans ppl, you know who you are... * all the people who sent in cool emails and support * our new 'staff' members. kewl sites: + http://www.freshmeat.net/ + http://www.slashdot.org/ + http://www.l0pht.com/ + http://www.2600.com/ + http://hacknews.bikkel.com/ (http://www.bikkel.com/~demoniz/) + http://www.legions.org/ + http://www.genocide2600.com/ + http://www.genocide2600.com/~spikeman/ + http://www.genocide2600.com/~tattooman/ + http://www.hackernews.com/ (Went online same time we started issue 1!) @HWA 01.1 Last minute stuff, rumours and newsbytes ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ "What is popular isn't always right, and what is right isn't always popular..." - FProphet '99 +++ When was the last time you backed up your important data? ++ Attrition has updated its archive of cracked sites with one of the biggest archives on the net http://www.attrition.org check it out ... ++ Apple's OS X eyes Linux Apple Computer is counting on its new Mac OS X Server software to snare both Linux developers and customers. Apple will go part way toward embracing the "open source" programming philosophy today when Steve Jobs introduces the next version of Mac OS X . http://www.news.com/News/Item/0%2C4%2C33781%2C00.html?dd.ne.txt.0316.02 ++ ICQ filter ensnared in free speech debate ICQ users who choose to screen out "objectionable" messages may think they are simply blocking the seven dirty words or other sexually explicit material. But without closely examining the filtering option, users of AOL's popular chat service may be unwittingly omitting words many do not consider "objectionable." http://www.news.com/News/Item/0%2C4%2C33783%2C00.html?dd.ne.txt.0316.03 ++ AOL, others may not back U.S. privacy plans http://www.news.com/News/Item/0%2C4%2C33803%2C00.html?dd.ne.txt.0316.08 ++ New digital cameras in Kodak's picture http://www.news.com/News/Item/0%2C4%2C33813%2C00.html?dd.ne.txt.0316.16 ++ STAR WARS' DIGITAL EXPERIMENT (CULT. 8:45 am) http://www.wired.com/news/news/email/explode-infobeat/culture/story/18495.html With 'Episode 1: The Phantom Menace,' George Lucas will nudge Hollywood toward a new age of filmmaking. Some theater chains are enthused, but others fear runaway costs and pirating. Michael Stroud reports from Los Angeles. ++ US SEEKS MICROSOFT REVAMP (EXEC 8:45 am) http://www.wired.com/news/news/email/explode-infobeat/story/18494.html The 19 states who joined the federal government's landmark antitrust case against Microsoft are unlikely to settle for any remedy that doesn't include a revamping of the software company, the The New York Times reported. At least some attorneys general will seek to force Microsoft to license the source code for its Windows operating system to other companies. The attorneys acknowledge that the judge in the case could still rule in the favor of Microsoft, but they say they were emboldened by the performance of lead attorney David Boies, and are considering asking for stronger remedies. (Registration required to access New York Times on the Web.) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ++ MICROWORKZ HITS A NEW LOW (BUS. 7:30 am) http://www.wired.com/news/news/email/explode-infobeat/business/story/18491.html The computer maker will sell machines for US$299, with a year's free Net access through Earthlink included. That brings the PC in line with basic consumer electronics. ++ CYBERIAN MAKES AUCTION BID (BUS. 7:30 am) http://www.wired.com/news/news/email/explode-infobeat/business/story/18492.html The computer e-tailer starts a companion site to its online store, hoping to grab a piece of the auction action from the likes of OnSale. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ++ FORBES TRUMPETS GOP RUN ONLINE (POL. 7:30 am) http://www.wired.com/news/news/email/explode-infobeat/politics/story/18493.html The magazine publisher puts up a press release on his Web site and calls it a first. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ++ PC FREE GOES FREE SOURCE (BUS. 3:00 am) http://www.wired.com/news/news/email/explode-infobeat/business/story/18481.html When you buy Net access from PC Free, it'll throw in a fully rigged computer. Fully rigged with Linux, that is. Hello mass market, says the CEO. By Craig Bicknell. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ++ MILITARY VEXED BY VACCINE SCARE (POL. 3:00 am) http://www.wired.com/news/news/email/explode-infobeat/politics/story/18485.html The Pentagon takes issue with Internet discussions warning that the military's mandatory anthrax inoculation is dangerous. Declan McCullagh reports from Washington. ++ TRUST'S TEST: GOING AFTER MS (TECH. 3:00 am) http://www.wired.com/news/news/email/explode-infobeat/technology/story/18476.html Internet self-regulation gets its first big test this week, as a privacy watchdog group considers whether to investigate Microsoft's privacy practices. By Chris Oakes. ++ MOTHER NATURE'S TEARS (WRLD 3:00 am) http://www.wired.com/news/news/email/explode-infobeat/story/18490.html Tears, saliva, and the urine of pregnant women -- they all contain a powerful protein that laboratory scientists have successfully used to kill the AIDS virus. A New York University biochemist said the protein, called lysozyme, may one day yield more effective AIDS drugs since lysozyme is a natural human compound. The new study appears in the Proceedings of the National Academy of Sciences. The search for the anti-HIV protein began when scientists realized the babies of HIV-infected women were somewhat protected from the virus and speculated that pregnant women made more virus-killing proteins to protect their developing babies. ++ APPLE'S OPEN-SOURCE MOVEMENT (TECH. Monday) http://www.wired.com/news/news/email/explode-infobeat/technology/story/18488.html Steve Jobs and Eric Raymond join hands to present part of the new MacOSX server to the open-source community. Linux fans may not welcome the move with open arms. By Leander Kahney and Polly Sprenger. ++ NULLSOFT SUED FOR US$20M (BUS. Monday) http://www.wired.com/news/news/email/explode-infobeat/business/story/18475.html Nullsoft, maker of the de facto standard MP3 player, faces a US$20 million dollar copyright infringement lawsuit. By Jennifer Sullivan. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ++ IT'S ALL ABOUT CONVERGENCE (BUS. Monday) http://www.wired.com/news/news/email/explode-infobeat/business/story/18474.html Nortel Networks teams with Microsoft, Intel, and Hewlett-Packard to make devices that send voice, video, and data over a single network. By Joanna Glasner. ++ MIT DREAMS OF JINI ALTERNATIVE (BUS. Monday) http://www.wired.com/news/news/email/explode-infobeat/business/story/18472.html A new research facility at the Cambridge, Massachusetts university is working to figure out how to get tomorrow's smart devices to talk to each other. ++ CHEMICAL PLANTS FACE Y2K THREAT (POL. Monday) http://www.wired.com/news/news/email/explode-infobeat/politics/story/18469.html A new report warns that chemical plants face "significant" risk of Y2K related failures. Worse, local governments seem to be oblivious to the problem. ++ WIRELESS SUCCESS (EXEC Monday) http://www.wired.com/news/news/email/explode-infobeat/story/18479.html With 30 percent of Americans already possessing cellular phones, wireless companies predict that technological advances, lower rates, and industry consolidation will boost the mobile's popularity even more in the next few years, the Los Angeles Times reported. So far, incentives like single-rate national pricing, and plans that offer a wealth of minutes, have produced successful results, but in order to fulfill the vision of the inter-operability of wireless and cordless lines, companies are considering all kinds of technological innovations and pricing plans. While most consumers may need to wait a while for cellular global coverage and email, the industry will continue to grow by tapping the American youth market and consolidating overseas. ++ BABY BELLS MISSING LOTS OF GEAR (EXEC Monday) http://www.wired.com/news/news/email/explode-infobeat/story/18463.html The local US phone companies have been unable to locate nearly US$5 billion in telecommunications equipment, and should write off the missing amount, according to an FCC audit released on Friday, The Wall Street Journal reported. In response to the audit, which could spur regulators to push for lower phone rates, Bell Atlantic and SBC Communications, highest on the list, argued that the audit results were flawed, and all of the Bells argued that the results shouldn't affect rates. Although the FCC report recommends that the companies write off the missing equipment, it isn't taking any action. Instead, it's soliciting public comment on how to respond to the audit results in April. ++ NETSCAPE DEAL ABOUT TO CLOSE (EXEC Monday) http://www.wired.com/news/news/email/explode-infobeat/story/18465.html America Online's acquisition of Netscape Communications, approved by the US Department of Justice and valued at nearly US$9 billion, could create tough competition for Microsoft, The Seattle Times reported. Microsoft said the combination could help it in its antitrust case, because the combination of AOL with Netscape, the software company that sought the government's help, would show how fast competition changes in the computer industry. But backers of the lawsuit said the acquisition does not diminish Microsoft's monopoly. ++ PAUL ALLEN BUYS GO2NET (BUS. Monday) http://www.wired.com/news/news/email/explode-infobeat/business/story/18466.html The other Microsoft founder pays US$600 million for a majority stake in portal upstart Go2Net. The plan: Splice it with cable TV and turn it into a broadband titan. ++ HUMAN GENE RESEARCH ACCELERATING (TECH. Monday) http://www.wired.com/news/news/email/explode-infobeat/technology/story/18467.html The research into classifying human genetic structure -- The Human Genome Project -- is going so well that the cooperative Anglo-American effort should be finished a year ahead of schedule. ++ The browser wars heat up with IE5 http://www.news.com/SpecialFeatures/0%2C5%2C33944%2C00.html?dd.ne.txt.0318.02 ++ Spam gives ICQ a new headache (full story in section 18) http://www.news.com/News/Item/0%2C4%2C33970%2C00.html?dd.ne.txt.0318.03 ++ March 17th New Celerons coming Monday http://www.news.com/News/Item/0%2C4%2C33935%2C00.html?dd.ne.txt.0318.04 ++ Intel and FTC settle The US Federal Trade Commission (FTC) has approved the settlement of its antitrust case against Intel, but has imposed only mild restrictions and is continuing an ongoing investigation into the chip giant. Under the settlement, while Intel is not able to withhold most technical information from companies with which it is involved in patent disputes, it may withhold that information if it concerns the specific processor that is the subject of the dispute and the customer is seeking to have that product banned. Information must be provided to manufacturers no later than six months before a processor is due for release. Intel must also report regularly to the FTC concerning its compliance with the order. However, the FTC may not have had its last word; it will be continuing its broader investigation into whether Intel's dominance of the processor market constitutes a monopoly, and if its power has been abused. http://newswire.com.au/9903/ftcset.htm ++ MS BALLYHOOS DIGITAL AUDIO (TECH. 3:00 am) http://www.wired.com/news/news/email/explode-infobeat/technology/story/18512.html Microsoft is not embracing digital audio quietly. With strategic alliances, investments, and new technologies folded into Windows, the blitzkrieg is on. By Christopher Jones. ++ THE BANK OF BEENZ (EXEC 9:30 am) http://www.wired.com/news/news/email/explode-infobeat/story/18514.html Beenz Company Ltd., a British start-up, is launching what it calls the Internet's first universal currency, symbolized by a bright red bean with two strokes at the top, The Wall Street Journal reported. Founder Philip Letts envisions the concept as an alternative to Web advertising, explaining that Beenz will market itself by rewarding customers who visit sites using Beenz with the currency, which can then be deposited at the Bank of Beenz. In preparation for the launch, Beenz has recruited a number of retailers to hand out and accept the currency in lieu of payment. It expects to derive future revenue through its role as a bank, clearing transactions and taking commissions on the Beenz it sells. (The Wall Street Journal Interactive requires a subscription.) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ++ AOL, NETSCAPE MERGER A CHALLENGE (EXEC 9:30 am) http://www.wired.com/news/news/email/explode-infobeat/story/18529.html Now that the acquisition of Netscape Communications is almost complete, America Online has to move quickly to blend Netscape's technical expertise with AOL's customer-service savvy, the Washington Post reported. Managing the combination will be Barry Schuler, AOL's president of interactive services. The biggest challenge for him and for AOL will be to set up services that can meet the needs of both services and consumers. ++ THE WEB PRIVACY SEAL, TAKE 2 (POL. 8:30 am) http://www.wired.com/news/news/email/explode-infobeat/politics/story/18517.html The Better Business Bureau begins stamping its own "seal of approval" on Web sites. Like Truste, the bureau hopes it can calm privacy-nervous consumers. By Chris Oakes and James Glave. ++ JAVA FOR THE CELL PHONE (TECH. 7:35 am) http://www.wired.com/news/news/email/explode-infobeat/technology/story/18524.html Symbian, the powerful wireless alliance formed to take on Microsoft, says a new generation of handheld devices will use the Sun language as part of its operating platform. ++ GLOBAL CROSSING GETS US FOOTHOLD (BUS. 7:35 am) http://www.wired.com/news/news/email/explode-infobeat/business/story/18525.html The company that's laying fiber around the world acquires New York-based carrier Frontier for US$11.2 billion in stock. ++ BROADBAND SATELLITE GETS A BOOST (BUS. 7:35 am) http://www.wired.com/news/news/email/explode-infobeat/business/story/18526.html GM's Hughes says it will pump US$1.4 billion into Spaceway, its satellite-based high-speed communications network. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ++ WHEN IRISH EYEBALLS ARE SMILING (BUS. 3:00 am) http://www.wired.com/news/news/email/explode-infobeat/business/story/18521.html The ideal St. Patrick's Day revelers will hold a pint of Guinness in one hand and a mouse in the other as they explore a range of new Irish portals. By Niall McKay. ++ LOST IN SPACE AND RED TAPE (POL. 3:00 am) http://www.wired.com/news/news/email/explode-infobeat/politics/story/18522.html NASA should lead, follow, or get out of the way of private space exploration. That's the consensus at a conference on the future of space. Declan McCullagh reports from Washington. ++ FEDS PAY TO PUSH GENOME PROJECT (TECH. 3:00 am) http://www.wired.com/news/news/email/explode-infobeat/technology/story/18520.html The Human Genome race pits a government-funded consortium that aims to keep gene data public against a private research company that wants to own the findings. The future of medical research is at stake. By Kristen Philipkoski. ++ UK'S ROYAL MAIL DOES E-COMMERCE (POL. 3:00 am) http://www.wired.com/news/news/email/explode-infobeat/politics/story/18508.html The centuries-old institution introduces a secure document technology service aimed at the business sector. British consumers will likely be next in line. By Wendy Grossman. ++ APPLE OPENS OS CODE (TECH. Tuesday) http://www.wired.com/news/news/email/explode-infobeat/technology/story/18515.html Apple is jumping on the open-source bandwagon -- at least with one foot. The company will make parts of Mac OS X code available to developers and promises friendly licensing practices. By Leander Kahney. ++ THE CASE OF THE PILFERED FILTER (BUS. Tuesday) http://www.wired.com/news/news/email/explode-infobeat/business/story/18516.html http://www.news.com/News/Item/0%2C4%2C33888%2C00.html?dd.ne.txt.0317.03 America Online's ICQ chat service filter lets users filter dirty words, apparently with a list illegally borrowed from an old version of Cybersitter. By Heidi Kriz. ++ Windows 2000 compatibility still an issue http://www.news.com/News/Item/0%2C4%2C33875%2C00.html?dd.ne.txt.0317.15 ++ Microworkz $299 PC draws interest http://www.news.com/News/Item/0%2C4%2C33838%2C00.html?dd.ne.txt.0317.16 Mucho thanks to Spikeman for directing his efforts to our cause of bringing you the news we want to read about in a timely manner ... - Ed @HWA 01.2 MAILBAG - email and posts from the message board worthy of a read ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Yes we really do get a pile of mail in case you were wondering ;-0 heres a sampling of some of the mail we get here, the more interesting ones are included and of course we had to get in the plugs for the zine coz we love to receive those too *G* - Ed Comments: Authenticated sender is From: "Matthias Olzmann" To: hwa@press.usmc.net Date: Sun, 14 Mar 1999 19:54:47 0100 MIME-Version: 1.0 Content-type: text/plain; charset=ISO-8859-1 Subject: since it early days Reply-to: molzmann@snoopy.lili.Uni-Osnabrueck.DE Priority: normal X-mailer: Pegasus Mail for Windows (v2.54DE) Well...I'm reading HWA since its 'early days' ! And I just wanna say...that you do a really great job! There is a lot of information...there is humor... all a Admin need he would find in your HWA go on !! matthias olzmann mcse germany ---------------------------------------------------------------------------- Matthias Olzmann Forschungsstelle Literatur Systemadministrator der Frühen Neuzeit Tel. (0541) 969-4882 Universität Osnabrück molzmann@fruehneu.lili.uni-osnabrueck.de -=- Date: 13 Mar 1999 22:37:08 -0000 To: hwa@press.usmc.net Subject: BoardRoom: Link Exchange From: pserv Reply-to: r00ted@yahoo.com Time: Sat, 13-Mar-1999 22:37:08 GMT hey ppl, i just wanted to make note of the fact that yr site is not the only site to be rejected by link exchange on the basis of content. when i attempted to sign up for their program i sent them a banner as they requested, but instead of being included in the program, i got a nasty email rejecting my site due to so called "objectionable" material. link exchange apparently feel that pages dealing with security issues are not acceptable, yet another friend of mine who *is* in the program is consistently getting banners on his site for pr0n :) go figure. anyway i say fuck link exchange, even the ppl i know who are in it are not noticing a significant increase in traffic, and how much do you want "random" viewers to come to your site anyway? has anyone else experienced anything like this with this company? l8z, pserv oh gotta get the plug in anyway, come see the site link exchange hates http://proxiserv.iscool.net *warning* there's no pr0n :) =============================================== Check this site out, it is a thing to behold for sure, and full of interesting stuph... - Ed Date: 17 Mar 1999 12:29:19 -0000 To: hwa@press.usmc.net Subject: Big Shoutz From: S C R E A M (HARP) Reply-to: scream@unitedstates.com Time: Wed, 17-Mar-1999 12:29:18 GMT Just a quick note and a big shout to HWA.hax0rs for recognizing H.A.R.Ps work and spreading the word on what we're all about. Keep up the good work people and keep your eyes and ears out for the next Hackers Against Racist Parties hack, coming VERY soon... Laterz S C R E A M (founder of H.A.R.P) =============================================== We support HARP and EHAP in all their endeavours, stay free and keep the word strong and loud! ... - Ed -=- Date: Fri, 12 Mar 1999 10:34:22 -0500 From: sozni@USA.NET To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM Subject: Re: Outlook stores PLAINTEXT password! Although this may not be an appropriate topic for this list, there is a related issue with Outlook password protected add-ins. Many companies make add-in components for Microsoft Outlook such as custom forms or folders. These add-ins are password protected to protect code. However, when these passwords are checked at runtime, they are left in memory as plaintext. And since Outlook forms aren't compiled, all code is available to anyone with a password. .sozni A service provided by TechAID Computer Services, http://www.techaid.net The e-mail address of the sender MAY NOT BE AUTHENTIC. -=- Date: 15 Mar 1999 07:23:39 -0000 Message-ID: <19990315072339.14498.qmail@saturn.beseen.com> To: hwa@press.usmc.net Subject: [off topic] Amiga 500 Startup Hack + slackware From: ph0 Reply-to: haxor@technologist.com Time: Mon, 15-Mar-1999 07:23:39 GMT I recently procured an Amiga 500 .. I have no mouse/joystick, or On a more relevant note, Slackware 3.2 (and possibly others) have a -v setting in pppsetup's pppstart script and default permissions to allow all users to read /var/log/messages .. hence ppp chat scripts can be read via /var/log/messages and usernames/passwords gained .. could just be me .. cheers! ** In case people are wondering here;s the reply I sent to the above message jic others have similar concerns... - Ed Date: 15 Mar 1999 15:14:07 -0000 To: hwa@press.usmc.net Subject: BoardRoom: re: [off topic] Amiga 500 Startup Hack + sla From: Cruciphux Reply-to: cruciphux@dok.org Time: Mon, 15-Mar-1999 15:14:07 GMT :I recently procured an Amiga 500 .. I have no mouse/joystick, or :disks though (just screen + machine) .. is there any way :whatsoever I can make this thing _do something_? I found a :reference to some 'hold down both mouse buttons on startup' early :boot screen thinggo on an Amiga page, however I aint got no :sqeaker ;( Well you will need a mouse or you ain't going too far, also the Amiga500 is totally disk based OS some of em have kickstart on rom but you need a disk to do anything at all with it it ain't like a C64 or C128 that has basic in rom and the disk is extra... you can find the software on the web just look good and hard if you get stuck I can maybe rustle up some software and post it somewhere for you as I still have my ami system. :On a more relevant note, Slackware 3.2 (and possibly others) have :a -v setting in pppsetup's pppstart script and default :permissions to allow all users to read /var/log/messages .. hence :ppp chat scripts can be read via /var/log/messages and :usernames/passwords gained .. could just be me .. Think this is standard and it is kinda silly yeah, i'll make a note of this in the mailbag section though anyways maybe since it is relevant... Cruci ================================================================ @HWA 02.0 From the editor.#9 ~~~~~~~~~~~~~~~~~~ #include #include #include main() { printf ("Read commented source!\n\n"); /*well we;ve got a webboard i actually forgot to mention it in the last *issue, too busy with other stuff.. anyways it works its not great but *its free and does the job. PPL, when you join the channel on IRC don't *expect the HWA circus to come to your town, we ain't there to entertain *we're there to receive news reports and hangout so if you were one of *few that just didn't get the idea last time keep it mind for the future *ok? ok ... so here we go again.... issue #10 happy birthday to Mom and Dad! * * Moving right along, thanks for the continued support everyone and tty next time... */ printf ("EoF.\n"); } Congrats, thanks, articles, news submissions and kudos to us at the main address: hwa@press.usmc.net complaints and all nastygrams and mailbombs can go to /dev/nul nukes, synfloods and papasmurfs to 127.0.0.1, private mail to cruciphux@dok.org danke. C*:. @HWA 03.0 The Mitnick Trial Update ~~~~~~~~~~~~~~~~~~~~~~~~ From Wired news http://www.wired.com/news/news/politics/story/18432.html Mitnick Trial: Full Speed Ahead by Douglas Thomas 12:00 p.m. 12.Mar.99.PST LOS ANGELES -- The trial against celebrity cracker Kevin Mitnick will begin as scheduled on 20 April. That's the ruling from US District Court Judge Marianne Pfaelzer, who denied a defense request Tuesday for a continuance that could have delayed the case until the summer. In court on Tuesday, Pfaelzer told Don Randolph, Mitnick's attorney, that if he expected the trial to be delayed by so much as a day beyond its 20 April start date, he should "disabuse himself of that notion." In a 25-count Federal indictment, the government alleges that Mitnick copied proprietary software from computers owned by cellular telephone manufacturers. Mitnick has been in custody here,awaiting a trial, since 1995. The defense team wanted the court to make the government comply with the court's previous order to identify the materials that would be presented at the trial. Most recently, the defense requested that the government provide the passwords for the files they have been able to decrypt. Because of the sheer volume of new information, the defense asked that the court "exclude from evidence any files not reasonably identified," according to defense team attorney Greg Vinson. Failing that, the defense requested an extension to review the new evidence. Pfaelzer denied all motions, but did require the government to provide passwords to the files they deciphered. This week's ruling is not the first time Pfaelzer has turned down the defense's request for more time. In late January, she denied a defense motion for a 60-day continuance. Pfaelzer has been reluctant to allow delays in the case, and made it clear that the motion which pushed the start date back to April would be the last before the case went to trial. For some time, the defense has claimed that the prosecution has "failed to comply with its constitutional and statutory discovery obligations." Specifically, Mitnick's lawyer had accused the government of failing to disclose its exhibit list. The defense also wants access to witness interviews and time to review 1,300 pages of witness statements produced by the government. Mitnick also says he is having difficulty reviewing the evidence to be presented against him. A laptop computer containing the electronic evidence was installed for his use at the Los Angeles Metropolitan Detention Center. But Mitnick was not allowed to access the portable for nearly a month while experts inspected and re-inspected the machine. The government denies claims that they have withheld evidence. US Attorneys said in court documents that is "absurd" for Mitnick to suggest that the defense team's failure to conduct interviews or perform investigations are "somehow attributable to the government." Pfaelzer agreed, and denied the defense motions. This week, she granted a prosecution request to dismiss the continuance without a formal hearing. Meanwhile, Mitnick's co-defendant Lewis DePayne, filed a motion for severance on 1 March, asking that his case be heard separately. In that filing, DePayne requested that his case be heard immediately, without a jury. DePayne's attorney, Richard Sherman, argued earlier before Pfaelzer that there is simply no evidence against his client. Pfaelzer has indicated that she is inclined to grant the severance. DePayne's motion is scheduled to be heard on 22 March. @HWA 03.1 Mitnick could be free by the end of the year... ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From ZDNet http://www.zdnet.com/zdtv/newscobrand/features/story/0,3730,2228174,00.html Mitnick to Plead Guilty The 'Free Kevin' movement may have to wait a bit longer-- hacker Kevin Mitnick is set to plead guilty to criminal hacking charges. By Alex Wellen and Luke Reiter March 17, 1999 8:30 PM Pacific Hacker Kevin Mitnick will plead guilty to computer -related crimes after more than four years in prison awaiting trial, according to CyberCrime sources. The plea is contained in a court document, or "notice," jointly filed by Mitnick's attorney and federal prosecutors, sources said. The notice itself was filed under seal and "in camera"-- meaning the subject matter will be discussed privately between the parties in chambers before US Federal Court Judge Mariana Pfaelzer. The timing for that meeting will depend on Pfaelzer's schedule and could be as early as Friday. Assistant US Attorney David Schindler confirmed a notice was filed, but would not comment on whether it was a plea agreement. Mitnick's attorney, Donald Randolph, did not respond to CyberCrime inquiries on Wednesday. Sources said the plea agreement will place a cap on Mitnick's sentence. Taking into consideration time already served, he could be released by the end of the year. This plea agreement does not involve codefendant Louis DePayne, set to be tried alongside Mitnick next month. The proposed plea agreement does, however, call into question DePayne's status-- suggesting that he may also resolve his case prior to trial. DePayne's attorney, Richard Sherman, declined to comment Wednesday night. Mitnick, 35, has been imprisoned in the Metropolitan Detention Center, Los Angeles for more than four years awaiting trial on computer-related fraud charges. The 25-count federal indictment issued against Mitnick accuses him of using computers to steal millions of dollars in software Following the September 1996 indictment, Mitnick pleaded "not guilty" to all counts. Mitnick pleaded guilty twice before to similar computer crimes, in 1989 and 1996. In 1989, Mitnick was convicted for stealing computer programs and breaking into corporate networks, and served eight months of a one-year sentence. In April 1996, he pleaded guilty to possession of 15 or more unauthorized access devices (cloned cellular telephone numbers), and for violating supervised release, and was sentenced to 22-months in federal prison. Based in part on his prior two convictions, Mitnick has been detained without bond since February 1995. The hacker's imprisonment without a bail hearing, combined with his prison restrictions, has generated a backlash among Mitnick supporters. Some critics have protested Mitnick's treatment by attacking websites and posting political messages-- the most recent earlier this month to a Monica Lewinsky website, and the most notable of which shutdown the New York Times's website for approximately nine hours last September. Mitnick supporters have also criticized the government for delaying the trial. However, the delays can also be attributed in part to the defense. Over the last four years, Mitnick has been represented by three different attorneys -- who, in combination, have filed a half-dozen motions requested additional information. Mitnick's attorneys have argued government attorneys have stalled efforts by unreasonably withholding information requested by the defense. ZDTV's CyberCrime Bureau-- which includes former prosecutor Luke Reiter, litigator Alex Wellen, and reformed hacker Kevin Poulsen-- will continue to bring you coverage. @HWA 03.2 Federal Prosecutors Leak Info on Mitnick ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ March 19th From HNN http://www.hackernews.com/ contributed by Space Rogue Numerous mainstream media outlets are reporting that Kevin Mitnick has pleaded guilty to computer related crimes. It is believed that this plea of guilty is in exchange for reduced charges and a sentence of mostly time served. The real story is not that Kevin pleaded out as only 4% of federal cases actually go to trial, the real story is how the press got notified of the contents of a _sealed_ federal court document. If the Honorable Mariana Pfaelzer declines the plea agreement Kevin will still be headed for trial on April 20. If that happens Kevin's defense hopes to introduce a motion that will dismiss most of the evidence against him on the grounds of illegal search and seizure. It would appear the the information used to provide probable cause to issue a search warrant for Mitnick's apartment was itself illegally obtained. The defense is claiming that Tsutomu Shimomura, while a private citizen, was in fact acting as a government agent and therefore subject to the laws regarding illegal search and seizure. We urge you to visit the Free Kevin site and learn more about what is not being said by the mainstream media. @HWA 03.3 From www.kevinmitnick.com ~~~~~~~~~~~~~~~~~~~~~~~~~ Anonymous Sources, Politics, and the Media March 18, 1999 In yet another political twist in the highly politicized trial preparations in United States v. Mitnick, the claim that a "notice" was filed in camera and under seal with Judge Mariana Pfaelzer somehow found its way to the telephone, fax machine, or email accounts of Alex Wellen, an intellectual property attorney and now a reporter with ZDTV who interned with the US Attorney's Office Criminal Division (and two federal court judges). The lead prosecutor in the case apparently confirmed for Alex Wellen that a notice was indeed filed. This post addresses an article that appeared on ZDTV the evening of March 17; subsequent posts will address an article that appeared on the same topic in the L.A. Times on March 18, 1999. Freekevin.com has learned that the "notice" is a plea agreement wherein Kevin Mitnick has agreed to plead guilty to a reduced set of charges. While we'll discuss those reduced charges below, we'll take this opportunity to look at the curious circumstances under which the contents of a document filed under seal in a federal court were somehow leaked to a reporter who worked with prosecutors and two federal judges. Why is This a Political "Twist"? It's a violation of federal law to reveal matters that are filed under seal with the court. This creates a dilemma for politically ambitious federal prosecutors, most recently witnessed in the repeated leaks of information from the office of independent counsel Ken Starr. Media Analysis 101 Returning to Alex Wellen's story, we read that.... "Hacker Kevin Mitnick will plead guilty to computer-related crimes after more than four years in prison awaiting trial, according to CyberCrime sources." Anonymous sources... and it is not rather odd for someone to plead guilty after spending "more than four years in prison awaiting trial"? Can't be too odd, since Alex Wellen's article failed to mention that curiosity. Notice that there's no mention that Kevin Mitnick was held in defiance of constitutional requirements that a detention hearing be held and the issue of bail considered. Must not have been important. Nor was there any mention that federal law was broken in leaking the sealed document to the press. "The plea is contained in a court document, or "notice," jointly filed by Mitnick's attorney and federal prosecutors, sources said. The notice itself was filed under seal and "in camera"-- meaning the subject matter will be discussed privately between the parties in chambers before U.S. Federal Court Judge Mariana Pfaelzer." Anonymous sources for the second time. Second paragraph without mention that federal law was broken in leaking the sealed document to the press. Must have been as unimportant as being held four years without bail and without a bail hearing. After learning the possible schedule for the trial, we read... "Assistant U.S. attorney David Schindler confirmed a notice was filed..." The first source attributed to an individual was attributed to the lead U.S. Attorney prosecuting the case. And defense attorney Donald Randolph "did not respond" to inquiries, presumably by reporter -- and ex-intern at a U.S. prosecutor's office -- Alex Wellen. The Way Sources and Journalists Cooperate Even ethical journalists know that they must rely on anonymous sources on occasion. To maintain their integrity, they'll frequently insist on a quid pro quo: that they must attribute something to the source, even if it's a statement saying that "I'll neither confirm nor deny...". That way, the story is sourced anonymously, but there's at least one, and usually more, statements attributed to named sources. Leaking Benefits Prosecution in U.S. v. Mitnick Leaking the existence of a plea agreement benefits the prosecution in numerous ways; we identified three of them above (see "Why is This a Political "Twist"?"). In addition, the first leak sets the tone of the coverage that follows, and even first-year debate students know that when you set the boundaries of the debate, you've won without saying a word. The prosecution has everything to gain and nothing to lose by leaking word of the existence of a plea agreement: they set the tone of the discussion, they hope to take the energy out of the principled people who've learned about the case and become supporters of Kevin Mitnick, and they blindside the defense attorneys. If the leaks are somehow attributed to the prosecution, they merely issue vigorous denials, and there the matter will stop. Leaking Poses Enormous Risks to Defense Leaking the existence of a plea agreement poses enormous risk to Kevin Mitnick, because any agreement is submitted for the judge's approval. Because of this uncertainty, and even at this late date, Kevin is completely focused on preparing for trial on April 20, 1999, just 22 working days away. Indeed, Kevin's investigators have subpoenaed Tsutomu Shimomura to do one of two things: either sign a sworn declaration that a number of factual statements in his book Takedown are true, or appear in court on April 5th to participate in a hearing to suppress any evidence in this case based on Shimomura's actions as a de facto federal agent who allegedly broke federal law repeatedly, and on multiple occasions. Note that Shimomura illegally intercepted electronic communications purported to be from Mitnick, and that the court hearing scheduled for April 5th is intended to suppress those interceptions, as well as a warrantless search conducted on Kevin Mitnick's home in Raleigh, North Carolina (the search was undertaken subsequent to Shimomura's illegal interceptions). A leak from the defense runs the enormous risk of further antagonizing the judge, who might then reject the agreement, and Kevin would then face going to trial with an overworked and understaffed attorney. The possible sentence upon conviction of all charges is more than 35 years in federal prison. The defense would have jeopardized their entire hopes of settling before trial if they had illegally leaked this notice -- no, the defense had no role in this leak, in our opinion. Plea Agreement Includes Reduced Charges If the plea agreement is approved, Kevin Mitnick will spend just a few additional months in prison, and 20 counts of the 27 original counts will be dropped. This circumstance -- that the government is willing to dismiss 75% of the charges against Kevin -- is ample evidence in support of our claim that this case was dramatically overcharged, and was overcharged solely as a result of the extraordinary and repeated media assaults on Kevin Mitnick by reporter John Markoff on the front page of the New York Times. We'll have more on this issue in subsequent updates to this site. Summary Fewer than 4% of all federally charged defendants go to trial. The federal system is set up to virtually ensure a conviction, as the enormous resources of the federal government are brought to bear on a single individual: trying to fight federal charges is like trying to stop a steamroller with a picket sign protesting your innocence. As an indigent defendant held without a bail hearing and without bail for more than four years, Kevin Mitnick has had virtually no control over the conduct of his defense. Using the U.S. Sentencing Guidelines, Kevin faced more than 35 years if found guilty of all charges. Held in jail for four years, his contact with the outside was limited to collect phone calls, visits with legal personnel, and with his immediate family -- all other visitors were forbidden. Although the terms of the guilty plea are quite onerous, the possible alternative -- a potential maximum penalty of more than 35 years in federal prison -- was simply not worth the risk of going to trial with a court-appointed attorney whose two recent motions for continuances less than 50 days before trial were rejected by the court. 04.0 Is Microsoft vulnerable to their own holes? ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Is Microsoft vulnerable to their own holes? Via HNN www.hackernews.com/ contributed by hfspc002 With all the recent privacy holes in OLE and Office products where does this leave Microsoft? Are they just as vulnerable to these problems as the public? You bet! Try downloading some MS Office documents from the Microsoft web site and see what you find hidden in the documents. MacInTouch has a list of some of the stuff they found. MacInTouchhttp://www.macintouch.com/o98securitysamp.html Article below, I included some of the readers response letters for amusement value also...- Ed Office 98 Security Hole: Samples Microsoft/Compaq Samples Reader Experiences In researching the long-standing Microsoft Office/OLE security holes, we took a look at some of Microsoft's own Word documents, published on its web site long after the release of its security patch, as well as a Word document posted by Compaq on its web site. These documents, like millions of other MS Office documents, contain extraneous data that may unintentionally reveal sensitive confidential or private information, hidden from view within Word. A MacInTouch reader who pointed out one of the files wrote: "You can easily read the name and directory path of the original file, any revisions and who did them with full directory paths (even on the MS server), the directory paths of all attached graphics, and what appears to be a registration numbers and passwords associated with each user that saved the file. With enough documents, you could concievably construct a full directory structure for the entire MS network, and have the machine codes to mimic a computer in the building. Looks like MS has done half of the hacker's work for them... they are a break-in waiting to happen." In each example below, we show hidden information that is invisible within Word but readily available when the document is opened with a text editor or utility program, such as John Lamb's TextBrowser or Bare Bones Software's BBEdit. We did not do an detailed security analysis of each document, but simply copied out some interesting hidden material. In each case, it is unlikely that the document authors intended to reveal the hidden information in these files, which now are available to millions of people on the Internet, although this information appears far more innocuous than the URLs, source code directories, credit card information and private mail that readers report finding hidden in their Word documents. MSIE 4.5 Reviewers Guide The names "Linda Sorenson" and "Brian Hodges" do not appear anywhere in the document, when you are using Microsoft Word, nor do the file names and directories. "Dani Baldwin" is visible if you choose the "Properties" menu item and view Summary, but it does not appear if you ask Word to "Find" the text. Dani Baldwin Microsoft Word 8.0 D:\briansnap\more\Picture 5.GIF D:\briansnap\more\Picture 4.GIF D:\briansnap\Picture 2.GIF D:\briansnap\Picture 3.GIF Microsoft Internet Explorer 4 Dani Baldwin Linda Sorensonn2ndMicrosoft Word 8.0E Waggener Edstrom Microsoft Internet Explorer 4 D:\briansnap\more\tcrop.gif D:\briansnap\Picture 55.gif D:\briansnap\more\Picture 5.GIF D:\briansnap\more\Picture 4.GIF D:\briansnap\Picture 2.GIF D:\briansnap\Picture 3.GIF2 D:\briansnap\more\textclup.gif D:\briansnap\more\explorer.gif D:\briansnap\more\favs.gifz!D:\briansnap\more\Picture 16.GIF D:\briansnap\more\printopt.gif D:\briansnap\more\Picture 21.GIF D:\briansnap\more\Picture 20.GIF D:\briansnap\Picture 56.gif D:\briansnap\more\Picture 23.GIF D:\briansnap\more\Picture 2.GIF D:\briansnap\Picture 6.GIF D:\briansnap\more\explorer.gif D:\briansnap\more\favs.gif D:\briansnap\more\Picture 16.GIF D:\briansnap\more\printopt.gif D:\briansnap\more\Picture 21.GIF D:\briansnap\more\Picture 20.GIF D:\briansnap\Picture 56.gif D:\briansnap\more\Picture 23.GIF D:\briansnap\more\Picture 2.GIF D:\briansnap\Picture 6.GIF Dani Baldwin&\\WE-OR2\PROD\MS\BSD\Desktop\MIERG.doc Dani Baldwin&\\WE-OR2\PROD\MS\BSD\Desktop\MIERG.doc Dani Baldwin=\\WE-OR2\DATA\dbaldwin\winword\AutoRecovery save of MIERG.asd Dani Baldwin=\\WE-OR2\DATA\dbaldwin\winword\AutoRecovery save of MIERG.asd Dani Baldwin=\\WE-OR2\DATA\dbaldwin\winword\AutoRecovery save of MIERG.asd Dani Baldwin=\\WE-OR2\DATA\dbaldwin\winword\AutoRecovery save of MIERG.asd Dani Baldwin=\\WE-OR2\DATA\dbaldwin\winword\AutoRecovery save of MIERG.asd Linda SorensonC:\windows\TEMP\MIERG.doc Brian Hodges#C:\WINDOWS\Desktop\MIERG 120898.doc Linda Sorenson?\\WE-WA2\DATA\LindaS\Macintosh\Press materials\MIERG 120898.doc MSIE/OE 4.5 Innovation This example shows information leaks similar to those of the previous example: \\Macbu\public\maclogo\Maclarge.gif Prill$C:\WINDOWS\TEMP\MacInnovations22.doc Linda Sorenson\\WE-WA2\DATA\LindaS\MacInnovations22.doc Dani Baldwin\\WE-OR2\PROD\MS\BSD\Desktop\InnovaPR.doc Dani Baldwin\\WE-OR2\DATA\dbaldwin\winword\AutoRecovery save of InnovaPR.asd Dani Baldwin C:\temp\AutoRecovery save of InnovaPR.asd Dani Baldwin C:\TEMP\AutoRecovery save of InnovaPR.asd Linda Sorenson \\WE-WA2\DATA\LindaS\Macintosh\Press materials\InnovaPR.doc Brian Hodges C:\WINDOWS\Desktop\InnovaPR new.doc Linda Sorenson C:\windows\TEMP\InnovaPR.doc Linda Sorenson9\\WE-WA2\DATA\LindaS\Macintosh\Press materials\Innova.doc Microsoft Internet Explorer 4 Linda Sorenson MSIE 4.5 Fact Sheet Here we can identify some new people involved in the project, although their names, too, are invisible within Microsoft Word. Note also the presence of the "GUID" fingerprint: _PID_GUID_PID_HLINKSAN{2DD3214D-64E7-11D2-9002-0000C0657DF9 \\Macbu\public\maclogo\macsmal2.gif \\Macbu\public\maclogo\macsmal2.gif \\Macbu\public\maclogo\macsmal2.gif \Macbu\public\maclogo\macsmal2.gif \\Macbu\public\maclogo\macsmal2.gif \\Macbu\public\maclogo\macsmal2.gif \\Macbu\public\maclogo\macsmal2.gif \\Macbu\public\maclogo\macsmal2.gif \\Macbu\public\maclogo\macsmal2.gif \\Macbu\public\maclogo\macsmal2.gif \\Macbu\public\maclogo\macsmal2.gif Baldwin\\WE-OR2\PROD\MS\BSD\Desktop\4.5IEFS.doc Jodi Ropert C:\WINDOWS\TEMP\4.5IEFS.doc Jodi Ropert C:\WINDOWS\TEMP\4.5IEFS.docDani Baldwin\\WE-OR2\DATA\dbaldwin\winword\AutoRecovery save of 4.5IEFS Christina Snavely \\WE-OR2\PROD\MS\BSD\Desktop\4.5IEFS.doc Linda Sorenson:\\WE-WA2\DATA\LindaS\Macintosh\Press materials\4.5IEFS.doc Brian Hodges C:\WINDOWS\TEMP\AutoRecovery save of 4.asd Brian Hodges"C:\WINDOWS\Desktop\4.5IEFS new.doc Linda Sorenson \\WE-WA2\DATA\LindaS\Macintosh\Press materials\4.5IEFS new.doc Compaq Modem Overview In the Word document posted by Compaq, we again find the name of the author, even though he is not listed in the Properties sheet, plus his file and directory names and the GUID information: Greg Bretting%C:\My Documents\modem white paper.doc Greg Bretting%C:\My Documents\modem white paper.doc Greg Bretting%C:\My Documents\modem white paper.doc Greg Bretting%C:\My Documents\modem white paper.doc Greg Bretting%C:\My Documents\modem white paper.doc Greg Bretting%C:\My Documents\modem white paper.doc Greg Brettin %C:\My Documents\modem white paper.doc Greg Bretting:C:\WINDOWS\TEMP\AutoRecovery save of modem white paper.asd Terry Durham%C:\My Documents\modem white paper.doc C:\S&S_dataprep\White Papers\NEW\prt005a0798.doc _PID_GUID_PID_HLINKSAN{EB8A944A-2068-11D0-BD46-00AA00A42EA1}Al C:\cpq_logo\REDCPQSM.BMP More MacInTouch Reader Experiences From: [MacInTouch reader] Subject: word98 security issue, it's bigger than you think. Date: Wed, 10 Mar 1999 I have to remain anonymous about this please, because of the implications this might have. I am a developer and I occasionally use word98 for reports and such. Reading your report yesterday about the security issue, I wanted to see if it was true. I opened one of my old word docs in codewarrior (after changing the file type/creator codes ) and found the there were not only directory listings to source code I was working on at the time, but also names of specific functions within the source. These things were not menitioned anywhere within the document I typed, but they are embedded in my file. I can supply you with the file if you like, but I'd rather not because it has my name in it and I think the reprecussions of this could be rather large. If you have any questions about this, feel free to send them to me. Date: Wed, 10 Mar 1999 12:04:01 -0500 From: Joe Gudac Organization: Gudac Bowling Lanes Subject: Word Info Ric, After reading about all these problems with the info Word stores with it's files I decided to look at some of the files I had for my business. I picked a simple file that only had my business letterhead and address info and business tax id numbers that I had to give to our bank recently. When looking at the file in canopener I was astonished to find that the file had information from other files containing my credit card numbers and personal information about myself and my family. I have tried for the past several years to not be a Microsoft basher and have tried to learn as much about their software applications to keep myself up to date with the standard business technology, but this is absurd. This along with some of the testimony that has been presented in their anti trust trial I am terrified that they are big brother and may be more corrupt than our government. If that isn't a scare. Enjoy your information and keep up the great web site. Regards, Joseph J Gudac Jr Date: Mon, 15 Mar 1999 From: [MacInTouch reader] Subject: WORD SECURITY *** Please keep the following anonymous: I too have stopped defending Microsoft. I work for a *major* Internet company at a fairly high level. This morning I too looked at a report I submitted last week using Notepad. Not ONLY did it have my name and directories on my hard drive, but it had information on OTHER applications that are totally unrelated to MS Word in it! These apps are competitors of MS (not that many aren't these days). BUT I think the most disturbing was this: all my reports have the same filename except for the date (contained in the filename too). The paths to EVERY report in that directory were there too. In a world where the economoy is changing (mostly for the better I like to think) it's SAD to think actions like these undermine the trust people place in companies that work hard. People should be empowered and educated about technology, not intimidated and afraid because of it. I believe Microsoft is validating a LOT of people's fears about privacy and security unnecessarily. --- Concerned. Date: Mon, 15 Mar 1999 10:52:00 -0500 (EST) From: Oj Ganesh To: MacInTouch Subject: Microsoft security I read with interest your stories and updates concerning GUID numbers and other personal informaion being found in documents created by microsoft programs. Thanks for all the updates and keeping with the story. Yesterday I finally got around to removing some original software that my imac came with, when I noticed a control panel called "Configuration Manager". In it was a section called "Cookies", which (when clicked on) displayed *Some* cookies on my system. Two of the cookies immediately caught my attention since I had never visited the sites with my imac. They were: microsot.com and msn.com, they both had the name "MC1" and they were 'enabled'. Double clicking on the cookies brought up the Cookie Properties box which had this shocking line: "Value: GUID=(my GUID presumably)". I couldn't believe it! Both cookies were identical (both were also set to expire on "Expires: Wed, Sep 15, 1999 7:00 PM GMT") in every respect. The "Configuration Manager" control panel is apparetly made by Microsoft (as the about box says)... Thanks, keep up the good (Mac) work, -Oj Date: Mon, 15 Mar 1999 11:10:49 -0600 To: notes@macintouch.com From: [MacInTouch reader] Subject: Microsoft Security Issues Ric, This may have been reported prior, and it may be less intrusive than the Microsoft issues, but we seem to be ignoring the fact that many other applications besides those from Microsoft carry artifacts from files unrelated to the current one. For the most part these are data that we'd rather not be seen by others. At the moment, I'm referring specifically to Adobe PageMaker. PageMaker files opened in Can Opener reveal lots of extraneous data - directory paths, hard drive names, file names that appear to be unrelated to the current file, and perhaps references to other sensitive data. These are data that are not visible and cannot be found or expunged by any normal means. In addition to embedding directory paths, filenames, etc., related to the current file, it seems that whenever you do a "save as" in PageMaker a lot of data from the original file become permanent and reside in that and all future iterations, or saved as versions, of that file. The data can compound to become an interesting record in its own right. Lots of folks transfer lots of data in the form of PageMaker files and I'll wager that few of them are aware of the nature of some of the data they're "making public" when they do. Maybe some of the more experienced (than me) sleuths will care to comment on PageMaker too? Date: Mon, 15 Mar 1999 12:54:31 -0500 Subject: Word Privacy Problems From: "Jeremy LaCivita" To: notes@macintouch.com Unbelievable! After reading your section on Word privacy issues, I opened up a paper I wrote last week in BBEdit. In addition to a bunch of paths on my machine (which is somewhat understandable) i found addresses of all the sites I had visited that night (using Internet Explorer): 3Com/Palm Computing - Macintosh The Apple Store (U.S.) The Apple Store (U.S.) In other documents I found information about my email account like my mail server. Who knows what other information is hidden in the document mixed in with all of the gibberish. This really bothers me! The paths to images used in the file in somewhat understandable and relevant, but this is completely irrelevant, and I really think Microsoft needs to explain themselves. Jeremy Date: Tue, 16 Mar 1999 01:46:52 +0100 Subject: word98 security - history recorded From: altair@bigfoot.de To: notes@macintouch.com Encouraged by the interesting reports about security problems in word98 docs I carefully examined some of my files with a text editor. Guess what. The complete history of some documents I've been using since one year has been recorded in the file (different OS versions, different machines to be identified by their owner's names and different hierachical file structures were all plainly visible). Obviously previous versions of word (at least word 6) own this special "recording feature", too. Isn't it nice? Thank you, Big Bill, this is exactly what users needed most. @HWA 05.0 Its a Trinux world after all - Tiny unix packs wallop in Pre-0.49 release ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Main site; http://www.trinux.org/ Mirrored at; http://www.genocide2600.com/~tattooman/trinux/images/pre-0.49/ From Packetstorm: http://www.genocide2600.com/~tattooman/ Trinux Pre-0.49 floppy images - "Pre-0.49 floppy images are now available. The floppies now support the features added to TrinuxHD about a month ago. Most importantly the modem.tgz package now works-- on my system at least. If you follow the un-Linux-like prompts and type ppp-go you should be able to log via your ISP. Man ppp gives you some background information and nmap -D will allow you to roll your own "sophisticated and coordinated attacks" from foreign countries against domestic sites of your choosing. A better idea: spend your milk money on TCP/IP Illustrated Volume 1 and sniff your modem traffic using tcpdump till you get a clue. Oh yeah, the dialup data disk may become a hot commodity soon because I imagine I'll yank it after the third message I get asking how to sniff passwords with tcpdump." -- mdf [ed. note: i couldn't have said it better myself, so i just quoted mdf instead]. Our favorite mdf quote: "I'll tell ya' this security biz is cutthroat and incestuous, just like a fscking soap opera." Trinux web site, Trinux ftp. MD Franz is the Trinux Project Leader. @HWA 06.0 Case insensitivity issue affects NT security ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Date: Fri, 12 Mar 1999 13:03:57 -0700 From: Mark To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM Subject: [ ALERT ] Case Sensitivity and Symbolic Links Prasad Dabak of Cybermedia Software Private Limited has discovered yet another security risk in Windows NT involving the operating system's case sensitivity. According to the report, using the permissions on the "\??" object directory and by exploiting the case sensitivity of object manager, it is possible to trojan any system executables. Any ordinary user has write permissions on \?? Object directory. This is to allow user to map network drives or use "subst" utility to alias a directory to a new drive letter. Each system drive has an entry into \?? object directory. Each entry is actually a symbolic link which points to the device associated with that drive (ergo: Symbolic link \??\C: will typically point to a device such as \Device\HardDisk0\Partition1). It is possible to create a trojaned version of this symbolic link using the different character case -- for example, it is possible to create a symbolic link such as \??\c: (notice the small letter "c".) By doing this, all the requests to drive C get routed through the trojaned symbolic link. Please visit the following URL, where you'll find the further details along with links to a demonstration of the problem. http://www.ntsecurity.net/scripts/load.asp?iD=/security/casesensitive.htm Mark ---------------------------------------------------------------------------- Date: Sat, 13 Mar 1999 00:32:19 +0100 From: Alexandre Stervinou To: BUGTRAQ@netspace.org Subject: New Security Vulnerability in WinNT A new security vulnerability in Windows NT4 has been released, I was just surfin' on http://www.cybermedia.co.in/, when I saw this: CSPL has uncovered most serious Case Sensitivity vulnerability in Microsoft's Windows NT operating system. This security hole allows you to get "Administrator" access on a machine while logged in as "guest" or any ordinary user [...] Description: Using the permissions on the "\??" object directory and by exploiting the case sensitivity of object manager it is possible to trojan any system executables. -- Alexandre Stervinou mailto:stervino@info.enserb.u-bordeaux.fr ---------------------------------------------------------------------------- http://www.cybermedia.co.in/ Case Sensitivity vulnerability: Description: Using the permissions on the "\??" object directory and by exploiting the case sensitivity of object manager it is possible to trojan any system executables. Problem: Any ordinary user has write permissions on \?? Object directory. This is to allow user to map network drives or use "subst" utility to alias a directory to a new drive letter. Each drive on the system (let it be local/network/substed) has an entry into \?? object directory. Each entry is actually a symbolic link which points to the device associated with that drive. (e.g Symbolic link \??\C: will typically point to a device such as \Device\HardDisk0\Partition1). It is possible to create a trojaned version of this symbolic link using the different case. e.g it is possible to create a symbolic link such as \??\c: (notice the small letter ‘c’). By doing this, all the requests to drive C gets routed through the trojaned symbolic link. (e.g If you get the contents of symbolic link \??\D: and create a symbolic link say \??\c: and put those contents there, then executing dir command on drive C will give you directory listing for drive D). So effectively you can route the traffic on drive C to drive D. This is exactly what the simulation program exploits. Simulation: The description of simulation assumes that you have unzipped the files from the demo in a directory called C:\FOO and your Windows NT System directory is C:\WINNT\SYSTEM32. The simulation works on latest service packs of all Windows NT versions (3.51, 4.0, 5.0) When you execute BESYSADM.EXE. The program follows the following steps. Create an indentical directory structure of Windows system directory under the directory C:\FOO. i.e it will create a directory structure such as C:\FOO\WINNT\SYSTEM32 Copy all the POSIX subsystem binaries and required DLLs (except PSXSS.EXE) from C:\WINNT\SYSTEM32 directory to C:\FOO\WINNT\SYSTEM32 Copy the trojaned version of PSXSS.EXE and a dummy posix application DUMMYAPP.EXE from C:\FOO to C:\FOO\WINNT\SYSTEM32 Get the contents of the symbolic link \??\C: and append \FOO to it. i.e if the contents of symbolic link \??\C: is \Device\HardDisk0\Partition1 then new name formed will be \Device\HardDisk0\Partition1\FOO Create a symbolic link \??\c: (note small c) with the contents as \Device\HardDisk0\Partition1\FOO Hence effectively executing a dir command on drive C will now give directory listing of C:\FOO Next the program starts a posix application DUMMYAPP.EXE as "POSIX /c DUMMYAPP.EXE" This results in SMSS.EXE starting POSIX subsystem which effectively loads trojaned version of PSXSS.EXE. This trojaned version inherits security context of SMSS.EXE and hence our PSXSS.EXE runs in root privilege. This trojaned version adds the logged in user to the local administrator group. T The name of the logged in user is passed through a file called u.ini that is created in C:\FOO\WINNT directory. Comments The program actually uses \DosDevices everywhere instead of \??, since Windows NT 3.51 does not have \?? object directoy and has DosDevices object directory. Starting from Windows NT 4.0, \DosDevices is actually a symbolic link which points to \??. Hence using DosDevices allows the program to run on all Windows NT versions. Instructions for Demo Fresh boot the machine. Login as any ordinary user (guest will also do) Unzip the files in attached .ZIP file in some directory on any local hard drive on your machine Run BESYSADM.EXE Note: If you are using Non-English version of Windows NT OR name of the local administrator group is renamed, then specify the name of the local administrator group as a command line to BESYSADM.EXE. If no arguments are specified the program assumes that you are runnning on English version and the name of the local administrator group is "Administrators". ---------------------------------------------------------------------------- Date: Sat, 13 Mar 1999 01:07:18 -0800 From: Dominique Brezinski To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM Subject: Re: [ ALERT ] Case Sensitivity and Symbolic Links At 01:03 PM 3/12/99 -0700, Mark wrote: >Any ordinary user has write permissions on \?? Object directory. This is to >allow user to map network drives or use "subst" utility to alias a directory >to a new drive letter. Each system drive has an entry into \?? object >directory. Each entry is actually a symbolic link which points to the device >associated with that drive (ergo: Symbolic link \??\C: will typically point >to a device such as \Device\HardDisk0\Partition1). It is possible to create >a trojaned version of this symbolic link using the different character >case -- for example, it is possible to create a symbolic link such as \??\c: >(notice the small letter "c".) By doing this, all the requests to drive C >get routed through the trojaned symbolic link. Well, the exploit does not work on my machine--it fails with "Internal error..." when run in my test configuration. I am running NT 4.0 Workstation, SP4, ProtectionMode set to 1, file and registry permissions set to those recommended in Steve Sutton's NSA guide, Guest user enabled and allowed to log on locally, %SystemRoot% is on the C partition, and the exploit executables on the D partition (the only place writable by guest on my system). I enabled auditing on the \?? object and no access was attempted. So, it appears that something about my configuration stopped the exploit in its tracks ;) When I run it from an admin account, it returns a message saying that the account is already a member of the administrators group. Oh yeah, I had to enable the Posix subsystem too. As with the KnownDLLs exploit, good system administration should impede these kinds of exploits. Though, they are doing a good job of scratching the surface of huge classes of local privilege escalation attacks for NT. Dominique Brezinski CISSP (206) 898-8254 Secure Computing http://www.securecomputing.com @HWA 07.0 Fast friends, faster foes, from uebereleet to delete:life in the underground ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Some of us have been there, many of us have been into systems and gained the gnards and gno the shit, some decide to forge alliances or form groups others tend to stay out of the loop and usually out of detection and the lime light, here's a brief look into a situation that developed recently between HcV members discussing the spamming of underground webboards and alleged DoS attacks on their servers by one of their own. WARNING, this log is for the most part unedited and contains some fucked up shit about back stabbing, friends and general underground life.... * THIS LOG HAS BEEN EDITED it is available on the web but i'm withholding the url, coz I don't want to step on certain ppl's toes. - Ed ùíù Starting logfile IrcLog IRC log started Tue Mar 16 20:45:21 1999 ùíù Value of LOG set to ON NANCY MXXXX 8021 XXXXXX VIEW PL STANWOOD WA 98292 (360)XXX-X7X7 I will give this # a call in 5 minutes wow yer ereet Starting logfile IrcLog Value of LOG set to ON and if you dont answer, i will persue you and really own you 0wn me stop msg'ing me sil ch0wn whats your # ill call you i dont give out my # silicosis is the kid who was spamming the board hello sorry. mindphasr just pasted his info heh yes i spamemd the board your so fucking stupid [silicosis(~gu1d@sos-dialup210.nwlink.com)] keep it up, i want to get rid of this name..... silicosis: You have gotten yourself into some problems, masuashash come get me just ask pwr on unet [silicosis(~gu1d@sos-dialup210.nwlink.com)] keep it up, i want to get rid of this name..... maybe you would have thought twice. silicosis: why? so you can rip someone elses name? like silicosis or k0de? LOL lol silicosis: go by aC1dbUrN and be fEEred [silicosis(~gu1d@sos-dialup210.nwlink.com)] private chat me now [silicosis(~gu1d@sos-dialup210.nwlink.com)] private chat me now ùíù DCC CHAT (chat) request from silicosis[~gu1d@sos-dialup210.nwlink.com [209.20.225.210:2638]] ùíù BitchX: Type /chat to answer or /nochat to close im not private chatting you ùíù DCC CHAT: to silicosis closed quit messaging me bitch ùíù DCC CHAT (chat) request from silicosis[~gu1d@sos-dialup210.nwlink.com [209.20.225.210:2642]] ùíù BitchX: Type /chat to answer or /nochat to close ùíù DCC CHAT (chat) request from silicosis[~gu1d@sos-dialup210.nwlink.com [209.20.225.210:21002]] ùíù BitchX: Type /chat to answer or /nochat to close ùíù DCC CHAT (chat) request from silicosis[~gu1d@sos-dialup210.nwlink.com [209.20.225.210:21002]] ùíù BitchX: Type /chat to answer or /nochat to close ùíù DCC CHAT (chat) request from silicosis[~gu1d@sos-dialup210.nwlink.com [209.20.225.210:21002]] ùíù BitchX: Type /chat to answer or /nochat to close [mindspring]!irc.mindspring.com Server flood protection activated for eCh0 Server flood protection activated for eCh0 lol private chat ùíù BitchX: Unknown command: IGNORELIST ùíù BitchX: Doing this is not a good idea. Add -YES if you really mean it ùíù Usage: /I - See INVITE ùíù Usage: /IG +|- - Ignores ALL except crap and public of nick!host matching ùíù BitchX: No such command [IGL] ùíù BitchX: No such command [IG*] ùíù Usage: /Ig +|- - Ignores ALL except crap and public of nick!host matching ùíù Usage: /UnIg - UnIgnores ùíù BitchX: There are no nicks on your lame nick list #ILAH ON DALNET! úùú silicosis invites you to join #l0cked. ^A to accept. INTERNATIONAL LEAGUE AGAINST HACKERS are you stupid? he is trying to be nice now since he is screwed he is going to end up like bronc yes, he is from mosthated..lol fuck bronc is a hairy gay cowboy where is mosthated? log that jail? HcV was a lame group i started under the name "DragonFyre" a long time ago log that too ironlungs was known as Hoss Boss he was an ereet winnuking m0f0 lol i liked to ping flood quakers with windows 3.11 #feed-the- ch0wn H ch0wn@ip14.fort-worth.tx.pub-ip.psi.net (www.ro0t.nu) #feed-the- chem1st H sekurity@x-forces.com (xF) #feed-the- silicosis H ~gu1d@sos-dialup210.nwlink.com (* I'm to lame to read BitchX.doc *) #feed-the- HowzeR H ~bob@dial65.pm3abing1.abingdonpm.naxs.com (bobby) #feed-the- mindphasr H mind@mindphasr.activesecurity.net (mindphasr) #feed-the- eCh0 H ~eCh0@web2.wing.net (T e a) #feed-the- Crimz0n H ~h0@host-209-214-147-166.msy.bellsouth.net (CriMz0N) #feed-the- LordGoat H snark@sex.addicts.org (LORD OF THE GOATS!) #feed-the- Debris H ~Debris@ppp-5800-02b-3243.mtl.total.net (DIE) #feed-the- UT H ut@sass2192.sandia.gov (UT) #feed-the- in0d3 H magical@sells.drugs.for.the.blacklotus.net (magical ) #feed-the- IL H magical@hella.pimps.the.hoes.and.stuph.org (magical ) [msg(mindphasr)] hmm, im going to quit HcV, IL wont even kick silicosis out [- pwr -] scorpio@spectranet.ca Drew Cecil,Lucy(parents) Plummer 84 XXXXXXXXXXXXXXXXX Hamilton, ON L8E 1A1 Phone: (905) XXX-6925 Home Value: $89,699 Cars: 1997 Black Ford Bronc, 1998 red Saturn (unkown make) Doctor: St. Marys Medical Hospital Uptown, Dr. Shwartz Estimated phone bill for 02-05-99: $9,900 lol mindphasr: whos that? -(bronc)- Name ... Erik J. XXXXXXX Street ... 920 W 4TH AVE APT 1. Phone Number ... 530-XXX-17XX Mother ... 530-XXX-59XX City ... CHICO CA, 95926-3674 U@H ... bronc@2600.COM SS ... 556-XX-4X0X LOL a silicosis entry will look nice. heh ok thats it killall named lol (silicosis unlocks his elite haxoring secret: killall named) (everyone stares in awe) go on icq ech0 so you can get my IP and DoS me? oh yeah thats smart hide on invisible then i dont give a shit i dont even have icq on im in windows using tribe making myself look elite well you must have screwed up somewhere fucking hell..... die named die [ Channel ][ Nickname ][ user@host ][ level ] [#feed-the-][ ch0wn ][ch0wn@ip14.fort-worth.tx.pub-ip.p] [n/a] [#feed-the-][ chem1st ][sekurity@x-forces.com ] [n/a] [#feed-the-][ Crimz0n ][~h0@host-209-214-147-166.msy.bell] [n/a] [#feed-the-][ Debris ][~Debris@ppp-5800-02b-3243.mtl.tot] [n/a] [#feed-the-][ eCh0 ][~eCh0@web2.wing.net ] [n/a] [#feed-the-][ HowzeR ][~bob@dial65.pm3abing1.abingdonpm.] [n/a] [#feed-the-][ IL ][magical@hella.pimps.the.hoes.and.] [n/a] [#feed-the-][ in0d3 ][magical@sells.drugs.for.the.black] [n/a] [#feed-the-][ LordGoat ][snark@sex.addicts.org ] [n/a] [#feed-the-][ mindphasr][mind@mindphasr.activesecurity.net] [n/a] [#feed-the-][ silicosis][~gu1d@sos-dialup210.nwlink.com ] [n/a] [#feed-the-][ UT ][ut@sass2192.sandia.gov ] [n/a] [msg(ch0wn)] lol, this is funny shit, im gonna post the logs from this on packetstorm once he is done ùíù gargan [gargan@u105-173.rose.net] has joined #feed-the-goats [msg(ch0wn)] and i'll add it on the goat page along with the dalnet #hackerz article and the LoU war one [ch0wn(ch0wn@ip14.fort-worth.tx.pub-ip.psi.net)] heh k hcv is the lamest shit ive ever seen, i never should have started it...... [ch0wn(ch0wn@ip14.fort-worth.tx.pub-ip.psi.net)] heh...i though ppl liked silicosis, guess not [msg(ch0wn)] no one likes silicosis, he hides behind me and IL and the other members of HcV gH 0wns HcV :P [msg(ch0wn)] and all he does is DoS [ch0wn(ch0wn@ip14.fort-worth.tx.pub-ip.psi.net)] heh gH 0wns LoU gH > * HEHE eCh0 > gH =) i dont care for it anymore, thats why i quit last week, you all cause pointless damage you must all be bored to shit? pointless damage wow Yes, else we wouldn't be on here :> just like your rm -rf of hack-net? and your elite DoS attacks on EVERYONE? ohh lets go hack some japanese site.... sil will be busy you wont be bored, i gurantee it im only here to say my last fuck you's and goodbyes mindphasr, lets get some gay porno mags mailed to him Hackers are cruel, vicious, lifesucking, bottom-dwelleing, scum sucking, toilet licking, dog eating, freaks with too much free time!(especially the ones who do it for fun!) you just say that because you have no skills No, pocket pussies! silicosis: thats nice, no one here likes you and wants your goodbye..just leave now lmao silicosis: you will be hearing more from me later bro i hope you reconsider what your doing, you'll get busted one day like i did for pinching ech0s penis heh i dont do anything illegal to get busted man.. eCh0: i will narc u for irc idling! lol im on ken's side, so you children go and have fun, hack all your ereet Japan sites.... ken's side? silicosis ken will be having word with your mom soon man that is why ch0wn is here to see all of this who gives a shit about ken and that is why this is being logged you go ahead and log it, nothing matters to me anymore silicosis: Ken doesn't need 12 year old kids who spam webboards on his side man. ÚÄÄÄÄÄ---Ä--ÄÄ-ÄÄÄÄÄÄ---Ä--ÄÄ-ÄÄÄÄÄÄÄÄÄ--- -- - | silicosis (~gu1d@sos-dialup210.nwlink.com) (Internic Commercial) ³ ircname : * I'm to lame to read BitchX.doc * | channels : @#l0cked #feed-the-goats ³ server : irc2.lagged.org ([209.127.0.66] The Black Hole for Pings!) all you can do is kick/ban/dos attack ùíù BitchX: Checking tables... ùíù BitchX: [silicosis!~gu1d@sos-dialup210.nwlink.com]: sos-dialup210.nwlink.com ùíù BitchX: IPs: [209.20.225.210] Might as well kill yourself and donate your body to science if you dont care then just leave chem1st rot will not be accepted =( chem1st: dedicated to the destruction of canada? ð mindphasr/#feed-the-goats puts sil up for adoption Yes I am a seperatist :> then you children stop DoS attacking sos.ent then you children stop DoS attacking sos.net DIE POOR PROVINCES DIE silicosis, none of us are children, and none of us are DoS'ing anything, stop trying to turn this around silicosis, it doesn't matter either way though, because soon you'll either be in court or signing up for welfare after you get your new bills chown are you only here to try to impress people with what you heard on irc? debris chill ch0wn is cool now we are getting along i hereby declare crimz0n a goat :) really? The lord of the goats has spoken. lol Did he pass the "eating grass" test? [ Channel ][ Nickname ][ user@host ][ level ] [#feed-the-][ ch0wn ][ch0wn@ip14.fort-worth.tx.pub-ip.p] [n/a] [#feed-the-][ chem1st ][sekurity@x-forces.com ] [n/a] [#feed-the-][ Crimz0n ][~h0@host-209-214-147-166.msy.bell] [n/a] [#feed-the-][ Debris ][~Debris@ppp-5800-02b-3243.mtl.tot] [n/a] [#feed-the-][ eCh0 ][~eCh0@web2.wing.net ] [n/a] [#feed-the-][ gargan ][gargan@u105-173.rose.net ] [n/a] [#feed-the-][ HowzeR ][~bob@dial65.pm3abing1.abingdonpm.] [n/a] [#feed-the-][ IL ][magical@hella.pimps.the.hoes.and.] [n/a] [#feed-the-][ in0d3 ][magical@sells.drugs.for.the.black] [n/a] [#feed-the-][ LordGoat ][snark@sex.addicts.org ] [n/a] [#feed-the-][ mindphasr][mind@mindphasr.activesecurity.net] [n/a] [#feed-the-][ silicosis][~gu1d@sos-dialup210.nwlink.com ] [n/a] [#feed-the-][ UT ][ut@sass2192.sandia.gov ] [n/a] lol ph34r the lord goat ùíù Scottit0 [~lakd@ppp22-wednesday.mkl.com] has joined #feed-the-goats real goats smoke grass, eating grass is nasty ahhh shit silicuntis?? 000h eCh0: Both actually.. I smoke grass y0 ð silicosis/#feed-the-goats is back from the dead. Gone 0 hrs 21 min 19 secs Silicuntis heh [ch0wn(ch0wn@ip14.fort-worth.tx.pub-ip.psi.net)] now silicosis is trying to play nice with me [msg(ch0wn)] LOL [ctcp(#feed-the-goats)] PING ùíù CTCP PING reply from IL: 0.820 seconds ùíù CTCP PING reply from in0d3: 1.110 seconds ùíù CTCP PING reply from Crimz0n: 1.112 seconds ùíù CTCP PING reply from UT: 1.000 seconds ùíù CTCP PING reply from Scottit0: 1.382 seconds ùíù CTCP PING reply from mindphasr: 1.690 seconds ùíù CTCP PING reply from ch0wn: 1.692 seconds ùíù CTCP PING reply from HowzeR: 1.693 seconds ùíù CTCP PING reply from Debris: 1.695 seconds ùíù CTCP PING reply from silicosis: 1.697 seconds ùíù CTCP PING reply from gargan: 2.200 seconds ùíù CTCP PING reply from LordGoat: 3.260 seconds ùíù CTCP PING reply from chem1st: 3.262 seconds [ Channel ][ Nickname ][ user@host ][ level ] [#feed-the-][ ch0wn ][ch0wn@ip14.fort-worth.tx.pub-ip.p] [n/a] [#feed-the-][ chem1st ][sekurity@x-forces.com ] [n/a] [#feed-the-][ Crimz0n ][~h0@host-209-214-147-166.msy.bell] [n/a] [#feed-the-][ Debris ][~Debris@ppp-5800-02b-3243.mtl.tot] [n/a] [#feed-the-][ eCh0 ][~eCh0@web2.wing.net ] [n/a] [#feed-the-][ gargan ][gargan@u105-173.rose.net ] [n/a] [#feed-the-][ HowzeR ][~bob@dial65.pm3abing1.abingdonpm.] [n/a] [#feed-the-][ IL ][magical@hella.pimps.the.hoes.and.] [n/a] [#feed-the-][ in0d3 ][magical@sells.drugs.for.the.black] [n/a] [#feed-the-][ LordGoat ][snark@sex.addicts.org ] [n/a] [#feed-the-][ mindphasr][mind@mindphasr.activesecurity.net] [n/a] [#feed-the-][ Scottit0 ][~lakd@ppp22-wednesday.mkl.com ] [n/a] [#feed-the-][ silicosis][~gu1d@sos-dialup210.nwlink.com ] [n/a] [#feed-the-][ UT ][ut@sass2192.sandia.gov ] [n/a] i didnt even see that gargan is here neet isnt it tho [ch0wn(ch0wn@ip14.fort-worth.tx.pub-ip.psi.net)] he says yer all blaming him for the b0rt/ezo0n's shit and i said "but u did do it didnt u" and hes like no they are just saying its me cause i said i quit and now they are all pissy Who's that? :P chem1st: never you mind just some loser heh [msg(ch0wn)] lol, he quit? more like he got kicked out, no one wanted him Ha, welcome to the club :> [ch0wn(ch0wn@ip14.fort-worth.tx.pub-ip.psi.net)] heh gargan is nicks butt buddy whos nick no he isnt nick=cyberarmy is it true cyberarmy got rm -rf'd? gargan is silicuntis ass friens? lol, cyberarmy [ Channel ][ Nickname ][ user@host ][ level ] [#feed-the-][ ch0wn ][ch0wn@ip14.fort-worth.tx.pub-ip.p] [n/a] [#feed-the-][ chem1st ][sekurity@x-forces.com ] [n/a] [#feed-the-][ Crimz0n ][~h0@host-209-214-147-166.msy.bell] [n/a] [#feed-the-][ Debris ][~Debris@ppp-5800-02b-3243.mtl.tot] [n/a] [#feed-the-][ eCh0 ][~eCh0@web2.wing.net ] [n/a] [#feed-the-][ gargan ][gargan@u105-173.rose.net ] [n/a] [#feed-the-][ HowzeR ][~bob@dial65.pm3abing1.abingdonpm.] [n/a] [#feed-the-][ IL ][magical@hella.pimps.the.hoes.and.] [n/a] [#feed-the-][ in0d3 ][magical@sells.drugs.for.the.black] [n/a] [#feed-the-][ LordGoat ][snark@sex.addicts.org ] [n/a] [#feed-the-][ mindphasr][mind@mindphasr.activesecurity.net] [n/a] [#feed-the-][ Scottit0 ][~lakd@ppp22-wednesday.mkl.com ] [n/a] [#feed-the-][ silicosis][~gu1d@sos-dialup210.nwlink.com ] [n/a] [#feed-the-][ UT ][ut@sass2192.sandia.gov ] [n/a] i dont talk to nick anymore cyberarmy got way too lame for me a long time ago that damn board eeew "Cyberarmy has been involved in security auditing attacks of the Pentagon and robotics" neat robotics oooooooooh-ahhhhhhh oh jesus christ i will make robots from the models at radio shack that fucking about page... heh [ch0wn(ch0wn@ip14.fort-worth.tx.pub-ip.psi.net)] just emailed ken haha some german guy emailed me asking me to work for him cause of that damn thing [msg(ch0wn)] i'll send you the log of this, LOL i prolly still have the email somewhere [msg(ch0wn)] i'm going to post this shit everywhere, it will be hillarious [ch0wn(ch0wn@ip14.fort-worth.tx.pub-ip.psi.net)] k do you wanna no where the name cyberarmy really came from [ch0wn(ch0wn@ip14.fort-worth.tx.pub-ip.psi.net)] hehe, the public humilation of silicosis www.electronicarmy.org used to host him and he had an idea where he is a general and he orders little lamers to email bomb that was your server wasnt it? no i just used it silicosis takes it up the ass lol Scottit0 = SilicoSiS [msg(ch0wn)] post on packetstorm and tell ken to come here scottit0 is not silicuntis [msg(ch0wn)] if you can -Crimz0n(~h0@host-209-214-147-166.msy.bellsouth.net)- DCC Chat (127.0.0.1) ùíù DCC CHAT (chat) request from Crimz0n[~h0@host-209-214-147-166.msy.bellsouth.net [127.0.0.1:1786]] ùíù BitchX: Type /chat to answer or /nochat to close lol DCC Chat (127.0.0.1) ùíù DCC CHAT: to Crimz0n closed lol chit [ch0wn(ch0wn@ip14.fort-worth.tx.pub-ip.psi.net)] k, if ken replies to the email, i'll tell him he can come here and laugh at silicosis [msg(ch0wn)] oky [ Channel ][ Nickname ][ user@host ][ level ] [#feed-the-][ ch0wn ][ch0wn@ip14.fort-worth.tx.pub-ip.p] [n/a] [#feed-the-][ chem1st ][sekurity@x-forces.com ] [n/a] [#feed-the-][ Crimz0n ][~h0@host-209-214-147-166.msy.bell] [n/a] [#feed-the-][ Debris ][~Debris@ppp-5800-02b-3243.mtl.tot] [n/a] [#feed-the-][ eCh0 ][~eCh0@web2.wing.net ] [n/a] [#feed-the-][ gargan ][gargan@u105-173.rose.net ] [n/a] [#feed-the-][ HowzeR ][~bob@dial65.pm3abing1.abingdonpm.] [n/a] [#feed-the-][ IL ][magical@hella.pimps.the.hoes.and.] [n/a] [#feed-the-][ in0d3 ][magical@sells.drugs.for.the.black] [n/a] [#feed-the-][ LordGoat ][snark@sex.addicts.org ] [n/a] [#feed-the-][ mindphasr][mind@mindphasr.activesecurity.net] [n/a] [#feed-the-][ Scottit0 ][~lakd@ppp22-wednesday.mkl.com ] [n/a] [#feed-the-][ silicosis][~gu1d@sos-dialup210.nwlink.com ] [n/a] [#feed-the-][ UT ][ut@sass2192.sandia.gov ] [n/a] ùíù BitchX: Unknown command: QUESO p1mp.bx iz n0w loaded nigg0r! /phelp for a help screen Some of this code is ripped, much props to the ones who made it 204.80.232.172:139 * Windoze 95/98/NT 204.80.232.172:113 *- Not Listen Unknown (may be loss of pkts) ? 204.80.232.172:23 *- Not Listen Unknown (may be loss of pkts) ? gargan does nick irc 209.20.225.210:139 * Dead Host, Firewalled Port or Unassigned IP 209.20.225.210:113 * Dead Host, Firewalled Port or Unassigned IP 209.20.225.210:23 * Dead Host, Firewalled Port or Unassigned IP hmm, maybe not.. i dont know i havent talked to him for months cept about that he hasnt paid Freshman silicosis fucks anal money up the ass what was it that freshman made for him? thing to add something to every text file on his server or something paid freshman for what?? you havent been reading packet storm while back he made a delphi program to alter like 100 html files for nick i cant get there lol nick was sposed to pay him 50 bucks for it mosthated: No such nick/channel lol [msg(mindphasr)] ya there? whata ho mo who? [mindphasr(mind@mindphasr.activesecurity.net)] sorta [msg(mindphasr)] silicosis is in here as Scottit0 now, lol [ Channel ][ Nickname ][ user@host ][ level ] [#feed-the-][ ch0wn ][ch0wn@ip14.fort-worth.tx.pub-ip.p] [n/a] [#feed-the-][ chem1st ][sekurity@x-forces.com ] [n/a] [#feed-the-][ Crimz0n ][~h0@host-209-214-147-166.msy.bell] [n/a] [#feed-the-][ Debris ][~Debris@ppp-5800-02b-3243.mtl.tot] [n/a] [#feed-the-][ eCh0 ][~eCh0@web2.wing.net ] [n/a] [#feed-the-][ gargan ][gargan@u105-173.rose.net ] [n/a] [#feed-the-][ HowzeR ][~bob@dial65.pm3abing1.abingdonpm.] [n/a] [#feed-the-][ IL ][magical@hella.pimps.the.hoes.and.] [n/a] [#feed-the-][ in0d3 ][magical@sells.drugs.for.the.black] [n/a] [#feed-the-][ LordGoat ][snark@sex.addicts.org ] [n/a] [#feed-the-][ mindphasr][mind@mindphasr.activesecurity.net] [n/a] [#feed-the-][ Scottit0 ][~lakd@ppp22-wednesday.mkl.com ] [n/a] [#feed-the-][ silicosis][~gu1d@sos-dialup210.nwlink.com ] [n/a] [#feed-the-][ UT ][ut@sass2192.sandia.gov ] [n/a] [mindphasr(mind@mindphasr.activesecurity.net)] yeah, i see that nick ...........................LOG ON IRC log ended Tue Mar 16 21:14:42 1999 Disclaimer: This log was provided by eCho and is shown in the form it was displayed on the web with minor editing, the hacker fight continued into the night and I left the channel after about three mins so draw your own conclusions etc and welcome to the underground. @HWA 08.0 09.0 Government Y2K Readiness ~~~~~~~~~~~~~~~~~~~~~~~~ Government Y2K progress Full story: http://newswire.com.au/9903/y2kdisc.htm The first in-depth data on the progress of Federal Government agencies in dealing with the Y2K problem shows that more than half of all agencies are now ready to deal with the problem -- but some are still struggling to catch up, including the department responsible for IT. The figures, which cover activities through to February this year, show that the total number of systems identified as compliant or back online is now 59%, up from 44% in November. However, a handful of departments have not have half or less of their systems compliant. These include Communications, Information Technology and the Arts (36%), Immigration and Multicultural Affairs (48%), Treasury (50%) and Veterans Affairs (38%). Government officials said they were pleased with the progress to date, and that there were unlikely to beany major glitches come January 1, 2000. @HWA 10.0 Voice mail fraud warning ~~~~~~~~~~~~~~~~~~~~~~~~ http://newswire.com.au/9903/vfraud.htm Companies with call-through facilities on their voice mail systems have been warned to watch out for exposure to fraudulent use. According to the Australian Communications Authority (ACA), a number of Australian and New Zealand organisations have been hit by a scheme in which call-through options on some voice mail facilities are used to dial other numbers, often overseas. The fraud is well organised and the ACA is considering whether a code or standard for such equipment is necessary to prevent it occurring in future. Watch out for voice mail fraud: ACA Selina Mitchell Companies with call-through facilities on their voice mail systems have been warned to watch out for exposure to fraudulent use. According to the Australian Communications Authority (ACA), a number of Australian and New Zealand organisations have been hit by a scheme in which call-through options on some voice mail facilities are used to dial other numbers, often overseas. The fraud is well organised and the ACA is considering whether a code or standard for such equipment is necessary to prevent it occurring in future. "The ACA advises organisations with voice mail systems which have such features to contact their supplier immediately to assess their susceptibility to this fraud, and either de-activate or limit the extent of the call-through facility and their possible exposure to the fraud," said ACA executive manager, Grant Symons in a statement. "They should also monitor their costs for international calls." The modus operandi is for the perpetrators of the fraud to telephone an organisation (often after hours and on weekends) to gain access to their voice mail. If the voice mail system has the ability to direct a call back from voice mail to the organisation's PABX system (known as call-through), then they can dial out to international destinations, it said. "The latest telecommunications equipment is very sophisticated and offers benefits to industry and consumers, but has the potential to be misused for fraudulent purposes," said Symons. "It may be necessary to protect the Australian community by regulating the equipment to limit the potential for future fraud." The ACA is taking an increasingly active role in regulating telecommunications equipment. The warning comes just a week after it banned mobile phone jamming systems (see story). This article is located at http://newswire.com.au/9903/vfraud.htm @HWA 11.0 The iButton as jewellery with a purpose ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ The iButton as featured in Volume 15 #4 of 2600 magazine is now available as a ring or watch and these things look pretty snazzy i've always worn electronics and ribbon cabling as jewellery but this is the ultimate since it actually has a use too ;-) ... - Ed http://www.ibutton.com/DigStore/access.html Java-Powered Ring The Java-Powered Ring is a special version of the Digital Decoder Ring that runs Java Card 2.0, enabling multiple applications to reside in a single iButton. Dynamic objects, large stacks, and garbage collection give the form exceptional functionality. Fast-write nonvolatile RAM lets applets be added or deleted on demand, giving you the ability to update. Services not even envisioned today can be added in the future by downloading applets. The 6K byte RAM lets this Java computer take on the more complex tasks envisioned for Internet commerce, requiring end-to-end connectivity. Java-Powered Ring--$65 (iButton with Java included) Note: You must know your ring size to order. You cannot re-size the ring. To order, call 1-800-336-6933 from the U.S. or 972-371-6824 internationally. Digital Decoder Ring The magic ring that made many a super hero powerful now swoops down from the world of science fiction onto your hand. The Decoder Ring consists of a shank with a Memory iButton as the signet jewel. Digital Decoder Ring--$59.50 (DS1996 8Kbyte iButton included) Note: You must know your ring size to order. You cannot re-size the ring. @HWA 12.0 Courier and Press Newspaper hacked ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Via DC-STUFF posted by erehwon SJ Mercury News) EVANSVILLE, Ind. [2.20.99] -- A computer hacker gained access to online classified advertisements at the Courier & Press, said company president Vince Vawter. The hacker altered wording in more than a dozen ads in the electronic edition of the ``Fast Trak'' automotive publication. Ads in the printed version of ``Fast Trak'' were not affected. The incident was reported to the FBI. Electronic advertising can be viewed by persons across the nation and is considered a form of interstate commerce. ``I think it may have been a prank, but it's very serious,'' said Vawter. ``It's tampering with a commercial message. These advertisers are paying us to put that message out there.'' The electronic ads are part of the Courier & Press online edition. Online ads are protected with a password that is changed periodically. But further precautions will be instituted to protect the on-line publication. Vawter said the ads were paid for by an area car dealer. He declined to identify the car dealer or what message the hacker posted in the dealer's ads. The Courier & Press is taking steps to identify the hacker. Vawter said it is important to protect the integrity of online advertising. ``Electronic commerce is certainly in its infancy, but it's going to be a growing field. We consider this to be like somebody coming into our shop and changing the wording in our ads,'' he said. == Some day, on the corporate balance sheet, there will be an entry which reads, "Information"; for in most cases the information is more valuable than the hardware which processes it. -- Adm. Grace Murray Hopper, USN Ret. == http://www.dis.org/erehwon/ @HWA 13.0 Youths busted in Backorifice fiasco ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ FUD FUD FUD and FUD, I was toying with the idea of putting this in the humour section this article is so damn funny or even leave it out completely but its included here for the archive if for no other use as to put a smile on your face and bring a tear to your eye... here it is from http://straitstimes.asia1.com.sg/cyb/cyb1_0317.html in all its glory, pHEAR BO hax0rz (sniff sniff) Secrets of an Internet snoop exposed Trojan Horse is the name of software that allows hackers to find out other users' passwords. Computer experts from Singapore, Australia and the US tell SAMANTHA SANTA MARIA about the software with a sting in its tail. A TROJAN Horse program, which a hacker sends out to snoop and bring back information from cyberspace, can be followed back to the hacker's ** nest quite easily, computer experts said. ** We live in trees now do we? - Ed This is because such programs generate unique identification codes for the hacker while he is capturing information from his victims. ** These codes allow the authorities to find out where the hacker came from. ** codes? what codes? 31337 and 12345 or our ips?!? pHEER!! pHEER! The Singapore, Australian and US experts were commenting on the recent case here in which 17 SingNet users' passwords were posted on the Internet by a character called Acidgerm. The Criminal Investigation Department arrested two youths two days after The Straits Times reported on the website containing the passwords. ** The CID declined to say how it went about its work, but revealed that the Trojan Horse method had been used. The experts The Straits Times contacted said the most common Trojan Horse programs are Back Orifice and NetBus, which can be obtained from the Internet easily . ** I give up theres too much here to make fun of i'll leave the rest to you guys to enjoy... - Ed Both work the same way: The hacker sends them to the victim as an attachment to an e-mail, or while the victim is exchanging files during a chat using a program such as Internet Relay Chat. The hacker's programs then gather information -- passwords and credit card numbers, for instance -- and (pHEER!) send this back to him. But each of these snooper programs generates a unique number for the hacker -- NetBus generates 12345 and Back Orifice, 31337. (least they got this bit right) Normal Web users have other codes while they are in cyberspace. (cyberspace?) And just like the Electronic Road Pricing system, which can detect what kind of vehicle is passing under a gantry, the servers of the various Internet access service providers, such as SingNet or CyberWay, log the traffic passing through. Mr Stephen James, managing director of IT Audit & Consulting, an Australian computer security firm, said investigators need scan only the service providers' records for the numbers. They can then track the source of the Trojan Horse: the telephone number from which it originated and to which the information gathered was sent. Commenting on the expertise of those who used the Trojan Horse method of entry here recently, Mr James said that they appear to be inexperienced. A spokesman for Infinitum, a local IT security firm, said: "The numbers, 12345 and 31337, are default numbers in the Trojan Horse programs. "More advanced hackers would have known how to change them." ACIDGERM: Net attack by two youths TWO youths, one a 22-year-old Nanyang Academy of Fine Arts student, and the other an unemployed 19-year-old, used the Trojan Horse program to track down the passwords of 17 SingNet subscribers illegally. Going by the name Acidgerm, they set up a website called SickNet on Xoom.com, a host in the US and used it to reveal the log-in names and passwords of the subscribers. They were tracked down by CID's computer crime branch sleuths and arrested two weeks ago. @HWA 14.0 Reno Looks To Curb Internet Crime ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Reno Looks To Curb Internet Crime Contributed by FProphet WASHINGTON (AP) A NEW public-private alliance to curb Internet crime will help teach children "that hacking is the same as breaking and entering," Attorney General Janet Reno said Monday. Educating children about acceptable online behavior is among three initiatives under the Cybercitizen Partnership, an initiative of government and the high-tech industry to promote cyberspace ethics and help law enforcers track down online criminals. "All children know it's wrong to break into a neighbor's house or read your best friend's diary. Unfortunately, fewer realize that it's wrong to break into their neighbor's computers and snoop through their computer files," Reno said. The Cybercitizen Partnership also will feature a "personnel exchange program" between private business and federal agencies in which both will learn how the other responds to threats and crimes over the Internet. Companies can find out how best to help law-enforcement agencies, and government officials will learn what business interests and influences drive industry decisions. The campaign also will create a directory of computer experts and computer security resources so that "law enforcement will know where to turn," Reno said. The partnership was announced, along with Reno's comments, during a high-tech industry summit sponsored by the Information Technology Association of America. "A decade ago, cybercrime and cyberterrorism didn't really exist outside of Hollywood movies. Today, they are very real threats," Reno said. "We cannot allow cyberspace to become the Wild West of the information age." Last week, a top Pentagon official warned members of the Senate Armed Services Committee about an electronic Pearl Harbor by cyberterrorists more likely to go after commercial targets than military ones. Deputy Defense Secretary John Hamre said he worries increasingly about the vulnerability of commercial and financial interests. "This Pearl Harbor's going to be different," he said last Tuesday. "It's not going to be against Navy ships sitting in a Navy shipyard; it's going to be against commercial infrastructure, and we don't control that. And there's been little progress on that." A follow up from dc-stuff list that sums up a pretty good reply to this proposal; Date: Tue, 2 Mar 1999 16:41:54 -0500 Subject: Re: Janet Reno launches anti-hacking initiative On Tue, 16 Mar 1999 20:57:02 -0900 J K H writes: > >If you have pertinent information that you don't want anyone, aside >from the specified receiver, to know; why put it on site? Why put >this kind of information on an insecure network? perhaps a better question would be: why hide information? not only should information be _free_, but people should realize that *information* is worthless. it is only when information is transformed into knowledge that it is valuable. only when companies and governments begin to realize that the archaic data model that used to work in the industrial age is not relevant to the age of knowledge will a rational and realistic definition of *cybercrime* exist... >>Educating children about acceptable online behavior is among three >>initiatives under the Cybercitizen Partnership, an initiative of >>government and the high-tech industry to promote cyberspace ethics >>and help law enforcers track down online criminals. > >"Acceptable online behavior?" This needs some salt to wet the palate, >it's too dry and general. i would also question whether ms. reno or anyone in the clinadmin is capable of characterizing what is "acceptable online behavior." they don't understand the net and they certainly cannot oversee it... leave that to its owners -- its users... ac -=- ... 'nuff said - Ed @HWA 15.0 Offtopic: Matter transportation in your future? ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ This is an interesting post from the dc-stuff list, sure its probably full of baloney but it makes interesting reading nonetheless... - Ed Source: Max Planck Society Posted 3/17/99 Munich Laser Emits A Beam Of Matter Waves German scientists at the Max Planck Institute for Quantum Optics in Garching and the University of Munich have developed a laser that emits a continuous heam of matter waves instead of light (to be reported in Physical Review Letters). Such unprecedented control over atomic motion becomes possible by the laws of quantum mechanics at very low temperatures, close to absolute zero, where the atoms reveal their wave nature. Atom lasers open new prospects in many areas of science and technology. For instance, it should become possible to accurately deposit atoms on surfaces and thus to produce tiny nanostructures, as needed in future computer circuits. Atom lasers may also lead to extremely precise atomic clocks for future navigation and communication systems. In their experiments, Tilman Esslinger, Immanuel Bloch and Theodor W. Hänsch have taken pictures of the shadow cast by their atom laser beam. The pencil-like beam contains about half a million rubidium atoms and is accelerated downwards by gravity. Just as a beam of light, an atom laser beam can be focused and reflected by using lenses or mirrors consisting of laser light (or of magnets). It appears feasible to focus an atom laser beam to a spot size of one nanometer, which is a thousand times smaller than the smallest focus of a laser beam. The atom laser is based on Bose- Einstein condensation. If a gas is cooled to a few millionth of a degree above absolute zero, the atoms lose their identity and behave as a single entity, some kind of "super atom". Such a Bose-Einstein condensate was first produced by American scientists in 1995. In the Munich experiment, a dilute gas of rubidium atoms is captured in a sophisticated low-power magnetic trap and cooled down to reach Bose-Einstein condensation. With the help of a radiofrequency field the scientists flip the atomic spin so that atoms are allowed escape from the magnetic trap. In vacuum, the atoms are accelerated by gravity and form a parallel beam of coherent matter waves. It the radiofrequency field is turned on before condensation sets in, the atom laser can only reach threshold, if there is laser "gain". Unlike a Bose-Einstein condensate, such a laser relies on matter wave amplification by stimulated elastic scattering of rubidium atoms just as an optical laser relies on light amplification by stimulated emission of radiation. Two years ago, a group at MIT demonstrated the first pulsed atom laser. The Munich group is the first to produce a continuous matter wave beam which can be maintained for a tenth of a second. The wave packet of each atom extends over the entire length of this beam, so that a quantum object of truly macroscopic dimensions is created. The high brightness and coherence of such a matter wave beam opens exciting perspectives for the young fields of atom optics and atom interferometry. ___________________________________________________________________ You don't need to buy Internet access to use free Internet e-mail. Get completely free e-mail from Juno at http://www.juno.com/getjuno.html or call Juno at (800) 654-JUNO [654-5866] @HWA 16.0 Hacking class? ~~~~~~~~~~~~~~ Businesses are actually holding classes for this... http://cgi.pathfinder.com/time/magazine/articles/0,3266,21458,00.html Cracking The Code BY CHRIS TAYLOR The dress code is business casual--no jeans allowed, not to mention pierced noses. It's the first day of class--hacking class--and the instructors, smartly attired in matching corporate polo shirts, point at screens full of code and step-by-step directions on how to hack a host computer. "Get this: No username, no password, and we're connected," says one. "I'm starting to get tingles. They're going to be toast pretty quick." Geekspeak, at least, is still de rigueur. In the world of corporate espionage, a company's host computer is the mother lode, which means that protecting it is vital. That's the goal of Extreme Hacking, one of a growing number of counterhacking courses that teach perfectly respectable people the how-tos of cracking their own networks so they can better protect them. "We're kind of wearing the white and black hats at the same time," says Eric Schultze, the Ernst & Young instructor who gets tingles from an exposed password file. How easy is it to hack? If these guys can teach a novice like me how to break through a firewall, I figure, then all our networks --at least, the ones without encryption keys or extremely alert administrators--are in trouble. Why? Because this is the information age, and the average computer gives up far too much information about itself. Because a network is only as strong as its weakest user. And because the most common log-on password in the world, even in non-English speaking countries, is "password." With users like this, who needs enemies? How big a problem is this in the real world? "Rarely is there a moment when a hacker isn't trying to get into our networks," says a senior Microsoft executive. "People go looking for that weak link." Recently hackers found a backdoor through a user in Europe--an administrator, no less--with a blank password. This allowed the hacker root access--the ability to change everyone else's password, jump onto other systems and mess up the payroll file. In our first class, we have no problem rooting around in the Web servers of a top Internet company. We find three open ports on the firewall and a vulnerable mail server. "This network is a f___ing mess," says a classmate. "We need to have a word with these people." Over the next few days, any faith I had in the security of the world around me crumbles. Think your password is safe because it isn't "password"? If it's in the dictionary, there is software that will solve it within minutes. If it's a complex combination of letters and numbers, that may take an hour or so. There is software that will hijack your desktop and cursor--and you won't even know about it. Hacking doesn't require much hardware; even a Palm Pilot can do it. What protection do you have? "Minimize enticements," say the teachers. If you don't want to be a victim of information rape, in other words, don't let your network give out so many details to strangers. Old-school hackers scoff at the notion that businesses can stop them. "Corporations can't teach hacking," says Emmanuel Goldstein, editor of the hacker quarterly 2600. "It has to be in you." Perhaps. But if a few more firms learn to avoid becoming toast, that's no bad thing. END ShadowVrai http://shadowvrai.evil.nu ______________________ "Did you really think you could call up the devil and ask him to behave?" __________ _____________________________________________ Get your free personalized email address at http://www.MyOwnEmail.com @HWA 17.0 A blast from the past ~~~~~~~~~~~~~~~~~~~~~ Heres an old text from my archives thats been gathering dust from the 80's thought you might be interested in it some of the info is still valid but theres little of actual value; ************************************** * A beginners guide to: * * H A C K I N G * * * * U N I X * * * * By Jester Sluggo * * Written 10/08/85 * ************************************** In the following file, all references made to the name Unix, may also be substituted to the Xenix operating system. Brief history: Back in the early sixties, during the development of third generation computers at MIT, a group of programmers studying the potential of computers, discovered their ability of performing two or more tasks simultaneously. Bell Labs, taking notice of this discovery, provided funds for their developmental scientists to investigate into this new frontier. After about 2 years of developmental research, they produced an operating system they called "Unix". Sixties to Current: During this time Bell Systems installed the Unix system to provide their computer operators with the ability to multitask so that they could become more productive, and efficient. One of the systems they put on the Unix system was called "Elmos". Through Elmos many tasks (i.e. billing,and installation records) could be done by many people using the same mainframe. Note: Cosmos is accessed through the Elmos system. Current: Today, with the development of micro computers, such multitasking can be achieved by a scaled down version of Unix (but just as powerful). Microsoft,seeing this development, opted to develop their own Unix like system for the IBM line of PC/XT's. Their result they called Xenix (pronounced zee-nicks). Both Unix and Xenix can be easily installed on IBM PC's and offer the same functions (just 2 different vendors). Note: Due to the many different versions of Unix (Berkley Unix, Bell System III, and System V the most popular) many commands following may/may not work. I have written them in System V routines. Unix/Xenix operating systems will be considered identical systems below. How to tell if/if not you are on a Unix system: Unix systems are quite common systems across the country. Their security appears as such: Login; (or login;) password: When hacking on a Unix system it is best to use lowercase because the Unix system commands are all done in lower- case. Login; is a 1-8 character field. It is usually the name (i.e. joe or fred) of the user, or initials (i.e. j.jones or f.wilson). Hints for login names can be found trashing the location of the dial-up (use your CN/A to find where the computer is). Password: is a 1-8 character password assigned by the sysop or chosen by the user. Common default logins -------------------------- login; Password: root root,system,etc.. sys sys,system daemon daemon uucp uucp tty tty test test unix unix bin bin adm adm who who learn learn uuhost uuhost nuucp nuucp If you guess a login name and you are not asked for a password, and have accessed to the system, then you have what is known as a non-gifted account. If you guess a correct login and pass- word, then you have a user account. And, if you guess the root password, then you have a "super-user" account. All Unix systems have the following installed to their system: root, sys, bin, daemon, uucp, adm Once you are in the system, you will get a prompt. Common prompts are: $ % # But can be just about anything the sysop or user wants it to be. Things to do when you are in: Some of the commands that you may want to try follow below: who is on (shows who is currently logged on the system.) write name (name is the person you wish to chat with) To exit chat mode try ctrl-D. EOT=End of Transfer. ls -a (list all files in current directory.) du -a (checks amount of memory your files use;disk usage) cd\name (name is the name of the sub-directory you choose) cd\ (brings your home directory to current use) cat name (name is a filename either a program or documentation your username has written) Most Unix programs are written in the C language or Pascal since Unix is a programmers' environment. One of the first things done on the system is print up or capture (in a buffer) the file containing all user names and accounts. This can be done by doing the following command: cat /etc/passwd If you are successful you will a list of all accounts on the system. It should look like this: root:hvnsdcf:0:0:root dir:/: joe:majdnfd:1:1:Joe Cool:/bin:/bin/joe hal::1:2:Hal Smith:/bin:/bin/hal The "root" line tells the following info : login name=root hvnsdcf = encrypted password 0 = user group number 0 = user number root dir = name of user / = root directory In the Joe login, the last part "/bin/joe " tells us which directory is his home directory (joe) is. In the "hal" example the login name is followed by 2 colons, that means that there is no password needed to get in using his name. Conclusion: I hope that this file will help other novice Unix hackers obtain access to the Unix/Xenix systems that they may find. There is still wide growth in the future of Unix, so I hope users will not abuse any systems (Unix or any others) that they may happen across on their journey across the electronic highways of America. There is much more to be learned about the Unix system that I have not covered. They may be found by buying a book on the Unix System (how I learned) or in the future I may write a part II to this........ AFAIK a part two was never released to this, if you know of one let me know so I can add it to my collection of old texts... I believe this was a one-off classic from the 80's though - Ed @HWA 18.0 Spam is ICQ's latest headache ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ And you thought you only had to worry about DoS kiddies? well now the mass advertising a$$hole$ are after you with spam. Spam is ICQ's latest headache By Rose Aguilar Staff Writer, CNET News.com March 18, 1999, 12:10 p.m. PT Most Netizens think of instant messaging software as a quick way to chat with friends and coworkers. But as some users of America Online's ICQ chat and instant message client are learning, the services also can give marketers an easy way to "seek" them. Unlike spam--most of which usually is left unopened or trashed upon receipt--ICQ's blinking yellow note, which signals users that a message is waiting, usually is opened seconds after it appears. Despite campaigns for new laws to curb junk email, most longtime email users have come to accept and even tolerate spam. It's almost inevitable with email, but with ICQ, it's a different story. "I've gotten spam twice. Both times it was an invitation to visit a porn site. And no, I wouldn't keep using ICQ if spam became a constant occurrence," one ICQ user told News.com via email. "I received a URL to visit a porn site and was disgusted. Unlike email, I have no idea what the message is about, so I'm more inclined, even excited, to open it. I'm disappointed," wrote another reader, who received her first spam last week after having used the service since it launched back in 1996. Ironically, AOL has been one of the most adamant opponents of junk email. It argued in several successful lawsuits that spam overburdens its network and received court orders to ban junk emailers from its service. The company also has worked closely with federal lawmakers to draft legislation targeting spammers. ICQ's Terms of Service (TOS) says, "By using the ICQ Software and its privacy and security features, you may be subject to various risks, including among others: Spoofing, eavesdropping, sniffing, spamming, breaking password, harassment, fraud, and forgery." ICQ, which has 28 million registered users and was acquired by AOL last June, says it hasn't received enough complaints to ban the use of spam, but it does give users a variety of tools to block it. "If you wanted to set your ICQ universe and limit it to three people, you could," said ICQ spokeswoman Jeanne Meyer. "You would only hear from those three people and shut the rest of the universe out." In order to send a message to someone, ICQ users must add recipients to a contact list. Spammers can either target specific individuals by typing in their name or email address, or they can target random users based on their interests, background, affiliation, phone number, or profession. Meyers says the best way to block spam is to set your preferences so that a potential spammer who wants to add you to the contact list must first receive your authorization. "If you don't do that, anybody could add you to their contact list and monitor you all the time," said Meyers. Users also can block individuals or groups of people from sending messages. But what if ICQ spam becomes more prevalent? Meyers says ICQ will "let members decide what's right for them." Since being acquired by AOL, ICQ has become ensnared in other Net content controversies. Earlier this week, it abruptly pulled a "dirty word" content filtering option that was pointing users to a list that also barred phrases such as "now.org," the home page for the National Organization for Women. Some analysts say that as long as blocking tools are available, ICQ probably won't lose members. As for ICQ spam, William Blair equity analyst Abhishek Gami says it was inevitable. "Look at pop-up ads," he said. "Everyone hated AOL for pop-up ads, but now you can't go to GeoCities today without seeing a pop-up ad. You close it and move on. It's the price you pay for a free product." Even more interesting than porn-related and get-rich-quick spam is the marriage of instant messages and advertisements, he added. "[ICQ is] going to find a way to have people opt in to certain merchants or Web sites and let them know that they're interested in receiving messages in real time," said Gami. For example, bookseller Barnes & Noble might send out a "50 percent off" sale to a massive list of ICQ users who opt in. "[If customers] explicitly come to you and say, 'Please bug me.' That's a gold mine waiting to happen." @HWA 19.0 AOL Cracker busted ~~~~~~~~~~~~~~~~~~ March 19th From HNN http://www.hackernews.com/ contributed by shadow Jay Satiro an 18-year old New York resident has been charged with computer tampering after breaking into the systems on America Online. AOL has claimed that it will costs $50,000 to repair the damage done to its data. AOL spokesmen have refused to give out details in the case such as how the intruder gained access, how long he went undetected and exactly what damage was cause. (Ed Note: Would sure be interesting to know how they justify that fifty grand figure. How much can it cost to restore from backup?) Washington post article: Teen Accused of Hacking Into AOL Thursday, March 18, 1999; 8:18 p.m. EST NEW ROCHELLE, N.Y. (AP) -- An 18-year-old high school dropout has been charged with computer tampering after hacking into the internal computers of America Online and altering some programs. Jay Satiro was arrested and his computer confiscated Wednesday night after AOL officials contacted authorities. A complaint filed against Satiro said the teen-ager altered AOL data and programs that would cost about $50,000 to repair. AOL spokesman Rich D'Amato refused to give details of what was altered or how long the intrusion went undetected. He said the intrusion ``really should mean absolutely nothing for America Online members.'' Satiro's mother posted $5,000 bail. He did not return telephone messages seeking comment Thursday. ``Jay's a genius, but his common sense is a little low,'' said his 15-year-old brother, Bobby. First-degree computer tampering carries a maximum sentence of five to 15 years in prison. © Copyright 1999 The Associated Press @HWA 20.0 Stolen calling card numbers are big business ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ March 19th From HNN http://www.hackernews.com/ contributed by Arik Stolen calling card numbers are big big business racking up millions of dollars in fraud charges each year. Criminals are still using the tried and true method of shoulder surfing and the social engineering of corporate switchboard operators, but have gone so far as to electronically break into corporate PBX's to record calling card numbers automatically. Investigators are even claiming that organized crime may be involved. Somehow the journalist who wrote this story figures that this just must be the work of "Hackers" as he uses the term through out the story. Activities such as this would be more appropriately attributed to Phreakers but I am sure not even they would appreciated being labeled as criminals. Exactly when did the word 'hacker' become synonymous with criminal? Article follows; http://www.nydailynews.com/1999-03-19/News_and_Views/Crime_File/a-23052.asp Hot Spot in Phone Scam Is On Hold Hustlers who sell black market long-distance calls were lying low yesterday at least by the pay phones at Broadway and 50th St. in the wake of a Daily News probe into the $1.8 billion-a-year stolen calling card number business. The few regulars working the popular scam site yesterday, collecting $10 cash for unlimited calls to Africa or Asia, were more discreet in taking cash hand-offs from customers than before The News' report. The 50th St. pay phones are just one of many illicit outdoor calling bazaars throughout the city in which customers are connected to friends and relatives overseas at rates far lower than commercially available. Thousands of calling cards are stolen monthly, many by skilled criminal computer hackers. By William Sherman Original Publication Date: 03/19/1999 20.1 More 'hackers' hacking GTE (snicker) phone systems for bucks... ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ More 'Hackers' steal phone service March 19th from HNN http://www.hackernews.com/ contributed by Fr3aKy In Westerfield Center Ohio, an unknown 'hacker' has gained access to the Westfield Companies 800 number and rung up over $31,000 in long distance charges. This article is so full of misleading comments, assumptions, FUD, stereotypes, and downright inaccuracies I don't know where to begin. Interesting how the entire article blames the unknown 'hacker' and not the weak security on the companies phone system. Article follows; Hacker rings up $31,518 in calls GTE investigates attack on phone system of Medina County firm BY DAVID KNOX Beacon Journal staff writer WESTFIELD CENTER: A telephone hacker dialing an 800 number managed to break into the telephone system at the headquarters of Westfield Companies and rang up $31,518 worth of calls to foreign countries. The high-tech fraud occurred over the Feb. 6-7 weekend, according to Medina County Sheriff's Detective Tadd Davis. Shortly after the break-in, Davis said Westfield officials were notified by GTE of ``unusual telephone calls being made'' and took steps to block the intruder. The company, a 150-year-old regional insurance corporation, alerted the sheriff on Tuesday after receiving a GTE phone bill that revealed the full extent of the intrusion. Scores of phone calls had been charged to the company's account to countries in every continent of the globe accept Antarctica. In Asia, calls were placed to Hong Kong, the Philippines, Korea, India, Pakistan, Bangladesh and Sri Lanka. In the Middle East, Saudi Arabia and Kuwait were called. Countries called in Europe included the United Kingdom, Norway and Croatia. Africa was represented on the bill by Egypt and Senegal, and South America by Equador and Peru. At least one call was placed to Australia. Davis said that the calls went through Westfield's automated phone system at all hours of the day and night over the two-day weekend. The duration of the calls ranged from a few minutes to more than three hours. ``I couldn't believe it,'' Davis said. ``I've never before dealt with something this sophisticated.'' Dan Sondles, Westfield's senior vice president for corporate communication, said the company's phone system had never been broken into before. Sondles said company officials are working with GTE officials to ensure it doesn't happen again. ``They are trying to get to the bottom of it, just as we are,'' he said. Sondles said Westfield officials also are negotiating with GTE over responsibility for the huge bill. ``I don't know how that will be resolved,'' he said. Davis said the case may never be solved because the telephone hacker could have called from anywhere in the nation using the corporation's toll-free 800 number. Because hackers can manipulate the computerized global telephone network, Davis said there often is ``no way to trace back to the person making the call.'' Joseph Persichini, assistant special agent in charge at the FBI's Cleveland office, said the problem of hackers breaking into telephone systems has increased worldwide because of the computerization of the global telephone system. ``Telephone hacking is computer hacking,'' Persichini said. ``It is not easy to accomplish . . . It takes perseverance and knowledge.'' Persichini declined to speculate on the purpose of the calls placed through the Westfield phone system. Some hackers break into systems just to show off and share their knowledge on the Internet. ``There are Web sites and groups that pride themselves on their ability to hack into systems,'' he said. Another possibility is that the break-in was part of an illegal commercial scheme. Persichini said a large corporation such as Westfield Companies ``is a good target because of the large volume of calls they place and the accessibility of their 800 number.'' @HWA 21.0 Promail freeware mail agent is really a trojan in disguise ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ News and security advisories from Aeon Labs. [03.99] ProMail v1.21, an advanced freeware mail program for Windows 95/98, is a trojan. It has been spread through several worldwide distribution networks (SimTel.net, Shareware.com and others) as proml121.zip. Upon discovering - through LAN sniffing - that the program would attempt to connect to SMTP instead of POP3 when a regular mail check was performed, we reverse-engineered the software. The executable, which appears to have been created with Borland Delphi, has been packed with Petite (a shareware Win32-EXE compressor) and then "hexed" to make disassembly harder. ProMail v1.21 supports multiple mailboxes; every time a new mailbox is created, an "ini" file containing the users full name, passwords, email addresses, servers and more is generated. Prior to doing any other action, the program performs a check for a valid network connection which, if found, allows for the sending of ALL of the personal user data, including the user's password in encrypted format, to an account on NetAddress - a free email provider. Apart from this "feature", the software is 100 % functional and very well done. For further information or a more detailed analysis contact us. mailto:aeon@army.net @HWA 22.0 Hackers taking toll on web sites ... ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From http://deseretnews.com/dn/view/0,1249,70002080,00.html? Hackers taking toll on Web sites By Steve Fidel Deseret News staff writer Businesses hanging out an Internet shingle don't like to make a big deal of it when their Web site gets hacked. But it happens. Hackers break in to Web servers just to show they can. Crackers break in to steal money or information. Political activists, known as "hactivists," plant political messages or disrupt traffic. "There is a problem getting good numbers. Financial institutions, health care they are not going to go public that they were hacked. If they did, people wouldn't give them their money," said Todd Neilson, applications sales engineer for US WEST. In round numbers, the Web security problem cost businesses $6 billion last year, Neilson estimates. Most of that loss was not the result of corporate espionage or embezzlement but because of lost productivity from disruptions hackers caused, he said. "If your server is down for a week because you have to go in and fix a problem, that ends up costing a lot of money." Promoting awareness and introducing businesses to some of its products and business partners are the motives behind a conference on Internet security US WEST hosted in Salt Lake City Thursday. Neilson is on the circuit preaching Internet security in the major cities in US WEST's 14-state territory. He has a professional hacker in the act to demonstrate the ways Web security shortcomings are exploited. "A firewall that is 99 percent secure is 100 percent vulnerable," Neilson said. The biggest problem is finding the technology talent to stay ahead of the hackers. "The moral of the conference is: If you think that basic security is good enough, it really isn't. You really need someone who knows what they're talking about" engineering a commercial Web site. @HWA AD.S ADVERTI$ING. The HWA black market ADVERTISEMENT$. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ $$$?$$$?$$$?$$$?$$$?$$$?$$$?$$$?$$$?$$$?$?$??$??$??$????$$$?$$$?$$$?$$$?$$$?$$ ! ! $ $ ! *** IT HAS BEEN FOUR YEARS! *** FREE KEVIN MITNICK NOW!!!! ** ! $ $ ! ! $$$$?$$$?$$$?$$$?$$$?$$$?$$$?$$$?$$$?$$$?$?$??$??$??$????$$$?$$$?$$$?$$$?$$$?$ www.2600.com www.freekevin.com www.kevinmitnick.com www.2600.com www.freekevi n.com www.kevinmitnick.com www.2600.com www.freekevin.com www.kevinmitnick.co m www.2600.com ########################################ww.2600.com www.freeke vin.com www.kev# Support 2600.com and the Free Kevin #.com www.kevinmitnick. com www.2600.co# defense fund site, visit it now! . # www.2600.com www.free kevin.com www.k# FREE KEVIN! #in.com www.kevinmitnic k.com www.2600.########################################om www.2600.com www.fre ekevin.com www.kevinmitnick.com www.2600.com www.freekevin.com www.kevinmitnic k.com www.2600.com www.freekevin.com www.kevinmitnick.com www.2600.com www.fre * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * www.csoft.net webhosting, shell, unlimited hits bandwidth ... www.csoft.net * * www.csoft.net www.csoft.net www.csoft.net www.csoft.net www.csoft.net * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * WWW.BIZTECHTV.COM/PARSE WEDNESDAYS AT 4:30PM EST, HACK/PHREAK CALL-IN WEBTV * * JOIN #PARSE FOR LIVE PARTICIPATION IN SHOW CHAT OR THE WEBCHAT, AND WEBBOARD* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * WWW.2600.COM OFF THE HOOK LIVE NETCAST'S TUES SIMULCAST ON WBAI IN NYC @8PM * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * ////////////////////////////////////////////////////////////////////////////// // To place an ad in this section simply type it up and email it to // // hwa@press,usmc.net, put AD! in the subject header please. - Ed // ////////////////////////////////////////////////////////////////////////////// @HWA HA.HA Humour and puzzles ... ~~~~~~~~~~~~~~~~~~~~~~~ "why is a mouse when it spins?" - Tom Baker "Thar she blows!" - Bill Clinton 1998 1) True or false: The lipstick that Monica Lewinski used when servicing Bill Clinton is constantly out of stock due to demand at the retailers. This recently came thru from the DC-STUFF list and couldn't go by without a mention here, as it is quite hilarious; Date: Fri, 19 Feb 1999 16:48:53 -0700 (MST) From: Adams Reply-To: Adams To: dc-stuff@dis.org Subject: Funny as hell crypto-gram A recent 'cryptogram' (by Bruce Schneier) discusses several psuedo-crypto companies, their "secure" algorithms, and misimformation... The complete text can be found at: www.counterpane.com. Check for the Feb. 15 edition. Here's a brief protion: " Warning Sign #1: Pseudo-mathematical gobbledygook. In the quote above, notice the "unique in-house developed incremental base shift algorithm." Does anyone have any idea what that means? Are there any academic papers that discuss this concept? Long noun chains don't automatically imply security Meganet has a beauty on their Web site: "The base of VME is a Virtual Matrix, a matrix of binary values which is infinity in size in theory and therefore have no redundant value. The data to be encrypted is compared to the data in the Virtual Matrix. Once a match is found, a set of pointers that indicate how to navigate inside the Virtual Matrix is created. That set of pointers (which is worthless unless pointing to the right Virtual Matrix) is then further encrypted in dozens other algorithms in different stages to create an avalanche effect. The result is an encrypted file that even if decrypted is completely meaningless since the decrypted data is not the actual data but rather a set of pointers. Considering that each session of VME has a unique different Virtual Matrix and that the data pattern within the Virtual Matrix is completely random and non-redundant, there is no way to derive the data out of the pointer set." This makes no sense, even to an expert. US Data Security has another beauty: "From a mathematical point of view, the TTM algorithm is intuitively natural and less cumbersome to use than methods that are number-theory based." SuperKrypt tries to impress with an acronym: "SuperKrypt products utilize the DNGT bulk encryption method," whatever that is. And Cennoid just doesn't understand what it's talking about: "Since key length and key structure vary and since the encryption engine does not use any mathematical algorithms, reverse engineering is impossible and guessing is not an option." " Heh...heh... -adams HA.HA1 Some excerpts from Innerpulse.com ... :-) (-: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Innerpulse takes the local and underground news and adds a touch (sometimes a bucket full) of humour and twists it around a bit to make things more interesting (although some stories I swear are true) its well worth checking out, just try not to drink anything while browsing this site unless u enjoy having coffee shoot out your nose ... - Ed http://www.innerpulse.com/ Local Girl's Website Attacked by 'The Nugget' Contributed by siko Friday - March 12, 1999. 06:24PM GMT It seemed like any other day in the Northeast region of the United States. But unlike any other day, 'The Nugget' was busy cracking one local girl's website. "I went to post some news about myself and .. ", said local girl only known to Innerpulse as 'Amy', just before bursting into tears. "I didn't even do anything to The Nugget". Among the noticable changes to the website, The Nugget made several character distinctions in which local authorities hope to use to catch the raving tator. "We have been able to confirm that this (The) Nugget character likes beer and hookers, among other things. We also have a rough sketch of (The) Nugget", said Warren Chief of Police John Scranton. The young victim has been sent to therapy to relieve stress and damage to her upstanding reputation. 'cracked site link' -> http://www.drunks.com./~puta Brazilian hackers ignore Ugly American Contributed by Shredder Sledder Wednesday - March 17, 1999. 03:46PM UTC Furthering his attempt to alienate 95% or more of the entire global population, John Vranesevich made disparaging comments about a nation of millions today. Man on the wire interviews on a larger brazilian IRC network (irc.brasnet.org) revealed spirited replies to this unprovoked ugliness: "Who?" rang out 37 times in portugese, a few english, and one spanish reply as to the name "John Vranesevich" and/or "JP". When an explanation was provided, along with quoted text, most hackers responded with random series of keystrokes signifying disgust and thought provoking wisdom. Translated excerpts include: "Come to our country and say that, Fag!", "Skinny White Bitch, I have a BS in Computer Science AND I fucked your sister", "hehehe, I'll bet he's never seen a topless beach before." & "I don't get it, who did you say he was?" Most brazilian hackers quickly ignored the news and went back to discussing inconsistencies between the portugese distributions of linux and english versions. Excerpt of the "actual irc log" ... ;) GayPee [Anonymous@antijp.com] has joined #hack jotao: [tSh] ===  NEWS  === hi [GayPee] Hey GayPee! hi und3r [~uns@pbbgB26YagkM.200.244.84.O] has joined #hack [GayPee] Hey GayPee! hola keepah BRASNET: [Logon News - 18 Fev 1999] PARABENS!! A BrasNET deu de presente para seus usuarios e-mail na forma nick@brasnet.org! Para configurar isso basta ter um nick registrado e usar o comando [/msg nickserv set email seu-email-real]. Todos os nicks sao validos com exceçao dos que possuem barras (| e \). Esse eh um servico :inedito criado apenas para voces, usuarios e amigos da BrasNET. Aproveitem!! BRASNET: [Logon News - 08 Mar 1999] Se as mensagens do NickServ/ChanServ/MemoServ estao aparecendo em ingles... e voce quer que apareca em portugues... digite /msg nickserv set LANGUAGE 5 und3r [~uns@pbbgB26YagkM.200.244.84.O] has left #hack (Bye : KVirc 0.6.0 by Szymon Stefanek ) have any of you heard of antionline.com? anyone here know "John Vranesevich" or "JP"? Blz GayPee, what is it? hehe JP Morgan? JP = Japan? hehehe c_orb whois arpa.net hehehe c_orb whois arpa.net c_orb: o cara da antionline shimomura domain :D falou varis merda do brasil ***my translation: he says some bad shit about Brasil*** o q ele disse? ***my translation: What?!@ he dissed us?*** humm humm I apologize for him in advance antionline falai a pagina AcHeR [~GoiasEC@tEfvZyqhpMc.200.211.130.O] has left #hack chaosmaker> humm www.antionline.com br tem muito hacko meu ***my translation: Brasil might hack you for that*** whoa, "We even had one "user" trying to brute force their way into our administration realm. Needless to say, he was from Brazil, a country which is connected to the rest of the internet via a long piece of yarn with tin cans attached to each end." does that guy get into irc? yes undernet efnet? no what chan? he is too scared of efnet j00nix HEHE do cdc and phrack like jp? deep hate would be my estimate err analysis> sorry heh jp is dead Well, he's a little immature to say the least. <|WiZarD|> tsk tsk tsk he's gay CeZiNHa [CeZiNHa@eL3NZdiwdWY.sti.com.br] has joined #hackers ChanServ sets mode: +o CeZiNHa he's a loser with his own website, nothing new, but most people don't insult entire nations with them. oi :) CeZiNHa: :) ana: :) anony is away: (hackeando a geladeira) [BX-MsgLog On] ops ana? analysis: :) oooo <|WiZarD|> CeZiNHa: oizzz hehe -=- 2600 Meeting Ends in Tragedy Contributed by siko Wednesday - March 10, 1999. 08:41AM GMT The local 2600 chapter in Hartford, Connecticut, experienced a serious disagreement late Tuesday night at the Hartford Civic Center, their meeting place. "Me and HoBeater were just chillin.. and all of a sudden I heard NetSpud and TerDberGER having some sort of disagreement", remembers JehriKirlz, who was an eye witness to a fight that broke out. "Next thing I know, punches are being thrown". "How much of an idiot can you be? He claims that Windows98 is nothing but a waste of hard drive space and that Windows95 is more compact. First of all, there are too many enhancements in the latest installation of Windows to overlook. He deserved it", said NetSpud as he was taken away in cuffs. The disagreement over which version of the popular Microsoft OS led to what some 2600 members are calling a 'terrible mess'. People passing by at the local mall remember the incident only as 'fucking hilarious'. Only two punches were thrown, both by NetSpud, landing blows to left ear and another to the chin. "I tried to grab his hair, there is so much of it. I keep telling that punk to cut his hair. Nooooo it makes him look more hackerish. This is a travesty of justice. Anyone with a brain knows Windows95 is better than that bloatware known as Windows98", said TerDberGER, as he was carried away on a stretcher, broken glasses and all. Police were called to the scene and immediately settled both parties down, but the 2600 meeting was cancelled. HA.HA2 Business at the speed of Drool ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Via HNN who funnily enough had Pastydrone's name down as Patsy Drone (!) which is a joke in itself anyways ... moving right along sorry..Pasty's a good guy he'll let me off with laughing at that right Pasty? http://newstrolls.com/news/dev/diva/diva031599.htm This is a response to the Time story on Bill Gates's new book where he prints 12 steps to good business practices... funny stuff - Ed Business @ the Speed of Drool by Pasty Drone (Newstrolls) Business @ the Speed of Drool as it Oozes from the Corner of your Mouth to Your Keyboard as You Lay Slumped Over your Latest Power Point Slide Presentation. (Editor's Note: This is humour. If you can't take a joke, click off.) Bill Gates has written a book. It is his second book. It is a nice book and it is called Business @ the Speed of Thought and if you must buy it, at least help support NewsTrolls by purchasing it through our link. Time Magazine has an excerpt from the book entitled Bill Gates' New Rules in which it excerpts the following 12 rules of business according to Bill...I've added my own little insights to Bill's big ones (all caps). I suggest you read the article first and then come back here. 1 INSIST THAT COMMUNICATION FLOW THROUGH E-MAIL Email will never replace the face-to-face. No one who has been petrified by the company lawyer's fire-and-brimstone-lawsuit-lecture is going to put sensitive info in an email. 2 STUDY SALES DATA ONLINE TO SHARE INSIGHTS EASILY Read: Study sales data online so Microsoft can share you insights...via their nifty ID mechanics... 3 SHIFT KNOWLEDGE WORKERS INTO HIGH-LEVEL THINKING Poor Bill...he's still deluded that executives actually READ the charts and worksheets of data...the middle managers are usually too busy creating the next set of data to analyze an earlier output, and you're lucky if your line employees have junior college under their belt... 4 USE DIGITAL TOOLS TO CREATE VIRTUAL TEAMS Sometimes this works (ala NewsTrolls), most times climbing the corporate ladder results in anti-team work. People compete to prove that THEIR way of using the digital tools is the best one, and with each new senior mid-management hire, there's a new set of tools for you to feed your data into while the rest get chucked. 5 CONVERT EVERY PAPER PROCESS TO A DIGITAL PROCESS Bill admits they can't even do it at his place (although they got it down to 60). Some things ARE better left on paper or you're just going to spend MILLIONS more on programmer bills because you're updating your Intranet every two seconds (and don't even think you can automate THAT process; users refuse to look at HTML...) 6 USE DIGITAL TOOLS TO ELIMINATE SINGLE-TASK JOBS Here's where Bill really makes $$$ off of you. Where before you had your data in a relatively inocuous Excel spreadsheet, now you also get to try and wrangle the same data into MS Project, MS Access, and probably embed it in a MS Powerpoint slide. MS digital tools eliminate Single Task jobs because they replicate the single tasks into more numerous and time-consuming ones... 7 CREATE A DIGITAL FEEDBACK LOOP Well, it's more like a digital PLYBACK loop (same data, new MS program). Here's a neat quote from Bill: The best projects are those in which people have the customer scenario clearly in mind... Let's all remember to really think of MICROSOFT when you think of KEEPING THE CUSTOMER IN MIND... 8 USE DIGITAL SYSTEMS TO ROUTE CUSTOMER COMPLAINTS IMMEDIATELY Honestly I can't believe Bill has the balls to make point #8, but there you go... And, does ANYONE read those customer complaint emails? Well, ok...maybe if they're really bizarre... Actually in many instances the people who actually DO the product design are not native English speakers so having them answer the mail could be rather amusing...and of course that's assuming your product designers aren't in Bombay or elsewhere... 9 USE DIGITAL COMMUNICATION TO REDEFINE THE BOUNDARIES This one could basically be summed up into: Hire more temps (think of the benefits money you'll save). Oh, and then the kicker: In the Web work style, employees can push the freedom the Web provides to its limits. In other words, GET USED TO the idea that you won't get benefits... 10 TRANSFORM EVERY BUSINESS PROCESS INTO JUST-IN-TIME DELIVERY I think Bill meant to say "Barely-There Delivery". Witness Office 2000. And HEY!...whereas with paper you often turned in deadline documents the morning of an afternoon deadline, now you can wait up to 2:55 for a 3:00 deadline...that's progress! 11 USE DIGITAL DELIVERY TO ELIMINATE THE MIDDLE MAN Ah, now this is clever Bill at his finest...the subtext on this one is: Stock Brokers, Real Estate Agents...don't be scared!...Put your trust in Bill and through his products he will allow you to firmly entrench your job so that no one would ever DARE call spreadsheet-shittin' YOU a "middle man". 12 USE DIGITAL TOOLS TO HELP CUSTOMERS SOLVE PROBLEMS FOR THEMSELVES Or, in other words it is better for your customer to get stuck in a phone tree from hell than to train a human to help them not panic when they see the Windows Blue Screen of Death. So let's see Rules 4,6,8,9,11,and 12 all say USE DIGITAL. Rule 7 uses the word "create", but could just as easily be "use". And what do all the rules tell you dear reader? BUY MICROSOFT. The actual Time story can be found at the following URL or go buy Bills book, god knows he needs the cash for an arboritium ... http://cgi.pathfinder.com/time/reports/gatesbook/gatesbook1.html HOW.TO "How To Hack" March 1999 -> Part I (Steps 1 to 4) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Intro ~~~~~ This is not coincidentally next to the HA.HA section in the HWA.hax0r.news zine in fact the name itself is a piss-take on the "scene" (if you can't take the piss out of yourself you're taking things way to seriously and won't survive 2 weeks out here) but its a fact that anyone that puts out a zine like this has to deal with and thats the endless messages and questions from 'newbies' asking "HOW DO I HACK xxxx OS?" etc, well here's how you do it. I'll warn you up front that i'm not going to be gentle and will be fucking blunt with you, if you don't have the balls fuck off now you're dead meat and will be minced and made a laughing stock all over the net, if you think you can handle it then read on, this is an excersize that is best learned by doing but do it on your own machine if you try any of these things on someone elses box without any experience you will end up in jail. Step 1. ~~~~~~~ If you are not running FreeBSD, or a variation thereof or Linux in any of its incarnations, the first thing you need to do is either partition off 400M or so of your home machine for linux (easiest) or get a scrap 386 from somewhere (unix isn't windows and will run just fine with 8 or even 4 megs of ram for our purposes) and install linux or FreeBSD, I prefer BSD but there are more exploits written for linux. Why? because writing to the raw sockets in linux is a lot easier than it is in BSD, BSD is closer to *real* unix than Linux is, when linux first came out it was little more than a toy shell and was buggy as hell, BSD on the other hand was raped of its best parts and incorporated into linux, thats why it has one of the best TCP stacks out there, you can thank BSD for that...NT also owes its existance to Linux and BSD so by using and learning one of these OS's you will be set in good stead for hax0ring your way to stardom. Thats what you want isn't it? if thats the case this file is NOT for you. Stardom=recognition=fame or infamy=jail time. Are you ready for jail? no? ok maybe you're reading this for the humour value or maybe you want to persue or are persuing a career in security, cool its a fun job isn't it? you get to hack and you're on the side of the good guys. Ok keep reading... Step 2 ~~~~~~ Locate all the texts you can that pertain to breaking into systems and locate a good source of exploit code, (aka scripts) you don't want to become a script kiddie but you do need example code to learn from and the best code is usually put out with security in mind but can be bent to 'evil' ends by turning it around and using it to enter rather than block holes in the system. Some good places to look for code are www.rootshell.com (they don't keep up to date as much as they used to since they were rewted by hackers using a hole in SSH but they still have a good variety of exploit scripts available) for up to the minute exploit code PacketStorm Security is probably the best site that you will ever find, they are located on the Genocide2600 servers at http://www.genocide2600.com/~tattooman/ and the site is run by Ken Williams a key member of EHAP. Proof that ethical hacking does exist. Step 3 ~~~~~~ Gather up every FAQ and RFC that you can pertaining to networking and network security, yes this means reading and learning new stuph, if this sounds like work, well it is... and you better get used to it since staying on top of the daily exploits is key if you want to make sure that your system is secure once its on the net. "On the net you ask!?!?" well of course, we have to get you on the net to try out some of these mad sploits don't we? unless you have a few machines laying around in which case we can do some intranet hacking as well. Step 4 ~~~~~~ Set up your network. I will not give you any help with this, I assume you know how to setup a basic network if you don't then you haven't been following the steps properly or are plain stupid. Advice: Give up now and become a grass cutter, we need more of those the lawns around here are terrible. Step 5 ~~~~~~ Breaking in. This is the bit you've all been waiting for, well guess what many zines and serials keep users hanging on by posting teasers to keep people interested, and shit, i'm no different, we'll continue with step 5 IN AN UPCOMING ISSUE. Cruciphux P.S "Hacking IRC" is still in progress and will also be continued in a further issue of the zine its not forgotten or dead by any means. - Ed @HWA H.W Hacked websites Marc13th-March20th ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Note: The hacked site reports stay, especially with some cool hits by groups like *H.A.R.P, go get em boyz racism is a mugs game! - Ed * Hackers Against Racist Propaganda (See issue #7) Unconfirmed Hack Report: http://www.cddhcu.gob.mx/ by Moskos Sex Hackers Team Posted on irc in our channel by Yo_Soy, but the site was down when I tried to check it out on several occasions... - Ed Also, direct from HNN's rumours section including disclaimer notice; http://www.hackernews.com/ March 15th 1999 Disclaimer: This is the rumour section. Anything posted in this area may or may not be true. Many people think that just because something is posted here it is gospel. While HNN attempts to verify everything on the site we are not always able to do so. Most thing posted here in the rumour section are true, however we are unable to verify them all. contributed by Anonymous Cracked We have recieved reports that the following sites have been compromised: http://www.isd.net http://www.ebay.com http://www.summercon.org http://www.bonwell.com http://www.leute.at http://www.home-listings.com http://www.globestf.com/ http://www.stannecu.org/ http://www.directvision.com http://www.realtimeeng.com http://www.s-and-h.com http://www.lemming.com http://www.tcedge.com http://www.capitalcom.com http://www.adwar.com/ http://www.tuldys.com/ http://www.adventuretoursinc.com/ @HWA _________________________________________________________________________ A.0 APPENDICES _________________________________________________________________________ A.1 PHACVW, sekurity, security, cyberwar links ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ The links are no longer maintained in this file, there is now a links section on the http://welcome.to/HWA.hax0r.news/ url so check there for current links etc. The hack FAQ (The #hack/alt.2600 faq) http://www-personal.engin.umich.edu/~jgotts/underground/hack-faq.html Hacker's Jargon File (The quote file) http://www.lysator.liu.se/hackdict/split2/main_index.html International links:(TBC) ~~~~~~~~~~~~~~~~~~~~~~~~~ Foreign correspondants and others please send in news site links that have security news from foreign countries for inclusion in this list thanks... - Ed Netherlands...: http://security.pine.nl/ Russia........: http://www.tsu.ru/~eugene/ Indonesia.....: http://www.k-elektronik.org/index2.html http://members.xoom.com/neblonica/ Brasil........: http://www.psynet.net/ka0z http://www.elementais.cjb.net Got a link for this section? email it to hwa@press.usmc.net and i'll review it and post it here if it merits it. @HWA -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=- --EoF-HWA-EoF--EoF-HWA-EoF--EoF-HWA-EoF--EoF-HWA-EoF--EoF-HWA-EoF-- © 1998, 1999 (c) Cruciphux/HWA.hax0r.news (r) Cruciphux is a trade mark of Hoary Wild Arachnids Inc. -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=- puzzle answer: TRUE --EoF-HWA-EoF--EoF-HWA-EoF--EoF-HWA-EoF--EoF-HWA-EoF--EoF-HWA-EoF-- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=- [ 28 63 29 20 31 39 39 39 20 63 72 75 63 69 70 68 75 78 20 68 77 61 ] [45:6E:64]-[28:63:29:31:39:39:38:20:68:77:61:20:73:74:65:76:65]