+.. . .
:`
.,,,,,.
. ,fG######WG;.
,GG###########W;.
fG###############L.
,t#################c
;##################y
He who hesitates... i##################b
t##################0
f##################r
,,;;ii;,;;##################g
..fLWW##########################a
,;KK##############################s
,;WW################################m
,;####################################;
,iWW####################################i
,;WW######################################:
.;iiGGEKDDGGLt;. ,G##########################################i
,fLK##############KkkffG###########################################i
,fK##################################################################i
ff####################################################################;
f######################################################################,
.f######################################################################.
fG######################################################################.
LL########################################################WW############,
:L##########################################EFfjKK######Wf'`WW######W###;
tWW####################f#######Kf' ,fW######WK;' ::;ij;:fi;j;'
tW##################KtjW######f' ff######WWf'
:##################kijW####Kf t########f"
WW#################kt#####f' .WW######WG'
'G########################; ,t########;'
i######################KK .KK######j' '
WW####################LL f######f'
'L######################t iK####f'
'######################Kt. ,t####f;
tG######################kt..KK##f'
t#######################Kjj##EE'
KK##########################fi m
't##########################LL
`############################i a
'G##########################DD
'############k#############KK s
K###########DDk###########DD
W##########W;;j###########;` t
W##########Kij##########Kf
W##########LkK##########f u
W##########k##########Kf
K#####################F' r
WW####################;
EE##################WW b
iL##################K;
'G##################f a
tWW##############Wf
GG#############KG' t
't#############K;
'WW##########F; e
'f#########KF
'##########' s
tE########t
f########i !
:WW######i
;########G
;L#########k .
;############t
fG############GG :
.W###############i
WW##############LL .
GGDDWW##########KK .
tt``LL"'##########,
tt``ff WW########G,
. tt``ff `f##########Kkn. .
::``ii 'iffDDKKEEDDfi ` .
.----. ,----, ,------.------.-----. .----.-----------.-----.----.----------.
| |/ / / | : \| | | | : |
| /----'-. | | ' | +-----: | | :: |--`.
| ( | | | | | ' | | -)
| \------: | | . | +-----: | :: |--,'
| |\ \ | | | |\ | |-----+ | |
+----+ +----+ . +------+------+-----+.+----+-----------+ . . +----+----------+
. . :
.
r&nd.m w.rds
Introduction . . . . . . . . . . . . . . . The Clone
Contact Information . . . . . . . . . . . . . The Clone
Link of the Whenever . . . . . . . . . . . . . The Clone
K-1ine Mirrors . . . . . . . . . . . . . . . The Clone
Nettwerked Radio . . . . . . . . . . . . . . The Clone
Nettwerked Telecom . . . . . . . . . . . . . The Clone
Hack Canada T-Shirts . . . . . . . . . . . . . The Clone
Voodoo Magick Boxes . . . . . . . . . . . . . The Clone
d.cumen+s
Unlocking Bluetooth . . . . . . . . . . . . . Officer Koharski
AT&T HRIDs and Privacy Protection . . . . . . . . war
Tel3.com Calling Card System ANI Spoofing Vulnerability . The Clone
Telus Censoring Customers and Employees! . . . . . . The Clone
Telus Vs Voices-For-Change.com . . . . . . . . . h4v3n
Internet Cafe Security . . . . . . . . . . . . aciddata
SIN Permutations . . . . . . . . . . . . . . Daemon
Do-It-Yourself Electric Lock Pick . . . . . . . . fr0st
How to Fix Your Credit the Easy Way . . . . . . . . gHoSt
University of Alberta's Tunnel Intercom System . . . . war
Defeating WebSense . . . . . . . . . . . . . h4v3n
Phreaking the NEC i-Series phone systems . . . . . . war
Nettwerked West Edmonton Mall War Walk . . . . . . . fr0st
Connecting to Telus Digital Subscriber Carriers . . . . Tr00per
US Military Begs Canadian Hackers to Commit Crimes . . . Plastik
CES: The Science and The Conspiracy . . . . . . . . CYB0RG/ASM
Vacuum Love . . . . . . . . . . . . . . . . Druid of Orange
c.nclus:.n
Credits . . . . . . . . . . . . . . . . . The Clone
Shouts . . . . . . . . . . . . . . . . . The Clone
+----+ +--decembrr-2..5--+
~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~x ~o ~o ~o ~o
Introduction:
Welcome to the latest issue of K-1ine Magazine; issue #48, "He who hesitates...
Masturbates". It's been a long time since we released an issue of K-1ine and
we're happy to announce this is probably the most phile filled issue of all
time, with some of the best writing we've ever published in this 'zine 6 1/2
year history. Big shouts to everyone who contributed to this issue, with extra
shouts to CYB0RG/ASM for his always excellent ascii art, War for his three
articles and lastly h4v3n and fr0st for their two articles. I appreciate you
guys putting in the extra effort to help make this issue a very memorable one.
We hope you're not all pulling out your hair during this horrible consumeristic
holiday called the "Christmas Season". All these mindnumbing commercials,
annoying people, and family members that help add to the stress of spending
money that we don't have on presents that won't be fully appreciated make us
want to shoot [insert name] in the fucking head with a 12 gauge shotgun. Grr.
So without further ado, I bring you K-1ine #48... sexier and better than ever...
If you like it, great. If you don't, go fuck yourself. Thank you.
o~ o~ o~ o~ o~ o~ o~ o~ o~ x~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~
Contact Information:
|*> Comments/Questions/Submissions: theclone@hackcanada.com
|*> Check out my site: (Nettwerked) http://www.nettwerked.net
|*> Check out the Web-forum: http://board.nettwerked.net/
~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~x ~o ~o ~o ~o
Link of the Quarter:
Every whenever I post one really great "link of the quarter" on each issue
of K-1ine magazine. The link can be anything in the technology industry,
music scene, rave scene, punk scene, or even a good article you read on
a news site. I'll be taking submissions via e-mail or IRC right away; so
get your links in and maybe you'll see it in the next issue of K-1ine!
For the Winter 2005 issue of K-1ine, the link of the whenever-we-feel-like-
releasing-this-motherfucking-issue is:
http://www.asterisk.org
Forever changing the face of telecommunications and phreaking with their
open source VoIP software, scripts, and documentation. This is the very
ultimate source for anyone wanting to learn more about making their own
low-cost PBX system or VoIP start up company. An example of Asterisk's
impact on Nettwerked you don't have to look further than our Nettwerked
Telecom Services page with Conferencing Services, Voice Mail, and more.
Submitted by: The Clone
o~ o~ o~ o~ o~ o~ o~ o~ o~ x~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~
K-1ine Mirrors:
(Updated: 12/18/05)
K-1ine Magazine Mirrors:
WIRETAPPED
"Wiretapped.net is an archive of open source software, informational
textfiles and radio/conference broadcasts covering the areas of
network and information security, network operations, host integrity,
cryptography and privacy, among others. We believe we are now the
largest archive of this type of software and information, hosting in
excess of 20 gigabytes of information mirrored from around the world."
Now mirrored in two places, one in Belgium and another in Sydney.
http://www.mirrors.wiretapped.net/security/info/textfiles/k1ine/
HACK CANADA
"Hack Canada is the source for Canadian hacking, phreaking, freedom,
privacy, and related information."
http://www.hackcanada.com/canadian/zines/k_1ine/index.html
HACK DA PLANET
"Home of Cyburnetiks' web-site. Miscellaneous hacking, phreaking,
anarchy files, home of the official Anti-Tempest Network Project."
http://hackdaplanet.ath.cx/other/k-1ine/
Fr0st's web-site
"Various hacking articles, drawings, photographs, and more."
http://fr0st.no-ip.org/k-1ine/
~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~x ~o ~o ~o ~o
Nettwerked Radio (Undergr0und Radio and Music every 2nd weekend!):
Tune into this critically acclaimed radio show every other weekend.
Friday or Saturday (or whenever) from: 12:00am - 3:00am (MST).
To listen, please tune in to:
http://68.151.33.191:8000/listen.pls
(Note: this is a dynamic IP address. It may change from time to time,
so please visit www.nettwerked.net/radio/ for the latest ip address).
If you're not sure whether the show is on, visit nettwerked.net/radio,
and look at the Radio section. If you see lime green "ONLINE", then we
are live. You can listen in using Winamp, XMMS, or anything that will
play Winamp streaming audio. We thank you for your support and hope
that you tune in, give your feedback, and make those artist requests!
--------------------------------------------------------
Contribute your music to Nettwerked Radio, and be heard:
--------------------------------------------------------
Do you have your own band? Are you a solo artist? Do you make your
own music on your computer, or with regular instruments? Be heard!
Nettwerked Radio, on from 12AM-3AM (MST) every other weekend, is
now accepting submissions of YOUR original music for play. We will
accept MP3 or OGG formats. If you submit your music, be sure to
include information on the band, and any information; such as
location, and history. Nettwerked Radio will play your music and
advertise your artist information! Nettwerked Radio is a great way
to be heard without having to pay out for advertising, or passing
out flyers, etc.
We respect your copyright too. We will only play your songs when
you want them played. We will not duplicate, share or otherwise
pirate your songs.
All interested artists please send your music and information to:
the.clone@gmail.com
o~ o~ o~ o~ o~ o~ o~ o~ o~ x~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~
Nettwerked Telecom:
We are pleased to announce the launch of Nettwerked Telecom Services. We have
free Voice Mail Boxes for all Nettwerked visitors. Always hacker and phreaker
friendly, Nettwerked Telecom Services stays true to its h/p roots by offering
'leet phone goodness. In December 2005, we launched a couple free months of
Conferencing Services for the community. When we start charging for it, we
plan to make it extremely affordable for everyone to use. Keep an eye out.
For more details on these services visit: http://www.nettwerked.net/telecom/
~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~x ~o ~o ~o ~o
Hack Canada T-Shirts:
It don't mean jack if it ain't got that hack... Hack Canada T-shirts are back.
"Demonstrate your indifference to authority and all things conformist by sporting
an exclusive Hack Canada T-Shirt. Strike terror and paranoia into the hearts and
minds of parents, teachers, telco employees, governments, and law enforcement
drones alike. These high-quality, 100% cotton t-shirts feature the universally
renowned Hack Canada digital chainsaw in all of its nipple-hardening glory. Damn."
Available in: Small, Medium, Large, and XL, these shirts are extremely durable
and can fit most. Available in two styles: White on Black or Silver on Black.
Get them while they last only at: http://www.hackcanada.com/gear/index.html
o~ o~ o~ o~ o~ o~ o~ o~ o~ x~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~
Voodoo Magick Boxes:
Voodoo Liquidation! - Nettwerked.net is pleased to announce the
return of the Voodoo Magick Boxes! We are selling off the last
of these fine machines, and with a fine price tag. We're selling
for 50% less than their original cost! Buy a Voodoo Machine now:
http://www.nettwerked.net/voodoo.html
Price: $50.00 (US) + $12.00 (US) shipping.
We accept PayPal as a main and only form of payment. For questions,
please contact: theclone@hackcanada.com. Thank you for your interest
in this incredible "wetware" product, and I hope you purchase one.
~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~x ~o ~o ~o ~o
* Now talking in #arabiannights
-lumo.eghetto.ca:@#arabiannights- theclone invited wizbone into the channel.
* wizbone has joined #arabiannights
mukafuxa ma fundda abdula mohammad 9/11. acky ha ha! akcy!
i fly areoplane
______________________________________________________________________________________________________
| _.-^^---....,,-- __ __ _ _ __ _____ ___ _ _ ____ _ _ ___ G|
| _-- --_ ( )( )( \( )( ) ( _ )/ __)( )/ )(_ _)( \( )/ __) O|
|< >) )(__)( ) ( )(__ )(_)(( (__ ) ( _)(_ ) (( (_-. D|
|| | (______)(_)\_)(____)(_____)\___)(_)\_)(____)(_)\_)\___/ |
| \._ _./ ____ __ __ __ ____ ____ _____ _____ ____ _ _ I|
| ```--. . , ; .--''' ( _ \( ) ( )( )( ___)(_ _)( _ )( _ )(_ _)( )_( ) M|
| | | | ) _ < )(__ )(__)( )__) )( )(_)( )(_)( )( ) _ ( |
| .-=|| | |=-. (____/(____)(______)(____) (__) (_____)(_____) (__) (_) (_) 1|
| `-=#$%&%$#=-' 3|
| | ; :| Unlocking verison phones for 1xEVDO over bluetooth: The easy way! 3|
| _____.,-#%&$@%#&#~,._____ -By Officer Koharski 7|
| |
|_____________________________________________________________________________________________________|
[..:: What is 1xEVDO? ::..]
Evolution Data Only or Evolution Data Optimized, often abbreviated as EVDO,
EV-DO, EvDO, 1xEV-DO or 1xEvDO is a wireless radio broadband data protocol
being adopted by many CDMA mobile phone providers in New Zealand, Venezuela,
Mexico, Brazil, Japan, Korea, Israel, the United States, Australia and Canada
as part of the cdma2000 standard. 1xEVDO is pronounced "One Ex: E-Vee-Dee-Oh."
It is commonly referred in the industry as DO (Dee-Oh).
So basically EVDO is broadband for phones. Its ALOT faster than standard 1xRTT
a lot of carriers are using, as well as GPRS and EDGE used on the GSM side of
things. EVDO can handle speeds up to 2.4 mb/s. Currently it's the fastest wire-
less broadband system available, but telus is messing around with 3GPP2 which
is supposed to be about 3 times faster. EVDO is part of the CDMA family.
[..:: Why should I use this? ::..]
So It just happens that verison is a bit of a bitch when it comes to linking
your laptop, PDA or OQO (if your a lucky bastard) to this service. They want
you to buy a smartphone or PC-card when you buy their already expensive data
plan, so you can't just use the cheap V-cast data plan with a computer. All
this hack does is unlock the phone to allow connections to 1xEVDO through
bluetooth.
[..:: Why shouldn't I use this? ::..]
If you're planning to do anything illegal with it. I'm putting this in just
to cover my own ass. While I'm at it I should probably also stick in the
oblilatory "If your phone happens to explode, break, delete itself or cause
a nuclear explosion that puts a rip in the time-space continuum, that's your
fault. Don't blame me."
[..:: What do I do? ::..]
This part is pretty simple. I have only tested this with a friends Motorola
E815, but I'm pretty sure it should work with other phones. Verizon cripples
their phones by disabling dial up networking on all the phones, but at one
point they were planning to have customers buy a plan that enables this fea-
ture, so there is still the option hidden in the phone. All you have to do
to enable it is turn off the phone, and start it up again. Without going into
any menus or anything punch in ##DIALUP. This causes DUN to be re-enabled!
It's just a simple hack specific to verizon phones and is only required once.
Anyway, I don't own one of these phones, and my friend helped me write a lot
of this article, so here's what he does to use his phone:
All I do is I make a shortcut for DUN to dial #777 on bluetooth. Bluetooth
pairing (creating a DUN connection shortcut to dial #777) is standard pro-
cedure and is only required once. When I want to connect to the Internet
via EVDO, I make sure my E815 is on (I have Bluetooth on by default) and I
double-click on the shortcut - easy and for the time being I have 2 phones
(my Sony Ericsson W800i with T-Mobile being my primary phone)"
So there you have it! The simple way to tap into your high speed phone for
a greater good!
[..:: Contact and shouts ::..]
Shouts to my friend (who goes unnamed) in Prince George, and The Clone for
publishing this article. If you want to get in contact with me feel to
email me: Therrol [at] gmail.com. While your at it why don't you check out
my website, K3B.westcoastphreakers.com. (generously hosted by smes)
So thanks for reading my sad excuse for an article. I hope my grammar was
okay, I'm a bit tipsy right about now. Happy hacking!
o~ o~ o~ o~ o~ o~ o~ o~ o~ x~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~
in other news, Elvis is =still= dead.
stupid elvis
he allways leaves the building
remember when he was hired on as a DEA agent?
nope
Back when I was 35 years old in 1972 I was his DEA partner.
We shared many a warm bath together
oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
o000000000000000O0M0G0H0A0X00000000000000000000000000000000000000000000000000o
o ____________________ .__ . . ._.. .__.. ..__ .__ ___ ._ 00o
o | | |__ |\ /| |_|| | | \ / |__ |__ | | \ 00o
o | | |__ | | | | |_ |__| | |__ |__ _|_ |_/ 00o
o | | o 00o
o | NO IMAGE AVAILABLE | Name: Wxxxx Sxxxxx Employment Status: Active 00o
o | | DOB: Xx.Xx.Xx80 Email: WXXXX@XXBELL.NET 00o
o | | HRID: ATT149XXXX Employer: AT&T 00o
o | | Phone (Home): 314.35X.XXXX 00o
o | | Phone (Work): 314.62X.XXXX 00o
o ||.||.-�|_..�_||.|.._| Home Address: 15XX RXXXX AVENUE, SAINT LOUIS, MO OOo
o 1 0 113 03 1 Zip Code: 63XXX 00o
o 00o
ooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
oooo oooo
oooo oooo
oooo AT&T HRIDs and Privacy Protection oooo
oooo oooo
oooo oooo
This article is about AT&T HRID's and some flaws in the way AT&T verifies
your identify and protects their employees privacy. This is an article on
theoretical and practical, all rolled into one.
AT&T HRIDs and PINs
HRID stands for Human Resources ID. Many companies have them, in one form or
another, one name or another. A unique indentifier to identify each employee.
AT&T's implementation of HRID's is a seven digit unique number. Many AT&T
web-based and telephone-based access control systems use HRIDs as part of
the authentication scheme. Sometimes, the HRID is paired with a PIN code.
AT&T PIN codes usually have the following format.
Birthday followed by Social Security Number in the following format:
WW/XX/YY/ZZ
WW = 2 digit month
XX = 2 digit day
YY = 2 digit year
ZZ = last 2 digits of social sec number
PIN codes are used for verification on many AT&T telephone services, such as
when phoning AT&T regarding payroll or benifit information, or when phoning
in trouble reports. Many live operators will ask for an HRID and PIN code
when an AT&T employee calls them and identifies themself as an AT&T employee.
If you want to reset your (or someone else's) AT&T PIN code, you can call
877.HR.ANSWERS, or 877.472.6793. Pressing 9, and then 2 from the main menu
will allow you to speak with someone who can reset your PIN code for you.
+++
Finding AT&T HRIDs
Scouring the web for AT&T HRID's is a fairly straightforward task. A google
search for "inurl:hrid inurl:att" yeilded a number of promising-looking
seven-digit numbers from www.post.att.com (which no longer is a valid site).
Even though the site post.att.com is down, Google still cached a bunch of
links. Also, searching Google for "site:post.att.com", which yields a whole
bunch more possible HRID's hidden in URL's. Thank you google.
There are other methods of getting AT&T HRID's. If you live near AT&T territ-
ory, you could physically go down to an AT&T building, and look at dog-tags,
and glean numbers that way. You could probably social engineer them, as well.
Also, there are plenty of other websites than just post.att.com where HRID's
are kept. A little time spent looking around on the 'net will yeild more
results.
+++
Finding AT&T HRID Information
An AT&T HRID on it's own, though, is nothing special. If you want to link
AT&T HRID's to information, there are a number of ways to go about it.
Probably the easiest is using a site called att.shi.com . This site was
never meant to be a site for linking personal information to AT&T HRID's,
but it's very useful for doing it, anyways.
ATT.SHI.com is a site where AT&T employees can log in and order stuff.
Browsing to the main page of ATT.SHI.com explains how ATT.SHI.com uses
a very bad system for authentication. I quote from the site:
***QUOTE***
You need to activate your User Account in order to access the information
at this site. You will be prompted for your AT&T HRID, which identifies
the account we have reserved for you. Once you submit the User ID form,
you will be brought to a second form which will allow you to change your
Password. If you do not elect to change your password at this time, your
password will default to the letters "ATT" followed by the seven digits
of your AT&T HRID. Once you have updated your account, your UserName and
Password will be as follows:
* UserName: ATT followed by your AT&T HRID
(Example: ATT1234567).
* Password: By default, your password is ATT followed by your AT&T HRID,
unless you've changed it after activating your account.
(Example: ATT1234567).
***********
Nice, huh? If you've got an HRID, and the person connected to the HRID has
used att.shi.com and not changed their password, you're set. But, there's
more. And more is even better. If the person connected to your AT&T HRID
_hasn't_ used the att.shi.com site, you can create a profile for them with
http://att.shi.com/activateuser.asp. Simply browse to http://att.shi.com/
activateuser.asp, and enter the HRID number in the box, and voila. Instant
HRID verification, and personal information related to the HRID. Wonderful.
Also, if you're just wanting a simple Yes/No HRID verification, you could
use https://www.mrsnj.com/empsale/CheckHRID.asp. If you were trying to
brute force HRID's, and wanted to script it, or something, then https://
www.mrsnj.com/empsale/CheckHRID.asp would probably be your best bet.
+++
VoicePost
AT&T runs (ran?) a service called VoicePost (post.att.com ...see a similar-
ity?), which was an automated system by which AT&T employees could get the
phone numbers of other AT&T employees. Sounds fun. The best part is, you
don't even need to be an AT&T employee to use the service. Simply call up
866.288.7678. It's a voice recognition system, with a whole host of features.
The system isn't very active, anymore. Well, it's not active as far as AT&T
is concerned. But, it's still useful, and interesting. The Voicepost service
used to be tied into the 800.FIND.ATT service, which was like a directory
for AT&T employees. You could find information on AT&T employees, AT&T
employment offices and other information. The 800.FIND.ATT mostly out-links
now, to numbers like 866.288.7678. The system is mostly grandfathered now,
but it's still useful to get AT&T employee phone numbers.
When you first call you first call up the AT&T VoicePost service (866.288.
7678), you are greeted with an automated voice that tells you:
"Welcome to AT&T's Voicepost. Please choose on of the following. Contact,
or help."
There are four options I've found from the mainmenu of the VoicePost service.
Contact, Help, Rerecord, and Operator. Operator is, well, operator. But it's
really just an Audix voicemail box. Rerecord lets you re-record the pronoun-
ciation of your name in the VoicePost directory. Help is help, and Contact
is what we really want.
The voicepost system will allow you to find out personal phone numbers of
AT&T employees, if you know their name. Their name. Wooo. So basically, you
just call it up, and when it asks you for a name, you say, "John Smith", or
whatever you want, and then, if their phone number is listed, then it will
tell you the number.
+++
AT&T Alliance Password Resets
If you can get an HRID number, and an associated name, then getting even
_more_ personal information (like home and address work address, and home
phone number) has never been easier, unfortunately. The Alliance training
system for AT&T, Lucent (formerly Westren Electric) and Avaya employees
can be found at http://207.242.156.34/stc/default.htm, or www.employee
growth.com. http://207.242.156.34/stc/default.htm is the one we are going
to deal with. So. You browse to the site, you don't know what the password
is, though. So how can you log in? You can't. But what you can do...password
reset!
You can reset an Alliance password using http://207.242.156.34/stc/passreq.
htm. It's simple. Just enter the first and last name of the AT&T employee,
and the AT&T HRID. You could already have both of these, if you used the
previous methods for obtaining first and last names and HRIDs. Then, you
have the option to enter _ANY_ email address. Let's say that again. _ANY_
email address. Freakin' insane, AT&T. Retarded. Anyways. Within one business
day, an email will be sent to the address you specified, and it will look
something like this:
On 8/8/05, Xxxxx, Xxxx wrote:
>
>
>
> Your Alliance password is your HRID. Thanks for using Alliance services.
And wow. Now, you can log into the Alliance training area, and look at the
"personal information" page to get even more personal information about AT&T
employees, including but not limited to home and work phone number, home and
work address, private and work email, and HRID number.
The AT&T Alliance Website is also closely linked to www.employeegrowth.com,
which is a long-distance learning site for AT&T, Lucent and Avaya employees.
The AT&T Alliance Website also discloses FAR too much personal employee
information on their site. AT&T administrators need to be aware that WEB
SECURITY IS IMPORTANT. Weak passwords are unacceptable for a company that
is such a target for theft-of-service and fraud.
Also, please note that the Alliance password is not the same as the AT&T
Global Single Sign-on (https://www.e-access.att.com/ecampus/Saba/attCustom
Login.jsp?site=ATTLearning, as well as many others) password. The AT&T
Single Sign-on is one tough nut to crack, and this Alliance password reset
thing will not work with the Global Single Sign-on.
+++
Ends
As you can see, AT&T ideas about security need to change. Stricter security
needs to be put in place, and AT&T employees, employees, EMPLOYEES need to
be educated about what they should and _should_not_ give out over the phone.
Web-based things need to be tightened up, and phone-based things should ask
for authentication before giving out personal information. The VoicePost
service is mostly grandfathered, but it's still not cleaned up. AT&T should
clean up their mess. Also, the fact that Google is indexing the log-in strings
(which contain the passwords) for AT&T's voicepost service is a problem. Sure,
they've mostly corrected this with their Global Single-Sign on, but they still
need to clean up after themselves. But employees here are really the weakest
link. Employees shouldn't assume you are who you say you are..they should be
doubtful from the start. And the AT&T/Lucent/Avaya Alliance training site
needs to not reset passwords, if you can provide and HRID and name. That's
just not enough information to prove you are who you say you are. Anyone can
walk into an AT&T building, and take pictures of name tags with HRID's on 'em.
It's just too sketchy.
I'll definitely be digging to see what else I can find. Anyways, that's it.
war 2005
(08/10/05)
~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~x ~o ~o ~o ~o
They had dragon boat racing practice down there last week.
Dragon boats? Dragons are extinct.
Tel3.com Calling Card System ANI Spoofing Vulnerability
* Written by: The Clone
* Date: Monday, August 1, 2005
* Contact: theclone@hackcanada.com
* Web-site: http://www.nettwerked.net
* Credits: Lucky225, RootSecure.net, War
* Shouts: Hack Canada (www.hackcanada.com)
-_-
Synopsis:
Corporations that are implementing voice over IP (VOIP) technologies for
the purpose of offering dedicated phone service (i.e. Vonage), or pre-paid
calling card service (i.e. Nettwerked Calling Cards) in an attempt to cut
communications costs associated with POTS-copper lines shouldn't overlook
the obvious security risks. Most businesses implementing VOIP are primarily
concerned with the following three things: voice quality, latency and inter-
operability. To many businesses, security is an after thought, an expense
not worth investing in until something "bad" happens. A reactive instead of
proactive approach to VoIP security is what tends to cost these companies
millions of dollars in intellectual property losses. One such company that
recently caught my attention for lack of security (specifically customer
authentication) is Tel3.com, a business headquartered out of Miami Florida.
Details:
Tel3.com is a company that offers pre-paid, VoIP based, local/international
calling card services worldwide. One feature that Tel3.com offers all its
customers (credit card paying customers I might add), is the ability to make
long distance calls on the Tel3 calling card network without the necessary
use of a unique 12+ digit pin code. Instead Tel3 can authenticate its paying
customers based on Automatic Number Identification (ANI). Yeah, I can't
believe it either.
According to the Tel3.com FAQ (http://www.tel3.com/faq.aspx):
"Tel3 is a service that provides unprecedented low international and domestic
calling rates. Tel3 uses ANI (caller-id) recognition so users do not have to
enter a PIN each time they make long calls from their Instant Access numbers."
The problem with "ANI Billing" is the fact that ANI can be so easily spoofed.
"So what is ANI?", you ask. ANI or Automatic Number Identification is a system
used by the telephone company to determine the number of the calling party.
There are believed to be two types, 'FLEX ANI' (used for e.g. verification
services such as voicemail) which is relatively easy to spoof, and 'Real Time
ANI' (used only for billing purposes on e.g. 800 numbers) which is harder to
spoof [Definition: Hack FAQ ].
ANI Spoofing is done by falsely setting the telephone number you're calling
from to appear as another number somewhere else. Infact the number you can
set does not necessarily need to be a valid one either. In the traditional
sense ANI and Caller ID spoofing was done using the assistance of an operator,
or through a company's PBX (Private Branch Exchange). These methods were not
the most efficient, many operators caught onto what you were doing after a
while, and a lot of previously exploited company PBX's were protected in
secure locations.
"So how can I spoof my ANI without an operator or access to a company's PBX?"
Today ANI spoofing has become much easier to do. With VoIP (Voice over Internet
Protocol) becoming more and more present in today's business world, you now have
the ability to spoof your ANI via this method. This is how its done: a lot of
VoIP carriers never set a Charge Number and allow you to pass through your own
ANI information without ever having a pre-set number implemented on their side.
The Asterisk(tm) Way...
The first and more complicated way to spoof your ANI is by using Asterisk(tm) -
The Open Source Linux PBX. According to their site (www.asterisk.org): "Asterisk
is a complete PBX in software. It runs on Linux and provides all of the features
you would expect from a PBX and more. Asterisk does voice over IP in many prot-
ocols, and can interoperate with almost all standards-based telephony equipment
using relatively inexpensive hardware."
What you need is a computer with a Linux compatible network card, basic Linux
knowledge, an Internet connection (preferably a high speed type like ADSL or
Cable), a VoIP hardware phone or software phone, and an account with a VoIP
provider that allows ANI spoofing (i.e. Nufone.net, VoicePulse.com, VoipJet.com).
According to RootSecure (http://www.rootsecure.net/?p=reports/callerid_spoofing):
Follow the instructions in Andy Powell's, 'Getting Started With Asterisk' guide
for the initial Linux install.
Add the following lines to your extension config file in the same context as your
SIP phone.
exten => 33,1,Answer
exten => 33,2,AGI(cidspoof.agi)
Sign up with a VoIP provider.
Add appropriate details into your IAX config file (as issued by your VoIP service
provider).
Download the cidspoof.agi script changing line 77 to the correct username/hostname
for your VoIP IAX service provider, and copy it to /var/lib/asterisk/agi-bin/.
Start Asterisk
Check your SIP phone has correctly registered / verify you are able to make a SIP
to PSTN call.
Call extension 33, enter the 10 digit number you wish to spoof from, followed by
the 10 digit number you wish to spoof to.
A simpler alternative is to use the command SetCallerID(2121111111) in the "exten-
sions.conf" file direct however it will have to be manually edited and Asterisk
reloaded for every call.
An easier way...
These companies offer the customer the ability to ANI/CID through their pre-paid
service: SpoofTel (http://www.spooftel.com/ - a Spoofing-only service), Nettwerked
Calling Card (http://www.nettwerked.net/callingcard/ - A calling card service that
War and I run. We charge 25 cents per ANI spoof, and also spoof your ANI/CID as
"780-000-1337" by default), and Veratel Communications (http://www.vera-tel.com).
Just check Google, you're bound to find a ton of more companies that offer ANI/CID
spoofing for a reasonable fee. Is this sitting well in your stomachs, Tel3.com? :-)
The possible consequences of Tel3.com using ANI as a form of authentication...
As you can see it's very easy to spoof your ANI/Caller ID. The obvious consequences
of using ANI as a form of authentication the ability for anyone with minimal tech-
nical skills to start using your Tel3.com calling card time without your knowledge
for free telephone calls or other fraudulant activities. At this point all the
potential attacker needs is the telephone number you have bound to your Tel3.com
account and any number of previously mentioned methods to spoof their phone number.
The Solution...
For now I would advise anyone using Tel3.com to contact the company directly and
tell them you are not comfortable with this "convenience" service due to the
severe risks it presents you. In the end Tel3.com is going to be the ones who will
need to re-think their marketing, and go back to the way traditional calling card
companies go; by using a unique and difficult to bruteforce 12-14 digit pin code
for its user authentication.
Final Thoughts...
This article was not written as a new, exciting, or mind blowing tutorial on ANI
spoofing. So before you open up your e-mail client to send me some hate mail you
stupid (and mostly American) fucks, lets get real for a second; nearly every
idiots in the so-called H/P "scene" knows how to spoof ANI/CID. This article was
written to point out that not only are banks and mobile companies using ANI as a
form of authentication, but now our beloved US/CDN Calling Card companies are too.
These companies need to wake up and smell the luke warm coffee: ANI AUTHENTICATION
IS NOT A SECURE METHOD OF VERIFYING WHO YOUR CUSTOMERS ARE. Quit it, or expect to
be exploited until the end of time.
Good Day.
.eof
o~ o~ o~ o~ o~ o~ o~ o~ o~ x~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~
sweet, this mp3 player doubles as a SD slot
So does your mom!
Telus Censoring Customers and Employees!
(An article on the on-going Telus Strike and the hell management
is putting its very own customers and employees through lately...)
Date: Sunday, July 24, 2005
Published by: The Clone
Published for: Anyone who hates Telu$
Contact me: theclone@hackcanada.com
Web-site: http://www.nettwerked.net
It seems the Telus management has stooped to an all-time low -- is it even possible
to get any lower than they already are? Well apparently so. According to a recent
e-mail a few of the crew members at Hack Canada received, Telus management has gone
as low as censoring TWU (Telecommunications Workers Union) member employees from
participating in strike e-mail threads by disconnecting their Internet Service, and
suspending them from the company! Furthermore Telus is deliberately blocking *ALL*
Telus ISP customers from accessing the TWU/Voices of Change web-site.
Read below at this disgusting censorship on behalf of the E-Slut pigs. Do your part;
contact the CRTC (yes, the lapdog), the media (A-Channel, Global, your local newsp-
aper, etc.) and let them know what you think about Telus censorship of not only its
employees but of its very own customers. To Darren Entwistle and clowns: your empl-
oyees and your customers are the ones who keep your company from going bankrupt.
They are the ones who allow you rich fucks to buy second homes and fancy cars for
your trophy wives. And remember this; you're a publicly traded company. It's only
a matter of time before your shareholders decide your company isn't even worth
investing in anymore. Don't worry, I see that day coming very soon indeed.
If an employee, customer, or shareholder is reading this message right now: QUIT
YOUR JOB AT TELUS AND WORK AT A COMPANY THAT WILL RESPECT YOU, GO WITH COMPETITORS
FOR YOUR LOCAL AND LONG DISTANCE SERVICE (i.e. FreeWorldTel, Nettwerked Calling
Cards *heh heh*, Primus, Veratel, Vonage, etc.), AND INVEST IN A COMPANY THAT
ISN'T FUCKING OVER ITS CUSTOMERS & EMPLOYEES!
Read the e-mail below to learn about what Telus is up to...
--------------------------------------------------------------------------------
Date: Sat, 23 Jul 2005 14:11:19 -0700
From: Ryan Barber [rfb@[NOSPAM].**]
Subject: [Fwd: Telus Censorship and You!]
To: theclone@hackcanada.com
Hey, I'm Long time reader of hackcanada. From what I've read, your crew
is big into freedom and not a big fan of the telcos, So I thought this
might interest you.
My dad is a TWU (Telecommunications Workers Union) member and Telus
employee, He's been promoting and working with the TWU before the
strike. Recently Telus has started to do some really shady shit in
regards to his internet connection. Telus employees have been suspended
for participating in some of his email threads, Telus canceled his
internet connection a day before the strike claiming he was spamming.
For the most part I thought my dad was actually being a paranoid nut.
But now, they've have reached a whole new level. It appears telus is
actually blocking ALL Telus ISP customers from accessing the TWU/Voices
of Change website! This is outrageous and deserves real media attention.
This is censorship at its worst.
I would like to read your opinions on this, or maybe some next steps.
-Ryan
---------
The e-mail from Ryan Barber's dad (a Telus employee)...
*How desperate can Telus get..?*
On a personal level in the last 5 days, Telus has removed my internet
access on the night of a strike. 10 hours later, I believe Telus
purposely made my phone un-useable through double trunking, Now for
everyone else, ermployee or not Telus has now blocked access for
all Telus Home Internet Users to the Voices For Change site.
Voices For Change is a site for TWU members to discuss TWU issue, as an
independant 3rd party.
Many of us have parents, grandparents, or family members, who have fought
to protect our rights to freedom of speech. Many give their lives, and is
not beyond the realm now.
Pls. take a moment to be active and honour your own past.
Shame on those that insult the memories of the past, of lost family who
fought trying to win the right to freedom of speech. Shame on the managers,
and retired managers, and those willing to cross a picket to line their
own pockets... you are the soldiers supporting wrong army.
Shame on Telus for it's complete disrespect for the past and those we lost.
*--------------------------------------------------------*
PS: Feel free to write to Darren Entwistle or Karen Radford and tell them
what you think about their attack on a fundamental right within our society.
Please pass this along to anyone you know that wants to protect freedom of
speech. They're are many good ISP's out their that won't take away your
freedom of speech at the drop of a dime to line their own pockets.
This is a Canadian fight NOT a labour/management fight. Please feel free
to post this open letter or to pass it on to others. Canadians have to be
bigger than Corporations.
- Stephen Barber
~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~x ~o ~o ~o ~o
my name is the clone and I run a gentlemen's club called Dixie Bitches
hahahaha
come in and get your hoe down. half off tuesdays. high ball wednesday.
Blue ball thursdays
LOL
know what sucks balls
Friday's
at dixie bitches
Ball suck fridays
HAHAHA
hahahahahhaa
###############################################################################
## ##
## Telus Vs Voices-For-Change.com ##
## ##
###############################################################################
h4v3n
July 25, 2005
www.nettwerked.net
Disclaimer
----------
If you are going to be a stupid fuck and actually use this information for
attempting criminal activities you'll probably get caught. I am releasing
information that I have found, how you use it is your choice, and I am not
responsible for your actions.
Foreword
--------
OK everyone has heard it, "TELUS is censoring www.voices-for-change.com!"
Yeah well that just makes you want to go to the web site and support them
even more. This phile is nothing special; it's for the people that need it
to fuck Telus up the ass and still get to www.voices-for-change.com If you
are on a Telus dial-up or ADSL connection you will not be able to reach the
web site www.voices-for-change.com and this phile will show you how.
Details
-------
Most people that read this will not be using Linux but I am going to show you
both Windoze and Linux methods to get to any censored website. The theory is
very simple and the same on windows and Linux.
Setting Up Your Browser
-----------------------
Fire Fox
--------
On a Linux box running Fire Fox 1.0.6 all you have to do is go to "Edit" and
"Preferences" then under "General" click the "Connection Settings" button and
a new window will pop up. In this new window select "manual proxy
configuration" and enter a IP of a public proxy server (read on and you'll find
out how to find one) and the port that it runs on. Save the settings and close
all Fire Fox windows.
Internet Explorer
-----------------
To setup access to censored websites (by Telus) under internet explorer click
on "Tools" and then "Internet Options". A new window will pop up and then you
click on the "Connections" tab and then the "LAN Settings" button. Now you
will see a second window. Under "Proxy Server" select the check box to "Use a
proxy server for your LAN" Then enter the IP of the public proxy server (read
on and you'll find out how to find one) under "Address:" and the port number
in the "Port:" entry. Select "OK" twice and close all Internet Explorer
windows.
How To Find a Public Proxy
--------------------------
This is very easy to do. Just go to www.publicproxyservers.com and they list
5 pages of public proxy servers with ports all around the world. Some are
faster than other and some will not work that well for you. Testing this and
going to www.voices-for-change.com I used 207.248.240.118:80 in Mexico. This
will not work if you use a proxy server from Canada that is on a Telus
connection so try to use a proxy in a different country.
Conclusion
----------
So now you should have access to www.voices-for-change.com your internet
connection will not be as fast as it was before because you are now routing all
your internet traffic through a proxy server. Only use a proxy server when
you want to get to a site that is censored by Telus.
Keep this info in mind and pass it along to everyone that you can. This is the
first internet site that Telus has blocked, I am sure it will not be the last.
Again this phile is not as technical as my others but this is necessary info
for Telus customers. Detail and explanations were left out because I wanted
this phile on the net quickly.
###############################################################################
###############################################################################
## ##
## hh 44 44 vv vv 333333 nnnnn ##
## hh 44 44 vv vv 33 nnnnnn ##
## hhhh 444444 vv vv 333333 nn nn ##
## hhhhh 44 vv vv 333333 nn nn ##
## hh hh 44 vvvv 33 nn nn ##
## hh hh 44 vv 333333 nn nn ##
## ##
###############################################################################
###############################################################################
## ##
## 111 99999 888 44 44 ##
## 1111 99 99 88 88 44 44 ##
## 11 99999 888 444444 ##
## 11 99 888 888 44 ##
## 11 99 88 88 44 ##
## 1111 99 888 44 ##
## ##
## is here ... ignorance is no excuse ##
## ##
###############################################################################
###############################################################################
o~ o~ o~ o~ o~ o~ o~ o~ o~ x~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~
* Emocyg writes a letter: My life is nothing but darkness, despair and emotion.
Life is black. Blackness all around me. Thanks to steelethan for painting my
walker black to reflect my emo soul. But. My life shall end because I failed
at creating a new punk band. Emo forever. Cygnus.
I n t e r n e t C a f e
S e c u r i t y
---------------------------
v.1.1 - by aciddata
1. forword
2. the attackers
2.1 the operator
2.2 the user
3. tools
3.1 windows
3.1.1 sniffer
3.1.2 keylogger
3.1.3 spyware
3.2 linux
3.2.1 sniffer
3.2.2 keylogger
3.2.3 spyware
4. how to use the tools
4.1 configuration
4.2 control
4.3 security
5. attacker detection
5.1 intrusion detection
5.2 autorisation
6. how to avoid attacks
6.1 encryption
6.2 updates
7. rest of risc
8. last words
1. forward
----------
This paper is written to show you some security pro-
blems in internet cafes. Many people are using this
cafes for sending emails, playing games, chatting and
surfing but almost they don't know much about the se-
curity riscs there.
This paper is written for information and not for any
illegal activities. Have a nice reading.
2. the attackers
----------------
I think in the net you have a lot of attackers but in
this example we will only turn to two groups we will
find in internet cafes. The operator and the user.
2.1 the operator
----------------
In most internet cafes the operator has the control o-
ver any computer which is connected to the network. He
can lock the connection to the net, looking how long
you are online, see on what pages you are surfing,
in which chatrooms you are talking, what texts you are
reading and also maybe which keys you hit on your key-
board. He could sniff some private information, your
passwords and what ever you can imagine or with other
words - your input often is a security risc. Never
trust operators. ;-) But also an operator can be a
victim - when a user is hacking a computer or the in-
ternet cafe network.
2.2 the user
------------
The user often is playing, chatting, surfing, downlo-
ading and reading - probably mostly reading the email.
But a user could also install some programs like key-
logger, sniffer and other spyware. With this programs
he could spy out some other users and also the opera-
tor. His programs could be running for some days,
weeks or how long ever. Next time he is on the hacked
computer or network, he could send the logfiles to his
emailaccount or his programmed software is doing this
automaticly. Maybe he got access from an other hacked
computer to the cafe. People often use the same pass-
words on different accounts and mostly they don't
change their passwords from time to time. So others
could have an easy access to their privacy.
3. tools
--------
In this section you will find some tools like sniffer,
keylogger and other spyware for windows and linux. You
also will find here the adress to download and test
the utilities. You will find a lot of more tools on
the net but this would blast this paper. ;-) Use all
tools you will find here in this paper only to test,
check or secure your system or network for security
holes.
With a sniffer you can filter and manipulate data-
streams, sniff the IP, socket adresses, ports, access-
points, user ids, the version of the operating sys-
tem and much more. With a sniffer you can sniff from
outside of the network or computer, f.e. with a wire-
lesslan sniffer.
With a keylogger, the name says it, you can log every
input which comes from the keyboard. Every key you hit
is written to a logfile. With this logfile you can
find out passwords, the content of emails and much
more. A keylogger must be installed on the computer to
log some input from the keyboard.
Spyware could be a trojaner who is listening on a
port, on a firewall or who has passed by every securi-
ty and has successfully penetrate the system. With a
scanner you can scan for open ports, known bugs and
security holes, the IP, the operating system, used
software and much more. You also can often tracer the
location of the target with some tracerprograms.
3.1 windows
-----------
This operating system you will find up to 99% in each
internet cafe i think cause most people are using it
and it is easy for beginners to use. Most games people
are playing are running under windows. Just a click
here and a click there and every thing is running. But
this system is also very insecure. If an attacker has
access to a windows system then he mostly can control
everything on the system.
3.1.1 sniffer
-------------
wirelesslan sniffer
http://www.ethereal.com/
3.1.2 keylogger
---------------
search for yourself
http://www.google.com ;-)
3.1.3 spyware
-------------
backdoor client
http://www.cultdeadcow.com/
3.2 linux
---------
Linux is an opensource operating system. Most linux or
unix systems are for free. If you have never worked
with a linux system than it is a bit difficult to use.
You can get some complete free operating systems like
gentoo, freebsd and so on at: www.linuxiso.org I also
can recommend kantotix from www.kanotix.de it is good
for experts and for beginners ( like me ;-) too. To
control everything on a linuxbox you must be a superu-
ser also called root. Without root you can't do every-
thing, f.e. create a new userprofile on the computer or
whatever.
3.2.1 sniffer
-------------
network sniffer
http://www.tcpdump.org/
3.2.2 keylogger
---------------
keylogger by rd
vlogger-2.1.1.tar.gz http://www.thc.org/
3.2.3 spyware
-------------
backdoorserver by fx
http://www.phenoelit.de/stuff/cd00r.c
scanner by fyodor
http://www.insecure.org/nmap/
4. how to use the tools
-----------------------
Here i will explain how to use the tools for configura-
tion, control and security.
4.1 configuration
-----------------
You can use these tools for a better configuration of
your hard and software. First you have to check your
system or network for known bugs and security holes.
Try to break the security of your system or network and
than fix the problem, f.e. with a wirelesslan sniffer
or scanner program you can check the funkrange from the
accesspoint to the card. With a scanner and a sniffer
or backdoor server you can test your firewall.
4.2 control
-----------
If you wanna control the main computer of a network
where often the admin is sitting, you can use a keylog-
ger. This is usefull to check the system and network
for unauthorized access. If any unauthorized person has
access to the computer or network then the logfiles of
the keylogger program should show this. You can also
install backdoor clients on other computers to control
them, f.e. shutdown the computer, start the internet-
connection and so on. When i say control - i don't mean
spy at others, i mean only for controlling the system.
Control a system and control a person are two very dif-
ferent things. ;-)
4.3 security
------------
However these tools are for testing the security on your
system and not for illegal activities. Use these tools
to check your system or network for known and unknown
security holes - there are much more ways than these.
Develop your own security concept that is proper to
your needs and your network or system. Security is a
concept with lots of ways.
5. attacker detection
---------------------
Detecting attacks is very hard if you are a novice user
or administrator but without detection your system at
all is very insecure. Protection is the step before de-
tection. We will talk about this in section 6.
5.1 intrusion detection
-----------------------
To detect an attacker on your system you can do a lot
of different things. A good way is to check the log-
files on your system as often you can and control also
the size of these files. Make a checksum with md5 on
important files. Use tools like snort, tripwire and
chkrootkit. Control your traffic and make a scan to
find open ports that should be closed. Create a little
honeypot to find attackers before they find you. ;-)
5.2 authorisation
-----------------
If an attacker has passed by every security and is on
a computer, he should have a hard way to do something
on it. That means he must become the highest authority
first to do important things on the computer. This is a
complex field. Find out the best security concept for
your computer or network. Everything what is important
for you and others should be protected. Don't give per-
sons you don't know enough admin rights.
6. how to avoid attacks
-----------------------
A good protection is the best way to avoid attacks from
other people. You can use encryption and also update
your system and programs every few days.
6.1 encryption
--------------
Encryption is good for networkconnections, chatconnec-
tions, private data, your email and also for surfing.
For networkconnections or chatconnections you can use
ssl or ssh. When you are using a wirelesslan network,
turn the wep key on. To encrypt your private data or
emails use pgp or gnupg. For a secure surfing in the
world wide web you can use anon proxyserver with an o-
pensource browser like firefox and you can also surf
mostly on sites with encryption support. And don't for-
get - use secure passwords.
6.2 updates
-----------
Check your system and your programs as often you can
for new updates. An update is often a bugfix or a new
implementation of a new feature. But sometimes with a
new update also comes a new bug. ;-) Nevertheless do
updates if a new version of your system or program is
existing. Download your bugfixes, patches and updates
only from trusted sites or the original site from the
system or program.
7. rest of risc
---------------
The biggest hole in every network, software and system
is the human himself. He is programming, hacking, ad-
ministrating or whatever. Sometimes you have to trust
admins but at least you don't know them. Trust only
people you know good. Use opensource software where you
will find the sourcecode to every program and on which
lots of people are working on, to find new bugs and
make new updates. However without a look in the code
you can't trust a program. ;-)
8. last words
-------------
I hope you have learned a bit about security with this
paper. This information here is not only for internet
cafes. It shows how insecure things often are and you
don't know it. Use your time useful and also use your
brain and trust nobody you don't know good enough.
~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~x ~o ~o ~o ~o
my brain is melting from boredom!
eat a popsicle
GOOD IDEA
im a guiness
arent i
a guiness book of world records
// SIN Permutations
What my script does is tests range of valid SINs and returns the
valid ones, and if someone had the time and space, they could create a
list of all possible SIN numbers.
I do how ever, placed a GNU/GPL copyright placing ownership of the
script. As well, any mis-use of the script, blah blah blah, I am not to
be held responsible...
* Version: 1.0
*************************************************************************
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to:
*
* The Free Software Foundation, Inc.
* 59 Temple Place - Suite 330
* Boston, MA 02111-1307 USA
*************************************************************************/
$gen_string = '';
$gen_string_first = '300000000';
$gen_string_last = '300005000';
$gen_string_final = '';
function str_validate($digit) {
$compare_string = '121212121';
for ($i = '0'; $i <= '8'; $i++) {
if ($digit{$i} * $compare_string{$i} >= '10') {
$ii = $gen_string{$i} * $compare_string{$i};
settype($ii, "string");
$string_final .= $ii{0} + $ii{1};
}
else {
$gen_string_final .= $gen_string{$i} * $compare_string{$i};
}
}
settype($digit, "string");
$digit = $digit{0} + $digit{1} + $digit{2} + $digit{3} + $digit{4} + $digit{5} + $digit{6} + $digit{7} +
$digit{8};
settype($digit, "string");
return $digit;
}
for ($gen_string = $gen_string_first; $gen_string <= $gen_string_last; $gen_string++) {
/*
This first loop illustrates a number generator, simply
designed to create a digit from 0 - 999999999. It's to
test every possible variation number possible in the
range above.
*/
if (strlen($gen_string) <= '1') { $gen_string = '00000000' . $gen_string; }
elseif (strlen($gen_string) <= '2') { $gen_string = '0000000' . $gen_string; }
elseif (strlen($gen_string) <= '3') { $gen_string = '000000' . $gen_string; }
elseif (strlen($gen_string) <= '4') { $gen_string = '00000' . $gen_string; }
elseif (strlen($gen_string) <= '5') { $gen_string = '0000' . $gen_string; }
elseif (strlen($gen_string) <= '6') { $gen_string = '000' . $gen_string; }
elseif (strlen($gen_string) <= '7') { $gen_string = '00' . $gen_string; }
elseif (strlen($gen_string) <= '8') { $gen_string = '0' . $gen_string; }
elseif (strlen($gen_string) <= '9') { $gen_string = $gen_string;}
else { die('Too many values returned. Caustringg an error!'); }
/*
Since PHP does not handle numbers aswell as perl, the code above is to replace
any missing 0's infront of the string, by concatenate the variables. Since all
values must exist. Technically, 0 is not a valid string, I have left it
accessible to the possibility of its use of it in the future.
I also believe in finishing my statments, so I added extra elseif/else. They
won't affect anything, but atleast it'll clearly stand out as an effort to
kill the script if the values do go any larger.
*/
if (preg_match("/^[0-9]{0,2}$/", str_validate($gen_string) / 10)) {
echo $gen_string . ' ' . str_validate($gen_string) . "\n";
}
}
?>
~Daemon
2005-12-05
o~ o~ o~ o~ o~ o~ o~ o~ o~ x~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~
if you search for vagina in google earth you get the town of laramie
+--------------------------------+
+ +
+ Do-It-Yourself +
+ Electric Lock Pick +
+ by fr0st +
+ http://fr0st.no-ip.org +
+ +
+--------------------------------+
Do-It-Yourself Electric Lock Pick
This all came about when a friend from my school told me he seen some person use,
what it looked to be an electric toothbrush to open this padlock. So I told him
he must of seen an Electric Pick, but he insisted it was a toothbrush. So I dec-
ided it was time to do a little project :P I went to the local Wal-Mart and bou-
ght a Crest Spinbrush Pro. I chose this peticular model of toothbrush because it
used gears to make the head of the brush move up and down and also osolate, then
I seen it used 2 AA batteries, So I thought to myself.. well that won't be enough
to make the pick move... so I went to the local dollar store and bought 2 9volt
battaries, then headed over to RadioShack and bought a package of 9volt battery
clips, then I was on my way home.
Items bought:
1 x Crest SpinBrush Pro $7.88 CND
2 x 9volt Batteries $1.50 CND
1 x bag of battery clips $2.75 CND
1 x microswitch approx $1.50 CND
1 x JBWeld approx $10.00 CND
1 x Hacksaw blade $1.00 CND
Tools Needed:
Dremel
Grinding Wheel ( to make pick )
soldering pen
solder
JBWeld
Alright so I sat down to have a look at the Crest Spinbrush Pro, and found out
there was no real way of getting the motor and gears out without having to cut
it open. This is where the dremel comes in. I followed the line where the 2
plastics are joined on each side of the Crest Spinbrush Pro. So after I cut
open the case I took out the motor and find where the battery connections to
the motor is. Once I found the connection places, I soldered a 9volt battery
clip to one of the points and soldered another of the points to a switch, from
the switch I went back to the battery clip wire (See Diag. 1). Put everything
back in the Crest Spinbrush Pro casing and tape it all back together with some
electrical tape.
+=============================================+
(Diagram 1)
_____________
/ __ \ <=== (Positive Wire)
/ / \ __\_________
__+___-__ \ | |
| | \ | (Motor) |==
| | \ |____________|
| 9v | \ \
| | \ \ <== (Negative Wire)
|_________| \ \
\ \
__|__|__
| |
|________| <== (Switch)
====
\ \
\_\
+============================================+
Don't try to buy anything other the the Crest SpinBrush Pro because for the
electric lock pick we need something to go forward and backwards, and all
the other battery powered tooth brushes osolate.
Now we move onto making the pick.
This is where the hacksaw blade comes in. Use the grinder wheel to grind
down the pick into this shape (See Diag. 2).
+============================================+
______
| \_____________
|===================/
+============================================+
Now take the JBWeld and put some on the pick and press and hold it on to the
little metal stub sticking out from the motor. IMPORTANT:: Make sure when the
motor stub goes back that it doesn't hit the plastic cover of the Crest Spi-
nBrush Pro.
Now when the JBWeld dries you now have a portable electric lock pick! Have
fun... and REMEMBER don't use this information to do anything illegal, If
you do, I will NOT be responsible and you will be held accountable for your
actions.
If you are having troubles with making this device, you can check out the
pictures of the device that I made. @ http://fr0st.no-ip.org/diyeleclockpick/
~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~x ~o ~o ~o ~o
* h4v3n/#hackcanada doesn't like sniffing gas for fun
only for profit
How to Fix Your Credit the Easy Way
In our society there exists an Absolute Moralistic Machine called the Credit
Bureau. They decide who gets credit and who doesn't, if by chance you made
some mistakes in the past or were perhaps fucked over by, or married a cunt
who fucked up your credit then too bad for you.
Wrong, they have little or no power; they just have people believing they
have power. They are stand alone agencies and cannot cross reference
information with any Government agency; it's illegal and can't be done.
Oh I know they talk and threaten and try to intimidate and do intimidate
people.
In the U.S.A. Credit agencies do have the power to hunt a person's ass down
and garnishee their wages, not in Canada though, in Canada the only Agency
that has any real resources to hunt you down and garnishee your wages or go
into your bank account is the Federal Government, not even the Provincial
Government can do it.
Equifax and Transcanada Credit are fuckall, they can't do shit except harass
you by calling and threatening, same as collection Agencies. I've told a
number of them to go fuck themselves and they never bothered me again.
People in Canada for some reason are under the spell of the U.S.A.. They
think our country operates like the U.S., it doesn't.
We are a whole different Country and have different laws altogether, in many
different areas that I could go on about but won't be covering here.
What I am going to outline here is a legal loophole through which a person
can start a whole new credit file, this is a legal form of what is called
"Credit File Segregation".
Credit file segregation is highly illegal unless you do it the way I explain
it, through one tiny flaw in the system it becomes legal, and the government
basically gives you a license to do it.
1. Go to your local police station and report your social insurance card as
lost or stolen, tell them someone stole it at the bar or some stupid shit,
use your imagination.
2. They will make a report; get a copy of the report.
3. Take the report to the nearest HRDC and tell them you lost your SIN card
and are afraid someone will use it to obtain credit by false means. They
will ask you for the police report and then get you to fill out some forms
for a new SIN number.
That's right boys and girls; you get a whole new SIN number generated for
you by the Government.
In a few weeks your new card with a new number will come in the mail and it
doesn't cost you anything because they only charge for a replacement card,
not new ones. In the letter you receive with your new card they will tell
you it is your responsibility to report your new number to the Credit
Agencies, chuck it, maybe you don't see too well or weren't wearing your
glasses that day and didn't read that part.
Now you can build a new credit file because you are basically a new person
as far as the Credit Agencies are concerned, but there are a few more
details that you have to pay attention to when you apply for credit.
When you are applying for credit make sure to change a few details, such as
dropping your middle name or changing your address, if all your personal
information is exactly the same on the application as it has been in past
applications there is a chance they will figure out you're the same person.
I'll give you an example. Let's say that John William Mclean has a fucked up
credit rating and changes his SIN number the legal way and then applies for
a credit card online. He should apply as just John Mclean; it isn't illegal
to drop your middle name.
If you have moved since your last credit file that's even better, they can't
link you. Credit Agencies primarily use the SIN number to identify people.
If someone is reviewing an application for credit they type all the
information into the computer and it pretty much has to be an exact match
for your past file to come up, if you have a new SIN you won't come up at
all.
If you are 20 years old they won't really think anything of it, if you are
40 years old they will be suspicious and do some digging wondering why you
don't have a credit file.
If all your information is the same like, where you work, address, etc. but
your SIN number is different they will link the two files and you won't get
any credit.
My suggestion is to change a few of the details like I said earlier, that
way if they do dig they still won't be able to link you to your past credit
file, that guy is gone now in a manner of speaking.
Remember though, you are now a new person to the Credit Agencies but you do
not have any credit rating now, good or bad.
It will still be easier to get credit with no credit rating than with a bad
one.
To start with only apply for two credit cards a month, the reason I say this
is because every time you apply for one it puts a hit on your credit file
and you don't want too many, that looks suspicious.
What I have learned to do is to see what bank is handing them out. For
instance, I look in the newspaper in the business section and see what banks
profits were down that quarter, they are usually the ones that have special
promotions to boost profits for the next year and one of the things they do
is hand out credit cards to people who have little or no credit rating, they
are still a lower risk than people who have had bad credit by their
calculations... or the criteria by which they approve people for credit.
It will take some time but don't be discouraged if you get rejected a few
times, you are starting all over again and have to work your way up. It
won't take long after you get your first card until you start qualifying for
more and more credit.
gHoSt 2005-10-19
- an original distro via -
_0_1_0_1_0_1_0_1_0_1_
WWW.HACKCANADA.COM
_ _ _ _ _ _ _ _ _ _ _
l 0 l 0 l 0 l 0 l 0
o~ o~ o~ o~ o~ o~ o~ o~ o~ x~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~
hahahaha oh god
who wants a horrible dance dance revolution
japanese midi bagpipe song
its badder than the power glove
----------------------------------------------
University of Alberta's Tunnel Intercom System
----------------------------------------------
The University of Alberta is located in Edmonton, Alberta, Canada.
The U of A operates a large telephone system just for communication
within their expansive tunnel system. I came across some documentation.
Here it is.
+++
Emergency 5555
Campus Security 5252
Control Center 4855
Plant Maintainence 4833
+++
Alert and All Clear
Emergency function activated by the Control Center - tunnel must be
evacuated when alert sounded. This unit will be tested monthly.
Control Center
Dial 453 or 0 to contact Control Center
+++
TOA INTERCOM OPERATION
Press to Talk (PTT)
The TOA stations are sound influenced (the station with the most ambient
noise will dominate the conversation). To overcome one-way conversation,
press the PTT Key to converse in the other directions.
* Note: If both parties press the PTT button at the same time, the party
who presses the bar last will have dominance. This condition will continue
until the party which cannot communicate presses PTT .6 to clean this
condition and return to handsfree mode.
Continuous Calling
If the station is set-up for continuous calling (not all stations are)
it will continue to ring until the handset is lifted or any number on
the keypad, except C or PTT, is touched.
Privacy
Set privacy switch to "on" when you do not wish to accept a call. When
the party you are calilng is in the privacy mode a one-way message can
be delivered by pressing the PTT bar.
Secretary Transfer
If the station is programmed at the exchange for this - set privacy
switch to "on" to re-route calls to the designated station.
Single-Digit Dialing (.60)
Single digit dialing can be accomplished by pressing .60 then the
number of the station required. (i.e. 811). When properly entered
a confirmation tone will be heard. Single digit dialing can then
be done by pressing the 0.
* Note: Single digit dialing is only possible when the station has
not already had this function programmed at the exchange.
Call Forwarding (.6)
This function enables you to recieve calls made to your original
station at another location. When leaving your sattion press .6
then the station number you are going to. Calls will then autom-
atically be routed to that station.
* Note: Call fowarding must be cleared at the originating station
or calls will continue to go to the programmed station. To clear,
press .6 and your original station number.
Conference Call (.5)
Up to four station can be joined to condcut a conference all.
Press .5 then dial the first station number, when station is
connected then dial the next number, repeat for the fourth
station if required. To clear press .. or hang up. If the
conference originator drops out all calls close.
Mic Off (.7)
By pressing .7 the intercom mic will be disconnected and the
call will be put on hold. A hold tone will be heard by the
party on hold. To return to the conversation press .7 again
and call will be resumed.
Call Transfer
Calls may be transferred to another station by dialing the
desired station number during the conversation. The station
which originated the call goes on hold until the third part
accepts the call. The transferring station then completes
the connection by pressing C. If the third does not wish to
accept the call or there is no asnwer at the third station
press .. to return to the originating station.
Zone Paging
To conduct a zone page press .8 and the number of the zone
desired (i.e. .81). We presently have 6 zones.
Paging Response (.9)
To respond to a zone page, press .9 and you will automatically
be connected with the party who placed the page.
* Note: Dialing must be completed within 5 seconds or the line
will automatically release.
+++
INTERCOM NUMBERS
Tunnel - Zone .81
Room 122 122
Room 123 123
Station 1020 102
Station 1053 105
Station 1090 109
Station 1110 111
Station 1160 116
Station 1180 118
Station 1210 121
Station 1240 124
Station 1270 127
Station 1300 130
Station 1340 134
Station 1360 136
Station 1380 138
Station 1420 142
Station 1540 154
Station 1560 156
Station 1620 162
Station 1630 163
Station 1650 165
Station 1672 167
Station 1740 174
Station 1750 175
Station 1770 177
Station 1790 179
Station 1830 183
Station 1850 185
Station 1880 188
Station 1890 189
Station 1950 195
Station 1980 198
Station 2000 200
Station 2020 202
Station 2050 205
Station 2060 206
Station 2070 207
Station 2080 208
Station 2100 210
Station 2110 211
Station 2120 212
Station 2140 214
Station 2150 215
Station 2200 220
Electrical Vaults - Zone .82
Administration 307
Agriculture Forestry 348
Arts 332
Biosciences Botany Wing 355
Biosciences Genetics Wing 354
Blood Bank 310
CAB 337
Cameron Library 333
Chemical Mineral Engineering 352
Chemistry East 338
Chemistry West 339
Civil Electric 336
Clinical Sciences 308
Corbett Hall 309
Dentistry/Pharmacy 335
Earth Sciences 357
Education Car Park 321
Education North 320
Education South 319
Faculty of Business 330
Field House 344
Fine Arts 324
General Services 347
Graduate Student Association 334
Heritage Medical Research (Clinical Wing) 318
Heritage Medical Research (Heritage Wing) 317
Home Economics 323
HUB 326
Humanities 331
Jubilee Auditorium 314
Law 325
Lister Hall 313
Materials Engineering 312
Mechanical Engineering 351
Medical Sciences 315
Newton Research Center 316
North Switch Station 304
Pembina Hall 350
Physical Education 343
Physics 356
Printing Services 346
Rutherford North 327
Rutherford South 328
South Switch Station 305
SS #15 322
SS #18 (2081) 358
SS #3 340
SS #5 306
Stadium Car Park 345
Structural Lab 349
Student Union 342
Tory 329
University Hall 341
W.W. Cross Hospital 311
Windsor Car Park 353
Services Building - Zone .83
Room 115 400
Room 117A 401
Room 101A 402
Maintainence Desk 500
Cooling Plant - Zone .84
Bottom Man Lift 815
Chiller Floor West 810
Control Room 800
Instrument Shop 807
Lunch Room 804
Mezzanine Electrical Vault 811
Mux Room 806
Office 803
Shop 805
West Plant Pump Room 813
Transformer Room 814
Heating Plant - Zone .85
#1 & #2 Boiler 917
#3 Boiler 918
#4 Boiler 919
4160 Vault 914
Boiler Room 901
Computer Room 913
Engine Room 900
Front Door 915
Kjenner, Ray 904
Lab 912
Lunch Room 903
Neiberding, Carl 907
North Mezzanine 910
Outside N.E. Door 916
Ramme, Harold 909
Secretary 906
Trains 911
Wagil, Tedd 905
Webster, Cash 908
General Services Building - Zone .86
Carter, Clive 451
Computer Room 448
Da Silva, Agnelo 449
Goebel, Joe 452
Ostapowich, Stan 450
No Zone
Control Center 453
Radio 454
Zones
.81 Tunnel
.82 Electrical Vaults
.83 Services Building
.84 Cooling Plant
.85 Heating Plant
.86 General Services Building
P.A. System
.81 Tunnel
.85 Heating Plant
Zero Dial
All intercoms on campus will automatically call the Control
Center when 0 is depressed. Exceptions to this are Zone .85
- Heating Plant and the Control Center
Campus Radio System
Dial 454 to access campus 2-way radio system. Key the PTT
bar as you would the Radio Mic Switch to actuate.
Access to Tunnel P.A. From Edmonton Telephone System
Dial 492-5400 if off campus or 5400 is on campus to access
Tunnel P.A. System. Give message after the tone, unit times
out after one (1) minute.
[note: the 492-5400 number no longer works. My guess is that
the system was old enough that it was back before the split,
on 403.492.5400, and when the area code split occured, the
PSTN indial got lost in translation. But either way, it
doesn't work.]
By the way, you'll probably need physical access to get any
of this to work, unless you have some psychic way of contro-
lling the phones. It's a very interesting system, nonetheless.
war 2005
~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~x ~o ~o ~o ~o
amirite???
lol u r so rite
###############################################################################
## ##
## Defeating WebSense ##
## ##
###############################################################################
h4v3n
December 13, 2005
www.nettwerked.net
Disclaimer
----------
If you are going to be a stupid fuck and actually use this information for
attempting criminal activities you'll probably get caught. I am releasing
information that I have found, how you use it is your choice, and I am not
responsible for your actions.
Foreword
--------
If you do not know what websense is you have not experienced the most Orwellian
piece of network software out there. Websense.s main purpose is to block
access to web pages and block use of certain protocols. Websense also has
many different functions like extremely detailed reporting on user's web
activity. If this is not big brother I don.t know what is.
The watching eye of big brother does not come cheap either. For use of
websense for one year with 100 clients you are looking at just under $3,000
CDN! This is the base edition of websense. When you purchase this software
you will be pressured into purchasing additional add-ons. If you are
encountering websense you will have to work for a large organization. This is
not a piece of software that a small business will purchase. I do have to say
though if a company does purchase this software they are getting a real solid
system. I have many users try many times to get around websense without any
success.
After giving up on this project for a few months I tried again. This time not
trying to beat websense itself but the other components that it uses. Not
long after starting again I have found a few ways to have fun with your
websense administrator. Remember this information is presented to websense
administrators so that they can prevent these actions from happening.
Information
-----------
Websense has many ways to track and block internet traffic. It can block
traffic by the WebSense URL database, protocol, user defined keywords, or by
specific URL. With this much control blocking internet traffic it.s really
hard to get by. WebSense.s URL database holds the following categories that
you can block by:
|---Business and Economy
|---Financial Data and Services
|---Religion
|---Traditional Religions
|---Non-Traditional Religions and Occult and Folklore
|---Drugs
|---Marijuana
|---Abused Drugs
|---Supplements and Unregulated Compounds
|---Prescribed Medications
|---Information Technology
|---Hacking
|---Search Engines and Portals
|---Proxy Avoidance
|---URL Translation Sites
|---Computer Security
|---Web Hosting
|---Society and Lifestyles
|---Personals and Dating
|---Alcohol and Tobacco
|---Hobbies
|---Personal Web Sites
|---Restaurants and Dining
|---Gay or Lesbian or Bisexual Interest
|---Adult Material
|---Lingerie and Swimsuit
|---Sex
|---Sex Education
|---Nudity
|---Adult Content
|---Internet Communication
|---Web-based Email
|---Web Chat
|---Special Events
|---Weapons
|---Job Search
|---User-Defined
|---Bandwidth PG
|---Internet Radio and TV
|---Streaming Media
|---Peer-to-Peer File Sharing
|---Personal Network Storage and Backup
|---Internet Telephony
|---Social Organizations
|---Service and Philanthropic Organizations
|---Social and Affiliation Organizations
|---Professional and Worker Organizations
|---Gambling
|---Entertainment
|---MP3 and Audio Download Services
|---Miscellaneous
|---Uncategorized
|---Image Servers
|---Private IP Addresses
|---File Download Servers
|---Dynamic Content
|---Images (Media)
|---Content Delivery Networks
|---Network Errors
|---Illegal or Questionable
|---Security PG
|---Spyware
|---Malicious Web Sites
|---Keyloggers
|---Phishing and Other Frauds
|---Education
|---Reference Materials
|---Cultural Institutions
|---Educational Institutions
|---Educational Materials
|---Travel
|---News and Media
|---Alternative Journals
|---Tasteless
|---Militancy and Extremist
|---Shopping
|---Internet Auctions
|---Real Estate
|---Productivity PG
|---Freeware and Software Download
|---Advertisements
|---Pay-to-Surf
|---Online Brokerage and Trading
|---Instant Messaging
|---Message Boards and Clubs
|---Racism and Hate
|---Games
|---Sports
|---Sport Hunting and Gun Clubs
|---Vehicles
|---Government
|---Military
|---Political Organizations
|---Abortion
|---Pro-Life
|---Pro-Choice
|---Advocacy Groups
|---Violence
|---Health
Again this is not the only way WebSense can filter traffic. In addition to
the URL database WebSense can also filter by protocol used. The following is
the list of protocols that can be allowed or blocked.
|---Network OS
|---daytime
|---finger
|---ident
|---LDAP
|---NFS
|---NTP
|---OpenWindows
|---pptp
|---SOCKS 5
|---ssh
|---Telnet
|---Streaming Media
|---Liquid Audio
|---RTSP (QuickTime RealPlayer)
|---Windows Media
|---Proxy Avoidance
|---Hopster
|---Instant Messaging / Chat
|---AOL Instant Messenger or ICQ
|---Gadu-Gadu
|---IRC
|---MSN Messenger
|---SIMP (Jabber)
|---Tencent QQ
|---Yahoo! Messenger
|---Web
|---HTTPS
|---File Transfer
|---FTP
|---Gopher
|---WAIS
|---Mail and Collaborative Tools
|---IMAP
|---Lotus Notes
|---NetMeeting
|---POP3
|---SMTP
|---Other
|---NNTP
|---Remote Access
|---Citrix
|---GoToMyPC
|---pcANYWHERE
|---pcTELECOMMUTE
|---Terminal Services
|---VNC
|---Database
|---SQL Net
|---Instant Messaging File Attachments
|---AOL Instant Messenger or ICQ attachments
|---MSN Messenger attachments
|---Yahoo! Messenger attachments
|---P2P File Sharing
|---Ares
|---BitTorrent
|---DirectConnect
|---eDonkey
|---EZPeer
|---FastTrack (Kazaa iMesh)
|---Gnutella (Morpheus Xolox)
|---Hotline Connect
|---Skype
|---WinMX
|---User Defined
If websense is setup properly then there is virtually no way around the
system. So you have to get creative and try a few things. In the details
section of this paper I will go through various different possible ways around
a WebSense system.
Websense can be setup many different ways with many different firewalls or
even without a firewall so this information may vary from setup to setup. All
my testing has been done on a medium sized fully routed network with WebSense
5.5 and a Cisco Pix 515e. All traffic to the internet has to go through the
Cisco Pix, and in the Pix configuration file HTTP, HTTPS, ActiveX, Java
Applet, and FTP are all setup to use the websense server for filtering. So
any request goes from the client to the Pix then to the WebSense server, back
to the Pix, and then the client will either get the web content or a WebSense
error message. When the web content request is sent to the WebSense server a
database containing everything is created in a MSSQL server. Different SQL
servers can be used with WebSense but in this environment there is a MSSQL
server. This database runs the WebSense reporter. Remember this, we will
have some fun with it later. So how the hell do you get around WebSense?
The tests have been performed on a basic setup of WebSense 5.5 using the
default Global policy which is detailed in Apendix A. I used a basic user
account that did not have administrative rights on the network which meant any
user that was smart enough could have accomplished any of these procedures.
Details
-------
1. Proxy Servers . The most obvious way I thought to get around a web filter
was to use a proxy server. I never thought that this was going to work until
I tried it. Once I did I couldn.t believe that it was that easy to get around
a default installation of websense.
First go to http://www.publicproxyservers.com on a network that doesn.t have
websense and find a proxy server. I used one in the USA that used port 8080
and was labled Anonymous. Next open your browser, I am going to use Internet
Explorer 6 in all examples. Click Tools, Internet Options, then Connections.
Once you are there simply click on the .LAN Settings. button and fill out the
proxy server information. Close your browser and reopen it.
Now you can surf the net unfiltered and you will not be logged by websense,
although you will be logged by the Cisco Pix or whatever firewall the company
is using. This is quick, easy, and works like a charm. With the only downside
being your connection speed. So if you have a high speed connection at your
home create your own proxy server and use it. This will make your connection
a lot quicker.
How does the websense administrator fix this? Well in this case it isn.t
easy, from what I have seen. WebSense does automatically block out .proxy
avoidance. which are websites that allow you to surf anonymously but there is
nothing (that I have found) that will block out known proxy servers. So at
the firewall you will have to make sure all outgoing ports (except the ones
that are needed) are blocked and then use websense to block all private IP
addresses. To ensure they are all blocked the admin will also have to closely
watch the firewall logs for interesting IP addresses.
So what did this tell us? Public proxies are a quick and easy way around
websense and the admin will have a .fun. time blocking it.
2. Terminal Services - Another way to get around WebSense is obvious. When
you make a web content request from the internal network it is captured by the
firewall and filtered by the WebSense server. So just make the request from
outside the network. This is where terminal services come in.
You will need an external high speed connection and a PC setup with terminal
services or SSH. Once this is setup simply take control of the external PC
from the internal network. It.s another simple solution that is overlooked by
the default global policy, and it isn.t logged.
How does the WebSense administrator prevent this? All that has to be done is
the remote access protocols have to be disabled as well as SSH. That.s all
that has to be done to prevent this solution from working. Now think, don.t
you think WebSense should include this in their default global policy? What
the hell are these corporate whores thinking? Obviously it.s not security.
3. Web Based Proxies . This one took me a while to figure out. If an
administrator blocks out proxy servers it.s not a big deal because you can
make your own right. Well this is just another way to do that. There are
many services on the internet that has .anonymous web browsing. for free but
websense blocks these sites in the default global policy under .Proxy
Avoidance.. Never fear, you can make your own.
You will need a system outside the websense network that has a high speed
connection to the internet. If it is running Windows then go to http://
www.peacefire.org and download circumventor. This is a very easy program to
setup under windows. Once this program is setup all you have to do is in the
websense network go to the IP address that is given to you at the end of the
setup process. It will look something like https://xxxx.xxxx.xxxx.xxxx/cgi-
bin/nph-513213.cgi Then you are off on the net unfiltered and not logged.
If you have an external machine that has a high speed internet connection that
is running linux it can still be done but it.s a little harder. Go to http://
www.jmarshall.com and download the cgiproxy tool. Set it up according to the
website and everything will work just like the windows box.
By this time WebSense administrators are getting mad. To stop this from
working again the administrator has to block private IP addresses. This
doesn.t always work though. A clever individual who really wants to get
around websense could load one of these cgi scripts on a server that has a
fully qualified domain name. Now the administrator has to watch logs very
carefully to notice high traffic to one domain.
4. Alternative Gateways . This is very unlikely to work because any company
that has websense will probably not have an unprotected .back door.. It.s
worth while to mention though. On the network that uses websense scan all IP
addresses using NMap or another port scanner to find an IP address that will
forward traffic to the internet.
Now if this works your administrator should be kicked in the ass repeatedly
and fired. Sometimes very stupid administrators have an internet connection
plugged into a switch that users are on. Try to obtain an IP address using
DHCP and if you get a public IP address you are really lucky, and your admin
is an idiot! Like I said this will rarely be the case so don.t get your hopes
up.
5. No User . If you have tried all other options above this and you still
have not had any luck this is where we start getting really risky. You may
not be able to get to all sites but at least you will not be tracked as easy
for extensive web use.
On a win9x machine when you start up don.t log in. You should be able to get
to the internet if you are going through a pix that does not require
passwords. All this does for you is gives you access to the internet without
your username being logged with the internet requests, but your IP address
will be. So change your address as much as you can, that is if you can. Web
pages that are blocked by websense will still be blocked but at least your
admin will not know who exactly is spending so much time on the internet.
6. Cisco Pix Filtering Rules . This is a way around websense that is very
destructive and malicious. So if you don.t want to get fired never use this
method. When the Cisco Pix is set up to use WebSense filtering there is an
option that can be enabled to .Allow outbound traffic if URL server is not
available.. What this means is that if the cisco pix is unable to connect to
the WebSense server it will just allow the request through.
So what does this mean? Well if your administrator has enabled this option
then all you have to do is get rid of the websense server and you are home
free. There are many ways to do this and I will quickly list a few:
DOS attack
DDOS attack
Unplug the network cable from the server
Unplug the power cable from the server
Physically destroy the server
You get the point. These are very unlikely things to do on your work network
just to get internet access but it does work.
7. Having Some Fun - OK let's say you have way too much time on your hands at
work and, well your administrator is a dip shit. Yes this is the case for
some people. So what you need to do is get your hands on a MSSQL password.
First you should always try your domain username and password, cause you never
know it may work, but then you are stuck with having to try and delete logs.
So let's say you have read a few articles on MSSQL and you get the SA account
password. If you don't know much about MSSQL go find some info it's not that
hard. Now it's time to have some fun.
In the database wslogdb55 there is a table called INCOMING. This is where we
will frame someone. Find the user's USER_ID in the table USER_NAMES and then
start making fake entries in the INCOMING table. If the admin uses Websense
Reporter he/she will see the extreme internet use by one user or you can
actually make it look like the user got to blocked web sites.
Conclusion
----------
Although these are not perfect ways around websense they sure as hell help a
person that is trying to get around the software. The best way around websense
is to not be on a network that uses it. As this paper is being created the
next version of websense is being created, and I am sure that these methods
will be stopped by default. So right now enjoy these quick and easy ways
around the software, that is if they work. Remember these methods will only
work if your administrator doesn't take the time to fully customize websense.
Apendix A
---------
|---Business and Economy Permit
|---Financial Data and Services Permit
|---Religion Quota
|---Traditional Religions Permit
|---Non-Traditional Religions and Occult and Folklore Permit
|---Drugs Permit
|---Marijuana Block
|---Abused Drugs Block
|---Supplements and Unregulated Compounds Block
|---Prescribed Medications Quota
|---Information Technology Permit
|---Hacking Block
|---Search Engines and Portals Permit
|---Proxy Avoidance Block
|---URL Translation Sites Block
|---Computer Security Block
|---Web Hosting Block
|---Society and Lifestyles Quota
|---Personals and Dating Permit
|---Alcohol and Tobacco Permit
|---Hobbies Permit
|---Personal Web Sites Permit
|---Restaurants and Dining Permit
|---Gay or Lesbian or Bisexual Interest Permit
|---Adult Material Block
|---Lingerie and Swimsuit Permit
|---Sex Permit
|---Sex Education Permit
|---Nudity Permit
|---Adult Content Permit
|---Internet Communication Quota
|---Web-based Email Permit
|---Web Chat Permit
|---Special Events Permit
|---Weapons Block
|---Job Search Quota
|---User-Defined Permit
|---Bandwidth PG Permit
|---Internet Radio and TV Permit
|---Streaming Media Permit
|---Peer-to-Peer File Sharing Permit
|---Personal Network Storage and Backup Permit
|---Internet Telephony Permit
|---Social Organizations Permit
|---Service and Philanthropic Organizations Permit
|---Social and Affiliation Organizations Permit
|---Professional and Worker Organizations Permit
|---Gambling Block
|---Entertainment Quota
|---MP3 and Audio Download Services Block
|---Miscellaneous Quota
|---Uncategorized Permit
|---Image Servers Permit
|---Private IP Addresses Permit
|---File Download Servers Permit
|---Dynamic Content Permit
|---Images (Media) Permit
|---Content Delivery Networks Permit
|---Network Errors Permit
|---Illegal or Questionable Block
|---Security PG Permit
|---Spyware Permit
|---Malicious Web Sites Block
|---Keyloggers Permit
|---Phishing and Other Frauds Permit
|---Education Permit
|---Reference Materials Permit
|---Cultural Institutions Permit
|---Educational Institutions Permit
|---Educational Materials Permit
|---Travel Quota
|---News and Media Permit
|---Alternative Journals Permit
|---Tasteless Block
|---Militancy and Extremist Block
|---Shopping Quota
|---Internet Auctions Permit
|---Real Estate Permit
|---Productivity PG Permit
|---Freeware and Software Download Permit
|---Advertisements Permit
|---Pay-to-Surf Permit
|---Online Brokerage and Trading Permit
|---Instant Messaging Permit
|---Message Boards and Clubs Permit
|---Racism and Hate Block
|---Games Block
|---Sports Quota
|---Sport Hunting and Gun Clubs Permit
|---Vehicles Quota
|---Government Permit
|---Military Permit
|---Political Organizations Permit
|---Abortion Block
|---Pro-Life Permit
|---Pro-Choice Permit
|---Advocacy Groups Block
|---Violence Block
|---Health Quota
Protocol Filter Logging
|---Network OS
|---daytime permit No
|---finger block No
|---ident permit No
|---LDAP permit No
|---NFS permit No
|---NTP permit No
|---OpenWindows permit No
|---pptp permit No
|---SOCKS 5 permit Yes
|---ssh permit No
|---Telnet permit Yes
|---Streaming Media
|---Liquid Audio permit No
|---RTSP (QuickTime RealPlayer) permit Yes
|---Windows Media permit Yes
|---Proxy Avoidance
|---Hopster permit No
|---Instant Messaging / Chat
|---AOL Instant Messenger or ICQ block Yes
|---Gadu-Gadu permit No
|---IRC block Yes
|---MSN Messenger block Yes
|---SIMP (Jabber) block Yes
|---Tencent QQ block Yes
|---Yahoo! Messenger block Yes
|---Web
|---HTTPS permit Yes
|---File Transfer
|---FTP permit Yes
|---Gopher block Yes
|---WAIS permit No
|---Mail and Collaborative Tools
|---IMAP permit No
|---Lotus Notes block No
|---NetMeeting block No
|---POP3 permit No
|---SMTP permit No
|---Other
|---NNTP permit Yes
|---Remote Access
|---Citrix permit No
|---GoToMyPC permit No
|---pcANYWHERE permit No
|---pcTELECOMMUTE permit No
|---Terminal Services permit No
|---VNC permit No
|---Database
|---SQL Net permit Yes
|---Instant Messaging File Attachments
|---AOL Instant Messenger or ICQ attachments permit No
|---MSN Messenger attachments permit No
|---Yahoo! Messenger attachments permit No
|---P2P File Sharing
|---Ares permit No
|---BitTorrent block No
|---DirectConnect permit No
|---eDonkey block No
|---EZPeer block No
|---FastTrack (Kazaa iMesh) block Yes
|---Gnutella (Morpheus Xolox) block Yes
|---Hotline Connect block No
|---Skype block No
|---WinMX block No
###############################################################################
###############################################################################
## ##
## hh 44 44 vv vv 333333 nnnnn ##
## hh 44 44 vv vv 33 nnnnnn ##
## hhhh 444444 vv vv 333333 nn nn ##
## hhhhh 44 vv vv 333333 nn nn ##
## hh hh 44 vvvv 33 nn nn ##
## hh hh 44 vv 333333 nn nn ##
## ##
###############################################################################
###############################################################################
## ##
## 111 99999 888 44 44 ##
## 1111 99 99 88 88 44 44 ##
## 11 99999 888 444444 ##
## 11 99 888 888 44 ##
## 11 99 88 88 44 ##
## 1111 99 888 44 ##
## ##
## is here ... ignorance is no excuse ##
## ##
###############################################################################
###############################################################################
o~ o~ o~ o~ o~ o~ o~ o~ o~ x~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~
Ive never understood the fascination with anime. I think its
terrible shit about goddamn teenagers in robots and other retarded crap
like that. Gundam, any kind theres a billion, are all stupid. In fact,
I hate all of Japan, seriously, those guys are gay.
Phreaking the NEC i-Series phone systems
by war
The i-Series of desktop fones are manufactured by NEC. The
i-Series includes the 28i, 124i and 384i phones. These phones
were built by NEC for use in an office environment, and they
perform satisfactorily in that role. NEC i-Series phones are
used by a number of small and large businesses in North
America.
This article might, possibly, hopefully, give you some insight
into power-use (or phreaking, whatever) of the i-Series fones.
That's the idea, anways. I'm assuming a previous basic knowledge
of how PBX systems work.
The i-Series phones have quite a large array of features, too
large to explain every feature in detail in one article.
A quick overview of some of the i-Series features:
Alarm
Automated Attendent (Voice Announcer)
Background Music
Barge In (Emergency Interrupt-ish)
Call Forwarding
Follow-me
Off-Premise
DND Override
Call Waiting/Camp On
Conferencing
MeetMe Internal/External Conferencing
MeetMe Internal/External Paging
Directory Dialing
Internal/External Paging
Programmable Function Keys
Soft Keys (on select models)
Reverse Voice Over
Room Monitoring
Tandem Trunking
Voice Mail
Physical Access
As the topic says, let's first assume you have physical access
to the actual phone. So, you may ask, "How do I gain physical access?"
It's not that hard, really. If you spot an i-Series phone in a shop,
you could simply ask them, "Can I use your phone?" It's not hard.
So. Let's look at a couple useful features of the wonderful i-Series
fone system.
Call Forwarding
Probably one of the most useful (in-my-opinion) options on the
i-Series phones is the "Call-Forwarding" feature and Call-Forwarding
Off-Premise feature. The i-Series phones have quite a few options
when it comes to call-forwarding. You can forward your calls to
voicemail, forward your calls to another extension, or forward to
an external number. Call-forwarding also ties in with the
Do-Not-Disturb (DND) functions of the phone.
Call-Forwarding
There are a couple call-forwarding modes. They are:
Call-Forwarding when Busy or Not-Answered
Call-Forwarding Immediate
-immediately forwards your call using the given method
without ringing the line at all
Call-Forwarding when Not Answered
Call-Forwarding Immediate with Both Ringing
-immediately forwards your call using the given method, but still
rings your line.
Call-Forwarding to Voice Mail
If you needed to active call-forwarding on a i-Series phone (once
again assuming physical access), simply dial:
1. [*] + [2]
2. Dial Call Forwarding condition:
1 - VoiceMail
2 - Busy or Not Answered
4 - Immediate
6 - Not Answered
7 - Immediate with Both Ringing
0 - Cancel Call-Forwarding
3. Then dial the extension, Voice Mail master number, or
simply press the [Voice Mail] programmable key (if there
is one.)
4. Dial Call Forwarding Type
2 - All calls
3 - Outside calls only
4 - Intercom calls only
So, overall, if you wanted to say...forward all your calls
immediately to extension 555, you would dial:
[*][2] + [4] + [5][5][5] + [2] + hangup
Call-Forwarding Off-Premise
Call-Forwarding Off-Premise can be used to forward your calls to
another number. There are quite a few different ways to exploit
this feature, assuming local access at an i-Series fone.
To turn on Call-Forwarding Off-Premise, dial:
1. [*] + [2]
2. [6] + Dial line access code
{ Line access codes are:
[9] Automatic Route Selection (ARS) / Trunk Group Routing
Dialing "9" for an outside line is probably the most common
way known by people using PBX systems to get an outside line.
"9" is the extension commonly designated for Automatic Route
Selection - the fone system chooses what line you are going
to use for you.
[8][0][4] + Line Group (1-9 , 01-99, 001-128)
804x dialing is Line Group Selection dialing. You can manually
select the outgoing trunk group that you want your call to be
placed via. For example, if there is more than one business at
in your office, you might have a trunk group "1" for the "ABC
Packaging Corp", and a trunk group "2" for the "BCD Shipping Co."
If you were calling out using "9" on a phone belonging to the
"BCD Shipping Co., you would be actualliny dialing "8042". That
would route you onto the BCD Shipping Co. trunk group. But, you
could also theoretically dial "8041" to make an outgoing call
over the trunk group assigned to ABC Packaging. (I hope that
makes sense).
[#][9] + Line Number Selection
You can select an absolute line using "#9". You could dial
"#9" + "05" to get line number 05.
}
3. Then dial the external number where you want your calls
to be forwarded.
4. Hangup.
Call-Forwarding Off-Premises is a quick-n-dirty way to get an overnight
extender. If you were to walk up to a Future Shop employee, and ask them
to use their phone, you might be able to set it to Call-Forward
Off-Premises. But, chances are that it would be noticed the next day.
If you want to maximize the length of time before the Call-Forwarding is
removed, there are options to be considered.
Forward to the Operator.
If you're forwarding to the operator, and then getting him/her to
place the call, you aren't going to be endangering your favorite bridge
or your friend.
Find a remote phone that rarely receives calls.
In large retail outlets (Future Shop, Best Buy, Canadian Tire, etc)
there are often departments that are lower traffic then others. For
example, appliances. How many people go to Future Shop to buy
appliances? None, you say? Well then, if you're going to pick a fone
to set up as an extender, might I suggest you use a phone in the
appliance department? Chances are, it's going to recive less traffic
which means less chance of your extender getting taken down.
+++
Forced Trunk Disconnection
While still on the physical access topic...Force Trunk Disconnection.
If for any unknown reason, you needed to release a line, simply dial up the
line using:
[#][9] + line number (ie 01, 02, 03, 005, whatever) + [*][3]
That will disconnect (read abruptly terminate) the connection. I'm sure
you can figure out a good use for that.
+++
Night Service Mode
Ever find a nice afterhours voicemail system that you just can't wait until
the evening to play with? Even if it means cutting off legitimate users? No,
me either. But, with Night Service Mode, you can do just that. Switching to
Night Service Mode during the daylight hours, especially in a busy store,
usually makes incoming callers upset. People calling in get voicemail.
And such. But, it's a convenient (for you) way in a pinch to get access to
an afterhours system. To physically turn on Night Service Mode from a phone,
just dial:
1. [8][1][8] + Night Service Password
The default Night Service Password is "0000".
2. Dial the Night Service Mode
0 Day mode
1 Night mode
2 Midnight mode
3 Rest mode
4 Day 2 mode
5 Night 2 mode
6 Midnight 2 mode
7 Rest 2 mode
So, to turn on Night Service Night Mode during the day at your (least?)
favorite local Staples (or whatever uses i-Series) simply dial:
[8][1][8] + [0][0][0][0] + [1]
That is, of course, assuming the password is default.
+++
Outgoing Calls
Some i-Series phone systems have toll restrictions. To override toll
restrictions, simply dial:
[8][7][5] + Password
As well, some systems that use ARS (Automatic Route Selection) are
coded. Many larger companies like Nortel that have high volumes of
calling often code their PBX systems so that calls can be catalogued
effectively, and to discourage over-use and fraudulent use.
If the systems you are using is using coded ARS, when you dial "9",
you'll get a dialtone and can dial your number as normal. But, after
you have dialed the number, you will be dropped to another dialtone
and will have to enter the ARS code.
+++
Bridging and Social Engineering
Bridging is the act of placing two outside callers in a
conference call, and then dropping out of the call.
Let's say that two of your phreak buddies decide that they want to talk.
But, maybe they don't want to pay for it. Simple enough. You just walk
down to your local K-Mart, and find an remote phone. Then, wait for
one of your buddies to call up the local K-Mart's 800 number and ring your
phone. When he does, simply press the [Conf] button on your i-Series
phone. Then, wait for your second buddy to ring your line. When he does,
press [Conf] twice. This will connect the two parties. To drop out of the
conference and leave the two parties talking, simply press [HOLD] +
[#][8].
Now on the other side of the coin. Many companies set up conferences to
allow outside employees such as service technicians or other field workers
to talk to each other. You could social engineer a secretary into creating
a bridging line to talk on. If she doesn't know how, now you can walk her
through it, since you know. In my experience, many secretaries also refer
to bridging conferences as "Tandem Conferences", "Tandem Trunking Lines",
or something similar to that.
[ BlackRatchet wants to remind you that a 'Tandem Trunking Line' is not
a technical term. A trunk and a line are different. Not the same. He
really, REALLY wanted me to note that. So here it is. ]
+++
That's about it.
~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~x ~o ~o ~o ~o
I wish I had teenage angst. All I have is 20 something Generation Y
self-important nihilism.
___________ ____________ __________ ____________ ______________
/ // __ // __ // // /
/ ____// /_/ // / / // ____//____ _____/
/ / / __// / / // / / /
/ _____/ / // / / //______ / / /
/ / / / // /_/ // / / /
/____/ /_____/|____//_________//___________/ /___/
=========================================================================
=========||| fr0sty@shaw.ca ||| http://fr0st.no-ip.org |||===============
=========================================================================
===========>>::::Nettwerked West Edmonton Mall War Walk::::<<============
=========================================================================
So I start my journey to the West Edmonton Mall war walk in my hometown of Sask-
atoon. I'm about a 5 hour drive anyway from Edmonton so I decided whats better
than war driving while going up to the war walk. With my IBM Thinkpad T21, SMC2-
532W-B W/ dual omni 5dBi antennas running Kismet on FreeBSD 5.4, I hit the road.
Here are my results from the war drive between Saskatoon and Edmonton.
Network 1: "2" BSSID: "00:40:96:48:FD:5A"
Type : infrastructure
Carrier : 802.11b
Info : "S296_AP#2"
Channel : 06
Encryption : "None"
Maxrate : 2.0
LLC : 6
Data : 0
Crypt : 0
Weak : 0
Dupe IV : 0
Total : 6
First : "Fri Oct 7 12:55:41 2005"
Last : "Fri Oct 7 12:56:02 2005"
Min Loc: Lat 90.000000 Lon 180.000000 Alt 0.000000 Spd 0.000000
Max Loc: Lat -90.000000 Lon -180.000000 Alt 0.000000 Spd 0.000000
Network 2: "" BSSID: "00:40:96:48:FF:58"
Type : infrastructure
Carrier : 802.11b
Info : "None"
Channel : 03
Encryption : "None"
Maxrate : 2.0
LLC : 1
Data : 0
Crypt : 0
Weak : 0
Dupe IV : 0
Total : 1
First : "Fri Oct 7 12:56:37 2005"
Last : "Fri Oct 7 12:56:37 2005"
Min Loc: Lat 90.000000 Lon 180.000000 Alt 0.000000 Spd 0.000000
Max Loc: Lat -90.000000 Lon -180.000000 Alt 0.000000 Spd 0.000000
Network 3: "TR6Rt" BSSID: "00:60:B3:C9:CC:7D"
Type : infrastructure
Carrier : 802.11b
Info : "None"
Channel : 01
Encryption : "None"
Maxrate : 11.0
LLC : 2
Data : 0
Crypt : 0
Weak : 0
Dupe IV : 0
Total : 2
First : "Fri Oct 7 13:53:08 2005"
Last : "Fri Oct 7 13:55:23 2005"
Min Loc: Lat 90.000000 Lon 180.000000 Alt 0.000000 Spd 0.000000
Max Loc: Lat -90.000000 Lon -180.000000 Alt 0.000000 Spd 0.000000
Network 4: "" BSSID: "00:40:96:24:F2:30"
Type : infrastructure
Carrier : 802.11b
Info : "None"
Channel : 06
Encryption : "None"
Maxrate : 2.0
LLC : 1
Data : 0
Crypt : 0
Weak : 0
Dupe IV : 0
Total : 1
First : "Fri Oct 7 14:06:16 2005"
Last : "Fri Oct 7 14:06:16 2005"
Min Loc: Lat 90.000000 Lon 180.000000 Alt 0.000000 Spd 0.000000
Max Loc: Lat -90.000000 Lon -180.000000 Alt 0.000000 Spd 0.000000
Network 5: "SaskTel" BSSID: "00:0E:D7:48:65:B3"
Type : infrastructure
Carrier : 802.11b
Info : "MOB_NBFR_SHELL"
Channel : 01
Encryption : "None"
Maxrate : 11.0
LLC : 4
Data : 0
Crypt : 0
Weak : 0
Dupe IV : 0
Total : 4
First : "Fri Oct 7 14:06:53 2005"
Last : "Fri Oct 7 14:07:19 2005"
Min Loc: Lat 90.000000 Lon 180.000000 Alt 0.000000 Spd 0.000000
Max Loc: Lat -90.000000 Lon -180.000000 Alt 0.000000 Spd 0.000000
Network 6: "" BSSID: "00:40:96:57:9F:7E"
Type : infrastructure
Carrier : 802.11b
Info : "GLK2NLBGRPTR"
Channel : 01
Encryption : "WEP "
Maxrate : 2.0
LLC : 1
Data : 0
Crypt : 0
Weak : 0
Dupe IV : 0
Total : 1
First : "Fri Oct 7 14:51:43 2005"
Last : "Fri Oct 7 14:51:43 2005"
Min Loc: Lat 90.000000 Lon 180.000000 Alt 0.000000 Spd 0.000000
Max Loc: Lat -90.000000 Lon -180.000000 Alt 0.000000 Spd 0.000000
Network 7: "" BSSID: "00:60:B3:03:A6:96"
Type : infrastructure
Carrier : 802.11b
Info : "None"
Channel : 01
Encryption : "None"
Maxrate : 0.0
LLC : 4
Data : 18
Crypt : 0
Weak : 0
Dupe IV : 0
Total : 22
First : "Fri Oct 7 15:18:04 2005"
Last : "Fri Oct 7 15:22:07 2005"
Min Loc: Lat 90.000000 Lon 180.000000 Alt 0.000000 Spd 0.000000
Max Loc: Lat -90.000000 Lon -180.000000 Alt 0.000000 Spd 0.000000
Address found via TCP 63.135.29.70
Network 8: "" BSSID: "00:02:6F:34:99:81"
Type : infrastructure
Carrier : 802.11b
Info : "None"
Channel : 06
Encryption : "WEP "
Maxrate : 0.0
LLC : 8
Data : 14
Crypt : 14
Weak : 0
Dupe IV : 0
Total : 22
First : "Fri Oct 7 15:18:26 2005"
Last : "Fri Oct 7 15:34:50 2005"
Min Loc: Lat 90.000000 Lon 180.000000 Alt 0.000000 Spd 0.000000
Max Loc: Lat -90.000000 Lon -180.000000 Alt 0.000000 Spd 0.000000
Network 9: "BCMI Lloydminster (2)" BSSID: "00:03:52:E7:A3:60"
Type : infrastructure
Carrier : 802.11b
Info : "None"
Channel : 06
Encryption : "None"
Maxrate : 18.0
LLC : 2
Data : 1
Crypt : 0
Weak : 0
Dupe IV : 0
Total : 3
First : "Fri Oct 7 15:20:01 2005"
Last : "Fri Oct 7 15:20:12 2005"
Min Loc: Lat 90.000000 Lon 180.000000 Alt 0.000000 Spd 0.000000
Max Loc: Lat -90.000000 Lon -180.000000 Alt 0.000000 Spd 0.000000
Network 10: "default" BSSID: "00:11:95:05:DD:34"
Type : infrastructure
Carrier : 802.11b
Info : "None"
Channel : 06
Encryption : "None"
Maxrate : 36.0
LLC : 1
Data : 0
Crypt : 0
Weak : 0
Dupe IV : 0
Total : 1
First : "Fri Oct 7 15:21:00 2005"
Last : "Fri Oct 7 15:21:00 2005"
Min Loc: Lat 90.000000 Lon 180.000000 Alt 0.000000 Spd 0.000000
Max Loc: Lat -90.000000 Lon -180.000000 Alt 0.000000 Spd 0.000000
Network 11: "default" BSSID: "00:13:46:A4:11:8C"
Type : infrastructure
Carrier : 802.11b
Info : "None"
Channel : 06
Encryption : "None"
Maxrate : 36.0
LLC : 1
Data : 0
Crypt : 0
Weak : 0
Dupe IV : 0
Total : 1
First : "Fri Oct 7 15:24:06 2005"
Last : "Fri Oct 7 15:24:06 2005"
Min Loc: Lat 90.000000 Lon 180.000000 Alt 0.000000 Spd 0.000000
Max Loc: Lat -90.000000 Lon -180.000000 Alt 0.000000 Spd 0.000000
Network 12: "SaskTel" BSSID: "00:90:4B:58:CA:B1"
Type : probe
Carrier : 802.11b
Info : "None"
Channel : 00
Encryption : "None"
Maxrate : 11.0
LLC : 1
Data : 0
Crypt : 0
Weak : 0
Dupe IV : 0
Total : 1
First : "Fri Oct 7 15:24:43 2005"
Last : "Fri Oct 7 15:24:43 2005"
Min Loc: Lat 90.000000 Lon 180.000000 Alt 0.000000 Spd 0.000000
Max Loc: Lat -90.000000 Lon -180.000000 Alt 0.000000 Spd 0.000000
Network 13: "Wfg Office" BSSID: "00:13:46:06:CB:9C"
Type : infrastructure
Carrier : 802.11b
Info : "None"
Channel : 06
Encryption : "None"
Maxrate : 36.0
LLC : 2
Data : 0
Crypt : 0
Weak : 0
Dupe IV : 0
Total : 2
First : "Fri Oct 7 15:25:43 2005"
Last : "Fri Oct 7 15:25:44 2005"
Min Loc: Lat 90.000000 Lon 180.000000 Alt 0.000000 Spd 0.000000
Max Loc: Lat -90.000000 Lon -180.000000 Alt 0.000000 Spd 0.000000
Network 14: "linksysici" BSSID: "00:0F:66:36:62:2E"
Type : infrastructure
Carrier : 802.11b
Info : "None"
Channel : 06
Encryption : "None"
Maxrate : 11.0
LLC : 5
Data : 0
Crypt : 0
Weak : 0
Dupe IV : 0
Total : 5
First : "Fri Oct 7 15:25:48 2005"
Last : "Fri Oct 7 15:25:48 2005"
Min Loc: Lat 90.000000 Lon 180.000000 Alt 0.000000 Spd 0.000000
Max Loc: Lat -90.000000 Lon -180.000000 Alt 0.000000 Spd 0.000000
Network 15: "" BSSID: "00:13:10:6C:25:C4"
Type : infrastructure
Carrier : 802.11b
Info : "None"
Channel : 00
Encryption : "None"
Maxrate : 0.0
LLC : 0
Data : 0
Crypt : 0
Weak : 0
Dupe IV : 0
Total : 0
First : "Fri Oct 7 15:25:48 2005"
Last : "Fri Oct 7 15:25:48 2005"
Min Loc: Lat 90.000000 Lon 180.000000 Alt 0.000000 Spd 0.000000
Max Loc: Lat -90.000000 Lon -180.000000 Alt 0.000000 Spd 0.000000
Network 16: "" BSSID: "00:60:B3:19:12:5B"
Type : ad-hoc
Carrier : 802.11b
Info : "None"
Channel : 00
Encryption : "None"
Maxrate : 0.0
LLC : 0
Data : 1
Crypt : 0
Weak : 0
Dupe IV : 0
Total : 1
First : "Fri Oct 7 15:25:51 2005"
Last : "Fri Oct 7 15:25:51 2005"
Min Loc: Lat 90.000000 Lon 180.000000 Alt 0.000000 Spd 0.000000
Max Loc: Lat -90.000000 Lon -180.000000 Alt 0.000000 Spd 0.000000
Network 17: "" BSSID: "00:60:B3:19:12:56"
Type : ad-hoc
Carrier : 802.11b
Info : "None"
Channel : 00
Encryption : "None"
Maxrate : 0.0
LLC : 0
Data : 1
Crypt : 0
Weak : 0
Dupe IV : 0
Total : 1
First : "Fri Oct 7 15:26:20 2005"
Last : "Fri Oct 7 15:26:20 2005"
Min Loc: Lat 90.000000 Lon 180.000000 Alt 0.000000 Spd 0.000000
Max Loc: Lat -90.000000 Lon -180.000000 Alt 0.000000 Spd 0.000000
Network 18: "ruckers" BSSID: "00:13:10:F1:79:D8"
Type : infrastructure
Carrier : 802.11b
Info : "None"
Channel : 11
Encryption : "None"
Maxrate : 54.0
LLC : 1
Data : 0
Crypt : 0
Weak : 0
Dupe IV : 0
Total : 1
First : "Fri Oct 7 15:26:28 2005"
Last : "Fri Oct 7 15:26:28 2005"
Min Loc: Lat 90.000000 Lon 180.000000 Alt 0.000000 Spd 0.000000
Max Loc: Lat -90.000000 Lon -180.000000 Alt 0.000000 Spd 0.000000
Network 19: "" BSSID: "00:A0:F8:CB:43:7F"
Type : infrastructure
Carrier : 802.11b
Info : "None"
Channel : 00
Encryption : "None"
Maxrate : 0.0
LLC : 0
Data : 3
Crypt : 3
Weak : 0
Dupe IV : 0
Total : 3
First : "Fri Oct 7 15:28:39 2005"
Last : "Fri Oct 7 15:30:44 2005"
Min Loc: Lat 90.000000 Lon 180.000000 Alt 0.000000 Spd 0.000000
Max Loc: Lat -90.000000 Lon -180.000000 Alt 0.000000 Spd 0.000000
Network 20: "" BSSID: "00:40:96:25:EA:D5"
Type : infrastructure
Carrier : 802.11b
Info : "None"
Channel : 07
Encryption : "None"
Maxrate : 2.0
LLC : 2
Data : 0
Crypt : 0
Weak : 0
Dupe IV : 0
Total : 2
First : "Fri Oct 7 15:29:21 2005"
Last : "Fri Oct 7 15:29:53 2005"
Min Loc: Lat 90.000000 Lon 180.000000 Alt 0.000000 Spd 0.000000
Max Loc: Lat -90.000000 Lon -180.000000 Alt 0.000000 Spd 0.000000
Network 21: "" BSSID: "00:40:96:24:E2:49"
Type : infrastructure
Carrier : 802.11b
Info : "None"
Channel : 07
Encryption : "None"
Maxrate : 2.0
LLC : 1
Data : 0
Crypt : 0
Weak : 0
Dupe IV : 0
Total : 1
First : "Fri Oct 7 15:29:43 2005"
Last : "Fri Oct 7 15:29:43 2005"
Min Loc: Lat 90.000000 Lon 180.000000 Alt 0.000000 Spd 0.000000
Max Loc: Lat -90.000000 Lon -180.000000 Alt 0.000000 Spd 0.000000
Network 22: "" BSSID: "00:60:B3:03:98:8E"
Type : infrastructure
Carrier : 802.11b
Info : "None"
Channel : 01
Encryption : "None"
Maxrate : 0.0
LLC : 3
Data : 5
Crypt : 0
Weak : 0
Dupe IV : 0
Total : 8
First : "Fri Oct 7 15:35:40 2005"
Last : "Fri Oct 7 15:38:00 2005"
Min Loc: Lat 90.000000 Lon 180.000000 Alt 0.000000 Spd 0.000000
Max Loc: Lat -90.000000 Lon -180.000000 Alt 0.000000 Spd 0.000000
Address found via TCP 64.4.54.250
Network 23: "" BSSID: "00:60:B3:03:98:88"
Type : infrastructure
Carrier : 802.11b
Info : "None"
Channel : 01
Encryption : "None"
Maxrate : 0.0
LLC : 5
Data : 5
Crypt : 0
Weak : 0
Dupe IV : 0
Total : 10
First : "Fri Oct 7 15:41:33 2005"
Last : "Fri Oct 7 15:44:15 2005"
Min Loc: Lat 90.000000 Lon 180.000000 Alt 0.000000 Spd 0.000000
Max Loc: Lat -90.000000 Lon -180.000000 Alt 0.000000 Spd 0.000000
Address found via TCP 68.250.247.66
Network 24: "vermil-s" BSSID: "00:02:6F:35:32:55"
Type : infrastructure
Carrier : 802.11b
Info : "None"
Channel : 11
Encryption : "None"
Maxrate : 11.0
LLC : 5
Data : 0
Crypt : 0
Weak : 0
Dupe IV : 0
Total : 5
First : "Fri Oct 7 15:58:06 2005"
Last : "Fri Oct 7 16:00:41 2005"
Min Loc: Lat 90.000000 Lon 180.000000 Alt 0.000000 Spd 0.000000
Max Loc: Lat -90.000000 Lon -180.000000 Alt 0.000000 Spd 0.000000
Network 25: "" BSSID: "00:02:2D:2C:9D:9F"
Type : infrastructure
Carrier : 802.11b
Info : "None"
Channel : 00
Encryption : "None"
Maxrate : 0.0
LLC : 0
Data : 1
Crypt : 0
Weak : 0
Dupe IV : 0
Total : 1
First : "Fri Oct 7 16:38:58 2005"
Last : "Fri Oct 7 16:38:58 2005"
Min Loc: Lat 90.000000 Lon 180.000000 Alt 0.000000 Spd 0.000000
Max Loc: Lat -90.000000 Lon -180.000000 Alt 0.000000 Spd 0.000000
Network 26: "veg-sec-ne" BSSID: "00:02:6F:09:A1:21"
Type : infrastructure
Carrier : 802.11b
Info : "None"
Channel : 02
Encryption : "None"
Maxrate : 11.0
LLC : 1
Data : 0
Crypt : 0
Weak : 0
Dupe IV : 0
Total : 1
First : "Fri Oct 7 16:39:29 2005"
Last : "Fri Oct 7 16:39:29 2005"
Min Loc: Lat 90.000000 Lon 180.000000 Alt 0.000000 Spd 0.000000
Max Loc: Lat -90.000000 Lon -180.000000 Alt 0.000000 Spd 0.000000
Network 27: "^K^D^D^F^F^V^K^^^N^A^]^K^V^N^]" BSSID: "00:02:2D:35:AD:B6"
Type : probe
Carrier : 802.11b
Info : "None"
Channel : 00
Encryption : "None"
Maxrate : 11.0
LLC : 2
Data : 0
Crypt : 0
Weak : 0
Dupe IV : 0
Total : 2
First : "Fri Oct 7 16:50:19 2005"
Last : "Fri Oct 7 16:50:52 2005"
Min Loc: Lat 90.000000 Lon 180.000000 Alt 0.000000 Spd 0.000000
Max Loc: Lat -90.000000 Lon -180.000000 Alt 0.000000 Spd 0.000000
Network 28: "linksys" BSSID: "00:13:10:52:A8:11"
Type : infrastructure
Carrier : 802.11b
Info : "None"
Channel : 01
Encryption : "None"
Maxrate : 11.0
LLC : 1
Data : 0
Crypt : 0
Weak : 0
Dupe IV : 0
Total : 1
First : "Fri Oct 7 17:19:05 2005"
Last : "Fri Oct 7 17:19:05 2005"
Min Loc: Lat 90.000000 Lon 180.000000 Alt 0.000000 Spd 0.000000
Max Loc: Lat -90.000000 Lon -180.000000 Alt 0.000000 Spd 0.000000
Network 29: "" BSSID: "00:0D:88:92:CF:BC"
Type : probe
Carrier : 802.11b
Info : "None"
Channel : 00
Encryption : "None"
Maxrate : 22.0
LLC : 5
Data : 0
Crypt : 0
Weak : 0
Dupe IV : 0
Total : 5
First : "Fri Oct 7 17:35:02 2005"
Last : "Fri Oct 7 17:36:00 2005"
Min Loc: Lat 90.000000 Lon 180.000000 Alt 0.000000 Spd 0.000000
Max Loc: Lat -90.000000 Lon -180.000000 Alt 0.000000 Spd 0.000000
Network 30: "205" BSSID: "00:A0:F8:3A:FF:B7"
Type : infrastructure
Carrier : 802.11b
Info : "None"
Channel : 01
Encryption : "None"
Maxrate : 11.0
LLC : 1
Data : 0
Crypt : 0
Weak : 0
Dupe IV : 0
Total : 1
First : "Fri Oct 7 17:36:00 2005"
Last : "Fri Oct 7 17:36:00 2005"
Min Loc: Lat 90.000000 Lon 180.000000 Alt 0.000000 Spd 0.000000
Max Loc: Lat -90.000000 Lon -180.000000 Alt 0.000000 Spd 0.000000
Network 31: "" BSSID: "00:13:10:9F:D1:D6"
Type : infrastructure
Carrier : 802.11b
Info : "None"
Channel : 09
Encryption : "WEP "
Maxrate : 54.0
LLC : 1
Data : 0
Crypt : 0
Weak : 0
Dupe IV : 0
Total : 1
First : "Fri Oct 7 17:37:18 2005"
Last : "Fri Oct 7 17:37:18 2005"
Min Loc: Lat 90.000000 Lon 180.000000 Alt 0.000000 Spd 0.000000
Max Loc: Lat -90.000000 Lon -180.000000 Alt 0.000000 Spd 0.000000
Total networks found : 31
So that was my results. After a good night sleep today was DDay. I packed up
my gear and headed to the mall. I got there and remember I forgot to get more
DVC tapes for my camera for the nettwerked video project. So I phoned h4v3n on
his celluar phone and told him that I was just at London Drugs picking up some
tapes. After 5-10 minutes waiting in line. I finally payed for my items and I
was off to the meet place. I came to see War, Alan, and h4v3n sitting down wa-
iting for people to show up. h4v3n with his sweet IBM and Alan with his REALLY
sweet Mac *drools* I plop my stuff down beside the crew and boot up my thinkpad.
I notice h4v3n trying to fix some stuff with kismet that he needed to su into
his root account to fix. So I bust out my videocamera and start filming his
keyboard. Funniest thing ever, I'm trying to hold my laugher in while h4v3n
types in the first 3 letters and then stops DEAD. He turns his head and knew
exactally what I was doing. It wasn't like I was 'trying' to steal his pass-
word. I was just goofing around. It was a good chuckle. Anyways moving back
on topic. All of us decide to wait around for a while to see if anyone shows
up. After around 10 to 15 minutes we decide to start the war walk. No one else
showed up so it was just us four (fr0st, h4v3n, Alan, war)
Here are my results with my IBM ThinkPad T21 (keep in mind that I can ONLY see
802.11b networks)
Network 1: "goldsgym" BSSID: "00:0F:3D:FB:BC:8E"
Type : infrastructure
Carrier : 802.11b
Info : "None"
Channel : 06
Encryption : "WEP "
Maxrate : 22.0
LLC : 38
Data : 3
Crypt : 3
Weak : 0
Dupe IV : 2
Total : 41
First : "Sat Oct 8 13:04:45 2005"
Last : "Sat Oct 8 13:30:49 2005"
Min Loc: Lat 90.000000 Lon 180.000000 Alt 0.000000 Spd 0.000000
Max Loc: Lat -90.000000 Lon -180.000000 Alt 0.000000 Spd 0.000000
Network 2: "linksys" BSSID: "00:13:10:2C:28:C9"
Type : infrastructure
Carrier : 802.11b
Info : "None"
Channel : 06
Encryption : "WEP TKIP WPA "
Maxrate : 54.0
LLC : 23
Data : 0
Crypt : 0
Weak : 0
Dupe IV : 0
Total : 23
First : "Sat Oct 8 13:04:54 2005"
Last : "Sat Oct 8 13:17:44 2005"
Min Loc: Lat 90.000000 Lon 180.000000 Alt 0.000000 Spd 0.000000
Max Loc: Lat -90.000000 Lon -180.000000 Alt 0.000000 Spd 0.000000
Network 3: "linksys" BSSID: "00:0F:66:A7:C9:97"
Type : infrastructure
Carrier : 802.11b
Info : "None"
Channel : 06
Encryption : "WEP "
Maxrate : 11.0
LLC : 28
Data : 0
Crypt : 0
Weak : 0
Dupe IV : 0
Total : 28
First : "Sat Oct 8 13:04:54 2005"
Last : "Sat Oct 8 13:18:27 2005"
Min Loc: Lat 90.000000 Lon 180.000000 Alt 0.000000 Spd 0.000000
Max Loc: Lat -90.000000 Lon -180.000000 Alt 0.000000 Spd 0.000000
Network 4: "axiaa" BSSID: "00:13:46:41:C7:E6"
Type : infrastructure
Carrier : 802.11b
Info : "None"
Channel : 06
Encryption : "WEP "
Maxrate : 36.0
LLC : 63
Data : 1
Crypt : 1
Weak : 0
Dupe IV : 0
Total : 64
First : "Sat Oct 8 13:04:54 2005"
Last : "Sat Oct 8 13:29:50 2005"
Min Loc: Lat 90.000000 Lon 180.000000 Alt 0.000000 Spd 0.000000
Max Loc: Lat -90.000000 Lon -180.000000 Alt 0.000000 Spd 0.000000
Network 5: "default" BSSID: "00:0D:88:3E:6C:C5"
Type : infrastructure
Carrier : 802.11b
Info : "None"
Channel : 06
Encryption : "None"
Maxrate : 11.0
LLC : 4
Data : 0
Crypt : 0
Weak : 0
Dupe IV : 0
Total : 4
First : "Sat Oct 8 13:04:54 2005"
Last : "Sat Oct 8 13:15:15 2005"
Min Loc: Lat 90.000000 Lon 180.000000 Alt 0.000000 Spd 0.000000
Max Loc: Lat -90.000000 Lon -180.000000 Alt 0.000000 Spd 0.000000
Network 6: "default" BSSID: "00:11:95:77:1D:DA"
Type : infrastructure
Carrier : 802.11b
Info : "None"
Channel : 11
Encryption : "None"
Maxrate : 36.0
LLC : 200
Data : 11
Crypt : 0
Weak : 0
Dupe IV : 0
Total : 211
First : "Sat Oct 8 13:04:57 2005"
Last : "Sat Oct 8 13:52:36 2005"
Min Loc: Lat 90.000000 Lon 180.000000 Alt 0.000000 Spd 0.000000
Max Loc: Lat -90.000000 Lon -180.000000 Alt 0.000000 Spd 0.000000
Address found via TCP 192.168.0.111
Network 7: "fjewellers" BSSID: "00:12:17:AD:51:70"
Type : infrastructure
Carrier : 802.11b
Info : "None"
Channel : 06
Encryption : "WEP "
Maxrate : 54.0
LLC : 68
Data : 0
Crypt : 0
Weak : 0
Dupe IV : 0
Total : 68
First : "Sat Oct 8 13:19:37 2005"
Last : "Sat Oct 8 13:30:21 2005"
Min Loc: Lat 90.000000 Lon 180.000000 Alt 0.000000 Spd 0.000000
Max Loc: Lat -90.000000 Lon -180.000000 Alt 0.000000 Spd 0.000000
Network 8: "WEMiSphere" BSSID: "00:0F:C8:00:39:6A"
Type : infrastructure
Carrier : 802.11b
Info : "None"
Channel : 03
Encryption : "WEP "
Maxrate : 36.0
LLC : 6
Data : 0
Crypt : 0
Weak : 0
Dupe IV : 0
Total : 6
First : "Sat Oct 8 13:20:02 2005"
Last : "Sat Oct 8 13:23:23 2005"
Min Loc: Lat 90.000000 Lon 180.000000 Alt 0.000000 Spd 0.000000
Max Loc: Lat -90.000000 Lon -180.000000 Alt 0.000000 Spd 0.000000
Network 9: "WEMiSphere" BSSID: "00:0F:C8:00:49:29"
Type : infrastructure
Carrier : 802.11b
Info : "None"
Channel : 03
Encryption : "None"
Maxrate : 36.0
LLC : 10
Data : 0
Crypt : 0
Weak : 0
Dupe IV : 0
Total : 10
First : "Sat Oct 8 13:20:16 2005"
Last : "Sat Oct 8 13:33:48 2005"
Min Loc: Lat 90.000000 Lon 180.000000 Alt 0.000000 Spd 0.000000
Max Loc: Lat -90.000000 Lon -180.000000 Alt 0.000000 Spd 0.000000
Network 10: "WEMiSphere" BSSID: "00:0F:C8:00:43:19"
Type : infrastructure
Carrier : 802.11b
Info : "None"
Channel : 06
Encryption : "None"
Maxrate : 36.0
LLC : 1
Data : 0
Crypt : 0
Weak : 0
Dupe IV : 0
Total : 1
First : "Sat Oct 8 13:21:00 2005"
Last : "Sat Oct 8 13:21:00 2005"
Min Loc: Lat 90.000000 Lon 180.000000 Alt 0.000000 Spd 0.000000
Max Loc: Lat -90.000000 Lon -180.000000 Alt 0.000000 Spd 0.000000
Network 11: "FLHGuest" BSSID: "00:0F:C8:00:39:68"
Type : infrastructure
Carrier : 802.11b
Info : "None"
Channel : 03
Encryption : "None"
Maxrate : 36.0
LLC : 1
Data : 0
Crypt : 0
Weak : 0
Dupe IV : 0
Total : 1
First : "Sat Oct 8 13:21:13 2005"
Last : "Sat Oct 8 13:21:13 2005"
Min Loc: Lat 90.000000 Lon 180.000000 Alt 0.000000 Spd 0.000000
Max Loc: Lat -90.000000 Lon -180.000000 Alt 0.000000 Spd 0.000000
Network 12: "55pj" BSSID: "00:05:5D:F2:25:48"
Type : infrastructure
Carrier : 802.11b
Info : "None"
Channel : 06
Encryption : "WEP "
Maxrate : 11.0
LLC : 69
Data : 0
Crypt : 0
Weak : 0
Dupe IV : 0
Total : 69
First : "Sat Oct 8 13:21:29 2005"
Last : "Sat Oct 8 13:26:50 2005"
Min Loc: Lat 90.000000 Lon 180.000000 Alt 0.000000 Spd 0.000000
Max Loc: Lat -90.000000 Lon -180.000000 Alt 0.000000 Spd 0.000000
Network 13: "FLHGuest" BSSID: "00:0F:C8:00:1D:58"
Type : infrastructure
Carrier : 802.11b
Info : "None"
Channel : 01
Encryption : "None"
Maxrate : 36.0
LLC : 2
Data : 0
Crypt : 0
Weak : 0
Dupe IV : 0
Total : 2
First : "Sat Oct 8 13:22:35 2005"
Last : "Sat Oct 8 13:25:25 2005"
Min Loc: Lat 90.000000 Lon 180.000000 Alt 0.000000 Spd 0.000000
Max Loc: Lat -90.000000 Lon -180.000000 Alt 0.000000 Spd 0.000000
Network 14: "WEMiSphere" BSSID: "00:0F:C8:00:1D:5A"
Type : infrastructure
Carrier : 802.11b
Info : "None"
Channel : 01
Encryption : "WEP "
Maxrate : 0.0
LLC : 11
Data : 0
Crypt : 0
Weak : 0
Dupe IV : 0
Total : 11
First : "Sat Oct 8 13:23:16 2005"
Last : "Sat Oct 8 13:26:56 2005"
Min Loc: Lat 90.000000 Lon 180.000000 Alt 0.000000 Spd 0.000000
Max Loc: Lat -90.000000 Lon -180.000000 Alt 0.000000 Spd 0.000000
Network 15: "T5wpk" BSSID: "00:0F:C8:00:1D:59"
Type : infrastructure
Carrier : 802.11b
Info : "None"
Channel : 01
Encryption : "WEP TKIP WPA "
Maxrate : 36.0
LLC : 1
Data : 0
Crypt : 0
Weak : 0
Dupe IV : 0
Total : 1
First : "Sat Oct 8 13:25:26 2005"
Last : "Sat Oct 8 13:25:26 2005"
Min Loc: Lat 90.000000 Lon 180.000000 Alt 0.000000 Spd 0.000000
Max Loc: Lat -90.000000 Lon -180.000000 Alt 0.000000 Spd 0.000000
Network 16: "T5wpk" BSSID: "00:0F:C8:00:91:A9"
Type : infrastructure
Carrier : 802.11b
Info : "None"
Channel : 06
Encryption : "WEP TKIP WPA "
Maxrate : 36.0
LLC : 28
Data : 0
Crypt : 0
Weak : 0
Dupe IV : 0
Total : 28
First : "Sat Oct 8 13:27:01 2005"
Last : "Sat Oct 8 13:36:00 2005"
Min Loc: Lat 90.000000 Lon 180.000000 Alt 0.000000 Spd 0.000000
Max Loc: Lat -90.000000 Lon -180.000000 Alt 0.000000 Spd 0.000000
Network 17: "WEMiSphere" BSSID: "00:0F:C8:00:91:A8"
Type : infrastructure
Carrier : 802.11b
Info : "None"
Channel : 06
Encryption : "None"
Maxrate : 36.0
LLC : 21
Data : 23
Crypt : 0
Weak : 0
Dupe IV : 0
Total : 44
First : "Sat Oct 8 13:27:36 2005"
Last : "Sat Oct 8 13:38:14 2005"
Min Loc: Lat 90.000000 Lon 180.000000 Alt 0.000000 Spd 0.000000
Max Loc: Lat -90.000000 Lon -180.000000 Alt 0.000000 Spd 0.000000
Address found via TCP 10.202.1.170
Network 18: "FLHGuest" BSSID: "00:0F:C8:00:49:28"
Type : infrastructure
Carrier : 802.11b
Info : "None"
Channel : 03
Encryption : "None"
Maxrate : 36.0
LLC : 2
Data : 0
Crypt : 0
Weak : 0
Dupe IV : 0
Total : 2
First : "Sat Oct 8 13:28:13 2005"
Last : "Sat Oct 8 13:32:20 2005"
Min Loc: Lat 90.000000 Lon 180.000000 Alt 0.000000 Spd 0.000000
Max Loc: Lat -90.000000 Lon -180.000000 Alt 0.000000 Spd 0.000000
Network 19: "T5wpk" BSSID: "00:0F:C8:00:49:2A"
Type : infrastructure
Carrier : 802.11b
Info : "None"
Channel : 03
Encryption : "WEP TKIP WPA "
Maxrate : 36.0
LLC : 6
Data : 0
Crypt : 0
Weak : 0
Dupe IV : 0
Total : 6
First : "Sat Oct 8 13:28:14 2005"
Last : "Sat Oct 8 13:33:49 2005"
Min Loc: Lat 90.000000 Lon 180.000000 Alt 0.000000 Spd 0.000000
Max Loc: Lat -90.000000 Lon -180.000000 Alt 0.000000 Spd 0.000000
Network 20: "default" BSSID: "00:40:05:55:17:45"
Type : infrastructure
Carrier : 802.11b
Info : "None"
Channel : 06
Encryption : "WEP "
Maxrate : 22.0
LLC : 13
Data : 0
Crypt : 0
Weak : 0
Dupe IV : 0
Total : 13
First : "Sat Oct 8 13:30:08 2005"
Last : "Sat Oct 8 13:37:11 2005"
Min Loc: Lat 90.000000 Lon 180.000000 Alt 0.000000 Spd 0.000000
Max Loc: Lat -90.000000 Lon -180.000000 Alt 0.000000 Spd 0.000000
Network 21: "WEMiSphere" BSSID: "00:0F:C8:00:15:11"
Type : infrastructure
Carrier : 802.11b
Info : "None"
Channel : 01
Encryption : "None"
Maxrate : 36.0
LLC : 9
Data : 2
Crypt : 0
Weak : 0
Dupe IV : 0
Total : 11
First : "Sat Oct 8 13:30:24 2005"
Last : "Sat Oct 8 13:38:39 2005"
Min Loc: Lat 90.000000 Lon 180.000000 Alt 0.000000 Spd 0.000000
Max Loc: Lat -90.000000 Lon -180.000000 Alt 0.000000 Spd 0.000000
Address found via TCP 10.202.1.170
Network 22: "FLHGuest" BSSID: "00:0F:C8:00:15:10"
Type : infrastructure
Carrier : 802.11b
Info : "None"
Channel : 01
Encryption : "None"
Maxrate : 36.0
LLC : 5
Data : 0
Crypt : 0
Weak : 0
Dupe IV : 0
Total : 5
First : "Sat Oct 8 13:30:46 2005"
Last : "Sat Oct 8 13:35:18 2005"
Min Loc: Lat 90.000000 Lon 180.000000 Alt 0.000000 Spd 0.000000
Max Loc: Lat -90.000000 Lon -180.000000 Alt 0.000000 Spd 0.000000
Network 23: "T5wpk" BSSID: "00:0F:C8:00:15:12"
Type : infrastructure
Carrier : 802.11b
Info : "None"
Channel : 01
Encryption : "WEP TKIP WPA "
Maxrate : 36.0
LLC : 9
Data : 0
Crypt : 0
Weak : 0
Dupe IV : 0
Total : 9
First : "Sat Oct 8 13:30:47 2005"
Last : "Sat Oct 8 13:35:19 2005"
Min Loc: Lat 90.000000 Lon 180.000000 Alt 0.000000 Spd 0.000000
Max Loc: Lat -90.000000 Lon -180.000000 Alt 0.000000 Spd 0.000000
Network 24: "" BSSID: "00:03:52:EC:C9:42"
Type : infrastructure
Carrier : 802.11b
Info : "None"
Channel : 11
Encryption : "WEP "
Maxrate : 11.0
LLC : 4
Data : 0
Crypt : 0
Weak : 0
Dupe IV : 0
Total : 4
First : "Sat Oct 8 13:31:14 2005"
Last : "Sat Oct 8 13:34:22 2005"
Min Loc: Lat 90.000000 Lon 180.000000 Alt 0.000000 Spd 0.000000
Max Loc: Lat -90.000000 Lon -180.000000 Alt 0.000000 Spd 0.000000
Network 25: "" BSSID: "00:06:B1:14:3C:AB"
Type : infrastructure
Carrier : 802.11b
Info : "None"
Channel : 01
Encryption : "None"
Maxrate : 11.0
LLC : 6
Data : 0
Crypt : 0
Weak : 0
Dupe IV : 0
Total : 6
First : "Sat Oct 8 13:32:02 2005"
Last : "Sat Oct 8 13:35:54 2005"
Min Loc: Lat 90.000000 Lon 180.000000 Alt 0.000000 Spd 0.000000
Max Loc: Lat -90.000000 Lon -180.000000 Alt 0.000000 Spd 0.000000
Network 26: "" BSSID: "00:03:52:EC:C9:41"
Type : infrastructure
Carrier : 802.11b
Info : "None"
Channel : 11
Encryption : "WEP "
Maxrate : 11.0
LLC : 2
Data : 0
Crypt : 0
Weak : 0
Dupe IV : 0
Total : 2
First : "Sat Oct 8 13:32:34 2005"
Last : "Sat Oct 8 13:32:53 2005"
Min Loc: Lat 90.000000 Lon 180.000000 Alt 0.000000 Spd 0.000000
Max Loc: Lat -90.000000 Lon -180.000000 Alt 0.000000 Spd 0.000000
Network 27: "" BSSID: "00:03:52:EC:C9:40"
Type : infrastructure
Carrier : 802.11b
Info : "None"
Channel : 11
Encryption : "None"
Maxrate : 11.0
LLC : 2
Data : 0
Crypt : 0
Weak : 0
Dupe IV : 0
Total : 2
First : "Sat Oct 8 13:32:52 2005"
Last : "Sat Oct 8 13:32:54 2005"
Min Loc: Lat 90.000000 Lon 180.000000 Alt 0.000000 Spd 0.000000
Max Loc: Lat -90.000000 Lon -180.000000 Alt 0.000000 Spd 0.000000
Network 28: "linksys" BSSID: "00:0F:66:90:CE:9A"
Type : infrastructure
Carrier : 802.11b
Info : "None"
Channel : 06
Encryption : "WEP "
Maxrate : 0.0
LLC : 22
Data : 0
Crypt : 0
Weak : 0
Dupe IV : 0
Total : 22
First : "Sat Oct 8 13:35:34 2005"
Last : "Sat Oct 8 13:39:14 2005"
Min Loc: Lat 90.000000 Lon 180.000000 Alt 0.000000 Spd 0.000000
Max Loc: Lat -90.000000 Lon -180.000000 Alt 0.000000 Spd 0.000000
Network 29: "WEMiSphere" BSSID: "00:11:F5:66:D6:C2"
Type : probe
Carrier : 802.11b
Info : "None"
Channel : 00
Encryption : "None"
Maxrate : 36.0
LLC : 4
Data : 0
Crypt : 0
Weak : 0
Dupe IV : 0
Total : 4
First : "Sat Oct 8 13:35:50 2005"
Last : "Sat Oct 8 13:37:55 2005"
Min Loc: Lat 90.000000 Lon 180.000000 Alt 0.000000 Spd 0.000000
Max Loc: Lat -90.000000 Lon -180.000000 Alt 0.000000 Spd 0.000000
Network 30: "FLHGuest" BSSID: "00:0F:C8:00:7E:88"
Type : infrastructure
Carrier : 802.11b
Info : "None"
Channel : 06
Encryption : "None"
Maxrate : 36.0
LLC : 8
Data : 0
Crypt : 0
Weak : 0
Dupe IV : 0
Total : 8
First : "Sat Oct 8 13:36:36 2005"
Last : "Sat Oct 8 13:39:40 2005"
Min Loc: Lat 90.000000 Lon 180.000000 Alt 0.000000 Spd 0.000000
Max Loc: Lat -90.000000 Lon -180.000000 Alt 0.000000 Spd 0.000000
Network 31: "WEMiSphere" BSSID: "00:0F:C8:00:7E:89"
Type : infrastructure
Carrier : 802.11b
Info : "None"
Channel : 06
Encryption : "None"
Maxrate : 36.0
LLC : 9
Data : 1
Crypt : 0
Weak : 0
Dupe IV : 0
Total : 10
First : "Sat Oct 8 13:36:37 2005"
Last : "Sat Oct 8 13:39:41 2005"
Min Loc: Lat 90.000000 Lon 180.000000 Alt 0.000000 Spd 0.000000
Max Loc: Lat -90.000000 Lon -180.000000 Alt 0.000000 Spd 0.000000
Address found via TCP 10.202.1.224
Network 32: "T5wpk" BSSID: "00:0F:C8:00:7E:8A"
Type : infrastructure
Carrier : 802.11b
Info : "None"
Channel : 06
Encryption : "WEP TKIP WPA "
Maxrate : 36.0
LLC : 28
Data : 0
Crypt : 0
Weak : 0
Dupe IV : 0
Total : 28
First : "Sat Oct 8 13:37:11 2005"
Last : "Sat Oct 8 13:41:14 2005"
Min Loc: Lat 90.000000 Lon 180.000000 Alt 0.000000 Spd 0.000000
Max Loc: Lat -90.000000 Lon -180.000000 Alt 0.000000 Spd 0.000000
Network 33: "" BSSID: "00:13:5F:55:FE:F0"
Type : infrastructure
Carrier : 802.11b
Info : "None"
Channel : 01
Encryption : "WEP "
Maxrate : 18.0
LLC : 8
Data : 0
Crypt : 0
Weak : 0
Dupe IV : 0
Total : 8
First : "Sat Oct 8 13:37:22 2005"
Last : "Sat Oct 8 13:39:15 2005"
Min Loc: Lat 90.000000 Lon 180.000000 Alt 0.000000 Spd 0.000000
Max Loc: Lat -90.000000 Lon -180.000000 Alt 0.000000 Spd 0.000000
Network 34: "FLHGuest" BSSID: "00:0F:C8:00:7F:B8"
Type : infrastructure
Carrier : 802.11b
Info : "None"
Channel : 01
Encryption : "None"
Maxrate : 36.0
LLC : 1
Data : 0
Crypt : 0
Weak : 0
Dupe IV : 0
Total : 1
First : "Sat Oct 8 13:39:28 2005"
Last : "Sat Oct 8 13:39:28 2005"
Min Loc: Lat 90.000000 Lon 180.000000 Alt 0.000000 Spd 0.000000
Max Loc: Lat -90.000000 Lon -180.000000 Alt 0.000000 Spd 0.000000
Network 35: "WEMiSphere" BSSID: "00:0F:C8:00:7F:B9"
Type : infrastructure
Carrier : 802.11b
Info : "None"
Channel : 01
Encryption : "None"
Maxrate : 36.0
LLC : 1
Data : 0
Crypt : 0
Weak : 0
Dupe IV : 0
Total : 1
First : "Sat Oct 8 13:39:29 2005"
Last : "Sat Oct 8 13:39:29 2005"
Min Loc: Lat 90.000000 Lon 180.000000 Alt 0.000000 Spd 0.000000
Max Loc: Lat -90.000000 Lon -180.000000 Alt 0.000000 Spd 0.000000
Network 36: "T5wpk" BSSID: "00:0F:C8:00:7F:BA"
Type : infrastructure
Carrier : 802.11b
Info : "None"
Channel : 01
Encryption : "WEP TKIP WPA "
Maxrate : 36.0
LLC : 1
Data : 0
Crypt : 0
Weak : 0
Dupe IV : 0
Total : 1
First : "Sat Oct 8 13:39:30 2005"
Last : "Sat Oct 8 13:39:30 2005"
Min Loc: Lat 90.000000 Lon 180.000000 Alt 0.000000 Spd 0.000000
Max Loc: Lat -90.000000 Lon -180.000000 Alt 0.000000 Spd 0.000000
Network 37: "FLHGuest" BSSID: "00:0F:C8:00:43:D8"
Type : infrastructure
Carrier : 802.11b
Info : "None"
Channel : 06
Encryption : "None"
Maxrate : 36.0
LLC : 1
Data : 0
Crypt : 0
Weak : 0
Dupe IV : 0
Total : 1
First : "Sat Oct 8 13:39:30 2005"
Last : "Sat Oct 8 13:39:30 2005"
Min Loc: Lat 90.000000 Lon 180.000000 Alt 0.000000 Spd 0.000000
Max Loc: Lat -90.000000 Lon -180.000000 Alt 0.000000 Spd 0.000000
Network 38: "GdbuzzAP" BSSID: "00:09:5B:AA:07:A8"
Type : infrastructure
Carrier : 802.11b
Info : "None"
Channel : 11
Encryption : "WEP "
Maxrate : 11.0
LLC : 8
Data : 0
Crypt : 0
Weak : 0
Dupe IV : 0
Total : 8
First : "Sat Oct 8 13:39:42 2005"
Last : "Sat Oct 8 13:40:18 2005"
Min Loc: Lat 90.000000 Lon 180.000000 Alt 0.000000 Spd 0.000000
Max Loc: Lat -90.000000 Lon -180.000000 Alt 0.000000 Spd 0.000000
Network 39: "T5wpk" BSSID: "00:0F:C8:00:7F:9A"
Type : infrastructure
Carrier : 802.11b
Info : "None"
Channel : 11
Encryption : "WEP TKIP WPA "
Maxrate : 36.0
LLC : 1
Data : 0
Crypt : 0
Weak : 0
Dupe IV : 0
Total : 1
First : "Sat Oct 8 13:39:46 2005"
Last : "Sat Oct 8 13:39:46 2005"
Min Loc: Lat 90.000000 Lon 180.000000 Alt 0.000000 Spd 0.000000
Max Loc: Lat -90.000000 Lon -180.000000 Alt 0.000000 Spd 0.000000
Network 40: "linksys" BSSID: "00:06:25:98:7A:0C"
Type : infrastructure
Carrier : 802.11b
Info : "None"
Channel : 06
Encryption : "WEP "
Maxrate : 11.0
LLC : 103
Data : 4
Crypt : 4
Weak : 0
Dupe IV : 0
Total : 107
First : "Sat Oct 8 13:40:44 2005"
Last : "Sat Oct 8 13:52:50 2005"
Min Loc: Lat 90.000000 Lon 180.000000 Alt 0.000000 Spd 0.000000
Max Loc: Lat -90.000000 Lon -180.000000 Alt 0.000000 Spd 0.000000
Network 41: "" BSSID: "00:06:B1:14:44:EF"
Type : infrastructure
Carrier : 802.11b
Info : "None"
Channel : 01
Encryption : "None"
Maxrate : 11.0
LLC : 21
Data : 0
Crypt : 0
Weak : 0
Dupe IV : 0
Total : 21
First : "Sat Oct 8 13:40:59 2005"
Last : "Sat Oct 8 13:51:54 2005"
Min Loc: Lat 90.000000 Lon 180.000000 Alt 0.000000 Spd 0.000000
Max Loc: Lat -90.000000 Lon -180.000000 Alt 0.000000 Spd 0.000000
Network 42: "FLHGuest" BSSID: "00:0F:C8:00:91:8A"
Type : infrastructure
Carrier : 802.11b
Info : "None"
Channel : 06
Encryption : "WEP "
Maxrate : 0.0
LLC : 124
Data : 0
Crypt : 0
Weak : 0
Dupe IV : 0
Total : 124
First : "Sat Oct 8 13:41:10 2005"
Last : "Sat Oct 8 13:52:55 2005"
Min Loc: Lat 90.000000 Lon 180.000000 Alt 0.000000 Spd 0.000000
Max Loc: Lat -90.000000 Lon -180.000000 Alt 0.000000 Spd 0.000000
Network 43: "T5wpk" BSSID: "00:0F:C8:00:91:89"
Type : infrastructure
Carrier : 802.11b
Info : "None"
Channel : 06
Encryption : "WEP TKIP WPA "
Maxrate : 36.0
LLC : 60
Data : 0
Crypt : 0
Weak : 0
Dupe IV : 0
Total : 60
First : "Sat Oct 8 13:41:11 2005"
Last : "Sat Oct 8 13:52:55 2005"
Min Loc: Lat 90.000000 Lon 180.000000 Alt 0.000000 Spd 0.000000
Max Loc: Lat -90.000000 Lon -180.000000 Alt 0.000000 Spd 0.000000
Network 44: "WEMiSphere" BSSID: "00:0F:C8:00:91:88"
Type : infrastructure
Carrier : 802.11b
Info : "None"
Channel : 06
Encryption : "WEP "
Maxrate : 0.0
LLC : 127
Data : 20
Crypt : 0
Weak : 0
Dupe IV : 0
Total : 147
First : "Sat Oct 8 13:41:33 2005"
Last : "Sat Oct 8 13:52:51 2005"
Min Loc: Lat 90.000000 Lon 180.000000 Alt 0.000000 Spd 0.000000
Max Loc: Lat -90.000000 Lon -180.000000 Alt 0.000000 Spd 0.000000
Address found via ARP 10.202.1.0
Network 45: "0CP2REDS0X" BSSID: "00:A0:F8:AE:DD:B2"
Type : infrastructure
Carrier : 802.11b
Info : "None"
Channel : 11
Encryption : "WEP "
Maxrate : 11.0
LLC : 17
Data : 0
Crypt : 0
Weak : 0
Dupe IV : 0
Total : 17
First : "Sat Oct 8 13:41:40 2005"
Last : "Sat Oct 8 13:52:55 2005"
Min Loc: Lat 90.000000 Lon 180.000000 Alt 0.000000 Spd 0.000000
Max Loc: Lat -90.000000 Lon -180.000000 Alt 0.000000 Spd 0.000000
Network 46: "" BSSID: "00:A0:F8:BC:C6:9C"
Type : infrastructure
Carrier : 802.11b
Info : "None"
Channel : 11
Encryption : "WEP TKIP WPA "
Maxrate : 18.0
LLC : 2
Data : 0
Crypt : 0
Weak : 0
Dupe IV : 0
Total : 2
First : "Sat Oct 8 13:42:06 2005"
Last : "Sat Oct 8 13:43:09 2005"
Min Loc: Lat 90.000000 Lon 180.000000 Alt 0.000000 Spd 0.000000
Max Loc: Lat -90.000000 Lon -180.000000 Alt 0.000000 Spd 0.000000
Network 47: "" BSSID: "00:A0:F8:D5:14:08"
Type : infrastructure
Carrier : 802.11b
Info : "None"
Channel : 06
Encryption : "WEP TKIP WPA "
Maxrate : 18.0
LLC : 3
Data : 0
Crypt : 0
Weak : 0
Dupe IV : 0
Total : 3
First : "Sat Oct 8 13:42:58 2005"
Last : "Sat Oct 8 13:43:11 2005"
Min Loc: Lat 90.000000 Lon 180.000000 Alt 0.000000 Spd 0.000000
Max Loc: Lat -90.000000 Lon -180.000000 Alt 0.000000 Spd 0.000000
Network 48: "linksys" BSSID: "00:13:10:77:8A:80"
Type : infrastructure
Carrier : 802.11b
Info : "None"
Channel : 06
Encryption : "None"
Maxrate : 54.0
LLC : 1
Data : 0
Crypt : 0
Weak : 0
Dupe IV : 0
Total : 1
First : "Sat Oct 8 13:46:52 2005"
Last : "Sat Oct 8 13:46:52 2005"
Min Loc: Lat 90.000000 Lon 180.000000 Alt 0.000000 Spd 0.000000
Max Loc: Lat -90.000000 Lon -180.000000 Alt 0.000000 Spd 0.000000
Network 49: "0CP2REDS0X" BSSID: "00:A0:F8:A8:7B:AA"
Type : infrastructure
Carrier : 802.11b
Info : "None"
Channel : 11
Encryption : "WEP "
Maxrate : 11.0
LLC : 1
Data : 0
Crypt : 0
Weak : 0
Dupe IV : 0
Total : 1
First : "Sat Oct 8 13:48:39 2005"
Last : "Sat Oct 8 13:48:39 2005"
Min Loc: Lat 90.000000 Lon 180.000000 Alt 0.000000 Spd 0.000000
Max Loc: Lat -90.000000 Lon -180.000000 Alt 0.000000 Spd 0.000000
Network 50: "linksys" BSSID: "00:06:25:98:7A:0C"
Type : infrastructure
Carrier : 802.11b
Info : "None"
Channel : 06
Encryption : "WEP "
Maxrate : 11.0
LLC : 6
Data : 1
Crypt : 1
Weak : 0
Dupe IV : 0
Total : 7
First : "Sat Oct 8 13:58:42 2005"
Last : "Sat Oct 8 13:58:44 2005"
Min Loc: Lat 90.000000 Lon 180.000000 Alt 0.000000 Spd 0.000000
Max Loc: Lat -90.000000 Lon -180.000000 Alt 0.000000 Spd 0.000000
Network 51: "WEMiSphere" BSSID: "00:0F:C8:00:91:88"
Type : infrastructure
Carrier : 802.11b
Info : "None"
Channel : 06
Encryption : "None"
Maxrate : 36.0
LLC : 15
Data : 9
Crypt : 0
Weak : 0
Dupe IV : 0
Total : 24
First : "Sat Oct 8 13:58:44 2005"
Last : "Sat Oct 8 13:59:13 2005"
Min Loc: Lat 90.000000 Lon 180.000000 Alt 0.000000 Spd 0.000000
Max Loc: Lat -90.000000 Lon -180.000000 Alt 0.000000 Spd 0.000000
Address found via TCP 10.202.1.224
Network 52: "T5wpk" BSSID: "00:0F:C8:00:91:89"
Type : infrastructure
Carrier : 802.11b
Info : "None"
Channel : 06
Encryption : "WEP TKIP WPA "
Maxrate : 36.0
LLC : 10
Data : 0
Crypt : 0
Weak : 0
Dupe IV : 0
Total : 10
First : "Sat Oct 8 13:58:44 2005"
Last : "Sat Oct 8 13:59:15 2005"
Min Loc: Lat 90.000000 Lon 180.000000 Alt 0.000000 Spd 0.000000
Max Loc: Lat -90.000000 Lon -180.000000 Alt 0.000000 Spd 0.000000
Network 53: "FLHGuest" BSSID: "00:0F:C8:00:91:8A"
Type : infrastructure
Carrier : 802.11b
Info : "None"
Channel : 06
Encryption : "None"
Maxrate : 36.0
LLC : 9
Data : 0
Crypt : 0
Weak : 0
Dupe IV : 0
Total : 9
First : "Sat Oct 8 13:58:44 2005"
Last : "Sat Oct 8 13:59:15 2005"
Min Loc: Lat 90.000000 Lon 180.000000 Alt 0.000000 Spd 0.000000
Max Loc: Lat -90.000000 Lon -180.000000 Alt 0.000000 Spd 0.000000
Network 54: "0CP2REDS0X" BSSID: "00:A0:F8:AE:DD:B2"
Type : infrastructure
Carrier : 802.11b
Info : "None"
Channel : 11
Encryption : "WEP "
Maxrate : 11.0
LLC : 5
Data : 0
Crypt : 0
Weak : 0
Dupe IV : 0
Total : 5
First : "Sat Oct 8 13:58:44 2005"
Last : "Sat Oct 8 13:59:17 2005"
Min Loc: Lat 90.000000 Lon 180.000000 Alt 0.000000 Spd 0.000000
Max Loc: Lat -90.000000 Lon -180.000000 Alt 0.000000 Spd 0.000000
Network 55: "" BSSID: "00:06:B1:14:44:EF"
Type : infrastructure
Carrier : 802.11b
Info : "None"
Channel : 01
Encryption : "None"
Maxrate : 11.0
LLC : 1
Data : 0
Crypt : 0
Weak : 0
Dupe IV : 0
Total : 1
First : "Sat Oct 8 13:58:51 2005"
Last : "Sat Oct 8 13:58:51 2005"
Min Loc: Lat 90.000000 Lon 180.000000 Alt 0.000000 Spd 0.000000
Max Loc: Lat -90.000000 Lon -180.000000 Alt 0.000000 Spd 0.000000
Network 56: "" BSSID: "00:11:24:2A:4B:41"
Type : probe
Carrier : 802.11b
Info : "None"
Channel : 00
Encryption : "None"
Maxrate : 54.0
LLC : 3
Data : 0
Crypt : 0
Weak : 0
Dupe IV : 0
Total : 3
First : "Sat Oct 8 13:59:08 2005"
Last : "Sat Oct 8 13:59:12 2005"
Min Loc: Lat 90.000000 Lon 180.000000 Alt 0.000000 Spd 0.000000
Max Loc: Lat -90.000000 Lon -180.000000 Alt 0.000000 Spd 0.000000
Address found via TCP 10.202.1.224
Network 57: "AirPort Network" BSSID: "00:0C:F1:42:50:E6"
Type : probe
Carrier : 802.11b
Info : "None"
Channel : 00
Encryption : "None"
Maxrate : 11.0
LLC : 3
Data : 0
Crypt : 0
Weak : 0
Dupe IV : 0
Total : 3
First : "Sat Oct 8 13:59:15 2005"
Last : "Sat Oct 8 13:59:20 2005"
Min Loc: Lat 90.000000 Lon 180.000000 Alt 0.000000 Spd 0.000000
Max Loc: Lat -90.000000 Lon -180.000000 Alt 0.000000 Spd 0.000000
Address found via TCP 192.168.0.111
Total Networks Found : 57
Now here are Alan's results from the time he left his house, picked up war, and
was at the mall for the war walk Alan was using his Mac (don't have the specs or
model of it) w/ MacStumbler
#$Creator:MacStumbler0.75b
#$DateGMT:2005-10-08
#(SSID) Type (BSSID) Time(GMT) [SNRSigNoise]#(Name) Flags Channelbits BcnIntvl
(linksys)BSS(00:0f:66:30:82:a5) 15:32:24(GMT) [73730]#() 0001 0040 0
(linksys)BSS(00:0f:66:91:04:82) 15:28:20(GMT) [25250]#() 0001 0040 0
(HotzHomeNetwork)BSS(00:0f:66:d5:bf:67) 15:27:20(GMT) [22220]#() 0011 0040 0
(linksys)BSS(00:06:25:76:d7:e5) 15:26:52(GMT) [28280]#() 0001 0040 0
(WLAN)BSS(00:30:bd:c0:0a:d8) 15:25:12(GMT) [25250]#() 0001 0040 0
(default)BSS(00:0d:88:9a:f9:74) 15:25:04(GMT) [28280]#() 0001 0040 0
(default)BSS(00:04:e2:4a:ba:3c) 15:24:52(GMT) [25250]#() 0001 0040 0
(chari)BSS(00:0d:88:3e:66:d5) 15:24:08(GMT) [24240]#() 0001 0040 0
(default)BSS(00:80:c8:2a:5c:e6) 15:24:04(GMT) [28280]#() 0011 0040 0
(Apollo)BSS(00:11:95:28:74:1a) 15:24:00(GMT) [25250]#() 0011 0040 0
(default)BSS(00:11:95:78:a9:2e) 15:23:24(GMT) [19190]#() 0001 0040 0
(linksys)BSS(00:0c:41:cd:2c:e1) 15:23:25(GMT) [36360]#() 0001 0040 0
(default)BSS(00:0d:88:3e:b0:b9) 15:22:16(GMT) [24240]#() 0001 0040 0
(default)BSS(00:80:c8:0b:76:26) 15:21:56(GMT) [21210]#() 0001 0040 0
(default)BSS(00:40:05:31:0d:15) 15:22:00(GMT) [36360]#() 0001 0040 0
(default)BSS(00:0d:88:3a:dd:63) 15:21:52(GMT) [38380]#() 0011 0040 0
(ClosedConnection)BSS(00:0f:b5:5c:a0:e6) 15:21:12(GMT) [27270]#() 0001 0040 0
(yourmama)BSS(00:c0:49:b0:4e:23) 15:20:40(GMT) [21210]#() 0011 0040 0
(rdwiens)BSS(00:0d:88:e0:f5:b8) 15:20:44(GMT) [28280]#() 0011 0040 0
(linksys)BSS(00:13:10:78:a8:0d) 15:20:32(GMT) [24240]#() 0001 0040 0
(linksys)BSS(00:12:17:47:58:d6) 15:20:40(GMT) [42420]#() 0011 0040 0
(colinr)BSS(00:13:10:68:89:00) 15:20:36(GMT) [30300]#() 0011 0040 0
(linksys)BSS(00:13:10:f1:c6:2b) 15:20:12(GMT) [21210]#() 0001 0040 0
(Heide'sNetwork)BSS(00:11:50:6c:03:e8) 15:20:00(GMT) [36360]#() 0001 0040 0
(mocser)BSS(00:12:17:6d:39:77) 15:19:52(GMT) [35350]#() 0011 0040 0
(default)BSS(00:0d:88:97:95:74) 15:19:52(GMT) [33330]#() 0011 0040 0
(darcyfett)BSS(00:80:c8:0b:73:0c) 15:19:52(GMT) [21210]#() 0011 0040 0
(linksys)BSS(00:13:10:68:8e:07) 15:19:28(GMT) [28280]#() 0001 0040 0
(POWERCOMSYS)BSS(00:12:17:18:b0:8e) 15:18:52(GMT) [33330]#() 0011 0040 0
(SMC_ZIP)BSS(00:04:e2:f7:30:50) 15:18:44(GMT) [31310]#() 0001 0040 0
(linksys)BSS(00:12:17:b4:85:bb) 15:18:40(GMT) [27270]#() 0001 0040 0
(brennan)BSS(00:0f:3d:5a:db:c2) 15:17:56(GMT) [23230]#() 0011 0040 0
(default)BSS(00:13:46:1a:a1:7a) 15:18:36(GMT) [38380]#() 0001 0040 0
(default)BSS(00:11:95:2c:a4:86) 15:17:24(GMT) [27270]#() 0001 0040 0
(Baerg)BSS(00:0d:88:98:ac:22) 15:17:28(GMT) [39390]#() 0011 0040 0
(NETGEAR)BSS(00:09:5b:c1:4b:80) 15:17:24(GMT) [41410]#() 0001 0040 0
(jayslaptop)BSS(00:0d:3a:72:99:4f) 15:17:08(GMT) [25250]#() 0011 0040 0
(stonehenge)BSS(00:30:65:05:77:d9) 15:17:08(GMT) [25250]#() 0011 0040 0
(simsnetwork)BSS(00:06:25:76:6d:2b) 15:17:28(GMT) [33330]#() 0001 0040 0
(default)BSS(00:0d:88:bb:f2:23) 15:17:04(GMT) [27270]#() 0001 0040 0
(wireless)BSS(00:12:17:16:f3:b8) 15:17:00(GMT) [24240]#() 0011 0040 0
(3Bugs)BSS(00:90:4b:e2:52:50) 15:17:12(GMT) [41410]#() 0011 0040 0
(LANWAN)BSS(00:0d:3a:71:9b:21) 15:16:56(GMT) [16160]#() 0011 0040 0
(arthouse)BSS(00:0f:3d:65:81:bc) 15:17:00(GMT) [31310]#() 0011 0040 0
(MERLE)BSS(00:13:10:44:38:3b) 15:16:52(GMT) [28280]#() 0011 0040 0
(helios)BSS(00:0d:3a:28:19:e9) 15:16:20(GMT) [21210]#() 0011 0040 0
(chris_v)BSS(00:0d:88:e0:ef:3c) 15:16:20(GMT) [25250]#() 0011 0040 0
(linksys)BSS(00:0f:66:30:84:9d) 15:16:08(GMT) [27270]#() 0001 0040 0
(default)BSS(00:80:c8:01:94:d0) 15:15:56(GMT) [25250]#() 0001 0040 0
(UniatNet)BSS(00:0f:66:90:d2:5d) 15:15:52(GMT) [21210]#() 0011 0040 0
(Jhave)BSS(00:09:5b:ae:5f:34) 15:15:44(GMT) [24240]#() 0001 0040 0
(linksys)BSS(00:12:17:ba:2e:6e) 15:15:40(GMT) [25250]#() 0001 0040 0
(default)BSS(00:11:95:0c:8d:cc) 15:15:28(GMT) [33330]#() 0001 0040 0
(default)BSS(00:13:46:40:a5:a8) 15:15:08(GMT) [19190]#() 0001 0040 0
(Micol)BSS(00:12:17:b4:81:55) 15:15:00(GMT) [30300]#() 0001 0040 0
(McDougallHouse)BSS(00:0f:66:94:9a:2e) 15:15:00(GMT) [25250]#() 0011 0040 0
(MSHOME)BSS(00:0d:3a:2c:6e:29) 15:14:56(GMT) [25250]#() 0001 0040 0
(default)BSS(00:0d:88:3c:b9:b7) 15:14:52(GMT) [36360]#() 0001 0040 0
(kuipers)BSS(00:0c:41:ae:ff:50) 15:14:44(GMT) [22220]#() 0011 0040 0
(linksys)BSS(00:13:10:90:22:bc) 15:14:40(GMT) [22220]#() 0001 0040 0
(NETGEAR)BSS(00:09:5b:dc:a8:24) 15:14:44(GMT) [35350]#() 0001 0040 0
(default)BSS(00:13:46:47:05:28) 15:14:36(GMT) [28280]#() 0011 0040 0
(SMC)BSS(00:04:e2:f1:86:40) 15:14:44(GMT) [35350]#() 0001 0040 0
(Roger)BSS(00:13:10:33:15:3f) 15:14:40(GMT) [33330]#() 0001 0040 0
(ichiban)BSS(00:0d:88:e0:e2:d4) 15:14:20(GMT) [28280]#() 0001 0040 0
(bill)BSS(00:06:25:a2:b9:2e) 15:14:24(GMT) [24240]#() 0011 0040 0
(tsisl)BSS(00:0c:41:76:a4:8c) 15:14:00(GMT) [35350]#() 0011 0040 0
(nrryounglife)BSS(00:0c:41:b3:0d:7a) 15:13:56(GMT) [27270]#() 0011 0040 0
(linksys)BSS(00:0c:41:a4:19:50) 15:13:40(GMT) [36360]#() 0001 0040 0
(default)BSS(00:11:95:53:8a:75) 15:13:40(GMT) [39390]#() 0011 0040 0
(toews)BSS(00:90:4b:e1:b4:7b) 15:13:32(GMT) [24240]#() 0011 0040 0
(DLAN)BSS(00:12:17:ad:4a:38) 15:13:44(GMT) [35350]#() 0011 0040 0
(MSHOME)BSS(00:0d:3a:2b:68:97) 15:13:08(GMT) [19190]#() 0001 0040 0
(eyeball)BSS(00:13:46:43:2f:be) 15:13:00(GMT) [21210]#() 0011 0040 0
(SMC)BSS(00:04:e2:9a:25:df) 15:11:44(GMT) [35350]#() 0001 0040 0
(Wireless)BSS(00:a0:c5:c0:e7:3a) 15:12:04(GMT) [42420]#() 0001 0040 0
(SMC)BSS(00:04:e2:9a:31:90) 15:12:04(GMT) [50500]#() 0001 0040 0
(Vstation)BSS(00:80:c8:24:25:8d) 15:11:32(GMT) [24240]#() 0011 0040 0
(alex)BSS(00:06:25:da:10:32) 15:11:08(GMT) [21210]#() 0001 0040 0
(default)BSS(00:13:46:48:f8:70) 15:11:12(GMT) [27270]#() 0001 0040 0
(linksys)BSS(00:12:17:1a:8b:38) 15:10:08(GMT) [30300]#() 0001 0040 0
(jason)BSS(00:13:46:a3:fb:16) 15:08:28(GMT) [27270]#() 0011 0040 0
(linksys)BSS(00:0c:41:ae:a8:e0) 15:08:12(GMT) [21210]#() 0001 0040 0
(sintec)BSS(00:0f:66:95:04:78) 15:07:56(GMT) [21210]#() 0011 0040 0
(HOY4YZK)BSS(00:02:6f:21:e2:99) 15:07:56(GMT) [25250]#() 0011 0040 0
(default)BSS(00:13:46:3e:b2:04) 15:07:44(GMT) [25250]#() 0011 0040 0
(WYF24g)BSS(00:13:46:19:86:1a) 15:07:40(GMT) [28280]#() 0011 0040 0
(DiandMel's)BSS(00:11:95:72:34:de) 15:07:36(GMT) [27270]#() 0011 0040 0
(orange)BSS(00:12:00:51:aa:20) 15:04:32(GMT) [21210]#() 0011 0040 0
(tsunami)BSS(00:40:96:a0:5d:ee) 15:04:44(GMT) [42420]#() 0011 0040 0
(fatport)BSS(00:13:10:10:e2:21) 15:01:44(GMT) [21210]#() 0001 0040 0
(HotelLobby)BSS(00:13:46:1a:a2:24) 15:01:28(GMT) [27270]#() 0001 0040 0
(default)BSS(00:0f:3d:3b:3d:58) 15:01:32(GMT) [33330]#() 0001 0040 0
(bbhotspot)BSS(00:07:50:d6:1e:c2) 15:02:00(GMT) [31310]#() 0001 0040 0
(linksys)BSS(00:06:25:4a:a1:50) 15:01:24(GMT) [19190]#() 0011 0040 0
(bbhotspot)BSS(00:07:50:d6:3b:9b) 15:01:32(GMT) [28280]#() 0001 0040 0
(Hilton)BSS(00:11:24:05:7f:a5) 15:01:56(GMT) [25250]#() 0011 0040 0
(SMC)BSS(00:04:e2:7b:83:81) 14:59:12(GMT) [25250]#() 0001 0040 0
(Lorna)BSS(00:11:95:78:93:18) 14:58:56(GMT) [33330]#() 0011 0040 0
(Peaches)BSS(00:30:bd:8f:df:d8) 14:58:44(GMT) [22220]#() 0001 0040 0
(beer)BSS(00:0f:66:20:71:d1) 14:58:36(GMT) [25250]#() 0011 0040 0
(linksys)BSS(00:06:25:f6:f2:32) 14:58:40(GMT) [30300]#() 0001 0040 0
(BT_HOME)BSS(00:11:95:77:32:46) 14:58:44(GMT) [25250]#() 0011 0040 0
(MSHOME)BSS(00:0d:3a:23:af:6c) 14:58:32(GMT) [36360]#() 0001 0040 0
(linksys)BSS(00:0c:41:b3:01:78) 14:58:28(GMT) [30300]#() 0001 0040 0
(default)BSS(00:11:95:53:ef:bd) 14:58:16(GMT) [33330]#() 0001 0040 0
(Gjesdal)BSS(00:0f:66:25:48:b2) 14:58:00(GMT) [30300]#() 0011 0040 0
(default)BSS(00:0f:3d:fd:7f:32) 14:57:48(GMT) [24240]#() 0001 0040 0
(linksys)BSS(00:0c:41:3a:2f:6a) 14:57:40(GMT) [22220]#() 0001 0040 0
(linksys)IBSS(02:0c:f1:ff:3e:51) 14:42:40(GMT) [25250]#() 0001 0040 0
(fatport)BSS(00:13:10:10:e2:1e) 14:39:00(GMT) [24240]#() 0001 0040 0
(GdbuzzAP)BSS(00:09:5b:cc:ba:ac) 14:34:28(GMT) [36360]#() 0011 0040 0
(WEMiSphere)BSS(00:0f:c8:00:43:c9) 14:34:00(GMT) [36360]#() 0001 0040 0
(T5wpk)BSS(00:0f:c8:00:43:ca) 14:34:00(GMT) [36360]#() 0011 0040 0
(FLHGuest)BSS(00:0f:c8:00:43:c8) 14:34:00(GMT) [35350]#() 0001 0040 0
(default)BSS(00:11:95:75:ff:74) 14:30:44(GMT) [47470]#() 0001 0040 0
(DKV220A45)BSS(00:e0:00:91:d1:21) 14:29:48(GMT) [24240]#() 0001 0040 0
(LF-X1U.00014A10684C)BSS(00:01:4a:10:68:4c) 14:30:49(GMT) [38380]#() 0011 0040 0
(chaninternational)BSS(00:11:95:77:33:24) 14:30:40(GMT) [54540]#() 0011 0040 0
(WEMiSphere)BSS(00:0f:c8:00:15:28) 14:33:40(GMT) [63630]#() 0001 0040 0
(T5wpk)BSS(00:0f:c8:00:15:2a) 14:33:28(GMT) [63630]#() 0011 0040 0
(FLHGuest)BSS(00:0f:c8:00:15:29) 14:33:28(GMT) [63630]#() 0001 0040 0
(T5wpk)BSS(00:0f:c8:00:91:89) 14:37:04(GMT) [69690]#() 0011 0040 0
(FLHGuest)BSS(00:0f:c8:00:91:8a) 14:37:00(GMT) [71710]#() 0001 0040 0
(WEMiSphere)BSS(00:0f:c8:00:91:88) 14:37:04(GMT) [70700]#() 0001 0040 0
(linksys)BSS(00:06:25:98:7a:0c) 14:37:40(GMT) [61610]#() 0011 0040 0
(GdbuzzAP)BSS(00:09:5b:aa:07:a8) 14:39:36(GMT) [54540]#() 0011 0040 0
(WEMiSphere)BSS(00:0f:c8:00:43:d9) 14:39:00(GMT) [27270]#() 0001 0040 0
(T5wpk)BSS(00:0f:c8:00:43:da) 14:38:57(GMT) [27270]#() 0011 0040 0
(FLHGuest)BSS(00:0f:c8:00:43:d8) 14:39:00(GMT) [30300]#() 0001 0040 0
(FLHGuest)BSS(00:0f:c8:00:35:48) 14:38:57(GMT) [24240]#() 0001 0040 0
(waiting)BSS(00:80:c8:2a:49:64) 14:39:00(GMT) [24240]#() 0011 0040 0
(WEMiSphere)BSS(00:0f:c8:00:7f:b9) 14:39:08(GMT) [31310]#() 0001 0040 0
(T5wpk)BSS(00:0f:c8:00:7f:ba) 14:39:08(GMT) [33330]#() 0011 0040 0
(FLHGuest)BSS(00:0f:c8:00:7f:b8) 14:39:08(GMT) [31310]#() 0001 0040 0
(WEMiSphere)BSS(00:0f:c8:00:7e:89) 14:39:28(GMT) [50500]#() 0001 0040 0
(T5wpk)BSS(00:0f:c8:00:7e:8a) 14:39:28(GMT) [48480]#() 0011 0040 0
(FLHGuest)BSS(00:0f:c8:00:7e:88) 14:39:28(GMT) [50500]#() 0001 0040 0
(default)BSS(00:13:46:a4:21:02) 14:40:04(GMT) [33330]#() 0001 0040 0
(linksys)BSS(00:0f:66:90:ce:9a) 14:40:36(GMT) [41410]#() 0011 0040 0
(WEMiSphere)BSS(00:0f:c8:00:12:ca) 14:42:04(GMT) [30300]#() 0001 0040 0
(T5wpk)BSS(00:0f:c8:00:12:c9) 14:42:04(GMT) [30300]#() 0011 0040 0
(FLHGuest)BSS(00:0f:c8:00:12:c8) 14:42:08(GMT) [33330]#() 0001 0040 0
(WEMiSphere)BSS(00:0f:c8:00:15:11) 14:42:20(GMT) [42420]#() 0001 0040 0
(T5wpk)BSS(00:0f:c8:00:15:12) 14:42:20(GMT) [42420]#() 0011 0040 0
(FLHGuest)BSS(00:0f:c8:00:15:10) 14:42:20(GMT) [42420]#() 0001 0040 0
(WEMiSphere)BSS(00:0f:c8:00:7f:f8) 14:49:44(GMT) [30300]#() 0001 0040 0
(T5wpk)BSS(00:0f:c8:00:7f:fa) 14:49:44(GMT) [30300]#() 0011 0040 0
(5356ep)BSS(00:0f:c8:00:7f:f9) 14:49:44(GMT) [31310]#() 0011 0040 0
(WEMiSphere)BSS(00:0f:c8:00:44:3a) 14:49:48(GMT) [30300]#() 0001 0040 0
(T5wpk)BSS(00:0f:c8:00:44:39) 14:49:48(GMT) [30300]#() 0011 0040 0
(FLHGuest)BSS(00:0f:c8:00:44:38) 14:49:48(GMT) [31310]#() 0001 0040 0
(WEMiSphere)BSS(00:0f:c8:00:1d:5a) 14:49:40(GMT) [30300]#() 0001 0040 0
(T5wpk)BSS(00:0f:c8:00:1d:59) 14:49:40(GMT) [30300]#() 0011 0040 0
(FLHGuest)BSS(00:0f:c8:00:1d:58) 14:49:40(GMT) [31310]#() 0001 0040 0
(LondonDrugs#26)BSS(00:06:25:3c:b3:c0) 13:28:08(GMT) [25250]#() 0011 0040 0
(WEMiSphere)BSS(00:0f:c8:00:43:19) 14:49:32(GMT) [30300]#() 0001 0040 0
(T5wpk)BSS(00:0f:c8:00:43:1a) 14:49:32(GMT) [30300]#() 0011 0040 0
(FLHGuest)BSS(00:0f:c8:00:43:18) 14:49:32(GMT) [30300]#() 0001 0040 0
(55pj)BSS(00:05:5d:f2:25:48) 13:28:52(GMT) [53530]#() 0011 0040 0
(WEMiSphere)BSS(00:0f:c8:00:91:a8) 14:41:20(GMT) [56560]#() 0001 0040 0
(WEMiSphere)BSS(00:0f:c8:00:49:29) 14:50:00(GMT) [42420]#() 0001 0040 0
(T5wpk)BSS(00:0f:c8:00:91:a9) 14:41:24(GMT) [53530]#() 0011 0040 0
(T5wpk)BSS(00:0f:c8:00:49:2a) 14:50:00(GMT) [42420]#() 0011 0040 0
(FLHGuest)BSS(00:0f:c8:00:49:28) 14:50:00(GMT) [42420]#() 0001 0040 0
(WEMiSphere)BSS(00:0f:c8:00:39:6a) 14:49:44(GMT) [39390]#() 0001 0040 0
(T5wpk)BSS(00:0f:c8:00:39:69) 14:49:56(GMT) [38380]#() 0011 0040 0
(FLHGuest)BSS(00:0f:c8:00:39:68) 14:49:44(GMT) [41410]#() 0001 0040 0
(BoingoHotSpot)BSS(00:0c:41:d6:66:1e) 14:51:12(GMT) [39390]#() 0001 0040 0
(WEMiSphere)BSS(00:0f:c8:00:42:8a) 14:48:48(GMT) [33330]#() 0001 0040 0
(T5wpk)BSS(00:0f:c8:00:42:89) 14:48:48(GMT) [35350]#() 0011 0040 0
(FLHGuest)BSS(00:0f:c8:00:42:88) 14:48:48(GMT) [31310]#() 0001 0040 0
(soular)BSS(00:11:95:54:8f:5f) 14:49:12(GMT) [31310]#() 0011 0040 0
(fjewellers)BSS(00:12:17:ad:51:70) 14:49:36(GMT) [62620]#() 0011 0040 0
(WLAN_RS232)IBSS(02:04:bf:ae:11:9b) 14:50:52(GMT) [38380]#() 0001 0040 0
(default)BSS(00:0d:88:3e:6c:c5) 14:48:04(GMT) [36360]#() 0001 0040 0
(linksys)BSS(00:0f:66:a7:c9:97) 14:51:00(GMT) [54540]#() 0011 0040 0
(linksys)BSS(00:13:10:2c:28:c9) 14:50:28(GMT) [50500]#() 0011 0040 0
(goldsgym)BSS(00:0f:3d:fb:bc:8e) 14:49:24(GMT) [57570]#() 0011 0040 0
(default)BSS(00:11:95:77:1d:da) 14:50:20(GMT) [63630]#() 0001 0040 0
(default)BSS(00:40:05:55:17:45) 14:49:28(GMT) [56560]#() 0011 0040 0
(axiaa)BSS(00:13:46:41:c7:e6) 14:50:28(GMT) [51510]#() 0011 0040 0
(icenet)BSS(00:13:10:f0:b3:a8) 12:18:43(GMT) [22220]#() 0001 0040 0
(SMC)BSS(00:04:e2:c6:32:4b) 12:18:23(GMT) [31310]#() 0001 0040 0
(charliewarlie)BSS(00:11:50:58:8a:c7) 12:17:19(GMT) [17170]#() 0001 0040 0
(synagr2)IBSS(02:0c:f1:fe:01:a6) 12:17:11(GMT) [25250]#() 0001 0040 0
(Wireless)BSS(00:80:c8:2a:6f:76) 12:17:15(GMT) [35350]#() 0001 0040 0
(linksys)BSS(00:13:10:09:60:bb) 12:16:35(GMT) [36360]#() 0001 0040 0
(howardchriss)BSS(00:06:25:62:ce:c2) 12:16:03(GMT) [27270]#() 0011 0040 0
(hotspot_Rogers)BSS(00:03:52:f1:97:b0) 12:15:23(GMT) [33330]#() 0001 0040 0
(default)BSS(00:13:46:07:1b:b2) 12:15:27(GMT) [36360]#() 0011 0040 0
(meadowlark)BSS(00:04:e2:93:0e:e6) 12:15:31(GMT) [35350]#() 0001 0040 0
(NETGEAR)BSS(00:09:5b:d5:0c:00) 12:14:39(GMT) [35350]#() 0001 0040 0
(research)BSS(00:12:17:e2:ca:01) 12:14:27(GMT) [21210]#() 0011 0040 0
(fortinet)BSS(00:0d:88:e5:71:09) 12:14:23(GMT) [30300]#() 0001 0040 0
(Kerry'sNetwork)BSS(00:0f:3d:5a:db:08) 12:14:19(GMT) [27270]#() 0011 0040 0
(Home)BSS(00:13:10:4c:1f:65) 12:14:07(GMT) [25250]#() 0011 0040 0
(default)BSS(00:11:95:75:2b:94) 12:14:07(GMT) [28280]#() 0001 0040 0
(linksys)BSS(00:12:17:1a:55:2c) 12:13:55(GMT) [24240]#() 0001 0040 0
(linksys)BSS(00:06:25:54:99:9a) 12:13:43(GMT) [19190]#() 0001 0040 0
(Kyle)BSS(00:0f:3d:5a:3b:8a) 12:13:39(GMT) [28280]#() 0011 0040 0
(hpsetup)IBSS(02:2d:dd:a6:b0:a0) 12:13:23(GMT) [22220]#() 0001 0040 0
(xmen)BSS(00:0f:66:a5:7b:a8) 12:12:47(GMT) [21210]#() 0011 0040 0
(default)BSS(00:13:46:14:97:9a) 12:12:07(GMT) [19190]#() 0001 0040 0
(michele)BSS(00:50:f2:c7:1d:bc) 12:11:47(GMT) [28280]#() 0001 0040 0
(linksys)BSS(00:12:17:ad:63:48) 12:11:39(GMT) [39390]#() 0001 0040 0
(linksys)BSS(00:0c:41:ae:a3:b2) 12:10:59(GMT) [24240]#() 0001 0040 0
(linksys)BSS(00:13:10:77:a5:c8) 12:10:51(GMT) [24240]#() 0001 0040 0
(linksys)BSS(00:0c:41:cd:29:e1) 12:10:43(GMT) [22220]#() 0001 0040 0
(silver)BSS(00:0d:88:f1:60:68) 12:10:27(GMT) [30300]#() 0011 0040 0
(Minaki)BSS(00:13:10:77:a3:58) 12:10:07(GMT) [27270]#() 0011 0040 0
(brasov)BSS(00:0c:41:aa:86:dd) 12:09:43(GMT) [27270]#() 0011 0040 0
(Jeff's_public_access)BSS(00:12:17:11:20:b7) 12:09:39(GMT) [27270]#() 0001 0040 0
(SMC)BSS(00:04:e2:7b:c1:35) 12:08:51(GMT) [27270]#() 0001 0040 0
(linksys)BSS(00:12:17:ba:23:79) 12:08:39(GMT) [33330]#() 0001 0040 0
(sean)BSS(00:80:c8:0c:5a:40) 12:08:15(GMT) [21210]#() 0001 0040 0
(default)BSS(00:0f:3d:5a:50:b6) 15:14:12(GMT) [41410]#() 0011 0040 0
(KAG)BSS(00:0f:66:8a:b0:3d) 12:07:15(GMT) [48480]#() 0011 0040 0
(gibbshome)BSS(00:0d:88:9a:e2:66) 12:07:11(GMT) [27270]#() 0011 0040 0
(default)BSS(00:11:95:54:83:db) 12:07:03(GMT) [33330]#() 0001 0040 0
(TELUS)BSS(00:0e:38:7a:3a:ef) 11:54:19(GMT) [28280]#() 0001 0040 0
(EREB)BSS(00:04:75:65:c9:bf) 11:53:07(GMT) [42420]#() 0011 0040 0
(default)BSS(00:0d:88:97:f3:d4) 11:52:47(GMT) [38380]#() 0001 0040 0
(pagenet)BSS(00:11:95:2c:ff:f4) 11:52:43(GMT) [30300]#() 0011 0040 0
(AT)BSS(00:0d:88:91:9a:b5) 11:52:39(GMT) [27270]#() 0011 0040 0
(solaris)BSS(00:13:46:19:91:5a) 11:52:39(GMT) [21210]#() 0011 0040 0
(hockey2151impact)BSS(00:12:17:b8:79:7a) 11:52:35(GMT) [33330]#() 0011 0040 0
(ARDSoftAP)BSS(00:04:e2:f7:33:38) 11:52:07(GMT) [21210]#() 0011 0040 0
(WenCorp)BSS(00:10:db:ab:2d:90) 11:51:55(GMT) [33330]#() 0011 0040 0
(Monarch)BSS(00:13:10:95:2c:cb) 11:50:59(GMT) [19190]#() 0011 0040 0
(g3n3r1cw8p)BSS(00:60:b3:6e:06:02) 11:51:59(GMT) [39390]#() 0001 0040 0
(belkin54g)BSS(00:11:50:1b:08:a5) 11:49:55(GMT) [21210]#() 0001 0040 0
(hpsetup)IBSS(ce:6e:ba:4c:55:34) 11:49:35(GMT) [27270]#() 0001 0040 0
(tsunami)BSS(00:40:96:a2:7b:71) 11:49:39(GMT) [28280]#() 0011 0040 0
(LRCWAP2)BSS(00:0f:66:e9:e6:8c) 11:49:11(GMT) [45450]#() 0001 0040 0
(TELUSWAP1)BSS(00:0f:66:e9:fa:16) 11:49:11(GMT) [30300]#() 0001 0040 0
(linksys)BSS(00:14:bf:32:86:66) 11:48:23(GMT) [47470]#() 0001 0040 0
(CCED-WAP54G)BSS(00:12:17:6d:38:5b) 11:45:27(GMT) [31310]#() 0011 0040 0
(linksys)BSS(00:0c:41:c0:06:6b) 15:25:20(GMT) [35350]#() 0001 0040 0
(wireless)BSS(00:90:4b:38:d5:92) 15:25:56(GMT) [35350]#() 0001 0040 0
(eyedeal)BSS(00:0f:66:30:bf:2b) 11:44:27(GMT) [38380]#() 0011 0040 0
(fab)BSS(00:0f:3d:65:29:8e) 11:43:35(GMT) [27270]#() 0011 0040 0
(celtic)IBSS(66:02:df:01:0c:00) 11:42:59(GMT) [24240]#() 0011 0040 0
(wireless)BSS(00:0c:41:27:34:7a) 11:40:15(GMT) [28280]#() 0001 0040 0
(twinnet)BSS(00:06:25:64:d7:d0) 11:38:27(GMT) [24240]#() 0011 0040 0
(default)BSS(00:11:95:75:11:58) 11:38:31(GMT) [25250]#() 0001 0040 0
(hpsetup)IBSS(3a:44:78:0e:70:18) 11:38:07(GMT) [28280]#() 0001 0040 0
(gator)BSS(00:12:17:47:63:da) 11:38:15(GMT) [36360]#() 0011 0040 0
(linksys)BSS(00:06:25:e6:a6:c9) 11:36:11(GMT) [30300]#() 0011 0040 0
(Bethesda)BSS(00:12:17:e3:f9:ee) 11:36:15(GMT) [27270]#() 0011 0040 0
(SureFire)BSS(00:0d:88:98:44:6c) 11:34:51(GMT) [35350]#() 0011 0040 0
(SMC)BSS(00:04:e2:8b:19:87) 11:35:11(GMT) [31310]#() 0001 0040 0
Total Networks Found : 253
Unfortunately we were unable to get h4v3n's results because of a certain accidentally
deletion while being intoxicated.
;-)
Thats all for my article on the Nettwerked WEM War Walk.
Greetz to h4v3n, war, Alan, theclone, jimmiejaz and Everyone from #hackcanada!
o~ o~ o~ o~ o~ o~ o~ o~ o~ x~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~
* kankraka/#hackcanada has been feeling the urge to experiment lately
with the same sex ?
-------------------------------------------------
Connecting to Telus Digital Subscriber Carriers
-------------------------------------------------
Howdy K-1ine readers! I came across some pretty cool
and interesting shit while phreaking around my town
that can be useful if you know what you're doing.
I'm still doing some poking and prodding with these
Telus digital subscriber carriers, seeing exactly
what can be done, next issue I hope to have Part II
finished, with a complete list of terminal commands
and more details.
City Carrier #
Bon Accord 921-2308
Chipman 323-2310
Fort Sask 992-2308
Lamont 895-2311
Radway 736-2311
Redwater 942-2311
Smoky Lake 656-2316
St-Michael 896-2309
Thorhild 398-2317
Warspite 383-2308
Waskatenau 358-2308
I've only been able to find the numbers for these cities,
though I hope to gather more in due time. If you come
across any of these carriers please e-mail me at:
tr00per@sdf.lonestar.org and I will add them to the list.
You're probably wondering ..how the fuck do I know if its
a Telus DS carrier?
You'll find as you dial these numbers, (the local ones for
sure anyways) that it just drops you a dial tone, and a
there's no modem on the other end. I guess it's like a
security feature to guard against wardialing etc, but you
can tell its a telus security feature, because it sucks.
To bypass the dialtone and get a modem connection you need
to "flood the line"
To do this, follow these 3 steps:
1. Dial the number
2. When it drops a dialtone, hit flash, and right away dial
the number again.
3. This time it will ring, and as soon as the eslut voice
starts saying "You've just dialed a number that etc..."
Hit flash again and dial the number. This time the line
will ring and a modem will answer.
To uncomplicate things, I suggest setting up your terminal
program (Netterm, HyperTerminal..) to dial an empty number
(Instead of writing a number to connect to, put a few commas
instead). This way the modem just sits and listens for a
connection while you do the steps.
Read the next issue for Part II for further info on logging
in and commands.
Shouts: theclone, #hackcanada, nettwerked and everyone invo-
lved in the Canadian H/P scene
- Tr00per
~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~x ~o ~o ~o ~o
American Military Begs Canadian Hackers to Commit Crimes for Them
By Plastik (aka "Pheno X")
2005-11-18
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
[ Editor's Note - A few days ago I, CYB0RG/ASM, received this request from
someone claiming to be a Sargeant in the United States Army to commit a
felony for them. ]
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
From: Kris Lenning
To: webmaster-at-hackcanada-dawt-com
Sent: Sunday, November 13, 2005 11:30 PM
Subject: website hack
Sir,
My name is Kris Lenning, I am a SGT in the united states army and I currently
work with networking and computers. I have recently been asked by my supervisor
to hack and remove a webpage from the internet. I am not able to do this and I
am trying to recruit some help. Could you help me or point me in the right
direction to get this done.
Many many thanks
SGT Lenning, Kris
JSOTF J-6
SYSAD
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
[ Editor's Note - Most people I showed this to were skeptical and thought this
was simply from some kid. I say, "never underestimate the stupidity of
american military personnel. They are, after all, gullible enough to follow
Bush's orders." Our friend Plastik decided to see what information he could
get out of this asshole and wrote back using the pseudonym "Pheno X". ]
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
On 11/16/05, Pheno X wrote:
Hi, I'm Phenox and I understand your problem. Please reply to this message with
the following information:
- what website/page you need to be taken down
- Why this website/page is a threat ; why it is needed to be taken down ?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
From: "Kris Lenning"
To: "Pheno X"
Subject: Re: website hack
Date: Wed, 16 Nov 2005 05:55:36 +0300
Thank you for responding, I was not sure you would. The web page in question
was taken down last night however. I do thank you again for response. I would
however like to keep your address in case anything like this happens again. As
well, could you point me in the right direction as to learning how to do this
myself. I know a lot of programs out there boast of being able to do this but
none ever realy seem to work. I know a lot about networking and a lot about
computer systems and software but I have never gotten into the "hacking or
cracking" thing too much. usualy if I need the software or the webspace, the
army gets it for me. Any way, again I say Thanks.
SGT Lenning
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
[ Editor's Note - Apparently he's too dumb to notice that the person responding
isn't even the person he originally wrote to. ]
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
From: "Kris Lenning"
To: "Pheno X"
Subject: Re: website hack
Date: Wed, 16 Nov 2005 09:41:37 +0300
Pheno,
I may have spoken too soon, this morning when I went to the address it came up
website not found. Now, however, it is up and running again. the web page is
http://www.aaenvironment.com/mozon/mozon4.htm
The reason for it is that the Chaplain that posted it put some information in
it that was never supposed to be released. I wish I could explain more but I
hope you understand. We still have not been able to contact him to have it
taken down so if you could help please. It realy does need to come down as
soon as possible. and could you send me an email letting me know when it is
done.
Again, many many thanks
Kris
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
On 11/16/05, Pheno X wrote:
Hello again.
You'll have to pardon the delay with which this email is sent, I have been busy
with a .. project.
I've inspected the address you've sent me and it shouldn't really be a problem.
However, I do not know if you have heard of "hacker ethics" .. it is what
prevents me at the moment to act. I need more information as to why exactly the
page must be taken down, so that I know my actions would be "right". I hope you
understand .. The image that the media gives us hackers of "terrorists" is not
at all true. We Too follow a moral code. So, please send the information I've
requested.
You've said you'd like to learn how to take down pages on your own. Of course I
would be more than happy to point you in some directions, as to what things you
should learn etc. However, as any teacher would do, I must first enquire about
your current knowledge. The following information would help me make an image
of what information you already posses, so that I may more efficiently help you
fill in the gaps:
- What is your education [what school(s) & university(s) did you attend]
- How large your experience with computers is
- Your age
Also, this has been on my mind for a while: normally, taking down a page from
the internet is a crime .. is your supervisor aware of this ? I am not very
familiar with the military system of the USA. Are people inside it allowed to
take down pages from the internet ? (just a curiosity)
Anyway, I hope you'll get back to me with the information I've requested really
soon so that I may get to work..
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
From: "Kris Lenning"
To: "Pheno X"
Subject: Re: website hack
Date: Thu, 17 Nov 2005 06:28:57 +0300
I understand that you are busy and I understand that you have ethics as well.
Ok here is the scoop, The Person that posted the page is an Army Chaplain, now
we have a way of taking the site down but if we do that in means contacting a
department that is higher up and will result in him getting in a lot of trouble
over something he has done unintentional. Some of the information on the page
that is not allowed includes talking about flight schedules, the runway the
planes landed on and any information about the base itself in Manda Bay area.
To the enemy that base does not officialy exist. So you can see that if this
gets reported higher to be taken care of, He could be in real trouble and
possibly loose his commission and be kicked out.
My imidiate command, i.e. my supervisor, his sup., and his sup. all had come to
me to see if I was able to take it down to keep him out of trouble. Now I know
this is usually concidered a crime however if it had been me doing it or
someone like me in the miliitary for security reasons then no, we would not get
in trouble for it.
As for me, I am 32yr old, I currently maintain two networks for the army. I
have been working in networking for going on 6 years. Most of my knowledge of
computers and networking has been self taught but I am currently going to
school at Nova University via the internet for Computer informations systems
technology. Like I said before, I know a lot about the systems, I have been
running a small computer repair shop out of my house for going on 7 years. I
do know quite a bit about the networking, but every day is a learning
experience. I have just started learning about biulding webpages from HTML and
by using a couple different programs like Front Page and such.
Please if there is anything more you would like or need to know, feel free to
ask.
Kris
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
On 11/18/05, Pheno X wrote:
Kris, thank you for sending me the data I've requested. As a consequence, I've
worked and found out the website's administrative password. I have written &
printed on a piece of paper this password along with the instructions necessary
to take down the page you have requested. I just need to know where to send the
paper. I need you to send me a real-life mail address. One that You and Only
You check. The reason I need this and don't just send the data via email is
because someone might get a hold of it (an enemy hacker) and harm your friends'
website (take it down completely, etc.) (and we don't want that).
Pheno X
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
[ Editor's Note - Of course this is bullshit, but we'll see if he's dumb enough
to send us his mailing address... ]
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
From: "Kris Lenning"
To: "Pheno X"
Subject: Re: website hack
Date: Fri, 18 Nov 2005 18:53:10 +0300
Thank you very much, I realy realy thank you. my address here is written as
follows.
Kris Lenning
JSOTF, J-6
APO AE
09363
This address will come straight to me. I can't thank you enough and now we can
keep this chaplain for getting in any trouble.
Kris.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
[ Editor's Note - Yup, not very bright at all. And there you have it -- The
United States Military asking Canadian hackers to commit felonies for them.
Quick, someone call homeland security. The US military is a cyber-terrorist
organization. Oh, wait, no... they can't even hack a website, they are
simply a regular terrorist organization. ]
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
o~ o~ o~ o~ o~ o~ o~ o~ o~ x~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~
I'll throw a dividend at your risky blue chip stocks and own your
gangland through legal investments in real estate, HOMIE!
CES: THE SCIENCE AND THE CONSPIRACY
HISTORY
Research on using Cranial Electrotherapy Stimulation (CES) for treatment of
anxiety began in the former Soviet Union during the 1950's. Its primary focus
for development was for the treatment of sleep disorders, hence its initial
designation as "electro sleep." Treatment of insomnia was soon overshadowed by
psychiatric application for depression and anxiety. Since then, it has been
referred to by many other names such as transcranial electrotherapy (TCET) and
neuroelectric therapy (NET).
CES quickly caught on in East European nations and its use has slowly spread
worldwide. CES has been used internationally now for more than 50 years.
Thousands of people worldwide continue to benefit from it. The most extensive
work on CES continues in Russia at the Pavlov Institute in St. Petersburg.
Current estimates are that there are between 50,000-100,000 units in use
worldwide. No negative effects or major contraindications have been found from
the use of CES.
TECHNICAL SPECIFICATIONS
CES uses an electrical current with 0.5 Hz square-wave which is bipolar
asymmetric (reverses polarity with every wave). Maximum current is generally
1000 microamps or less. This output is readily generated with a "frequency
generator", a common piece of test-equipment found in any electronics lab.
HOW IT'S USED
It's quite simple. Current is directed through dermal contact to travel
transversely through the cranium. In other words, you attach the ear-clips or
contact pads to your earlobes or to the skin on the base of the skull right
behind your ears. Apply the correct current as outlined in the previous
section, and slowly turn up the amperage to a comfortable level. A session is
usually between 20-40 minutes and the results often last between 12-48 hours.
HOW IT FEELS
It feels a lot like being drunk while you're using it. It throws your balance
a bit and makes you feel a little spaced out. Once you've finished a session a
feeling of calm relaxation comes over you. It can be just a little euphoric,
but really more relaxing, centering, and putting you at peace with the world.
These after-effects usually last for at least several hours if not several
days. The after-effects are not impairing at all.
So why does it do this? This particular configuration of electrical current,
when applied through the cranium, actually causes neurotransmitter activity to
re-balance itself. Stress causes our neuro-transmitter levels to become
unbalanced, CES causes them to re-balance, so as a result CES can be used to
treat and/or cure many stress-related illnesses. If you want a more scientific
answer than that please feel welcome to hit the search engines and read the
myriad of medical research available.
One other effect, which is really a side effect due to the proximity of the
region of stimulation to the optic nerves, is that while you are using it you
will see bursts of light in your peripheral vision. These light bursts
(phosphenes) pulse along with the 0.5 Hz frequency of the CES signal. I
speculate that this is simply a result of the electrical current causing
excitation of the retina or optic nerves, which in turn causes the phosphenes.
No big deal. There is no harm being done and they are actually quite
interesting in their own right. The higher the amperage of the current the
more visible the phosphenes are.
We've also noticed that it doesn't seem to work on females. We can only
speculate as to why this may be. But it is a fact that women's brains are
wired very differently than men's (gray matter versus white matter). So that
may be a contributing factor. Who knows? However, studies state that CES is
effective on about 95% of people who have used it. So I guess it must still
have the same neurotransmitter balancing effect on women, just without any of
the other fun side effects.
And finally it should be noted that the effects tend to be cumulative. The
more times you use it, the more you will notice that your brain tends to keep
itself at a relaxed and non-stressed state.
TREATABLE MALADIES
The list of treatable maladies is very extensive, and new ones are being
discovered all the time. I will list a few of the most well known ones here
and will otherwise leave it to the reader to do their own research if they are
inclined. Entering "Cranial Electro-Stimulation" into any search engine yields
a tremendous amount of links to further data and scientific studies on the
subject.
Depression
Anxiety
Insomnia
Addictions (alcohol, street drugs, nicotine, prescription drugs)
Stress
Migraine and tension headaches
Chronic pain
ADHD/ADD
Improve memory & concentration
Chronic fatigue syndrome including fybromyalgia
Pre-menstrual syndrome (PMS)
TMJ dysfunction
Performance anxiety
Panic disorders
Tic dolereaux
Bruxism
Stress induced asthma
Hives
Gastrointestinal disorders
Ulcers or gastritis
Irritable bowel syndrome (IBS)
and so on...
CONTRAINDICATIONS
There simply are no real contraindications resulting from the use of CES.
Persons using pacemakers or other embedded bioelectrical devices should consult
a physician before using CES. With 50 years of use, hundreds of research
experiments, and hundreds of thousands of users, CES has been demonstrated to
be 100% safe.
THE CONSPIRACY
CES has proven to be an effective cure for many of today's most common
ailments. Stress, insomnia, anxiety, depression, "ADD/ADHD", and narcotic
addiction can all be inexpensively treated and cured with CES. Why isn't
everyone using it?! To answer that, one must first ask, "Who stands to benefit
by holding back this technology?" The answer should be immediately obvious...
the major pharmaceutical manufacturers of course. The peddlers of Ritalin,
Paxil, Celexa, Prozac, Methadone, Xanax, Valium, Zoloft... and the list goes
on and on and on. There are literally hundreds of varieties of these drugs
being taken by millions of people daily. That's a lot of money. Billions of
dollars per year in fact. If you were running a racket like that would you
want some cheap and effective solution to millions of peoples pain getting in
the way of your profits? Would you care that many of your "treatments" often
do more harm than good? Would you be more interested in getting people hooked
on your drugs forever rather than trying to cure them? Would you be evil and
gluttonous enough to put money before people's health and well-being? Judging
by the actions of the companies responsible for this booming industry the
answer to all of these questions is a resounding 'YES'.
There is a mountain of evidence indicating that the US government is the
biggest drug pusher on the planet. Many people suggest that the entire US
economy is being propped up by the US government's importation and sale of
heroine and cocaine to their own people. The details and evidence to prove
this are far beyond the scope of this article. If you are so inclined though,
you should be able to find plenty of proof on your own. Suffice it to say; I
have seen enough evidence that I firmly believe this to be the truth.
There is over 50 years of research and hundreds of published medical studies
that have proven conclusively that CES is both safe and effective. So why are
people still being force-fed expensive and ineffective pharmaceuticals to
treat these common ailments? Conspiracy? What other explanation is there?
WHERE TO GET IT
At the time of this writing the only place to get an unused original Voodoo
Magick Box unit is from www.nettwerked.net for an all-time low price of $50.
There are other commercially available CES units in production, but depending
on your countries laws, you may or may not be able to procure one without the
consent of a physician. Furthermore, current commercially available CES units
are rather expensive costing hundreds of dollars.
There is one other option besides building your own. Many of the currently
popular electronic muscle stimulators (TENS units) have a setting to output
the needed 0.5 Hz square wave and work very well as CES units. The self-
adhesive pads tend to work pretty well in place of the more traditional ear-
clips. In fact, this is what the Voodoo Magick Box Model II was (second
revision of the 2 person model) before Voodoo Machine closed up shop. These
TENS units can usually be purchased for $100 or less and can be found at a
variety of places including drug stores and "everything you've seen on TV"
stores.
CONCLUSION
At Hack Canada we have done extensive research and testing of CES technology.
It works. We know many people whose lives have been drastically changed for
the better through the use of this technology. And finally, it's just a fun,
safe, and beneficial way to hack your own brain.
MORE INFORMATION
http://www.hackcanada.com/homegrown/wetware/ces/
Copyright (c) 2005 - CYB0RG/ASM
~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~o ~x ~o ~o ~o ~o
fr0st: how big are you
mmm rootbeer
im 6ft 2in and like 160lbs
about 6' 280lbs
oh shit.
--------------------------------------------------------------------------
Vacuum Love Druid of Orange, '89
--------------------------------------------------------------------------
When I have a lonely weiner, I get out my vacuum cleaner.
In the closet, there she sits. She's got a hole, but no tits.
Gives a blowjob like no other, then cleans rugs for my mother.
ELECTROLUX - really sucks
FILTER QUEEN - makes me cream
SANITAIRE - eats me rare
BLACK & DECKER - chews my pecker
Girls are such a fuckin' pain, my vacuum swallows, won't complain.
I pump her hose down to the bag, she deep throats & NEVER gags,
no more cum shots in my eye, cause my vacuum sucks me dry.
During my last Hoover fuck, a stray bolt of lightning struck,
my vacuum got supercharged, down the tube my balls discharged.
I guess the suction was too strong 'cause my dick's now three feet long.
--------------------------------------------------------------------------
o~ o~ o~ o~ o~ o~ o~ o~ o~ x~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~
Credits:
Without the following contributions, this 'zine issue would be fairly
delayed or not released. So thank you to the following groovy people:
aciddata, CYB0RG/ASM, Daemon, Druid of Orange, fr0st,
gHoSt, h4v3n, Officer Koharski, plastik, The Clone,
Tr00per, and lastly; war.
Shouts:
CYB0RG/ASM, Fractal, h410G3n, Wizbone, The Question, Phlux, Magma,
Hack Canada, port9, Nyxojaele, Ms.O, Tr00per, Flopik, jimmiejaz,
*Senorita Chandelier*, Kankraka, war, Aftermath, Aestetix, DoobieEx,
io, Pinguino, nato, cyburnetiks, hypatia, coercion, tek, Nikita-dawg,
h4v3n, 0min0us, sub, Alan, Kybo Ren, persephone, Kevin Poulsen, The
Nettwerked Meeting Crew, Nettwerked Radio artists and listeners and
the entire Canadian H/P scene.
o~ o~ o~ o~ o~ o~ o~ o~ o~ x~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~ o~
th:s has b..n a
;KKL KKt KKKKE KKKKKK;KKKKKK.DKG iKK, KKt;KKKK# KKKKKk. GKK fKK;KKKKK KKKKKK,
;##k ##t ##### ###### ######:D## ###t ##t'##### ##W"##f ### H#" ##### ###GG##t
;###b##t ### ;##t ;##t f##,###t,##f ### ##W ##j ###,K" ### ### `##j
;######t ##### ;##t ;##t i##D#W#GK## ##### ###KKC ####k, ##### ### ##j
;##G###t ### ;##t ;##t :####iWW##E ### ##K ##R ###"#K; ### ### ,##j
;##l`##t #####t ;##t ;##t #### G###L ##### ##K ##R ### ##K ##### #######t
;##k ##t,#####t,;##t. ;##t. ;##t ;##t ,##### ##K ##R #DD t#K,#EEEE.#DDDDDf'
j################################################################;3jaku1at:on;
i############W####W#####W###W####W###K##W#K################W#####W########W#:
i#####$W##W#K########W##;####W##W#####$######KPK###E"'f###W##WK#####t"tE###i
;####$###W######WDG####E'i########W##W#####W" ';##f f#####; D###E i##j
.W###W$####W###W: t###G L##WD###W##K###W##f ##E :#####,.K###t j##i
G####K###W####f K##i i##i L###W##W###W#t W##. E####i;####' f#K
:######;######G K##; i##, D###K##W#####D .###t K####j L##W ;##W:
j####L`L#####E. E#D 'DL W####$###W####: j###L ;#####D ;##i f###f
D###: J#W###b G#G t####$#W###K###j :####E i#W###E D###, G###L
;###: ;K#$W##K G#G .K#####$###W####j J#####; '##K##G K###; t###,
D##, E#W###j K#G i###W####KW#####; .##$###f i####' E###; :t:
G##f t####E i###: G##$#W#W#######P i##W###G 'W##f 'GDP
G##K "GDf' D###i G####;###W###D' i#WK###G K##;
,###W. i####i G###;'K#####D' ;##W###f D##j .
j#W##: D#K##i G###, f#####W. :#####K' '##j
E#K#D ;K####, j###; E###'##j f####P ##K ,
f###t ,####E `###b.K##G E##, :tf;' ###
'LK" '####; E###,###, t##E ###;
"KKt 'CYb'##W. f###; ;###i
, ' j##K G####; ,####;
. D##W.:##W##E. L###E'
it K###fi##W###: t##E:
G# .####K,######: ;t"
K#: ;#W###:tK##Wf
W#; i#K##W .ii:
,##K. '####f ''
D###j L##f
;####E ..
:####E
G###f
'it" decembEr 'o5