The Basics of Hacking II
Basics to know before doing anything, essential to your continuing
career as one of the elite in the country... This article, "the
introduction to the world of hacking" is meant to help you by telling you
how not to get caught, what not to do on a computer system, what type of
equipment should I know about now, and just a little on the history, past
present future, of the hacker.
Welcome to the world of hacking! We, the people who live outside of the
normal rules, and have been scorned and even arrested by those from the
'civilized world', are becomming scarcer every day. This is due to the
greater fear of what a good hacker (skill wise, no moral judgements
here)|can do nowadays, thus causing anti- hacker sentiment in the masses.
Also, few hackers seem to actually know about the computer systems they
hack, or what equipment they will run into on the front end, or what they
could do wrong on a system to alert the 'higher' authorities who monitor
the system. This article is intended to tell you about some things not to
do, even before you get on the system. I will tell you about the new wave
of front end security devices that are beginning to be used on computers.
I will attempt to instill in you a second identity, to be brought up at
time of great need, to pull you out of trouble. And, by the way, I take no, repeat,
no, responcibility for what we say in this and the forthcoming articles.
Enough of the bullshit, on to the fun: after logging on your favorite bbs,
you see on the high access board a phone number! It says it's a great
system to "fuck around with!" This may be true, but how many other people
are going to call the same number? So: try to avoid calling a number
given to the public. This is because there are at least every other
user calling, and how many other boards will that number spread to?
If you call a number far, far away, and you plan on going thru an
extender or a re-seller, don't keep calling the same access number
(I.E. As you would if you had a hacker running), this looks very suspicious
and can make life miserable when the phone bill comes in the mail.
Most cities have a variety of access numbers and services,
so use as many as you can. Never trust a change in the system...
The 414's, the assholes, were caught for this reason: when one of them
connected to the system, there was nothing good there. The next time,
there was a trek game stuck right in their way! They proceded to play said
game for two, say two and a half hours, while telenet was tracing them!
Nice job, don't you think? If anything looks suspicious, drop the line
immediately!! As in, yesterday!! The point we're trying to get accross is:
if you use a little common sence, you won't get busted. Let the little
kids who aren't smart enough to recognize a trap get busted, it will take
the heat off of the real hackers. Now, let's say you get on a computer
system... It looks great, checks out, everything seems fine.
Ok, now is when it gets more dangerous. You have to know the computer
system to know what not to do.
Basically, keep away from any command something, copy a new file into the
account, or whatever! Always leave the account in the same status you
logged in with. Change *nothing*... If it isn't an account with priv's,
then don't try any commands that require them! All, yes all, systems are
going to be keeping log files of what users are doing, and that will
show up. It is just like dropping a trouble-card in an ESS system,
after sending that nice operator a pretty tone.
Spend no excessive amounts of time on the account in one stretch.
Keep your calling to the very late night ifpossible, or during
business hours (believe it or not!). It so happens
that there are more users on during business hours, and it is very
difficult to read a log file with 60 users doing many commnds every minute.
Try to avoid systems where everyone knows each other, don't try to bluff.
And above all: never act like you own the system, or are the best there
is. They always grab the people who's heads swell... There is some very
interesting front end equipment around nowadays, but first let's
define terms... By front end, we mean any device that you must
pass thru to get at the real computer. There are devices that are made to
defeat hacker programs, and just plain old multiplexers.
To defeat hacker programs, there are now devices that pick up the phone
and just sit there... This means that your device gets no carrier,
thus you think there isn't a computer on the other end. The
only way around it is to detect when it was picked up. If it pickes up
after the same number ring, then you know it is a hacker-defeater.
These devices take a multi-digit code to let you into the system.
Some are, in fact, quite sophisticated to the point where it
will also limit the user name's down, so only one name or set of names
can be valid logins after they input the code... Other devices input a
number code, and then they dial back a pre-programmed number for that code.
These systems are best to leave alone,
because they know someone is playing with their phone. You may think "but
i'll just reprogram the dial-back." Think again, how stupid that is...
Then they have your number, or a test loop if you were just a little
smarter. If it's your number, they have your balls (if male...),
If its a loop, then you are screwed again, since those loops
are *monitored*. As for multiplexers... What a plexer is supposed
to do is this:
The system can accept multiple users. We have to time share, so we'll let
the front-end processor do it... Well, this is what a multiplexer does.
Usually they will ask for something like "enter class" or "line:". Usually
it is programmed for a double digit number, or a four to five letter word.
There are usually a few sets of numbers it accepts, but those numbers also
set your 300/1200/2400 baud data type.
These multiplexers are inconvenient at best, so not to worry. A little
about the history of hacking: hacking, by my definition, means a great
knowledge of some special area. Doctors and lawyers
are hackers of a sort, by this definition. But most often, it is
being used in the computer context, and thus we have a definition of
"anyone who has a great amount of computer or telecommunications
knowledge." You are not a hacker because you have a list of codes...
Hacking, by my definition, has then been around only about 15 years.
It started, where else but, mit and colleges where they had computer
science or electrical engineering departments.
Hackers have created some of the best computer languages, the
most awesome operating systems, and even gone on to make millions.
Hacking used to have a good name, when we could honestly say
"we know what we are doing". Now it means (in the public eye):
the 414's, ron austin, the nasa hackers, the arpanet hackers...
All the people who have been caught,
have done damage, and are now going to have to face fines and sentences.
Thus we come past the moralistic crap, and to our purpose: educate the
hacker community, return to the days when people actually knew something...
No comments:
Post a Comment