Copy Link
Add to Bookmark
Report
Phrack Inc. Volume 04 Issue 43 File 04
==Phrack Magazine==
Volume Four, Issue Forty-Three, File 4 of 27
// // /\ // ====
// // //\\ // ====
==== // // \\/ ====
/\ // // \\ // /=== ====
//\\ // // // // \=\ ====
// \\/ \\ // // ===/ ====
******************************************************************************
PHRACK TRIVIA
This is pretty damn hard. In fact, some of it is downright obscure.
And the bonuses? Forget about it. Answer the questions, expand the
acronyms, explain the numbers.
The five highest scorers by the next issue (or the first 5 to get
perfect scores) win COOL STUFF!
Send your answers to phrack@well.sf.ca.us
1) CCIS
2) Stimpson J. Cat's Roommate is?
3) Name the cracker.
4) METAL AE password.
5) Who invented the TeleTrial?
6) Name Bloom County's hacker.
7) What was the Whiz Kids' computer named?
8) Western Union owned what long distance service?
9) What computer read both Apple ][ and IBM PC disks?
10) Who made the "Charlie" board?
11) How many credits for a CNE?
12) What was in the trunk of the Chevy Malibu?
13) Name three bands A. Jourgensen had a hand in.
14) SYSTEST Password:
15) What computer makes the best SimStim decks?
16) What magazine brought the telephone underground to national
attention in 1971?
17) What is the significance of 1100 + 1700 hz?
18) What magazine was raided for publishing black box plans?
19) What BBS raid spawned the headlines "Whiz Kids Zap Satellites" ?
20) CLASS
21) What computer responds "OSL, Please" ?
22) RACF secures what OS?
23) The first person to create a glider gun got what?
24) QRM
25) PSS
26) What PSN was acquired by GTE Telenet?
27) 914-725-4060
28) April 15, 1943
29) 8LGM
30) WOPR
31) What happened on March 1, 1990?
32) Port 79
33) Who starred in the namesake of Neil Gorsuch's UNIX security
mailing list?
34) What Dutch scientist did research in RF monitoring?
35) What was the author of GURPS Cyberpunk better known as?
36) Who would "Piss on a spark plug if he thought it would do
any good?"
37) What thinktank did Nickie Halflinger escape from?
38) NCSC
39) Who is Pengo's favorite astronomer?
40) What language was Mitnik's favorite OS written in?
41) Abdul Alhazred wrote what?
42) The answer to it all is?
43) Who is the father of computer security?
44) Who wrote VCL?
45) What kind of computer did Cosmo have?
46) Hetfield, Ulrich, Hammet, Newstead
47) What company wrote the computer game "Hacker?"
48) Who does Tim Foley work for?
49) Who played Agent Cooper?
50) Vines runs over what OS?
51) Mr. Peabody built what?
52) Who makes SecurID?
53) What's in a Mexican Flag?
54) Who created Interzone?
55) JAMs (as led by John Dillinger)
56) Abbie Hoffman helped start what phreak magazine?
57) What was once "Reality Hackers?"
58) Gates and Allen "wrote" BASIC for what computer?
59) Tahoe is related to what OS?
60) CPE 1704 TKS is what?
61) Telemail's default was what?
62) "Do Androids Dream of Electric Sheep" became what?
63) What broadcasts between roughly 40 and 50 mhz?
64) Who created Tangram, Stratosphere, and Phaedra among others?
65) What was Flynn's most popular video game?
66) Who lived in Goose Island, Oregon?
67) 516-935-2481
68) What is the security of ComSecMilNavPac?
69) What has the "spiral death trap?"
70) Who was the Midnight Skulker?
71) TMRC
72) Who wrote "Jawbreaker?"
73) 213-080-1050
74) What is the Tetragrammaton represented as?
75) Who is Francis J. Haynes?
76) Who ran into one of the Akira test subjects?
77) What had "Munchies, Fireballs and Yllabian Space Guppies?"
78) PARC
79) Alex and his droogs hung out where?
80) Jane Chandler in DC's "Hacker Files" is based on who?
81) The Artificial Kid lives on what planet?
82) 208057040540
83) What are the two most common processors for cellular phones?
84) Who came up with the term "ICE?"
85) What group is hoped might help the "Angels" contact RMS?
86) Who is Akbar's friend?
87) What company's games was David Lightman after?
88) 26.0.0.0
89) Who was Mr. Slippery forced to locate?
90) Who is "The Whistler?"
91) What use would a 6.5536 crystal be?
92) .--. .... .-. .- -.-. -.-
93) The Dark Avenger likes what group?
94) What book spawned the term "worm?"
95) Michael in "Prime Risk" wanted money for what?
96) Automan's programmer worked for who?
97) What signal filled in keystrokes on TOPS-20?
98) ITS
99) (a/c)+121
100) What drug kept the scanners sane?
Bonus 1
3 pts Name three bodies of work by Andrew Blake.
Bonus 2
3 pts Name three currently available titles with N. L. Kuzma.
Bonus 3
4 pts Why would I hate Angel Broadhurst?
*****************************************************************************
IF SECURITY TYPES WERE K-RAD
----------------------------------------------------------------
IRC log started Fri June 18 01:14
*** Value of LOG set to ON
<Pat> bye peter
*** Signoff: hackman (slavin' to da' MAN at TRW)
<Ed> Dudez, I HATE filling out thez incident Rep0rtz
<bartman> MUAHAHA Tuff J0b edd1e!
<Ed> Funni
*** zen (zen@death.corp.sun.com) has joined channel #CERT
<Ed> re dan, just missed yer pal peety
<Pat> Hi Dan!
<zen> pal? right. ask the wife...
<venom> re
<zen> d00dz, we have SO many bugz. sux 2 be me.
*** venom has left channel #CERT
*** venom (weitse@wzv.win.tue.nl) has joined channel #CERT
*** venom has left channel #CERT
*** venom (weitse@wzv.win.tue.nl) has joined channel #CERT
*** venom has left channel #CERT
*** venom (weitse@wzv.win.tue.nl) has joined channel #CERT
<venom> ARG!
<bartman> WTF Weitse?
<venom> s0rri
<zen> Where is everyone? Anyone seen spaf?
<Pat> I have. He was going to install something. He should be bak.
<zen> ah
*** Action: Ed throws darts at a cracker
<zen> heh
<venom> muaha
*** bartman is now known as Cracker
*** Action: Cracker hacks Cert with an axe
<venom> dats a good 1
*** Action Ed kicks cracker in the nuts
<Cracker> OUCH!
*** Signoff: donn (Bad Link?)
<Cracker> [high voice] fuk u CERT!
<Ed> heh.
*** Action: Pat is ROFL
<Cracker> wonder who's on #hack? Mebbe i should go log em.
<Ed> Yeah. Oh hey, I got certbot online. Ill send it to go log.
*** certbot (ed@cert.org) has joined channel #CERT
*** certbot has left channel #CERT
<Ed> this will be fun.
<venom> Hey, letz deop them and take over the channel.
<zen> thats L A M E
<Cracker> Ooooh. OPWARZ! I'll go make their channel +i muahaha
*** Cracker has left channel #CERT
*** Casper (casper@fwi.uva.nl) has joined channel #CERT
<Casper> re all
<Venom> hey dik-head.
<zen> re
<Pat> hahahaha hi d00d.
<Casper> funni whitesey venombreath
<Ed> lame.
*** donn (parker@bandit.sri.com) has joined channel #CERT
<donn> 'sup?
<Ed> re, oh great bald one
<donn> eat me
<zen> bahhahaha
<Pat> Now now boyz.
*** spaf (spaf@cs.purdue.edu) has joined channel #CERT
<Pat> Spaffie!
<zen> 3l33t SPAF!
<Ed> re spaf
<spaf> Yo.
<venom> spaf...your book sucks.
<spaf> oh fuck off dutch boy.
<Casper> HEY!$!@%
*** spaf has been kicked off channel #CERT by Casper
<venom> thx dude
<Ed> oh gawd...feetball
*** spaf (spaf@cs.purdue.edu) has joined channel #CERT
<spaf> lame
*** Mode change "+o -o spaf Casper" on channel #CERT by Pat
<spaf> thanks sweetie.
<Casper> op!
*** Mode change "+o Casper" on channel #CERT by venom
<Casper> thx d00d
<Ed> Hey dan, you got those patches online?
<zen> maybe. What YOU got?
<donn> WAREZZ
<Pat> heh
<Ed> I dunno. Ill dcc you a filelist.
<zen> kool
*** zardoz (neil@cpd.com) has joined channel #CERT
<zardoz> HEY ... anyone want to contribute to my new list?
<Ed> not me
<zen> mebbe. Whats this one called? Coredoz?
<donn> what list?
<spaf> BAH. Fuck your list man. More crackrs have them than we do!
<zardoz> who pissed in your coffee gene?
<donn> heh
*** zardoz is now known as neil
<spaf> bah... I'm sick of those dicks using my own holes against me!
<venom> Your holes? Yer a-hole?
<Pat> What is your list about this time?
<neil> same thing. Its called REWT!
*** neil is now known as REWT
<REWT> SEND ME YER BUGZ!@#
*** Action: spaf sends REWT a 50 gig coredump
<Pat> :)
<REWT> u r lame.
*** REWT is now known as neil
<Ed> I hate these reports. I wish I got to travel more.
<Pat> come see me!
<Casper> oooohhhh....netsex!
<spaf> tramp. :P
*** bill (whmurray@dockmaster.ncsa.mil) has joined channel #CERT
<bill> word!
<Pat> hi bill.
<donn> Bill! D00d! I am gonna be in Ct. next week!
<bill> RAD! call me voice at werk. we'll thrash!
<donn> you know it!
<zen> oh puh-lease...the geriatric partiers :)
<donn> farmboy
<Ed> ***** ***** ***** *****
<Ed> * * * * *
<Ed> * *** **** *
<Ed> * * * * *
<Ed> ***** ***** * * *
<Ed>
<Ed> ***** * * * ***** ***** **
<Ed> * * * * * * * **
<Ed> **** * * * *** ***** **
<Ed> * * * * * * *
<Ed> * * ***** ***** ***** ***** **
<Pat> No DUMPING!
<zen> cert freshens your breath
<donn> ACK!
<venom> hee! certs haha
*** ray (kaplan@bpa.arizona.edu) has joined channel #CERT
<ray> hey guys!
<Ed> ugh. Cracker lover alert.
<donn> commie
<bill> Hey ray, come to snoop for your little cracker friends?
<ray> come on, give it a rest guys.
<Pat> hi ray
<venom> ?
*** Action: spaf spits on ray
<spaf> heh
*** ray has been kicked off channel #CERT by spaf
*** Mode change "+b *!*@bpa.arizona.edu" on channel #CERT by spaf
<neil> hey I wanted to talk to him about my list...
<spaf> tough shit.
<donn> heh.
*** bartman (ddrew@opus.tymnet.com) has joined channel #CERT
<Pat> re
<Ed> how goes the takeover?
<venom> didja kick em?
<bartman> #hack is +i! muahahaha
<zen> how exciting. not
<donn> they deserve it...they are all punks.
<spaf> hmm..did you get emails? I may want to call their admins.
<bartman> nope damn.
<Ed> certbot was there. He got it.
<spaf> coolness
*** Signoff: bill (Bad link?)
<Casper> ne1 going to hactics thing?
<venom> me
<Casper> besides you. duh.
<Ed> dunno.
<bartman> not me. I have no desire to pay for anything done by hackers
<Ed> That reminds me. Did anyone subscribe to Phrack?
<Pat> nope.
<bartman> oops. HAHAHAHAHAHA
<Ed> heh.
<donn> Whats phrak?
<neil> nope. my list is better. Who wants on it?
<Pat> me!
<donn> what list?
<Pat> OOH! I have mail! bye!
<bartman> itz an ansi bomb!
<Ed> bye Pat
<Spaf> l8r
<neil> heh.
*** Signoff: Pat (Hugs to all)
<Casper> well, i better do something productive 2. cya
<venom> slatez d00d.
*** Signoff: Casper (Hi ho hi ho its off to work I go)
<donn> man its late. I better go. I gotta speech in the morn
<Ed> you are getting old.
<donn> am not
<Ed> are so
<donn> am not
<Ed> are too! infinity
<donn> hasta
*** Signoff: donn (|/dev/null)
<Ed> laterz
<Spaf> geez. what a bunch of lamers.
(ray/#CERT) UNBAN ME!
<Spaf> hahaha
<Ed> never gives up does he?
<neil> seriously ed, Ive helped you guys out, send me stuff for REWT.
<Ed> ill think about it
<spaf> not
<neil> it will be most savory. I promise. And secure!
<spaf> pfft...and monkeys might fly out of my butt
<Ed> Ill think about it.
<zen> heh, I should do one called Supernova. Exploding suns. hehe
<Ed> heh
<spaf> dats tha tr00f!
<bartman> i like my sun
<Ed> i know a bunch of crackerz who like bt's suns too.
<spaf> hahahahahahahahahaha
<venom> oh shit. Im late.
*** Signoff: venom (LATE!)
<Ed> late 4 what?
<spaf> his vasectomy. har har
<neil> heh
*** REVENGE (kaplan@ai.bpb.arizona.edu) has joined channel #CERT
*** Mode change "+o REVENGE" on channel #CERT by eff.org
<Ed> whoops
*** Mode change "+i" on channel #CERT by REVENGE
<spaf> fuCK! KICK HIM!
*** spaf has been kicked off channel #CERT by REVENGE
*** neil has been kicked off channel #CERT by REVENGE
*** bartman has been kicked off channel #CERT by REVENGE
*** Ed has been kicked off channel #CERT by REVENGE
*** zen has been kicked off channel #CERT by REVENGE
*** REVENGE is now known as ray
<ray> hehe
---------------------------------------------------------------------
****************************************************************************
Phrack Library of Periodicals
2600
Subscription Department
P.O. Box 752
Middle Island, NY 11953-0752
$21.00/Year
Animation Magazine
5889 Kanan Road, Suite 317
Agoura Hills, CA 91301
$21.00/Year
Bank Technology News
Faulkner & Gray, Inc.
Eleven Penn Plaza
New York, NY 10117-0373
$50.00/Year
Ben Is Dead
P.O. Box 3166
Hollywood, CA 90028
$20.00/Year
Boardwatch Magazine
7586 West Jewell Ave., Suite 200
Lakewood, CO 80232
$36.00/Year
Boing Boing
11288 Ventura Blvd. #818
Studio City, CA 91604
$14.00/Year
Communications of the ACM
1515 Broadway
New York, NY 10036
$30/Year
CQ - The Radio Amateur's Journal
76 North Broadway
Hicksville, NY 11801-9962
$22.95/Year
Details
P.O. Box 50246
Boulder, CO 80321
12.00/Year
Dirt
230 Park Ave
New York, NY 10169
(Supplement to Sassy & Marvel Comics)
Electronics Now
Subscription Service
P.O. Box 51866
Boulder, CO 80321-1866
$17.97/Year
Farout
9171 Wilshire Blvd. Suite 300
Beverly Hills, CA 90210
$3.95/Issue
Fate
170 Future Way
P.O. Box 1940
Marion, OH 43305-1940
$18.00/Year
Femme Fatales
P.O. Box 270
Oak Park, IL 60303
$18.00/Year
Film Threat
Subscriptions Department
P.O. Box 16928
N. Hollywood, CA 91615-9960
$11.85/Year
Film Threat Video Guide
P.O. Box 3170
Los Angeles, CA 90078-3170
$12/Year
Fringe Ware Review
P.O. Box 49921
Austin, TX 78765
$12.00/Year
Future Sex
1095 Market Street, Suite 809
San Francisco, CA 94103
$18.00/Year
Gray Areas
P.O. Box 808
Broomall, PA 19008-0808
$18.00/Year
High Times
P.O. Box 410
Mt. Morris, IL 61054
$29.95/Year
IEEE Spectrum
445 Hoes Lane
P.O. Box 1331
Piscataway, NJ 08855-1331
800-678-IEEE for info
The "I Hate Brenda" Newsletter
c/o Ben Is Dead
P.O. Box 3166
Hollywood, CA 90028
$2.00
InfoSecurity News
P.O. Box 3168
Lowell, MA 01853-3168
$40.00/Year
International UFO Library Magazine
11684 Vewntura Blvd. #708
Studio City, CA 91604
$15.00/Year
Magical Blend
1461 Valencia St. Dept. GA
San Francisco, CA 94110
$14.00/Year
Midnight Engineering
1700 Washington Ave.
Rocky Ford, CO 81067-9900
$19.95/Year
Mobile Office
Subscription Department
21800 Oxnard St. Suite 250
Woodland Hills, CA 91367-9644
$23.90/Year
Mondo 2000
P.O. Box 10171
Berkeley, CA 94709
$24.00/Year
Monitoring Times
P.O. Box 98
140 Dog Branch Road
Brasstown, NC 28902-0098
$19.95/Year
New Media
P.O. Box 1771
Riverton, NJ 08077-9771
$48.00/Year
The Nose
1095 Market Street, #812
San Francisco, CA 94103-9654
$15.00/Year
Nuts & Volts
430 Princeland Court
Corona, CA 91719-9938
$17.00/Year
Popular Communications
76 North Broadway
Hicksville, NY 11801-9962
$19.95/Year
Sassy
P.O. Box 50093
Boulder, CO 80321-0093
$9.97/Year
Security Insider Report
11511 Pine St. North
Seminole, FL 34642
$99.00/Year
SunExpert Magazine
1330 Beacon St.
Brookline, MA 02146-3202
$60.00/Year
Tech Connect
12407 MoPac Expwy. N. #100-374
Austin, TX 78758-2499
$12.00/Year
Telephone Engineer & Management
Advanstar Communications, Inc.
P.O. Box 6100
Duluoth, MN 55806-9822
$24.00/Year
UFO
1536 S. Robertson Blvd.
Los Angeles, CA 90035
$21.00/Year
Wild Cartoon Kingdom
9171 Wilshire Blvd., Suite 300
Beverly Hills, CA 90210
$3.95/Issue
Wired
P.O. Box 191826
San Francisco, CA 94119-1826
$20.00/Year
*****************************************************************************
!!!!POST EVERYWHERE!!!!
THE WORLD'S FIRST NOVEL-ON-THE-NET (tm) SHAREWARE!!!
By Inter.Pact Press
"TERMINAL COMPROMISE"
by Winn Schwartau
A high tech thriller that comes from today's headlines!
"The Tom Clancy of computer security."
Assoc. Prof. Dr. Karen Forcht, James Madison University
"Terminal Compromise" is a highly praised novel about the inva-
sion of the United States by computer terrorists.
Since it was first published in conventional print form, (ISBN:
0-962-87000-5) it has sold extremely well world-wide, but then
again, it never hit the New York Times Bestseller List either.
But that's OK, not many do.
Recently, someone we know very well came up with a real bright
idea. They suggested that INTER.PACT Press take the unprece-
dented, and maybe slightly crazy, step to put "Terminal Compro-
mise" on the Global Network thus creating a new category for book
publishers. The idea is to offer "Terminal Compromise," and
perhaps other titles at NOVEL-ON-THE-NET SHAREWARE(tm) rates to
millions of people who just don't spend a lot of time in book-
stores. After discussions with dozens of people - maybe even
more than a hundred - we decided to do just that. We know that
we're taking a chance, but we've been convinced by hackers and
phreakers and corporate types and government representatives that
putting "Terminal Compromise" on the net would be a fabulous step
forward into the Electronic Age, (Cyberspace if you will) and
would encourage other publishers to take advantage of electronic
distribution. (It's still in the bookstores, though.)
To the best of our knowledge, no semi-sorta-kinda-legitimate
-publisher has ever put a complete pre-published 562 page book on
the network as a form of Shareware. So, I guess we're making
news as well as providing a service to the world's electronic
community. The recommended NOVEL-ON-THE-NET SHAREWARE fees are
outlined later (this is how we stay in business), so please read
on.
WE KEEP THE COPYRIGHTS!
"Terminal Compromise" is NOT being entered into the public
domain. It is being distributed electronically so hundreds
of thousands more people can enjoy it and understand just where
we are heading with our omnipresent interconnectedness and the
potential dangers we face. INTER.PACT Press maintains all copy-
rights to "Terminal Compromise" and does not, either intentionally
or otherwise, explicitly or implicitly, waive any rights to
this piece of work or recourses deemed appropriate. (Damned
lawyers.)
(C) 1991, 1992, 1993, Inter.Pact Press
TERMINAL COMPROMISE - THE REVIEWS
" . . . a must read . . ."
Digital News
"Schwartau knows about networks and security and creates an
interesting plot that will keep readers turning the pages."
Computer World
"Terminal Compromise is fast-paced and gripping. Schwartau
explains complex technology facilely and without condescension."
Government Computer News
"An incredibly fascinating tale of international intrigue . . .
action . . . characterization . . . deserves attention . . .
difficult to imagine a more comprehensive resource."
PC Laptop
"Schwartau . . . has a definite flair for intrigue and plot
twists. (He) makes it clear that the most important assets at
risk are America's right to privacy and our democratic ideals."
Personal Identification News
"I am all too familiar with the appalling realities in Mr.
Schwartau's book. (A) potentially catastrophic situation."
Chris Goggans, Ex-Legion of Doom Member.
" . . . chilling scenarios . . . ", "For light summer reading
with weighty implications . . . ", " . . . thought provoking,
sometimes chilling . . . "
Remember, it's only fiction. Or is it?
TERMINAL COMPROMISE: SYNOPSIS
"It's all about the information . . . the information."
From "Sneakers"
Taki Homosoto, silver haired Chairman of Japan's huge OSO Indus-
tries, survived Hiroshima; his family didn't. Homosoto promises
revenge against the United States before he dies. His passion-
ate, almost obsessive hatred of everything American finally comes
to a head when he acts upon his desires.
With unlimited resources, he comes up with the ultimate way to
strike back at the enemy. Miles Foster, a brilliant 33 year old
mathematician apparently isn't exactly fond of America either.
The National Security Agency wanted his skills, but his back-
ground and "family" connections kept him from advancing within the
intelligence community. His insatiable - borderline psychotic-
sex drive balances the intensity of waging war against his own
country to the highest bidder.
Scott Mason, made his fortune selling high tech toys to the
Pentagon. Now as a New York City Times reporter, Mason under-
stands both the good and the evil of technology and discovers
pieces of the terrible plot which is designed to destroy the
economy of the United States.
Tyrone Duncan, a physically huge 50-ish black senior FBI agent
who suffered through the Hoover Age indignities, befriends Scott
Mason. Tyrone provides the inside government track and confusion
from competing agencies to deal with the threats. His altruistic
and somewhat pure innate view of the world finally makes him do
the right thing.
As Homosoto's plan evolves, Arab zealots, German intelligence
agents and a host of technical mercenaries find the weaknesses in
our techno-economic infrastructure. Victims find themselves
under attack by unseen adversaries; Wall Street suffers debili-
tating blows; Ford and Chrysler endure massive shut downs. The
U.S. economy suffers a series of crushing blows.
From the White House to the Pentagon to the CIA to the National
Security Agency and FBI, a complex weaving of fascinating politi-
cal characters find themselves enmeshed a battle of the New World
Order. Sex, drugs, rock'n'roll: Tokyo, Vienna, Paris, Iraq,
Iran. It's all here.
Enjoy reading "Terminal Compromise."
SHAREWARE - NOVEL FEES:
We hope that you enjoy "Terminal Compromise" as much as everyone
else has, and that you will send us a few shekels according to
the following guidelines.
The NOVEL-ON-THE-NET SHAREWARE(tm) fees for us as a publishing
company are no different than the fees for software application
shareware publishers, and the intent is the same. So please, let
us continue this form of publishing in the future.
NOVEL-ON-THE-NET SHAREWARE Fees For The People:
The suggested donation for individuals is $7. If you hate Termi-
nal Compromise after reading it, then only send $6.50. If you're
really, really broke, then tell a hundred other people how great
it was, send us a rave review and post it where you think others
will enjoy reading it, too. If you're only a little broke, send
a few dollars. After all, this is how we stay in business. With
each registration, we will also send a FREE! issue of "Security
Insider Report," a monthly security newsletter also published by
Inter.Pact Press.
NOVEL-ON-THE-NET SHAREWARE Fees For Businesses:
We hope that you put "Terminal Compromise" on your internal
networks so that your employees will have the chance to enjoy it
as well. It's a great way to increase security awareness amongst
this country's 50,000,000 rank and file computer users. Plus,
it's a hell of a good read.
One company plans on releasing a chapter every few days
throughout its E-Mail system as a combination of security aware-
ness and employee 'perc'. Try it; it works and your employees
will appreciate it. Why? Because they'll all talk about it -
bringing security awareness to the forefront of discussion.
FEES
Distribution for up to 100 people on a single network: $ 500
(Includes 1 Year subscription to "Security Insider Report.")
Distribution for up to 1000 people on a single network: $ 3000
(Includes 10 1 Year subscriptions to "Security Insider
Report.")
Distribution for up to 2500 people on a single network: $ 6250
(Includes 1 Year electronic Corporate site license to
"Security Insider Report.")
Distribution for up to 5000 people on a single network: $ 10000
(Includes 1 Year electronic Corporate site license to
"Security Insider Report.")
Distribution for up to 10000 people on a single network: $ 15000
(Includes 1 Year electronic Corporate site license to
"Security Insider Report.")
Distribution for up to 25000 people on a single network: $ 25000
(Includes 1 Year electronic Corporate site license to
"Security Insider Report.")
Distribution for more than that - Please call and we'll figure it
out. Would you like us to coordinate a special distribution
program for you? Would you like in Postscript or other visual
formats? Give us a call and we'll see what we can do.
* * * * * * * * * *
Please DO NOT UPLOAD AND DISTRIBUTE "Terminal Compromise"
into your networks unless you intend on paying the recom-
mended fees.
* * * * * * * * * *
NOVEL-ON-THE-NET SHAREWARE Fees for Universities: FREE!
"Terminal Compromise" has been used by many schools and universi-
ties as a teaching supplement. Recognized Educational institu-
tions are entitled to use "Terminal Compromise" at NO COST, as
long as you register with us that you are doing so. Please pro-
vide: School name, address, etc., the course, the instructor, and
the reason for using it. Also, we'd like to hear from you and
tell us how it went. Thanks.
SHAREWARE-NOVEL Fees for Local, State and Federal Governments.
You have the money. :-) Please send some back by following
the same fee guidelines as those for businesses.
Government employees: You are The People - same fees are
appreciated.
* * * * * * * * * *
Agencies: Do not upload and distribute "Terminal Compromise"
unless you plan on paying the fees.
* * * * * * * * * * *
NOVEL-ON-THE-NET SHAREWARE Fees for the International Community
Make payments in $US, please.
GETTING TERMINAL COMPROMISE:
You can get your copy of Terminal Compromise from a lot of
sites; if you don't see it, just ask around. Currently the novel is
archived at the following sites:
ftp.netsys.com
/pub/novel
wuarchive.wustl.edu
/doc/misc
soda.berkeley.edu
/pub/novel
It consists of either 2 or 5 files, depending upon how you re-
ceive it. (Details at end of this file.)
Feel free to post all five files of "Terminal Compromise" any-
where on the net or on public or private BBS's as long as this
file accompanies it as well.
Please forward all NOVEL-ON-THE-NET SHAREWARE fees to:
INTER.PACT PRESS
11511 Pine St. N.
Seminole, FL., 34642
Communications:
Phn: 813-393-6600
Fax: 813-393-6361
E-Mail: p00506@psi.com
wschwartau@mcimail.com
We will accept checks, money orders, and cash if you must, and we
mean if you must. It's not the smartest thing in the world to
send cash through the mail. We are NOT equipped at this point
for credit cards.
Remember, "Terminal Compromise is copyrighted, and we will vigor-
ously pursue violations of that copyright. (Lawyers made us say
it again.)
If you ABSOLUTELY LOVE "Terminal Compromise," or find that after
50 pages of On-Screen reading, you may want a hard copy for your
bookshelf. It is available from bookstores nationwide for
$19.95, or from Inter.Pact directly for $19.95 + $3.50 shipping
and handling. If you first paid the $ 7 NOVEL-ON-THE-NET SHARE-
WARE fee, send in proof and we'll deduct $ 7 from the price of
the hard copy edition.
ISBN: 0-962-87000-5
Enjoy "Terminal Compromise" and help us make it an easy decision
to put more books on the Global Network.
Thank you in advance for your attention and your consideration.
The Publishers,
INTER.PACT Press
READING "TERMINAL COMPROMISE"
"Terminal Compromise" will come to you in one of two ways:
1) Original Distribution Format From Inter.Pact Press contains
only two -2- files.
TC_READ.ME 13,927 Bytes
That is this file you are now reading and gives an overview of
"Terminal Compromise" and how NOVEL-ON-THE-NET Shareware works.
TERMCOMP.ZIP 605,821 Bytes
This is the total content of "Terminal Compromise". Run PKUNZIP
to expand the file into four -4- readable ASCII files.
2) Some locations may choose to post "Terminal Compromise" in
readable ASCII form. There will then be four files in addition
to the TC_READ.ME file.
TERMCOMP.1 250,213 Bytes
contains the Introduction and Chapters 1 through 5.
TERMCOMP.2 337,257 Bytes
contains Chapters 6 through 14.
TERMCOMP.3 363,615 Bytes
contains Chapters 15 through 21.
TERMCOMP.4 388,515 Bytes
contains Chapters 22 through 30 and the Epilogue.
Enjoy "Terminal Compromise!" and pass it on to whomever you
think would enjoy it, too!
Thank You!
****************************************************************************
THE STATE OF SECURITY IN CYBERSPACE
SRI International conducted a worldwide study in 1992 of a broad range of
security issues in "cyberspace." In brief, cyberspace is the full set of
public and private communications networks in the United States and elsewhere,
including telephone or public switched telephone networks (PSTNs), packet data
networks (PDNs) of various kinds, pure computer networks, including the
Internet, and wireless communications systems, such as the cellular telephone
system. We did not address security vulnerabilities associated with
classified, secure communications networks used by and for governments.
The study was conducted as part of our ongoing research into the
vulnerabilities of various software components of cyberspace. Our approach was
to conduct research through field interviews with a broad range of experts,
including people we characterize as "good hackers," about security issues and
vulnerabilities of cyberspace and the activities of the international
"malicious hacker" community.
While the specific results of the study are proprietary to SRI, this brief
report summarizes our general conclusions for the many individuals who kindly
participated in our field interviews. As we indicated during our field
interviews, the original research for this project was not part of any other
kind of investigation, and we have not revealed the identify of any of our
respondents.
The study aimed to understand "malicious hackers," that is, people who have and
use the technical knowledge, capability, and motivation to gain unauthorized
access, for various reasons, to systems in cyberspace. It is important to
understand that by no means all hackers are malicious nor does most hacking
involve unauthorized access to cyberspace systems; indeed, only a small
fraction of computer hacking involves such activities but gives hacking an
otherwise undeserved bad reputation. While we attempted to focus on technical
(software) vulnerabilities, our interviews led us to look more at the broader
motivations and different approaches to cracking into various networks and
networked systems.
MAIN CONCLUSIONS
Our main conclusion is that social, organizational, and technological factors
still combine in ways that make much of cyberspace relatively vulnerable to
unauthorized access. The degree of vulnerability varies from one type of
communications system to another. In general, the PSTN is the least vulnerable
system, the PDNs are somewhat more vulnerable than the PSTN, the Internet is
relatively insecure, and as is widely known, the cellular phone system is the
most vulnerable of the four major areas we addressed.
The main vulnerabilities in most communications networks involves procedural,
administrative, and human weaknesses, rather than purely technical
vulnerabilities of network management, control systems, and hardware, and
software. There are technical vulnerabilities--poor system design and specific
security flaws in software--but they are mainly exploitable because of the
above problems.
Highlights of the study's conclusions include:
o Malicious attacks on most networks and networked systems cannot be completely
prevented, now or in the future. More than enough information is publicly
available to hackers and other technically-literate people to preclude attempts
at prevention of intrusions.
o It is possible individuals or groups could bring down individual systems or
related groups of systems, on purpose or by accident. However, security is
generally improving as a result of dealing with past threats and challenges to
system security. For instance, responses to the most recent serious threat to
the Internet, the so-called Internet Worm in 1989, included improved security
at sites vulnerable to this sort of worm.
o We found no evidence that the current generation of U.S. hackers is
attempting to sabotage entire networks. On the contrary, doing so is
inconsistent with the stated ethics and values of the hacker community, which
are to explore cyberspace as a purely intellectual exercise without malicious
intent or behavior. Some individuals who operate outside this informal ethical
framework, however, can and do damage specific systems and occasionally use
systems for personal gain or vindictive activities.
o There is some evidence that the newest generations of hackers, may be more
motivated by personal gain than the traditional ethic of sheer curiosity. This
development could mean that networks and networked systems could become more
likely targets for attacks by hardened criminals or governments' intelligence
services or their contractors (i.e., employing malicious hackers). This threat
does not appear to be significant today but is a possible future scenario.
o The four major areas of vulnerability uncovered in our research have little
or nothing to do with specific software vulnerabilities per se. They relate
more to the ways in which hackers can gain critical information they need in
order to exploit vulnerabilities that exist because of poor systems
administration and maintenance, unpatched "holes" in networks and systems, and
so on.
- The susceptibility of employees of businesses, public organizations, schools,
and other institutions to "social engineering" techniques
- Lax physical and procedural controls
- The widespread availability of non-proprietary and of sensitive and
proprietary information on paper about networks and computer systems
- The existence of "moles," employees of communications and computer firms and
their suppliers who knowingly provide proprietary information to hackers.
o The vulnerabilities caused by shortcomings in software-based access controls
and in hardware-related issues constitute significantly lower levels of risk
than do the four areas discussed above on more secure networks such as the PSTN
and PDNs. However, on the Internet and similar systems, software-based access
controls (for instance, password systems) constitute significant problems
because of often poor system maintenance and other procedural flaws.
RECOMMENDATIONS
Based on our research, we recommend the following:
1. Protection of organizational information and communications assets should be
improved. Issues here range from those involving overall security systems to
training employees and customers about maintenance of security on individual
systems, handling and disposition of sensitive printed information, and dealing
with "social engineering."
2. Techniques used to protect physical assets should be improved. For example,
doors and gates should be locked properly and sensitive documents and equipment
guarded appropriately.
3. Organizations and their employees should be made aware of the existence and
role of moles in facilitating and enabling hacker intrusions, and care taken in
hiring and motivating employees with the mole problem in mind.
4. Software- and hardware-based vulnerabilities should also be addressed as a
matter of course in systems design, installation and maintenance.
5. Organizations concerned with information and communications security should
proactively promote educational programs for students and parents about
appropriate computer and communications use, personal integrity and ethics, and
legitimate career opportunities in the information industry, and reward
exemplary skills, proficiency and achievements in programming and ethical
hacking.
6. Laws against malicious hacking should be fairly and justly enforced.
SRI's believes that the results of this study will provide useful information
to both the operators and users of cyberspace, including the hacker community.
We are planning to continue our research in this area during 1993 within the
same framework and conditions (i.e., anonymity of all parties and
organizations) as we conducted the 1992 research. We invite hackers and others
who are interested in participating in this work through face-to-face,
telephone or email interviews should contact one of the following members of
the SRI project team:
A. J. Bate
SRI International
Phone: 415 859 2206
Fax: 415 859 3154
Email: aj_bate@qm.sri.com,
aj@sri.com
Stuart Hauser
SRI International
Phone: 415 859 5755
Fax: 415 859 3154
Email: stuart_hauser@qm.sri.com
Tom Mandel
SRI International
Phone: 415 859 2365
FAX: 415 859 7544
Email: mandel@unix.sri.com
*****************************************************************************