Copy Link
Add to Bookmark
Report
Phrack Inc. Volume 04 Issue 44 File 04
==Phrack Magazine==
Volume Four, Issue Forty-Four, File 4 of 27
// // /\ // ====
// // //\\ // ====
==== // // \\/ ====
/\ // // \\ // /=== ====
//\\ // // // // \=\ ====
// \\/ \\ // // ===/ ====
PART II
******************************************************************************
<Retyped From an Actual SWBT Handout>
SOUTHWESTERN BELL TELEPHONE
Computer
Security
Guidelines
Computer Security is YOUR Responsibility.
These guidelines are designed to help you know and meet your corporate
obligation.
Prepared by: Information Systems
Computer Security Administration
One Bell Center 22-H-8
St. Louis, MO 63101
For Users
---------
Keep your logon and password information private.
Do not write down passwords, but if you must, keep them in a locked place.
Do not store your password in the computer.
Make sure no on sees you enter your passwords.
Pick non-obvious, non-guessable passwords.
Do not share your logons or passwords.
Change passwords periodically, at least every thirty days.
Open new computer logons for computer resources only when you have a
real need.
Close computer logons you no longer need.
Make sure you have proper protection settings on sensitive computer files.
Do not send confidential information through electronic mail or computer
news systems.
If you suspect security violations, tell management immediately.
Be sure that use of computing resources is for company approved purposes
only.
Do not access any information that your management has not authorized you
to have. When in doubt, ask!
Logoff when you leave your terminal.
If you dialed in, disconnect when you are finished working.
For Managers of Computing Facilities
------------------------------------
Provide procedures to control access to computing resources.
Provide facilities to let users protect proprietary information from
disclosure to unauthorized persons.
Be sure that connection of a computer to any network does not diminish
the control a user has over programs and data.
Provide appropriate security facilities and procedures to protect
computing hardware against damage.
Provide facilities to protect user's data and programs from undesired
changes or destruction.
Ensure that computing resource use has been authorized by a member of
supervision.
Make sure that computing resource use can be tracked to individuals.
Report to managers regularly on the extent of computing resource use.
Provide appropriate backup facilities for data and programs.
Provide audit trails which identify violations and security breaches
and examine them regularly.
For assistance in coordinating computer security activities, contact the
Computer Security Administrator.
For Managers
------------
Make sure you authorize all use of computing resources and that you require
separate logons for each individual.
Make sure that the user of computer resources understands responsibilities
with respect to proper use and security consciousness.
Review computing resource usage reports and the security practices of the
users for which you are responsible.
When a user's employment or need for access ends or changes, make sure
access to computer resources is promptly changed by notifying your
System Administrator.
Report security violations to the General Security Manager and to the
Computer Security Administration Group.
For Information
---------------
The Information Systems Organization provides security and disaster recovery
services to establish, monitor, and audit computer security standards.
If you have any comments or questions regarding computer security, please
contact the Computer Security Administration.
*******************************************************************************
RBOC ORGANIZATIONAL ARCHITECTURE
Compiled By
Phrack Magazine
In an effort to assist the hacking world in their understanding of the
organizational mess created by our fabulous friends at the RBOCs, we have
compiled a list of the various organizations, what their functions are,
which centers they are made up of, and which computer systems they use.
-----------------------------------------------------------------------------
Planning and Engineering
Defines network resources available for assignment
Functions:
Long range and current planning for outside plant, wire centers,
interoffice network, special services, interexchange access
services, and message trunks
Exchange network design
Coordination of activities connected with installation and/or modification
of exchange network components
Centers:
DSPC
SCPC
WCFPC
CAC
IFFPC
IFCPC
TEC
MEC
DSDC
EEC
CSEC
Systems:
LEIS
NPS
FEPS
LSRP
INPLANS
INFORMS
DFDS
SSFS
PICS
LATIS
CAMIS
CUCRIT
-----------------------------------------------------------------------------
Service Provisioning
Allocates assignable existing network resources
Functions:
Circuit design and routing
Verification and assignment of network elements
Controlling and tracking orders during assignment process
Centers:
CPC - Circuit Provisioning Center
LAC - Loop Assignment Center
Systems:
TIRKS
SOAC
SWITCH
COSMOS
WM
LFACS
LOMS
-----------------------------------------------------------------------------
Network Operations
Controls installation, maintenance and testing of circuits
Functions:
Coordination and performance of the activities required to provide service
Surveillance and control of network equipment and facilities
Analysis, sectionalization, and repair of switching and transmission
facilities
Status reporting on service order and/or service restoration activities
Centers:
CRSAB
ICC
MC
NAC
RCMAC
SEAC
SSC
FMAC
STC
DNCC
FCC
SCC
Systems:
McTE
GDS
LMOS
EADAS
TAN
RSA
CRAS
CIMAP
NDS
SEAS
MAS
MIZAR
SARTS
TCAS
CAROT
NMA
NMPS
SCCS
-----------------------------------------------------------------------------
Customer Services
Direct company contact with customers
Functions:
Service negotiation with customers
Creating and routing associated service orders
Creating and maintaining customer records
Reporting the provisioning status to customers
Initiating billing and collection processes
Handling billing and general service inquiries
Centers:
RSC - Residence Service Center
BSC - Business Service Center
ICSC - Interexchange Carrier Service Center
Systems:
BOFADS - Business Office Force Administration Data System
PREMIS - Premises Information System
SOP - Service Order Processor
CABS - Carrier Access Billing System
BOSS - Billing and Order Support System
CRIS - Customer Records Information System
BRIS - Business Revenue Information System
CLAIMS
-----------------------------------------------------------------------------
Quick Breakdown
Process Center System
-----------------------------------------------------------------------------
Planning & Engineering
IOF IFCPC IFFPC IOF/EDC FEPS NPS-F
Switch SCPC WCPC EEC LSD&F LSRP NDS
TNDS/EQ NPS-W
Distribution DSPC DSDC LATIS LEIS NPS-D
Service Provisioning
IOF CAC TIRKS
Switch LAC COSMOS
Distribution LAC LFACS
Network Operations
IOF FMAC CAROT CIMAP TCAS
TNDS/TK
Switch NAC RCMAC SCC EADAS NDS MAS MIZAR
TASC CIMAP NMA NMPS
SCCS
Distribution ICC MC GDS CRAS LMOS/MLT
PREDICTOR TAN
*******************************************************************************
-IS- Blue Boxing Dead?
Australia Direct 800-682-2878
Austria Direct 800-624-0043
Belgium Direct 800-472-0032
Belize Direct 800-235-1154
Bermuda Direct 800-232-2067
Brazil Direct 800-344-1055
British VI Direct 800-248-6585
Cayman Direct 800-852-3653
Chile Direct 800-552-0056
China Direct 800-532-4462
Costa Rica Direct 800-252-5114
Denmark Direct 800-762-0045
El Salvador Direct 800-422-2425
Finland Direct 800-232-0358
France Direct 800-537-2623
Germany Direct 800-292-0049
Greece Direct 800-443-5527
Guam Direct 800-367-4826
HK Direct 800-992-2323
Hungary Direct 800-352-9469
Indonesia Direct 800-242-4757
Ireland Direct 800-562-6262
Italy Direct 800-543-7662
Japan Direct 800-543-0051
Korea Direct 800-822-8256
Macau Direct 800-622-2821
Malasia Direct 800-772-7369
Netherlands Direct 800-432-0031
Norway Direct 800-292-0047
New Zealand Direct 800-248-0064
Portugal Direct 800-822-2776
Panama Direct 800-872-6106
Philippines Direct 800-336-7445
Singapore Direct 800-822-6588
Spain Direct 800-247-7246
Sweden Direct 800-345-0046
Taiwan Direct 800-626-0979
Thailand Direct 800-342-0066
Turkey Direct 800-828-2646
UK Direct 800-445-5667
Uruguay Direct 800-245-8411
Yugoslavia Direct 800-367-9841 / 9842
This file brought to you by The Phone Company
*******************************************************************************
*****************************************
* Step-by-step Programming Instructions *
* For the EO Cellular Module *
*****************************************
1. Unbox and attach the EO Cellular Module to the EO Personal
Communicator 440/880.
2. Once the EO Cellular Module is attached turn on the EO Personal
Communicator 440/880.
3. Open EO Phone.
4. Tap "Options."
5. Tap "Authorized Dealer."
6. Write Dealer Code in space provided. Dealer code is *12345678#. To edit
mistakes, draw a small circle around 2 or 3 of the numbers entered.
This will bring up an edit box and allow easier entry of the number.
Once you have made your corrections, tap "OK."
7. Tap "OK" on the "Authorized Dealer Code" pop-up.
8. Wait approx. 30 seconds and programming screen will appear (The "busy
clock" will appear on screen).
9. If invalid code entry screen appears, the programming screen will be
blank and the "Apply" and "Apply and Close" buttons at the bottom
will be greyed out. Close the programming screen by tapping on the
upper left blacked out corner of the screen. Re-do steps 4 through 7
(refer to the TIP below for a guaranteed method of accurate entry).
A common problem is to enter an "l" instead of a "1" because they appear
to be very similar. To make sure that you have entered a one, check to
see that the character is the same height as the other numbers. The
letter "l" will be slightly taller.
TIP: To insure that you have entered the correct digits (one versus letter
"l" problem above) you can use the accessories keyboard. To use the
keyboard for the Dealer Code entry do the following (replaces steps
4, 5, and 6 above):
a. Tap Accessories in the lower bookshelf.
b. Tap Keyboard. This will bring up the pop-up keyboard.
c. Tap Options at the top of the EO Phone window.
d. Tap Authorized Dealer. This will bring up the Dealer Code pop-up.
e. Tap on the line in the Dealer Code box. A dot (or character) will
appear and now entry from the keyboard will appear in the Dealer
Code box.
f. Now use the keyboard to delete the dot (or character). The Delete
key is the upper right most key on the keyboard.
g. Now use the keyboard to enter the dealer code - *12345678#
(the * and the # keys can be found by tapping the shift
(up arrow) keys.)
h. GO TO STEP 7 and continue.
NOTE: When programming the following entries always use the circle gesture
to change the entry. In other words, circle the existing entry
to bring up the edit combs. Then correct each digit by writing over
the existing digit. This will insure that the number of digits for
each entry is correct. If an entry has an incorrect length then
none of the programed entries will be accepted.
10. Enter the assigned telephone number in the first field. Use the
circle gesture to bring up the edit combs to edit the existing
telephone number. Change each digit by writing over it in the edit
combs. When complete tap "OK."
11. Use the same procedure in step 10 to enter the appropriate SID
in the second field.
12. Use the same procedure in step 10 to enter the corresponding IPCH
(0333 for the non-Wireline or A side provider; 0334 for the Wireline
or B side provider) in the third field.
13. Leave the remaining fields intact as already programed from the
factory unless instructed to change them by the cellular service
provider. Use the circle/edit method to change any necessary
entries. The factory defaults are:
Field Title Default Value
----------- -------------
ACCOLC 00
Group ID 15
Lock Code 1234
SCM 1010
Security Code 123456
Emergency Code 911
14. Tap the "Apply" button on the bottom of the screen. The programming
information you have entered is now being saved in the EO Cellular
Module. This will take approximately 20 seconds.
15. Close the programming screen by tapping the blackened area in the upper
left hand corner of the programming screen.
16. Now set the approximate Roaming Option.
17. Tap Options.
18. Tap Roaming.
19. Enter Security Code. Default is 123456.
20. Tap "OK."
21. Tap next to appropriate roaming option. A check mark will appear.
22. Tap "Apply" button.
23. Close window.
24. Check status line in EO Phone for appropriate indications.
25. Tap "Keypad" tab on right side of EO Phone window. This will bring
up a keypad display which can be used to place a voice call.
26. Make sure that the Cellular Icon is boxed (as opposed to the Phone
Icon in the lower left hand of EO Phone.)
27. Tap the keypad buttons to enter the number to be dialed. The digits will
appear in the dial box at the middle bottom of the EO Phone window.
28. Pick up the handset and tap "DIAL" button in the lower right hand
corner of the screen. This button is just like hitting SEND button
on a cellular phone. This will place a voice call using the number
in the dial box.
29. When call is complete tap "Hang-up" (the DIAL button to "Hang-up" after
the call is connected to the network.) This is just like pressing END
on a cellular phone.
30. Close EO Phone.
31. Programming and testing is now complete.
Helpful Information
The EO Cellular Module contains an OKI 910 cellular phone housed in
specially designed, plated plastics with custom connections into the
proprietary port on the phone.
All programming of this module is done via the EO Personal Communicator
440 or 880. All programming/configuration information for the phone is
stored in the EO Cellular Module and not in the Personal Communicator.
This means that once the EO Cellular Module is programed it can be removed
from the EO Personal Communicator and reattached to any other EO Personal
Communicator without re-programming.
The ESN for the EO Cellular Module can be derived from the Serial number
in the window on the bottom of the module. The cellular module ESN is 129
followed by the last eight digits of the serial number in the window. These
eight digits will usually begin with 013. This eleven digit number should
be provided to the people that will actually assign the telephone number
and activate the EO Cellular Module on the cellular network.
*******************************************************************************
THE HACKER CHRONICLES CD-ROM
Well, he said he was going to do it, and he did.
Scan Man put out a CD-ROM of info collected from the
underground. I had kind of forgotten he was going to
do it, but once I heard rumors of such a thing, I knew he
had.
At HoHo Con last year, Bootleg was very excited about
compiling data from the community for the project he
and Scan Man were working on. As things progressed
however, Bootleg would soon find out that Scan Man
had no intention of working with him, and cut him out of
the project.
This is how it was explained to me. I hope that it is
not true, since Bootleg is back in jail and wouldn't
have the ability to fly out to West Virginia and throttle
Scan Man about the head and neck.
[Description from the Jewel Box]
WARNING!
This material is controversial in nature and may be offensive
to some viewers. Not that the information in and of itself is
not illegal. Quite often the usage of certain information is
illegal. The Hacker Chronicles is for informative and educational
purposes only. All documents and programs in this compilation were
legally available to the public prior to his publication. None of
these criminal acts described on this disc are in any way
condoned or should be attempted.
Over 12 YEARS in the making - this software package contains stories
of how they did it, actual break-ins, arrests, and prosecutions. Most
of the articles were written by the actual people who committed these
acts. Access articles and software with an easy-to-use menu system.
Areas of information include: PHONE PHREAKING (so called hobbyists
who are into telephone technology of all types, well known for their
ability to bypass telephone billing system), COMPUTER HACKERS
(sometimes referred to as cyberpunks, interested in access to any on
line computer system they can find), SATELLITE COMMUNICATIONS
(hobbyists who sometimes employed test software designed for dealers
to defeat scrambling systems), "UNDERGROUND" GENERAL INFORMATION (many
subjects all very technical in nature and explained in detail, such as
ATM's, credit cards, voice mail, hypnotism, bugging, skip tracing,
phone taps, cellular phones, lock picking, social engineering,
virus's, chemical substances, explosives, editorials, legal issues,
alarm systems, spies, hardware, signal interception, private
investigations, security, computer ethics, underground BBS's, TV cable
piracy, boxing and much more!
-----
Uh, that kinda says it all, don't it? CYBERPUNKS, VIRII, WAREZ & STUFF!
Uh, yeah.
Seriously, the disk itself has a shitload of files. This
is rather cool, since now EVERY bbs in the world can put
OVER 650 MEGS OF G-FILES! Heh.
The file on the disc that struck me the most was the
intro written by Scan Man. He went talked about
a lot of things he's done in the past with the scene,
telephone companies, etc. I know Scan Man from WAY back.
Pirate-80 was one of the first real Hacker BBSes I was
ever on. (Remember when it was only up certain hours of the day?)
Reading that file was pretty informing for me. It also
made me smile to see that he's still pissed off at Craig
for tearing him apart in a Phrack some years ago.
Remember, this is by no means a complete collection.
Thankfully, the CD does not have any issues of Phrack
magazine past issue 41 (or else, I would be enjoying
a piece of the revenue :) ). It also, oddly enough,
does not have any LOD-TJ other than 4. It DOES however
have a large collection of CUD, NIA & CDC. Go figure.
The files do represent a neat history of our community
and for the curious neophyte, the nostalgic old-timer, or
anyone with 39 bucks, it might be something worth picking
up just to say you have it. I mean, you never know when
you will need to find issue 12 of LOL, or plans for a
urine box. It will save you the trouble of downloading.
The Hacker Chronicles - A Tour of the Computer Underground
should be available from any outlet that carries CD-ROMS.
Or hell, call P-80. I'm sure Scan Man will sell you a copy:
304-744-7322.
*******************************************************************************
Packet Switched Data Networks
An Introduction and Overview
By: Cosmos
The abundance of networks both private and public has given the hacker
an almost infinite playground. A popular type of network is the
packet switched network like SprintNet (TELENET) that allows local
users to access non-local machines. These WAN's usually serve as
the backbone for many large corporations. Understanding the way
in which they operate can aid many aspects of the hacker's knowledge.
Packet switching is a data networking technology in which user data is
segmented into small units (packets) and transmitted from the sending
user to the receiving user over shared communications channels. Each
individual packet also holds additional information that allows the
network to correctly route the packet to the correct destination. The
size of the packet is limited to a maximum number of characters set by
the individual sender. Packets are measured in octets, which are 8-bit
bytes. User data that exceeds this amount is divided into multiple
packets.
The difference between packet switching and circuit switching
(regular telephone lines) lies in the use of virtual circuits.
These circuits are given the term "virtual" because:
1) they are made up of bandwidth allocated on demand from
a pool of shared circuits
2) no direct physical connection is made on a packet network
3) the connection is a logical one
Due to these facts, packet networks are commonly denoted as connectionless
networks. There are three types of packet networks: public, private, and
hybrid (a combo of the two previous ones).
A packet switched data network (PSDN) has five major components:
1) local access components (LAC)
2) packet assemblers/disassemblers (PAD)
3) packet switching nodes (PN)
4) network links (NL)
5) a network managment system (NMS)
LOCAL ACCESS COMPONENTS
To transmit data through a PSDN, the data must first move from the
end-user to a packet assembler/dissasembler (PAD) or to a packet
switching node with a built-in PAD function. In order to achieve
this, three local access components are required. First is the
end-user data terminal, or more plainly, your computer. Secondly,
an end-user transmission device such as a modem. Thirdly, a
local access facility or physical line (Telephone Line). There are
three types of physical lines: switched analog lines (dial up), leased
analog channels (private lines), and leased digital channels (DDS circuits).
PACKET ASSEMBLERS/DISASSEMBLERS
All data travelling through the PSDN must be routed through a
Packet Assembler/Disassembler (PAD). The PAD's primary function
is to translate user data into network packet format and conversely to
convert network packets into user data. Basically, a PAD serves
as the network translator between the user and the PSDN. Other functions
performed by the PAD include: physical line concentration, call setup
and clearing functions, protocol conversion, code conversion, protocol
emulation, local switching functions, and local call billing functions.
PACKET SWITCHING NODES
The primary component of a packet switching network is the packet
switching node (PN). The packet switching node ensures that each
packet is routed properly through the network. Commonly, PN
configurations are installed in a redundant configuration. This
provides for a convenient backup for network traffic. Other functions
include: call billing, internal network diagnostics, support of
direct host computer access., and inter-network gateway connections.
NETWORK LINKS
Network links are the physical components that connect packet switching
nodes together. Several transmission technologies can be employed
in network linking, including: analog circuits, digital circuits,
microwave systems, and satellite systems. The most common network
link technologies used are Digital Dataphone and other similar
interexchange carrier services, and point to point analog private
lines. Speeds on network links range from 9.6 Kbps to 56/64 Kbps.
Network links are commonly denoted as the "backbone layer" or
the backbone packet network. The local PAD's are termed the
"access layer" or access network.
NETWORK MANAGEMENT SYSTEM
Basically, the network management system (NMS) controls and monitors
the PSDN. It primarily stores and performs maintenance on the
network database. This database is the master copy of all the software
and configurations in each network node. If a node fails or is
not functioning properly, the NMS can download backup information through
the various network links to solve the problem. Thus, a unattended
network is formed.
This is all one needs to understand for a general knowledge of
a packet switched data network. Additional topics can be
pursued further for increased knowledge but are not essential.
You might want to research some info on the standard X.25 protocol,
and other OSI stuff. Anyways, I hope this brief intro article can
be of use in the general knowledge of computer networking.
Cosmos
*******************************************************************************
Stacker Security.
How to Hack a Stacker disk that is password protected!
The 'Stacker' Software increases the space on your hard disk by using
on the fly compression on the data on the disk. It does this by creating
a file called Stacvol.dsk on the hard drive. All of the information that
is put on the disk is compressed and stored in the stacvol.dsk file.
When Stacker is installed on a hard drive, say C: all of the data on
the disk is compressed and stored in the stacvol.dsk file, which is
assigned as a virtual disk C:, the 'real' drive is then assigned D:.
The swapping taking place a boot time.
The Stacvol.dsk file is therefore stored on the D: drive and usually
takes up most of the drive. (ie: a 40M C: drive contains the stacvol.dsk
file of size around 5-39M the disks are swapped at boot time and
the C: drive that the user 'sees' is really the contents of the stacvol.dsk
file on the D drive assigned to C:, everything on the C drive (stacvol.dsk)
is compressed, thus obtaining an increased disk space.)
The point is this, at boot time the owner of the machine can set passwords
to allow the user to have no access, read/write or read-only access to
the C drive/stacvol.dsk file, if a wrong password is entered the stacvol
file is not mounted as the C drive and all a DIR will get you is a directory
of C:\ which will have a few files such as command.com etc, nothing
of any real interest.
So now for the interesting bit, how to get in without a password,
or getting read/write privs when you've only got read-only.
First, boot the computer and go through the password routine.
Get it wrong (you may as well try something like password though just in
case.)
The Stacvol.dsk file is hidden so change its file attributes so you
can edit it. (You'll need a floppy now with a utility such as Norton
diskedit on it)
Load in the diskeditor and get it so that you are editing the stackvol
file in a HEX mode. The first bit of Hex just contains the usual sort of
boot record type rubbish, not too interesting.
The interesting bit is the bit which starts at offset 74
Now the information starting at 00040 is the interesting bit,
on a disk with a password set it will look like this....
00040 20 20 20 20 20 20 20 20 | 20 20 2D 2A 2D 0A 0A 1A
00050 72 AA 91 9C 0F 66 9A ED | AB 18 6E 6D E2 C3 2B 8B
00060 5E CD EF A9 37 1B 53 E2 | C6 F0 E8 9C A4 49 F6 9D
00070 4C F0 AB 32 21 47 FC 91 | 7E 8C 58 D8 D9 D7 DB D3
(All figures obviously in hex.)
The data from 0004B to 0004E is a flag to the device driver to tell
it that a password is required.
From 0004f to 0005F are the encrypted passwords.
(the rest just being data)
NOW, for an unpassworded file this looks like
00040 20 20 20 20 20 20 20 20 | 20 20 20 20 20 0D 0A 1A
00050 49 F6 9D 4E EC B1 26 3D | 0F 6B B2 24 41 07 7B 92
00060 XX XX XX XX XX XX XX XX | XX XX XX XX XX XX XX XX
00070 XX XX XX XX XX XX XX XX | XX XX XX XX XX XX XX XX
Now all you have to do is take a copy of the data in this section
on the stacvol.dsk file you are hacking so that you can return it back to
its original state!
Patch the code above into the corresponding positions into the
file you are hacking, leaving the code denoted by XX alone, this is version
code and depends on the machine so leave it alone!
Save the changes and reboot the machine, it will no longer ask for a
password and you now have full access.
Afterwards re-patch the original code that you noted and if you've used
your common sense then the owner will never know you were there.
(By common sense I mean don't forget to restore time/date stamps etc.)
D2A [D
*******************************************************************************
UNAUTHORIZED ACCESS ONLY
Computers are becoming an integral part of our everyday existence. They are
used to store a multitude of information, from credit reports and bank
withdrawals to personal letters and highly sensitive military documents.
So how secure are our computer systems?
The computer hacker is an expert at infiltrating secured systems, such as
those at AT&T, TRW, NASA and the DMV. Most computer systems that have a
telephone connection have been under seige at one time or another, many
without their owner's knowledge. The really good hackers can re-route the
telephone system, obtain highly sensitive coporate and government documents,
download individuals credit reports, make free phone calls globally, read
private electronic mail and corporate bulletins and get away without ever
leaving a trace.
So who are these hackers? Just exactly WHAT do they DO, and WHY do they do
it? Are they really a threat? What do they do with the information
they obtain? Are hackers simply playing an intellectual game of chess or
are hackers using technology to effectively take control of corporate and
government systems that have previously appeared omnipotent?
Our group is in the course of filming "Unauthorized Access", a documentary
that will demistify the hype and propoganda surrounding the computer hacker.
We will expose the truths of this sub-culture focusing on the hackers
themselves. This will be a view from inside the global underground.
We intend to shoot in the United States, Holland and Germany.
This documentary will be of the highest broadcast quality and is
intended for international television, festival and theatrical distribution.
We are currently looking for additional financial backers interested in this
project. For more information about "Unauthorized Access" or if
you are intrested in providing any information or support, please contact
annaliza@netcom.com.
*******************************************************************************
Mitnick's Soliloquy
Intruder, or not Intruder: that is the question:
Whether 'tis more likely the system suffers
The misuses and malfeasances of outrageous crackers
Or that some user behaves anomalously
And, by so doing, causes false alarms. To alert, to audit;
No more; and by an audit to say we find the attack,
And the thousand failed login attempts
That are seen on the network, 'tis a consummation
Devoutly to be decrypted. To alert, to audit.
To audit, perchance to detect, ay, there's the rub.
For in that detection of attack what false alarms may come;
When we have dumped a million packets
Must give us pause, the analysis
That makes use of long CPU hours and many gigabytes
For who would bear the whips and scorns of time
The analysis by hand, the tired SSOs eyes sore,
The pangs of innocent users, the law's delay,
The insolence of phreaks, and the spurns
That patient merit of unworthy takes
When he himself might his quietus make
By a disconnected ethernet? who would fardles bear
To grunt and sweat under C2 standards
But that the dread of worm after worm
The undiscovered bug from whose bourn
No Vandal turns, puzzles the testers,
And makes us rather ebar those ills we have
That crash the system and erase the hard drive?
Thus intrusion detection makes abusers of us all,
And thus the native hue of normal use
Is sicklied over with the red light of intruder,
and jobs of great size and duration
With this regard their patterns out of normal parameters,
and lose the name of legal system policy.
After Hamlet's Soliloquy,
By JJ
*******************************************************************************