=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= ?..plan????anarchyyyyy=||the_futtttture?033o+0_5 ???W33+3op!+o||W333!lkW3x33]!-+o ?W3??o33!+o!+||3l+oW3133+!+o ??W>p?.===================================================.W333!+o ??>?l| >>pluk #01 |W33r3! ???>a| >>http://www.pluk.cjb.net<< |+W33! | || | >? -it's a payfone. don't ask. | | >? -gringo? || | >? ...getting away with it. |3[| ?W3?p?\___________________________________________________/W333!|k+o ?W3o??33!+o!+||3W!fre!oW3133+!o ???W33+3op!+o||W33?!3+[frkv1n]o ??륥?3!+o|W3p3||W3n33!W33[!+o ???!political?W3o3||W3NO3e!!kj3k3!+o -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- >> pluk 01 << ^^^^^^^ -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- passive cut read line love; directionless aim atrophy made fat direct guide flavour force fuel the distance seal the break; service sanctity self revere. you. Is it remembrance? is it progress? Barcode beautician elaborate tunes (Silence) from modernity's mortician; next please please next. -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- >> Contents << =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Introduction.......................................................pluk Group / Site News..................................................pluk General News / Info................................................pluk The (Bastard) Anally Retentive Linux Firewall.......................mrG The Art of Wardialling..........................................mrsp00n How to defeat proxy servers and other lame banning programs...The Nommo A Word of warning - shelling out to avoid embarrassment............squi Basic BIOS and processor performance tuning.........................Ada Kt ember s a rdio..............................................Jzus -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- >> Intro << ^^^^^^^^^^^^^^^^ -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Ohyeababy. Welcome to the first issue of PLUK - brought to you by Irn- Bru, salt 'n vinegar Pringles, MS-DOS edit, strong black coffee, and spiffy inflatable purple aliens [and B&H =) - mrsp00n]. Opening poem from mute communion - "Barcode", by Patrick Jones. Never heard of us before? No problem. Here's a bit of boring and time - wasting background information.. We've been up and running (in one form or another) for around a year... we've had a site in various states of existance, hosted anywhere we could, and we've been active in the UK h/p scene for considerably longer than that..but the general feeling is that the UK h/p scene is severely throttled and overshadowed by US h/p stuff. Faqs, apps, zines etc. that are of any use to the UK resident phreak/hacker are incredibly hard to find. Our aim is to create the first popular, accessible, informative & useful outlet for UK biased h/p info. This isn't to say we won't put out more general stuff of interest. We'll be trawling through stuff that's relevant, and editing/compiling the best bits until we have enough quality and content to warrant releasing another issue. To a degree, the continuation of this depends on your input. If you have something to say, and you know what you're talking about, or you have a question which might be of general interest or importance, drop us a line at any of the group addresses. Ok. Enough of that. Anyway.. please enjoy =] - pluk group [16/12/98] -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- >> Group / Site News << -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- >> Group News < ^^^^^^^^^^ We've been fucking around with the group recently, ie, there has been no real established group, to say the least. Some basic group contact detail for your future reference: pluk group - pluk@phreaker.net division - division@phreaker.net mrSp00n - mrsp00n@phreaker.net squi - squi@beer.com http://www.pluk.cjb.net will always fwd to us, in some way or another. Phonelosers of the UK, PO box 1984, Wilmslow, SK9(???) should be ours soon - as soon as we can be bothered sending the form off to register it. We'll be doing Caldera OpenLinux 1.1, 1.2, and 1.3 CDs bundled with the installation FAQs and howto's for 5 a time, just to cover our postage/CDR costs. We're all either on linux, or moving over onto linux at the moment, so I guess you can look forward to some linux orientated articles in the future. http://members.xoom.com/phonelosers/linuxchiq.jpg =] >> Site News << ^^^^^^^^^^ Like the new site? We've been looking for a reliable host for quite a while now, with limited success...I'm sure we'll sort something out in the near future though. http://www.pluk.cjb.net is the current fwd address, which we'll update as and when anything changes on the hosting front. Other than that, *we know* about the endless broken links, ok?!^$!? We're working on it. >> General News << ^^^^^^^^^^^^^ + DES-III was started and finished in the same day, pretty nifty algorithm huh? Here's what nugget of distributed.net said: "At 07:15 am PST (14:15 UTC), just about the time when we all started getting worried about the 24hour way- point, the solution to DES-III arrived. The winning key, 92 2C 68 C4 7A EA DF F2, revealed the plaintext message: See you in Rome". The message refers to the second AES Conference March 22-23, 1999, revealed by EFF.org's Deep Crack hardware. This is a stern two-fingers to the US government and the restrictions on encryption methods - rc5 is currently in progress at distributed.net, so go get the client and start crunching. You have the right to privacy, and you have the right to protect that how you see fit. Start doing something about it. + "The right to life, liberty, and security of person; freedom from arbitrary arrest and detention; freedom of opinion and expression; freedom of peaceful assembly and association; the right to communicate freely over the Internet and other telecommunications systems." Or so AAASHRAN say (yeah, that mutha of an acronym actually stands for "AMERICAN ASSOCIATION FOR THE ADVANCEMENT OF SCIENCE HUMAN RIGHTS ACTION NETWORK"). They're pushing for the release of two guys imprisoned for using the internet to express their prodemocratic opinions. AAASHRAN says : "On a day when most countries are celebrating the 50th Anniversary of the Universal Declaration of Human Rights, software engineer Lin Hai and physicist and dissident Wang Youcai sit in jail for using the Internet to support democracy in China." They recommend: "Calling for the immediate and unconditional release of Lin Hai and Wang Youcai on the grounds that they were arrested solely for exercising their internationally recognized rights to freedom of expression and association; and urging Chinese officials to cease their interference with electronic communications". You can get the full detail at http://www.eff.org/udhr/lin_hai_aaashran.html. + The Indonesian Government is being blamed for an attack on the Irish ISP, Connect-Ireland, that brought down the East Timor (.tp) virtual country domain. Connect-Ireland are lodging a protest with the Indonesian Embassy in London, after they were forced to shut their systems down, disrupting their service provision to 3,000 customers. The "cracker attacks" started last Tuesday (19th Jan). A week later, Connect-Ireland was still trying to restore it's services. This was a highly-organised attack, and according to Martin Maguire, Connect- Ireland's project director, the crackers had been testing the server's defences for the past nine months, before launching 18 simultaneous attacks from Holland USA, Australia and Japan. You can get more details of this attack at: http://news.bbc.co.uk/hi/english/sci/tech/newsid_263000/263169.stm Connect Ireland's URL is: http://www.connect.ie. >>--on with the show-->> -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- >> The (Bastard) Anally Retentive Linux Firewall << >> by mr goodbytes[bofh@angelfire.com] << -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Y0! So you've just got linux, huh? So you just got pppd working (possibly some of the more windoesnt'd of you used kppp or xisp)? So you're finally connected to the internet with an OS that was designed for the internet and designed the internet? So you think you're a really secure mega-elite hacker/cracker/guru/warezboy? So you think just because you've got the best OS that money can't buy, you're instantly a networks expert? If you *really* are a networks expert, why the hell did you download this? Get back to tweaking your sendmail.cf file! If you *really* are a networks expert and a programmer, you downloaded it to make it better. That probably isn't too hard. The code is a little sloppy and a little hackish. But it does the job and hopefully makes major firewalling easier. I hope some of you *real* network experts would agree with me. You can stop reading this document now, because you'll figure out the code quite quickly. For the rest of you, I wrote this program to help you set up a nice firewall. I like firewalls. I especially like a firewall that is so damned tight, you're up shit creek without a paddle before you even started trying to get in. Hence, the creation of BARF. BARF = Bastard Anally Retentive Firewall Here's a quick installation guide: 0) make sure you have tclX installed 1) copy barf into /usr/local/bin and chmod +x it 2) copy barf.* into /etc 3) read the rest of this document You hopefully copied 3 files into /etc - barf.access, barf.networks and barf.pairs. These files are really simple once you figure them out, and make creating a huge firewall setup quite simple, especially if you want to add networks and masquerade and don't want 20 lines of ipfwadm lines to copy/edit. The default configuration you have been supplied with is a demo only. It will most likely not work with your setup, and if it does, chances are it's not set up the way you want. They do illustrate the power of barf though. There are 33 lines that are not remarks in all three configuration files put together. They are all less than 40 characters long. But when you run barf, they are used to generate the following (rather huge) output. ----------------------- SNIP ----------------------------------------------- # ALL ACCESS BEING DENIED BY DEFAULT ipfwadm -F -f ipfwadm -F -p deny ipfwadm -I -f ipfwadm -I -p deny ipfwadm -O -f ipfwadm -O -p deny # Access being granted: net1>WORLD=normalmasqing ipfwadm -S 192.168.1.0/24 -D 0.0.0.0/0 53 -P tcp -F -a accept -m ipfwadm -S 192.168.1.0/24 -D 0.0.0.0/0 53 -P udp -F -a accept -m ipfwadm -S 192.168.1.0/24 -D 0.0.0.0/0 80 -P tcp -F -a accept -m ipfwadm -S 192.168.1.0/24 -D 0.0.0.0/0 80 -P udp -F -a accept -m ipfwadm -S 192.168.1.0/24 -D 0.0.0.0/0 8080 -P tcp -F -a accept -m ipfwadm -S 192.168.1.0/24 -D 0.0.0.0/0 8080 -P udp -F -a accept -m ipfwadm -S 192.168.1.0/24 -D 0.0.0.0/0 6667 -P tcp -F -a accept -m ipfwadm -S 192.168.1.0/24 -D 0.0.0.0/0 6667 -P udp -F -a accept -m ipfwadm -S 192.168.1.0/24 -D 0.0.0.0/0 25 -P tcp -F -a accept -m ipfwadm -S 192.168.1.0/24 -D 0.0.0.0/0 110 -P tcp -F -a accept -m ipfwadm -S 192.168.1.0/24 -D 0.0.0.0/0 110 -P udp -F -a accept -m ipfwadm -S 192.168.1.0/24 -D 0.0.0.0/0 143 -P tcp -F -a accept -m ipfwadm -S 192.168.1.0/24 -D 0.0.0.0/0 143 -P udp -F -a accept -m ipfwadm -S 192.168.1.0/24 -D 0.0.0.0/0 23 -P tcp -F -a accept -m # Access being granted: net1>net2=fullaccess ipfwadm -S 192.168.1.0/24 -D 192.168.2.0/24 -P all -I -a accept -b # Access being granted: net1>net3=noaccess # Access being granted: WORLD>net1=noaccess # Access being granted: WORLD>net2=someaccess ipfwadm -S 0.0.0.0/0 -D 192.168.2.0/24 80 -P tcp -I -a accept -b ipfwadm -S 0.0.0.0/0 -D 192.168.2.0/24 80 -P udp -I -a accept -b ipfwadm -S 0.0.0.0/0 -D 192.168.2.0/24 23 -P tcp -I -a accept -b ipfwadm -S 0.0.0.0/0 -D 192.168.2.0/24 53 -P tcp -I -a accept -b ipfwadm -S 0.0.0.0/0 -D 192.168.2.0/24 53 -P udp -I -a accept -b ipfwadm -S 0.0.0.0/0 -D 192.168.2.0/24 8080 -P tcp -I -a accept -b ipfwadm -S 0.0.0.0/0 -D 192.168.2.0/24 8080 -P udp -I -a accept -b ipfwadm -S 0.0.0.0/0 -D 192.168.2.0/24 6667 -P tcp -I -a accept -b ipfwadm -S 0.0.0.0/0 -D 192.168.2.0/24 6667 -P udp -I -a accept -b ipfwadm -S 0.0.0.0/0 -D 192.168.2.0/24 2064 -P tcp -I -a accept -b ipfwadm -S 0.0.0.0/0 -D 192.168.2.0/24 25 -P tcp -I -a accept -b ipfwadm -S 0.0.0.0/0 -D 192.168.2.0/24 110 -P tcp -I -a accept -b ipfwadm -S 0.0.0.0/0 -D 192.168.2.0/24 110 -P udp -I -a accept -b ipfwadm -S 0.0.0.0/0 -D 192.168.2.0/24 143 -P tcp -I -a accept -b ipfwadm -S 0.0.0.0/0 -D 192.168.2.0/24 143 -P udp -I -a accept -b # Access being granted: WORLD>net3=webaccess ipfwadm -S 0.0.0.0/0 -D 192.168.0.0/16 80 -P tcp -I -a accept -b ipfwadm -S 0.0.0.0/0 -D 192.168.0.0/16 80 -P udp -I -a accept -b ipfwadm -S 0.0.0.0/0 -D 192.168.0.0/16 8080 -P tcp -I -a accept -b ipfwadm -S 0.0.0.0/0 -D 192.168.0.0/16 8080 -P udp -I -a accept -b # Access being granted: myhost>WORLD=fullaccess ipfwadm -S 192.168.42.42/32 -D 0.0.0.0/0 -P all -I -a accept -b ----------------------- SNIP ----------------------------------------------- I think that's pretty impressive for a 100 line script and 33 lines of configuration. Remember, adding another 10 lines of configuration might make the output three times as long. Such is the power of barf. Now I suggest you go away and read the configuration files and figure it out. Refer to ipfwadm(8) if needs be. If you're really stuck, want to add features or want to complain about how pathetic barf is, mail bofh@angelfire.com. May the source be with you... Always... Mr Goodbytes [barf-0.01-tcl.tar is available in the pluk archive. All the source files and a copy of this article is included --squi] -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- >> The Art of Wardialling << >> by mrsp00n [mrsp00n@phreaker.net] << -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- In case you don't know/got dropped on your head a lot, wardialling is dialling every single number within a certain exchange, or a set of numbers that fit a certain criteria (eg. every 0800 number that ends in 456). When doing this you are more likely to find ANIs (Automatic Number Identification), VMBs (Voice Mail Boxes), interesting computer systems that can be dialled into, and more. There is a small art to wardialling, and in this article, I will try to explain that art as fully as I can. The first thing you must do when wardialling is to pick a good wardialler. You could write your own, but for something as simple and harmless as wardialling using one of the other readily available ones is much easier. I prefer Phonetag for a couple of reasons: a) It's so damn easy to use. b) It allows flexible templates. c) It allows you to enter a prefix. This is handy for putting 141 as the prefix, so nobody can dial 1471 and yell at you for waking them up. d) You can minimise it and it'll run in the background without appearing in the Windows taskbar. (Anyone know of any decent linux/unix wardiallers? -Ed) The second thing you must do is to pick an exchange. If you don't want to have a huge phonebill, you should stick to 0800/0500 numbers, or find a way around paying for the calls. The added advantage of dialling 0800/0500 numbers as opposed to residential numbers is that you can wardial overnight without waking the neighbourhood and pissing them all off. Plus there's not going to be a great ratio of dialups/interesting stuff to normal households, is there? The next thing you'll need to do is to figure out the peculiarities of that exchange. Different exchanges have different numbers recorded messages when you dial a non-existent number. Sometimes after that message there will be a busy tone if you don't hang up. The wardialler will interpret this to mean that the number is just busy, and put it to the end of the list to try it again later. Now, you need to dial into that exchange a couple of times and see how long it takes for the busy signal to come on. I'd guess at it being around 15 seconds, but don't quote me on that. Because of this, I'd set the preferences in the wardialler to only wait for, say, 14 seconds before giving up on the number. Doing this will save a LOT of hassle later on. Now what? Go to bed or something - the wardialler will make a note of any carriers it finds, so you can try dialling them in the morning. Phonetag won't, however, make a note of any VMBs or anything cool like that....so, because of that, some exchanges are worth switching your speakers on and listening to, while others can just be left while you eat your tea/have a bath/molest your kids. As a final note, if you do come up with any decent scans, feel free to share them with us all. Email me at DavidW@deathsdoor.com and I'll stick it on the site and, needless to say, give you full credit. * Phonetag, along with a few other decent wardiallers, is available in the PLUK's Zip archive :) -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- >> How to defeat school proxy servers and other lame banning programs << >> by The Nommo [thenommo@mailcity.com] << -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Ok, being from a school which has recently got a 'net connection, I thought I would be able to use the internet (I hate 'surf') fully. Not so. Why did I trust my school when they said "Pupils can use the internet in their free time." I dunno. The fact is, nowadays, most schools have got some sort of proxy server or software which bans certain sites. So what sort of sites do they ban? Hotmail, Geocities, Demon homepages, Tripod, Xoom, Angelfire, in fact any freespace providers - the backbone of the internet. Did I forget something - oh yes, www.excite.com is banned due to it's hardcore pr0n. Anyways, this text is not meant to be a moan or grumble at my school, but a guide showing pupils all over the world how to get to the sites they need to. Blocking methods I will cover in this text are: ----------------------------------------------- Proxy server software 3rd party software eg. NetNanny Micro$hit Content Advisor Ratings Proxy servers: -------------- Some poxy software is used in conjunction with the proxy servers. When the school/college buys this, they get a free CD database full of URLS and IPs, which is usually implimented so any site specified on the CD can not be loaded. You get an error, 'This page cannot be loaded from this cache. Please contact your system administrator if you think this is innaccurate'. Believe you me, if your sys admin is like mine (bofh), no amount of emailing will do the trick! From the software, any new sites or domains can be banned. For example www.geocities.com can be banned, then no Geocities sites can be loaded up, in the whole of the geocities domain. However, if you can persuade the sysadmin, he can unban specific pages or dirs, eg www.geocities.com/area51/dunno/31337/*, or just the index.html of that page. The software is quite versatile in that kind of way. Now one of the only methods I've come across to get around these bastards, and email me if I'm wrong, is to 'surf anonymously' from sites which are allowed. This tricks the proxy (correctly) into thinking that you are still at the allowed site. I have only found 5 sites which can be surfed from, so use them wisely and don't shout them around... http://www.anonymizer.com - go to the free trial. This one makes you wait 30 secs before the page loads up, so you either have to fork out, or be patient. If you can't be bothered, type: http://www.anonymizer.com:8080/www.xxx.com where www.xxx.com is the site you want to visit. http://www.iproxy.com - Sign up with false details, then browse away... http://www.cyberarmy.com - a few nifty little tools, whois, finger, etc, etc, translator (nicked from altavista's bablefish), have a look. Their anonymising service is unpredictable, to say the least. If bored, mail-bomb your sysadmin. http://cyberpup.virtualave.net http://www.informatik.tu-muenchem.de/cgi-bin/ucgi/pircher/ssis/anonymicer/ If you have found any more, email them to me and I will re-release this text. Now the second way of getting around the proxy servers relies on the fact that the internet is dynamic and is always changing. Domains and IP's are always being bought up by companies who need quicker connections. However, the sysadmins are lazy bastards and can't be bothered to update the CD with the IPs on. What to do is this: Find all the IPs of the domain you want to go to. For this to work, they have to have bought a new IP address that is not listed on the CD. Find the IPs out by doing a 'whois' from your shell account. host~%whois www.geocities.com http://www.cyberarmy.com is just one of many sites which let you do 'whois' from your browser. With that information, substitute the domain name in the URL with the IP, eg: http://www.geocities.com/area51/dunno/31337/ is now: http://127.0.0.1/area51/dunno/31337/ or whatever the IP is. Try with all the available IP numbers you are given in the Whois. The history behind this little trick is that at my school, the whole of Geocities was banned apart from /Area51/. This led me to question why, and surely enough, the answer was because the IP for the area51 section was 'new' (ie, geocities had just bought it up), and hadn't been covered by the proxy software. 31337 3rd party software: ------------------------- Cyber Patrol ------------ You need a special cracking program, you'll find it on the web: name = cypatrol.zip Net Nanny --------- -> Windows 95 CTRL+ALT+DEL (Get close program menu) Choose OCRAWARE End Task -> Windows 3.1/DOS C:\edit config.sys type rem in front of DEVICE=C:\NN\NNDRV.SYS Cybersitter ----------- -> Disable totally CD /WINDOWS copy win.cyb win.ini -> Block action (still logging, tho') CTRL+ALT+DEL end task Tcpwait create c:\windows\temp_holder move the file cywin0.opt there restart internet applications... Cybersitter does not block anymore So... -> Remove any record from the log file Find file cywin.alt (usually inside c:\windows) remove read only switch notepad cywin.alt remove any line that begins with the word 'blocked' save the file remake it read only Content Advisor Ratings: ------------------------ 1) To disable this, get a keylogger, then get the sysadmin to turn off the ratings while you research human biology... Keyloggers can be found at: (just do a search at www.altavista.com) 2) If your sysadmins are not as nice as that, then you need access to regedit.exe - If the puter says that you are not allowed to open that, you need to get yourself a copy of poledit.exe and use that. But I will not go into that in this text... OK, in regedit.exe, go to: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ratings Where you will find 2 values, (Default), and 'Key'. Next to 'Key', there's a chain of two-digit hexes, which can be decoded, similar to the screen saver password, but get the method off another text. Now we want to be devious, so rename 'Key' to somthing else, say, 'KeyX' or even, 'k3Y' (only if you're lame). Reload Internet Explorer, and it won't be able to find 'Key'. You're free! You can even set your own password (not advised ), just remember to change 'KeyX' in the registry, back to 'Key', and all will look normal next time. I hope I have everything covered, feel free to contact me if I have missed anything. I hope you can now browse the 'net without too much hassle. -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- >> A Word of Warning - Shelling out to avoid embarrassment << >> by squi [squi@beer.com] << -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Ok. You've been sat in your room for night and day reading the texts, learning about unix commands from your spiffy linux installation, and now it's time to start looking seriously at penetrating some real systems. Cool. You should be feeling confident, I mean, you have everything you need.. right? Dead fucking wrong. This is the most dangerous mindset you could EVER adopt. Being successful isn't just a case of having elite skill - especially with the current climate in the UK. ISPs are very much aware of underground activity. They *will* trace you and they *will* take action against you. Never connect to a system you want to play with from your home dialup account. Admins can easily contact your ISP with your login details, and your ISP will almost certainly take action under their AUP. The responsibility for conformity with the acceptable use policy rests on the head of the person that pays for the account - regardless of who actually broke the AUP agreement. Solved by using an anonymous / someone else's account? Not really. ISPs keep phone logs - they know when you connected, how long you stayed connected, and what number you dialled from. Every which way, if you enter a system raw (ie, allowing your ISP detail to be shown to the victim), they can and will trace you. It's not worth it. This has to be the most obvious advice ever, yet still I hear about accounts being closed, and legal action being taken. Check out any Acceptable Use Policy page on any ISP, and the listings of actions taken under it's terms. It's worth taking into account that what you're doing is deemed illegal and immoral by the state / society - you can't afford to trust *anyone* with information about you, or what you do. Anonymity is essential, where possible. Don't post to newsgroups with specific details regarding your current projects. It has already been known for police and government intelligences to subscribe to newsgroups, and use the information they can find to their advantage. They can, and will trace you from your nick. These people are by no means stupid or lame - they work with the same intensity as you do, just with a different set of rules. Never, ever underestimate what could even slightly damage you - they are watching and listening constantly. It's not just good to be paranoid, it's fucking essential. Encrypt. Spoof. Anonymize. Be a total nervous fucking wreck. Unless you have a dumb friend with a T1 willing to let you dial him up, you'll need a reliable set of shell providers with outgoing capabilities; ftp, telnet, mail, etc. We know (assuming you don't alter any logs) that your mark will have a set of details about the times you accessed the system, and the movements you made when you were inside. That's bad. Very bad. If you've left the IP you used (or anything that will resolve to that IP) in a system, and the admin gets to know, you're dead in the water. Your ISP will be contacted and your account will be suspended within a few days, maximum. Unless you can spoof your own IP, or play any trickery with the one you are assigned, you need to be looking at changing how you appear to your mark by the use of shells, virtual hosts, etc. Since you'll be using telnet and ftp for most of your movements anyway, it'd be incredibly wise to look at the shell solution. For the slightly less bright among you; you telnet to a shell, telnet out of that shell into another shell, and from that shell into another, etc etc until you've created a string of 3/4/5/however many shells you want. For the administrator on your mark system to trace you, he's gonna have to contact your shell providers individually - if you choose your shell providers wisely, the admin will spend weeks, maybe months in emailing and faxing shell providers. Chances are he won't bother, and you're effectively off the hook. Nicely. Shells are the favoured tool over other bouncing methods, simply because of their functionality. Use whatever methods you can get your hands on though, every bounce adds to the difficulty in tracing anything back to your dialup. This isn't intended to be technical or groundbreaking - I'm making a simple plea for the application of some basic COMMON SENSE. If you're reading this article, I'd hope you have some sort of intelligence - if you're some lil warez pup; go ahead and haX0r .mil and .edu boxen, the sooner we're rid of you the better. If this article stops 1 reasonably minded person from being caught by some authority somewhere, then it'll have served its purpose well. -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- >> Basic BIOS and Processor Performance Tuning << >> by ada [contact via pluk@phreaker.net] << -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- This is for the inanely confident; those sick of their boxen running that little bit too slow. Needful Things: 1) Brain 2) Bible (motherboard manual) BIOS. Depending on your BIOS system, you will want to change some things. Firstly, check for some motherboard presets. One will be for stability, and one will be for performance. Select performance, save, and exit. If this looks promising, leave it. If not, reset. For the adventurous among you wishing to go that little bit further with these performance options; play with the slow/fast, low/med/high, fast/high settings, cross your fingers, reboot. If the machine refuses to boot at all, hitting the reset button several times in succession will restore BIOS defaults and thus get you back to square one. Doctoring BIOS is based around application of basic common sense- this is done to provide faster performance. The stability suffers more and more as the speed increases (uhm, every gold coin has a price to pay). THE PROCESSOR It will help to have a basic knowledge of core voltages, base multipliers and clock speeds, and a heap of self confidence. Multipliers External Clock 2 66 MHz 2.5 75 MHz 3 83 MHz 3.5 100 MHz 4 112 MHz 4.5 133 MHz 5 The multipliers are exactly what they sound like - they are used to multiply the external clock in order to get the desired processor speed. The external clocks vary in speed, with 66MHz being the external clock used most commonly. If you are a lucky little boy [or girl =)], you will have a Pentium II (or equivalent). This will stay sweet using 100MHz (You *can* use higher speeds, although the system will be less stable, and less likely to function). Use the multipliers to obtain the desired processor speed, ie, multiplier 5, external clock 100 would give 500mhz (of course in reality, your processor would fry if you tried this particular boost). The smaller the percentage increase of the speed your processor is run at, the longer it will last. For larger percentage clocking, extra cooling by means of fans, etc. is pretty much essential. I wouldn't give instructions on how to perform something I wouldn't do myself, the following is what I felt happy with. I started with intel PII 350MHz, and am happy to say it ran at 450MHz without a problem. I decided to see what I could squeeze from it, so I pushed up the speed until I reached 500mhz, at which, after a few hours, it crashed into a deep slumber before I could get it working again. So, to recap, select a multiplier (eg, 4.5) and an external Bus (eg, 100). This would make your processor run at 450MHz (4.5 x 100 = 450MHz) [If you have anything to add, or any other useful tips, contact me via above email address (pluk@phreaker.net) - ada] -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- >> Kt ember s a rdio [aka: 2 blokes & a stereo]<< >> by Jzus [we@have.no.fuckin.clue.com] << -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Mi elt kesdek be Merevedni a nagy Beszlsbe, szetnm mondani hogy nem n akartom eszt a szart irni ere a papirnak, aki hogyha seretnd tudni egy nagy buszi. Kezdsre szertnk egy vicet mondani. Kt ember szarakodik egy ccsi ajtval. Mind ket be van rugva. Egy rendr t stal meletk. Meg szlitya hogy: "Ht hogy mer ebe az lapotan, be rugva vesetni", ere meg szlitya hogy: "Nem veszetni akarom inkb hogy ki akarom lopni a rdiot belle." Jaj de vices vltm, majdnem meg haltam a nevedsgben. s te, ja ugy van akor. Mindig ijenec vagytok, nem tutk semit az igazi vilgrol. Baszmeg a qurva anyd szaric a picsd ra te rdg. Jo napot, Jzus. [k..this is the profound tale of 2 carstereo thieves-to-be. 2 guys are breaking into a car. Along comes a policeman, who says "you cant drive in that drunken state", to which one of thieves replies "we're not going to drive it, officer, we only want the stereo." deep, huh? =) --mrsp00n] -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Whew. That's it - our first issue. What a load of shit. It sucked - we know. We're lame and we blow, but we don't give a flying fuck. Issue numero uno was brought to you by, uh, us. We'd like to thank no one for their contribution of nothing. pluk02; coming to a monitor near you when we can get the bitch out. Look for it ya bunch of ereet candyass hax0rs :) Until then, go masturbate. ...I need a beer... --division I didnt do it, nobody saw me do it, ya cant prove anything. We're looking for articles for pluk02, so give us some feedback/contributions and I'll remember you fondly in my will or something. yea. cheers, ta. btw, blame squi for that hungarian thang. --mrsp00n Well yeah I have nothing further to say, so hrmmmm if you think our first issue blows, go die. If you think it's kinda sexy, send us some fuckin money and some expensive hardware. pluk02 out sometime late February or something (I have no clue when) so stay tuned and stuff. BYE. --squi -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-EOF=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=