The Hacker's Encyclopedia 1998

home *** CD-ROM | disk | FTP | other *** search

/ The Hacker's Encyclopedia 1998 / hackers_encyclopedia.iso / zines / a_m / lodhtj04.010 < prev next >

Wrap

Text File | 2003-06-11 | 36.8 KB | 717 lines

The LOD/H Technical Journal, Issue #4: File 10 of 10. NETWORK NEWS AND NOTES ---------------------- The Network News and Notes file contains reprints of articles that are of interest to the majority of our intended readers. In this installment we borrowed heavily from the CFCA (Communications Fraud Control Association) Communicator since the newsletter deals specifically with issues relevant to our readers. The CFCA is "a nonprofit educational organization founded in 1985 to help the telecommunications industry combat fraud." Overall, do not let the titles mislead you. Every article contains interesting and we hope useful information. Be sure to take the time and read into them before skipping. Some are a little old but better late than never. If anyone comes across any articles of interest, we would like to know about them. One more note, all comments within brackets [], are remarks made by one of the TJ editors. The first two articles, as was stated in the Introduction, relate the various trouble some noted members of the community ran into. ______________________________________________________________________________ Source: The Wall Street Journal Issue: Wednesday, February 7, 1990 Title: Computer Hackers Accused of Scheme Against BellSouth Author: Thomas M. Burton CHICAGO--Federal grand juries in Chicago and Atlanta indicted four computer hackers in an alleged fraud scheme that authorities said could potentially disrupt emergency "911" telephone service throughout nine Southern States. The men, alleged to be part of a closely knit cadre of computer hackers known as the Legion of Doom, gained access to the computer system, controlling telephone emergency service of BellSouth Corp., the Atlanta-based telecommunications giant. BellSouth, through two subsidiaries, oversees phone service in Alabama, Mississippi, Georgia, Tennessee, Kentucky, Louisiana, Florida, and the Carolinas. The Chicago indictment said members of the Legion of Doom are engaged in disrupting telephone service by entering a telephone company's computers and changing the routing of telephone calls. The hackers in the group also fraudulently obtain money from companies by altering information in their computers, the indictment said. The hackers transferred stolen telephone-computer information from BellSouth to what prosecutors termed a "computer bulletin board system" in Lockport, Ill. In turn, the men planned to publish the computer data in a hackers' magazine, the grand jury charged. -----EDITOR'S NOTES: As always, ignorance and falsehoods are abound in most articles of this nature. For the record, NO TELEPHONE SERVICE WAS INTENTIONALLY DISRUPTED DUE TO THE ACCUSED MEMBERS. Furthermore, NO MONEY FROM COMPANIES WAS EVER FRAUDULENTLY OBTAINED BY ALTERING INFORMATION IN THEIR COMPUTERS. These are the typical WILD accusations made by law enforcement and further distorted by the media in such cases. As for the bbs is Lockport, Ill. well it was simply a legitimate information storage and retrieval system used by many, many people for legitimate purposes of information exchange. It would be very time consuming for the operator of said system to check every file on the system as it was a UNIX based system with a lot of disk space. The hacker magazine stated above is simply Phrack, Inc. put out by Knight Lightning and Taran King. More comments after next article. _____________________________________________________________________________ Source: ComputerWorld Issue: 1990 Title: Babes in high tech toyland nabbed Author: Michael Alexander CHICAGO--- The U.S. Justice Department escalated its ware against computer crime last week with two indictments against members of an alleged computer hacker group, who are charged with stealing a copy of a 911 emergency computer program from BellSouth Telephone Co., among several other crimes. In a seven-count indictment returned in Chicago, Robert X, 20 also known as "The Prophet", is alleged to have used a computer to steal a copy of a computer program owned and used by BellSouth that controls emergency calls to the police, fire, ambulance and emergency services in cities throughout nine Southern states. According to the indictment, after X stole the program -- valued at $79,449 -- he uploaded it to a computer bulletin board. The Chicago indictment further alleges that Craig Y, 19, also known as "Knight Lightning" downloaded the 911 program to his computer at the University of Missouri in Columbia, Mo., and edited it for publication in "Phrack", a newsletter for computer hackers. X and Y allegedly intended to disclose the stolen information to other computer hackers so that they could unlawfully access and perhaps disrupt other 911 services, the Chicago indictment charged. In a second indictment returned in Atlanta, X and two others were charged with additional crimes related to BellSouth systems. All four hackers allegedly are members of the Legion of Doom, described in the indictments "as a closely knit group of about 15 computer hackers", in Georgia, Texas, Michigan and several other states. BellSouth spokesmen refused to say when or how the intrusion was detected or how a computer hacker was able to lift the highly sensitive and proprietary computer program. "Hopefully, the government's action underscores that we do not intend to view this as the work of a mischievous prankster playing in a high-tech toyland", one spokesman said. A source within BellSouth said that much of what the hacker took was documentation and not source code. "They did not disrupt any emergency telephone service, and we are not aware of any impact on our customers", the source said. William Cook, an assistant U.S. attorney in Chicago, declined to comment on whether 911 service was actually disrupted. "It is a matter of evidence,", he said. Cook also said that while the two hackers are charged with carrying out their scheme between December 1988 and February 1989, the indictment came after a year-long investigation. Though Cook refused to say how the hackers were discovered or caught, it is believed that after the initial penetration by one of the hackers, an intrusion task force was set up to monitor subsequent security breaches and to gather evidence against the hackers. If convicted on all counts, X faces a prison sentence of up to 32 years and a maximum fine of $222,000, and Y faces a prison sentence of 31 years and a maximum fine of $122,000. The Atlanta indictment charged Robert X, Adam Z, 22 known as "The Urvile" and also "Necron 99", and Frank XYZ, 23 known as "The Leftist", with eight counts each of computer fraud, wire fraud, access code fraud and interstate transportation of stolen property, among other crimes. If convicted, each defendant faces up to five years imprisonment and a $250,000 fine on each count. The three illegally accessed Bellsouth computers and obtained proprietary information that they distributed to other hackers, the indictment alleged. ----EDITOR's NOTES: As is confirmed in this article, no telephone service was disrupted. The extent of BellSouth's inadequacy regarding security matters was not detailed in these articles. Here is a rundown of what may have possibly happened: BellSouth's SBDN (Southern Bell Data Network) which is a modified Telenet network that contains hundreds if not thousands of network nodes (individual systems) may have been accessed during which time the system that controls the entire network may have been possibly compromised. This would allow someone to access just about any system on the network, since Bellsouth consolidated most of their individual systems onto a large network (economically not a bad idea, but a security nightmare indeed). This may allow one to stumble onto systems dealing with 911. Since it may be interesting to learn how such a system operates and how the 'automatic trace' is accomplished, the documentation would be of some help. No need for any actual programs however. Possibly, maybe, an article paraphrased the operation of 911 and was possibly to be distributed through the Phrack, Inc. newsletter. The last names of those involved were omitted. Go look them up for yourself if you think its that important. Just for the record: KNIGHT LIGHTNING NEVER WAS A MEMBER OF LOD. Yet another error in the reporting...LOD has half the 15 supposed number of members. Another article followed the above one on the same page, by the same author: Last week's disclosure of an alleged hacker theft of highly sensitive BellSouth Telephone Co. documentation for a nine-state 911 emergency system was the second serious security breach of a telephone company network to come to light in as many months. In January, a trio of hackers was able to penetrate computer systems at Pacific Bell Telephone Co. and eavesdrop on conversations and perpetrate other criminal acts. [CW, Jan. 22]. Just how vulnerable are the nation's telephone systems to hacker attacks? Spokesmen for BellSouth and Pacific Bell insist that their systems are secure and that they and other telephone companies routinely assess their vulnerability to hackers. "Security is being constantly changed, every intrusion is studied, passwords are changed," said Terry Johnson, manager of media relations for BellSouth in Atlanta. Johnson however, declined to say how the hackers allegedly were able to lift the documentation to a 911 emergency communication services program. "It is a rather serious computer security breach," said Richard Ichikawa, a Honolulu based telecommunications consultant who specializes in designing and installing 911 emergency systems. Stealing documentation, as the Legion of Doom member is alleged to have done, many not be a particularly difficult task for a savvy hacker, he said. Taking the actual program, while certainly possible, would be much more challenging, however. The computer the controls enhanced 911 service is "quite isolated" from the calling public, Ichikawa said. A recently published report to Congress by the Office of Technology Assessment suggested that the security and survivability of the nation's communication infrastructure is at greater risk to hacker attacks than ever before. Business and government reliance on communications and information based systems has increased, thus much more is at stake when those systems fail, the report stated. The increased publicity of hacker attacks may help to curb attacks by hackers, said Sanford Sherizen, a security consultant at Data Security Systems, Inc., in Natick, Mass. Some law enforcement officials complain that the nation's telephone firms do not cooperate as readily as they would expect when attacks of this sort occur. "They [telecommunications providers] are the single biggest headache law enforcers have right now," said Gail Thackery, Arizona stat assistant district attorney. Regional Bell operating companies contacted last week disputed that assertion. _____________________________________________________________________________ Source: CFCA (Communications Fraud Control Association) Communicator Issue: February-March 1989 Title: But are LD networks safe? Spread over vast distances and segmented by switches guarded by their own passwords, long distance networks are generally safe from virus attacks. According to Henry Kluepfel, Bellcore district manager of Security Planning intruders can easily attain the same information that is available to vendors and service providers. "If passwords are not changed regularly, intruders can quickly wreak havoc". Scott Jarus, division director of Network Loss Prevention for Metromedia, and a member of CFCA's Board of Directors, says that users of "outboard" computer systems should not be assigned high level access to their company's switches or networks. "Non-proprietary hardware and software that handle such functions as billing collection and network database management are targets for unauthorized access and viruses", he says. Mr. Kluepfel says that once hackers have the documentation they can send details on how to crash the systems to hundreds of bulletin boards. "We found that many system administrators didn't realize manufacturers install rudimentary default passwords." Bellcore encourages using sophisticated codes and applying a variety of defenses. "Don't simply rely on a dialback modem, or a good password", says Mr. Kluepfel. "Above all, don't depend on a system to always perform as expected. And remember that new employees don't know the administrative measures the operator knows". Managers should advise clients on any needed internal analysis and investigations, and keep abreast of technological advances when planning their defenses. _____________________________________________________________________________ Source: Same as above Title: Secure those gray boxes After the FCC mandated that telcos provide test modes on the gray [or green (ed. note)] connection boxes usually found outside structures, there have been instances of persons surreptitiously clipping on handsets or snapping in modular connections (RJ-11) to make long distance calls on the residents' line. CFCA advises customers to padlock their boxes to deter such thievery. John Venn, manger of Electronic Operations at PacBell's San Francisco office, reports that the boxes they install have separate connections for company and customer use, so that users have the option of securing access to their portion. PacBell's side has a built-in lock, while customers have padlock hasps. _____________________________________________________________________________ Source: Same as above Title: Product Description: Pen-Link analysis software Author: Mike Murman Since 1986, Pen-Link, Ltd. of Lincoln Neb. has been producing software that supports telecom investigations. Last July, the company introduced an updated version of Pen-Link, a two-year-old program that accepts data from most Dialed Number Recorders (DNRs) manufactured today, pools that information into a common database structure, and allows the user to determine the calling patterns and the codes that have been compromised. In today's ever-expanding telecommunications environment there is a need for faster identification and documentation of abuser call patterns to assure successful prosecutions. In applications of DNRs for investigative purposes, Pen-Link programs have reduced the time normally needed to input, analyze and report call data by as much as 90 percent. The result is improved productivity and quicker response to customers' needs. The Pen-Link 2.0 program also provides several related features. First, it is a communications program, meaning that if you are using a DNR with modem capability or RS232 communication ports, the program can automatically load your call records into a PC, eliminating the time needed to key-in call record data. Second, Pen-Link has an autoload format section that takes call records you have transferred and puts them into a standard record format. This is an important feature, given that the program supports multiple types of DNR hardware that all have unique call data formats. In short, you can use any combination of DNRs in your investigations with Pen-Link and all data will be compatible. Furthermore, the program allows you the flexibility of purchasing new DNRs of any type, and not worry about duplicating your software expense or learning new software programs. [Notice how he keeps saying "you" in this article? (ed.)] Finally, Pen-Link enables you to analyze and report on your call record information. There are 15 different call analysis reports and 6 different graphic reports. If these reports do not meet your needs, the program has a report generator that allows you to customize your analysis and reports. Pen-Link is a dedicated program written in Turbo Pascal. The company elected to start from scratch and develop its own software, rather than simply adapting standard applications. There are two reasons for this approach: dedicated software programs run more efficiently, so that if a hacker is generating thousands of call records and you want to analyze and report this information, the program can provide a report much faster than if you were processing the data manually. The second reason behind this strategy is that users only need to learn and understand the options for the pop-up menu format. Pen-Link also supports color monitors. A manual editing feature allows you to enter your database and find specific records by the criteria you have selected; then review and edit the data. Manual editing also allows you to enter call data from old pen registers that only produce paper strips containing call information. Another feature, the utilities section, provides several options to manage call information stored in your computer. This allows you to archive information to disk, then reload it later when it is needed. If your data files become corrupted, you can reconstruct and reformat them by using the utilities section. And if you wish to use your call data information in another application program, Pen-Link's utilities allow you to create an ASCII text file of call information, which then can be read by these programs. Furthermore, the program can accept ASCII text files from other DNR software programs. The program calls for an IBM or compatible PC equipped with a hard drive, operating under MS-DOS 2.1 or higher. Pen-Link currently supports the following DNRs: JSI, Mitel, Racom, Voice ID, Hekimian, Bartec, Pamco, HDS, and Positive Controls. If you are using a DNR that is not listed, Pen-Link, LTD will program its software so it can automatically load call records from your equipment. The use of DNRs that automatically transfer call record data saves your security department considerable investigative time. Pen-Link's mission is to provide telcom security departments with a sophisticated investigative software tool that is easy to use, flexible and compatible. _____________________________________________________________________________ Source: Same as above Title: Extended Ky. case resolved A 21 year-old Kentucky man was successfully convicted October 27 on 14 counts of computer and toll fraud under a number of state statutes. The defendant, John K. Detherage, pleaded guilty to using his personal computer to identify authorization codes in order to place unauthorized long distance calls valued at $27,000. Detherage had been indicted a year earlier by an Oldham County grand jury on six felony counts related to the scam and two misdemeanor counts of possessing stolen personal identification and calling card numbers. He was later charged with two additional counts of possessing stolen PINs. Detherage originally was to have been tried in February 1988, but the case was postponed when he pleaded guilty. He was sentenced at the Oldham County Circuit Court at LaGrange to pay $12,000 in restitution, and relinquish all computer equipment and software to the court. His charges included theft of services over $100; theft of services; four counts of unlawful access to a computer, second degree; possession of stolen credit or debit cards, and six counts of unlawful access to a computer. Four other counts were dismissed. Kentucky has a number of statutes that can be applied to theft of telephone services. Chapter 514.060 addresses theft of services, while 514.065 describes the possession, use or transfer of a device for the theft of services. Theft of services is defined to include telephone service, and the defendant was charged with two counts under 514.060. Detherage was also charged with 10 counts (six felony and four misdemeanor) under Chapter 434.580, which relates to the receipt of stolen credit cards. Kentucky interprets computer crime as involving accessing of computer systems to obtain money, property or services through false or fraudulent pretenses, representations or promises. _____________________________________________________________________________ Source: Same as above Title: Industry Overview As major players in the telecom industry shore up the defenses on their telephone and computer networks, criminals [who, us?] are turning to smaller, less protected companies [its called survival of the fittest]. In 1988, the use of stolen access codes to make free long distance calls continued to be the favorite modus operandi among network intruders throughout the industry, although code abuse leveled off or declined among large carriers with well funded security organizations and substantial technical apparatus to defeat most toll and network fraud. However, some resellers and PBX owners are being victimized by fraud of all types, probably because most use access codes with only six or seven digits. Such vulnerable systems will continue to be used by abusers to route long distance calls overseas. Fraudulent calls placed on a compromised system quickly accumulate charges the system owner must eventually pay. Many PBX's also lack effective systems able to detect irregular activities and block fraudulent calls. Add to this the fact that several carriers may be handling the inbound and outbound WATS lines, and investigator's jobs can really become complex. The sharp increase in the abuse of voice store-and-forward systems, or voice mail, that began alarming owners and manufacturers early last year will continue through 1989. Last spring, traffickers began seizing private voice mail systems to coordinate drug shipments. Messages can be quickly erased when they are no longer needed. Dealers have been receiving mailbox numbers by pager, then calling in recorded messages from public telephones. No matter how long a security code may be, if intruders obtain an 800 number to a voice mail system they can program a computer and take the time to break it, because it won't cost them anything. Once accessed through a PBX, intruders can exchange stolen lists of long distance access codes, usually without the system owner's knowledge. The time it takes abusers to break into a voice mail system is proportionate to the number of digits in a security code. A four-digit code can, for example be beaten by a skilled computer operator in slightly over a minute. [Clarification, this is probably through the use of default security codes, not sequential or random scanning techniques. ed.] One problem is that voice mail customers don't often know what features to select when buying a system. And few manufactures take the initiative to advise customers of the importance of security. Another problem that has been around for several years, subscription fraud, will continue into 1989, although telcos have reduced it by making customer's applications more detailed and comprehensive [like requiring customers to supply their credit card numbers. This way if they skip town without paying and the credit card is valid and not maxed out, the phone company can still recover the money owned them. ed.], and by checking out potential customers more thoroughly. Dishonest subscribers use false identification and credit references to obtain calling cards and services, with no intention of paying. Intelligent software is available that aids switch and PBX owners in identifying, screening and blocking fraudulent calls. Another precaution is to add digits to access codes, because numbers of fewer than 10 digits cannot withstand today's intruders. A number of carriers have already gone to 14 digits. Some larger carriers have been sending technical representative out to reprogram PBX's, encourage customers to install better safeguards, and advise them to shut down their systems at night and on weekends. Customers should also expect to see billing inserts warning of the improved defenses against fraud. As more companies break into the international market they will need solid security safeguards to protect them against intrusions of their networks. A small interexchange carrier (IC) in Alabama was hit hard recently by "phone phreakers" soon after they opened overseas service. Other start-ups find themselves desperately trying to play catch up after blithely operating several years without a hitch. An IC with 30,000 customers in Southern California increased its seven-digit access codes to ten digits and it aggressively pursuing five groups of hackers its investigators uncovered after discovering that company-issued personal identification numbers were posted on computer bulletin boards. In the final analysis, one fact emerges: widespread cooperation among injured parties will ensure quicker results and conserve vital company resources. _____________________________________________________________________________ Source: PC Week April 10,1989 Title: Keep an Ear Out for New Voice Technology Author: Matt Kramer With the rise in digital transmission of voice and data, it's easy to assume that voice and data have merged into a muddle of indiscriminate material, with voice indistinguishable from data. After all, a bit's a bit, right? But, those people in the white lab coats keep coming up with new ways to use voice technology. The telephone companies are the ones poised to make the most of this technology. U.S. Sprint recently announced that it was experimenting with the use of "voice prints"--a recording of a verbal password that would be used to help identify authorized subscribers using their U.S. Sprint telephone charge cards, which would help cut down on hackers trying to steal telephone service. Subscribers would record a voice print of a verbal password. Then, when they were using their charge cards, they would repeat the passwords to verify their identities. Northern Telecom has embarked on its own efforts to bring voice-recognition technology to public telephone service. it is selling telephone companies a new billing service that uses voice-recognition technology to automate collect and third-number billing calls. Called the Automated Alternate Billing Service (AABS), the system calls the party to be billed and "asks" if the charges will be accepted. The Northern Telecom switch "listens" to the response and either completes the call or informs the calling party that the charges have been refused. Northern Telecom also plans to use voice technology to offer other features, such as allowing the system to announce the caller's name in the party's own voice and stating the call's origin, such as the name of a city, a university or an institution. The big draw for phone companies, of course, is reduction of personnel costs, since no human operator assistance is needed. That's an option for lots of corporate financial officers who have been attracted to automated-attendant phone systems because they can replace a bevy of switchboard operators. What would be interesting about the Northern Telecom technology is to see if it can be expanded to other gear, such as private branch exchanges, and if if can beef up the automated-attendant feature. Rather than require callers to punch a lot of buttons to get in touch with someone, perhaps voice recognition could be used to "listen" for a name and then direct the call to the appropriate party. That would be especially useful in situations where you don't know the exact extension of whomever you are calling. Trying to maneuver around an on-line telephone directory can be a real pain in the neck. At the same time, voice-recognition technology can be paired with voice mail so that users can access their voice mailboxes without having to punch in an identification number or password or to deal with a menu. It would be a lot easier to just say, "Read messages". There's still a lot of potential to be developed in voice technology. _____________________________________________________________________________ Source: PC WEEK May 15, 1989 Title: MCI to Provide Transition to ISDN Author: Matt Kramer MCI Communications Inc. hopes to give its customers a smoother transition to ISDN with new services that offer many of the technology's features without requiring costly upgrades to ISDN-compatible equipment. The communications company recently announced new Integrated Services Digital Network and "ISDN-equivalent" services that will provide MCI customers with network-configuration, control and management features, according to company officials. The equivalent services, which will be available this fall, run over existing in-band signaling channels. True ISDN services require a separate out-of-band D channel for signalling. MCI's full ISDN services are scheduled for delivery in the first quarter of next year. The equivalent services, while not providing the full ISDN feature set, are designed to introduce customers to the benefits of ISDN before requiring them to make the investment in ISDN-compatible telecommunications gear, officials said. "While they may not want to make that expenditure now, they certainly want to have ISDN-like services available", said Kevin Sharer, senior vice president of sales and marketing at MCI, in Washington. The equivalent products include the MCI 800 Enhanced Services Package, which allows customers with dedicated access lines to receive the number of the calling party just prior to receiving the call. This Automatic Number Identification (ANI) is then used to query a database to bring up a customer's account or other information, according to officials. Northern Telecom Inc. and Rockwell International Corp. have developed new software for their private branch exchanges that permits the switches to handle in-band ANI transmission. Some observers expect the equivalent services will be useful in the evolution from existing telecommunications to ISDN. "If all you need is ANI, then the equivalent services might be just what you want", said Claude Stone, vice president of product development at the First National Bank of Chicago and vice chairman of the national ISDN Users Forum. _____________________________________________________________________________ Source: A newspaper Date: Sometime in June Title: Sheriff's prisoners find handcuffs are a snap to get out of Author: unknown Ten jail prisoners who discovered an ingenious way to escape from handcuffs are sending alarms across the nation. Emergency bulletins will be sent to law enforcement agencies via teletype machines nationwide. On Friday, deputies were taking 10 prisoners from the jail downtown to another one in the city. All were handcuffed. "When the deputy opened the back of the van, all 10 guys were smiling and said, 'See what we did,'" the Sheriff said. Each prisoner held up his arms to show broken handcuffs. The culprit was a simple seat belt clip. The circular cuffs are connected with a chain, held tightly to each cuff by a swivel-head link that moves freely to ensure that the chain cannot be twisted when the wrists move. Seat belt clips typically have one or two holes, or slots, that lock them into place with the buckle. The prisoners learned that jamming the swivel-head on the clip stops the swivel head from turning freely. "A quick twist of the wrist, and the chain shears off at the cuff," the sheriff said. The sheriff ordered seat belts removed from jail vans. He also ordered that the prisoners in cruisers be handcuffed with their hands behind their back and the seat belts locked firmly across them. Deputies often handcuffed prisoners' hands in front of their bodies. But even if prisoners were cuffed behind their backs, it would not be difficult for them to manipulate the swivel head into a seat belt buckle and twist themselves free -- if they could reach the seat belt. "This is a danger to every law enforcement officer in the country", the sheriff said. Handcuff manufacturers contacted Friday are studying the possibility of redesigning the handcuffs by enlarging the swivel head or placing some type of shroud over it. "People in jail have 24 hours a day to figure a way out" said the sheriff. "Although only 10 people know the technique, I guarantee that the entire jail population will know how to do it before the day is up,". "The only people who won't know about it is law enforcement officers". The sheriff met Friday with representatives of several local and federal agencies. An FBI spokesman said the escape technique will be described in the FBI's nationally distributed LAW ENFORCEMENT BULLETIN. Although the sheriff was grateful to learn about the technique from prisoners who did not try to escape, he was not amused. He told deputies, "Charge them with destruction of county property. We'll see how funny they think that is." _____________________________________________________________________________ Title: Federal grand jury probes Cincinnati Bell wiretapping flap Source: Data Communications Issue: November 1988 Author: John Bush A federal grand jury in Ohio is investigating illegal wiretapping allegations involving two former employees of Cincinnati Bell who claim the telephone company ordered them for more than a decade to eavesdrop on customers. In addition, an attorney who filed a class-action lawsuit against Cincinnati Bell on behalf of the people and companies who were allegedly wiretapped, says he is trying to prove that the telephone company sold the information gained from the electronic surveillance. A Cincinnati Bell spokesperson denied the charges, saying they were trumped-up by the two former employees, who are seeking revenge after being fired by the telephone company. The lawsuit has been filed against Cincinnati Bell Inc. on behalf of Harold Mills, a former police lieutenant and former commander of the Cincinnati Vice Squad, as well as a number of other individuals and companies. Among the alleged victims mentioned in the complaint were Sen. Howard Metzenbaum (D-Ohio) and Proctor and Gamble Co. (Cincinnati, Ohio). Gene Mesh, the attorney who filed the lawsuit, believes the Cincinnati Bell case is not an isolated incident but a trend...an explosion of cancer that "this kind of thing [wiretapping] has developed its own markets." When asked if Cincinnati Bell was selling the information gained from tapping, Mesh said "we are proceeding along evidentiary lines to prove this." Thus far, the civil action hinges on the testimony of two former Cincinnati Bell employees, Leonard Gates, a supervisor, and Robert Draise, an installer who at one time worked for Gates. Their combined testimony states that, under the auspices of Cincinnati Bell, they conducted over 1,200 illegal wiretaps from 1972 to the present. According to Gates, as a result of the Proctor and Gamble wiretap, "we were into all of P&G's databases." In addition, both Gates and Draise claim to have been in on illegal wiretaps of General Electric Co.'s Aircraft Engines Division near Cincinnati. Draise also claims that he was ordered to identify all of GE's facsimile and modem lines for Cincinnati Bell. Neither Proctor and Gamble nor General Electric would comment. However Sen. Howard Metzenbaum's Washington, D.D., office says that the Senator "found the news shocking and is awaiting more information to see if it [the wiretap] actually happened. Meanwhile Cincinnati Bell maintains that the suit and allegations are merely Gates's and Draise's way of getting back at the phone company for having fired them. Cyndy Cantoni, a spokesperson for Cincinnati Bell, said that "we have heard the allegations that we wiretapped, but if Draise or Gates did any tapping, it wasn't done at Cincinnati Bell's request." Cantoni also cited a letter from Cincinnati Bell President Ray Clark that went out to all Cincinnati Bell employees in the wake of the publicity surrounding the wiretapping accusations. The letter stated that Gates had been warned in April 1985 against continuing an affair with an employee he had been supervising and who had accused him [Gates] of sexual harassment, according to Cantoni. The letter went on to say that Gates reacted to the warning with insubordination and threats and "carried on a campaign against the company." As a result, Gates was fired for insubordination, says Cantoni. Robert Draise was fired after he was convicted of misdemeanor wiretapping charges for tapping the phone line of a friend's girlfriend, Cantoni says. Cincinnati Bell is an independent telephone company that was allowed to keep the "Bell" trademark after divestiture, since it is older than AT&T, says Cantoni. [ End of Document ]