home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
Hacker Chronicles 1
/
HACKER1.ISO
/
phrk3
/
phrack33.5c
< prev
next >
Wrap
Text File
|
1992-09-26
|
49KB
|
1,082 lines
==Phrack Classic==
Volume Three, Issue 33, File #5 of 10
@#$%&@#$%&@#$%&@#$%&@#$%&@#$%&@#$%&@#$%&@#$%&#$%&@#$%&@#$%&@#$%&@#$%&@#$%&#@
# $
$ A %
& @
@ Hacker's Guide #
# $
$ to %
% &
& The Internet @
@ #
# $
$ By: The Gatsby %
% &
&@#$%&@#$%&@#$%&@#$%&@#$%&@#$%&@#$%&@#$%&@#$%&@#$%&@#$%&@#$&@#$%&@#$%&@#$%&@
@ #
$ Version 2.00 ! AXiS ! 7/7/91 $
% &
&@#$%&@#$%&@#$%&@#$%&@#$%&@#$%&@#$%&@#$%&@#$%&@#$%&@#$%&@#$&@#$%&@#$%&@#$%&@
1 Index
~~~~~~~~~
Part: Title:
~~~~ ~~~~~
1 Index
2 Introduction
3 Glossary, Acronyms & Abbreviations
4 What is The Internet ?
5 Where Can You Access The Internet
6 TAC
7 Basic Commands
a TELNET command
b ftp ANONYMOUS to a Remote Site
c Basic How to tftp the Files
d Basic Fingering
8 Networks You Will See Around
9 Internet Protocols
10 Host Name & Address
11 Tips and Hints
2 Introduction
~~~~~~~~~~~~~~~~
Well, I was asked to write this file by Haywire (aka. Insanity, SysOp
of Insanity Lane), about Internet. Thus the first release of this file was in
a IRG newsletter. Due to the mistakes of the last release of this file has
prompted me to "redo" some of this file, add some more technical stuff and
release it for AXiS.
I have not seen any files written for the new comer to Internet, so
this will cover the basic commands, the use of Internet, and some tips for
hacking through internet. There is no MAGICAL way to hacking a UNIX system, i
have found that brute force works best (Brute hacker is something different).
Hacking snow balls, once you get the feel of it, it is all clock work from
there. Well i hope you enjoy the file. If you have any questions i can be
reached on a number of boards. This file was written for hackers (like me)
who do not go to school with a nice Internet account, this is purely written
for hackers to move around effectively who are new to Internet. The last part
of this file is for people who know what they are doing, and want more
insight.
- The Crypt - - 619/457+1836 - - Call today -
- Land of Karrus - - 215/948+2132 -
- Insanity Lane - - 619/591+4974 -
- Apocalypse NOW - - 2o6/838+6435 - <*> AXiS World HQ <*>
and any other good board across the country.....
Mail me on the Internet: gats@ryptyde.cts.com
bbs.gatsby@spies.com
The Gatsby
3 Glossary, Acronyms & Abbreviations
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
ACSE - Association Control Service Element, this is used with ISO
to help manage associations.
ARP - Address Resolution Protocol, this is used to translate IP
protocol to Ethernet Address.
ARPA - defence_Advanced_Research_Project_Agency.
ARPANET - defence Advanced Research Project Agency or ARPA. This is a
experimental PSN which is still a sub network in the Internet.
CCITT - International Telegraph and Telephone Consultative Committee
is a international committee that sets standard. I wish they
would set a standard for the way they present their name!
CERT - Computer Emergency Response Team, they are responsible for
coordinating many security incident response efforts. In other
words, these are the guys you do not want to mess with, because
they will make your life a living hell. They are the Internet
pigs, but they do have real nice reports on "holes" in various
UNIX strands, which you should get, they will help you a lot.
CMIP - Common Management Information Protocol, this is a new HIGH level
protocol.
CLNP - Connection Less Network Protocol is a OSI equivalent to
Internet IP
DARPA - Defence Advanced Research Project Agency. See ARPANET
DDN - Defence Data Network
driver - a program (or software) that communicates with the network
itself,
examples are TELNET, FTP, RLOGON, etc
ftp - File Transfer Protocol, this is used to copy files from
one host to another.
FQDN - Fully Qualified Domain Name, the complete hostname that
reflects the domains of which the host is a part
gateway - Computer that interconnects networks
host - Computer that connected to a PSN.
hostname - Name that officially identifies each computer attached
internetwork.
Internet - The specific IP-base internetwork.
IP - Internet Protocol which is the standard that allows dissimilar
host to connect.
ICMP - Internet Control Message Protocol is used for error messages for
the TCP/IP
LAN - Local Area Network
MAN - Metropolitan Area Network
MILNET - DDN unclassified operational military network
NCP - Network Control Protocol, the official network protocol from
1970 until 1982.
NIC - DDN Network Information Center
NUA - Network User Address
OSI - Open System Interconnection. An international standardization
program facilitate to communications among computers of
different makes and models.
Protocol - The rules for communication between hosts, controlling the
information by making it orderly.
PSN - Packet Switched Network
RFC - Request For Comments, is technical files about Internet
protocols one can access these from anonymous ftp at NIC.DDN.MIL
ROSE - Remote Operations Service Element, this is a protocol that
is used along with OSI applications.
TAC - Terminal Access Controller; a computer that allow direct
access to internet.
TCP - Transmission Control Protocol.
TELNET - Protocol for opening a transparent connection to a distant host.
tftp - Trivial File Transfer Protocol, one way to transfer data from
one host to another.
UDP - User Datagram _Protocol
UNIX - This is copyrighted by AT$T, but i use it to cover all the look
alike UNIX system, which you will run into more often.
UUCP - Unix-to-Unix Copy Program, this protocol allows UNIX file
transfers. This uses phone lines using its own protocol, X.25 and
TCP/IP. This protocol also exist for VMS and MS-DOS (Why not
Apple's ProDOS ? I still have one!).
uucp - uucp when in lower case refers to the UNIX command uucp. For
more information on uucp read The Mentors files in LoD Tech.
Journals.
WAN - Wide Area Network
X.25 - CCITTs standard protocol that rules the interconnection of two
hosts.
In this text file i have used several special charters to signify certain
thing. Here is the key.
* - Buffed from UNIX it self. You will find this on the left side of the
margin. This is normally "how to do" or just "examples" of what to do
when using Internet.
# - This means these are commands, or something that must be typed in.
4 What is The Internet ?
~~~~~~~~~~~~~~~~~~~~~~~~~~
To understand The Internet you must first know what it is. The Internet
is a group of various networks, ARPANET (an experimental WAN) was the
first. ARPANET started in 1969, this experimental PSN used Network Control
Protocol (NCP). NCP was the official protocol from 1970 until 1982 of the
Internet (at this time also known as DARPA Internet or ARPA Internet). In the
early 80's DARPA developed the Transmission Control Protocol/Internet
Protocol which is the official protocol today, but much more on this later.
Due to this fact, in 1983 ARPANet split into two networks, MILNET and ARPANET
(both still being part of the DDN).
The expansion of Local Area Networks (LAN) and Wide Area Networks (WAN)
helped make the Internet connecting 2,000+ networks strong. The networks
include NSFNET, MILNET, NSN, ESnet and CSNET. Though the largest part of the
Internet is in the United States, the Internet still connects the TCP/IP
networks in Europe, Japan, Australia, Canada, and Mexico.
5 Where can you access Internet ?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Internet is most likely to be found on Local Area Networks or LANs and
Wide Area networks or WANs. LANs are defined as networks permitting the
interconnection and intercommunication of a group of computers, primarily for
the sharing of resources such as data storage device and printers. LANs cover
a short distance (less than a mile), almost always within a single building
complex. Normally having gateways to Internet, and in turn Internet the back
bone to the area network, but one could argue this point.
WANs are networks which have been designed to carry data calls over long
distances (many hundreds of miles). Thus also being (for the same reasons
LANs are) linked into the mix mash of PSN.
You can also access Internet through TymNet or Telenet via gateway. But i
do not happen to have the TymNet or Telenet a NUA now, just ask around.
6 TAC
~~~~~~~
TAC is another way to access internet, but due to the length of this part
I just made it another section.
TAC (terminal access controller) is another way to access Internet. This
is just dial-up terminal to a terminal access controller. You will need to
hack out a password and account. TAC has direct access to MILNET (a part of
internet, one of the networks in the group that makes up internet).
A TAC dial up number is 18oo/368+2217 (this is just one, there are full
lists on any good text file board), and TAC information services from which
you can try to social engineer a account (watch out their is a CERT report
out about this, for more information the CERT reports are available at
128.237.253.5 anonymous ftp, more on that later), the number is 18oo/235+3155
and 1415/859+3695. If you want the TAC manual you can write a letter to (be
sure an say you want the TAC user guide, 310-p70-74) :
Defense Communications Agency
Attn: Code BIAR
Washington, DC 2o3o5-2ooo
To logon you will need a TAC Access Card, but you are a hacker, so I am not
counting on this (if you can get a card, you would get it from the DDN NIC).
Here is a sample logon:
Use Control-Q for help...
*
* PVC-TAC 111: 01 \ TAC uses to this to identify itself
* @ #o 124.32.5.82 \ Use ``O'' for open and the internet
* / address which yea want to call.
*
* TAC Userid: #THE.GATSBY
* Access Code: #10kgb0124
* Login OK
* TCP trying...Open
*
*
Good Luck you will need it....
7 Basic Commands, and things to do
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
a: Basic TELNET Commands
Ok, you now have a account on a UNIX system which is a host on
Internet, you can not access the world. Once on the UNIX system you should
see a prompt, which can look like a '$', '%' of the systems name (also
depending on what shell you are in, and the type of UNIX system). Now at the
prompt you can do all the normal UNIX accounts, but when on a Internet host
you can type 'telnet' which will bring you to the 'telnet' prompt.
*
* $ #telnet
* ^ ^
| |
| the command that will bring you to the telnet prompt
|
a normal UNIX prompt
once this is done you should see this:
*
* telnet>
*
At this prompt you will have a whole different set of commands which are
as follow (NOTE taken from UCSD, so this may vary from place to place).
*
* telnet> #help
*
* close close current connection
* display display operating parameters
* open connect to a site
* quit exit telnet
* send transmit special character
* set set operating parameters
* status print status information
* toggle toggle operating parameters
* ? to see what you are looking at now
*
close - this command is used to 'close' a connection, when multitasking
or jumping between systems.
display - this set the display setting, commands for this are as follow.
^E echo.
^] escape.
^H erase.
^O flushoutput.
^C interrupt.
^U kill.
^\ quit.
^D eof.
open - type 'open [host]' to connect to a system
*
* $ #telnet ucsd.edu
*
or
*
* telnet> #open 125.24.64.32.1
*
quit - to get out of telnet, and back to UNIX.
send - send files
set -
echo - character to toggle local echoing on/off
escape - character to escape back to telnet command mode
The following need 'localchars' to be toggled true
erase - character to cause an Erase Character
flushoutput - character to cause an Abort Output
interrupt - character to cause an Interrupt Process
kill - character to cause an Erase Line
quit - character to cause a Break
eof - character to cause an EOF
? - display help information
? - to see the help screen
b: ftp ANONYMOUS to a remote site
ftp or file transfer protocol is used to copy file from a remote host to
the one that you are on. You can copy anything from some ones mail to the
passwd file. Though security has really clamped down on the passwd flaw, but
it will still work here and there (always worth a shot). More on this later,
lets get an idea what it is first.
This could come in use full when you see a Internet CuD site that
accepts a anonymous ftps, and you want to read the CuDs but do not feel like
wasting your time on boards down loading them. The best way to start out is
to ftp a directory to see what you are getting (taking blind stabs is not
worth a few CuDs). This is done as follow: (the CuD site is Internet address
192.55.239.132, and my account name is gats)
*
* $ #ftp
* ^ ^
| |
| ftp command
|
UNIX prompt
*
* ftp> #open 192.55.239.132
* Connected to 192.55.239.132
* 220 192.55.239.132 FTP Server (sometimes the date, etc)
* Name (192.55.239.132:gats): #anonymous
* ^ ^ ^
| | |
| | This is where you type 'anonymous' unless
| | you have a account 192.55.239.132.
| |
| This is the name of my account or [from]
|
This is the Internet address or [to]
*
* Password: #gats
* ^
|
For this just type your user name or anything you feel like
typing in at that time.
*
* % ftp 192.55.239.132
* Connected to 192.55.239.132
* ftp> #ls
* ^
|
You are connected now, thus you can ls it.
Just move around like you would in a normal unix system. Most of the
commands still apply on this connection. Here is a example of me getting a
Electronic Frontier Foundation Vol. 1.04 from Internet address
192.55.239.132.
*
* % #ftp
* ftp> #open 128.135.12.60
* Trying 128.135.12.60...
* 220 chsun1 FTP server (SunOS 4.1) ready.
* Name (128.135.12.60:gatsby): anonymous
* 331 Guest login ok, send ident as password.
* Password: #gatsby
* 230 Guest login ok, access restrictions apply.
* ftp> #ls
* 200 PORT command successful.
* 150 ASCII data connection for /bin/ls (132.239.13.10,4781) * (0 bytes).
* .hushlogin
* bin
* dev
* etc
* pub
* usr
* README
* 226 ASCII Transfer complete.
* 37 bytes received in 0.038 seconds (0.96 Kbytes/s)
* ftp>
/
\ this is where you can try to 'cd' the "etc" dir or just 'get'
/ /etc/passwd, but grabbing the passwd file this way is a dying art.
\ But then again always worth a shot, may be you will get lucky.
/
* ftp> #cd pub
* 200 PORT command successful.
* ftp> #ls
* ceremony
* cud
* dos
* eff
* incoming
* united
* unix
* vax
* 226 ASCII Transfer cmplete.
* 62 bytes received in 1.1 seconds (0.054 Kbytes/s)
* ftp> #cd eff
* 250 CWD command successful.
* ftp> #ls
* 200 PORT command successful.
* 150 ASCII data connection for /bin/ls (132.239.13.10,4805) (0 bytes).
* Index
* eff.brief
* eff.info
* eff.paper
* eff1.00
* eff1.01
* eff1.02
* eff1.03
* eff1.04
* eff1.05
* realtime.1
* 226 ASCII Transfer complete.
* 105 bytes received in 1.8 seconds (0.057 Kbytes/s)
* ftp> #get
* (remote-file) #eff1.04
* (local-file) #eff1.04
* 200 PORT command successful.
* 150 Opening ASCII mode data connection for eff1.04 (909 bytes).
* 226 Transfer complete.
* local: eff1.04 remote: eff1.04
* 931 bytes received in 2.2 seconds (0.42 Kbytes/s)
* ftp> #close
* Bye...
* ftp> #quit
* %
*
To read the file you can just 'get' the file and buff it! Now if the
files are just too long you can 'xmodem' it off the host your on. Just type
'xmodem' and that will make it much faster to get the files. Here is the set
up (stolen from ocf.berkeley.edu).
If you want to: type:
send a text file from an apple computer to the ME xmodem ra <filename>
send a text file from a non-apple home computer xmodem rt <filename>
send a non-text file from a home computer xmodem rb <filename>
send a text file to an apple computer from the ME xmodem sa <filename>
send a text file to a non-apple home computer xmodem st <filename>
send a non-text file to a home computer xmodem sb <filename>
xmodem will then display:
*
* XMODEM Version 3.6 -- UNIX-Microcomputer Remote File Transfer Facility
* File filename Ready to (SEND/BATCH RECEIVE) in (binary/text/apple) mode
* Estimated File Size (file size)
* Estimated transmission time (time)
* Send several Control-X characters to cancel
*
Hints - File transfer can be an iffy endeavor; one thing that can help is to
tell the annex box not to use flow control. Before you do rlogin to an
ME machine, type
stty oflow none
stty iflow none
at the annex prompt. This works best coming through 2-6092. Though i have
not found this on too many UNIX systems with the xmodem command, but where it
is you can find me LeEcHiNg files.
|~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~|
| Special commands used during ftp session: |
| |
| Command: Description: |
| |
| cdup same as cd .. |
| dir give detailed listing of files |
| |
| |
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
c: How to tftp the Files
tftp (Trivial File Transfer Protocol, the command is not in caps,
because UNIX is cap sensitive) is a command that is used to transfer files
from host to host. This command is used sometimes like ftp, in that you can
mover around using UNIX command. I will not go into this part of the command,
but i will go into the basic format, and structure to get files you want. More
over I will be covering how to flip the /etc/passwd out of remote sites. Real
use full, then you can give Killer Kracker a test run!
Well there is a little trick that has been around a while. This trick it
the tftp. This little trick will help you to "flip" the /etc/passwd file out
of different sites. This can be real handy, you can have the passwd file with
out breaking into the system. Then just run Brute Hacker (the latest version)
on the thing, thus you will save time, and energy. This 'hole' (NOTE the
word 'hole' is not used in this case in the normal sense, the normal sense it
a way to obtain super user status once in UNIX) may be found on SunOS 3.X,
but have been fixed in 4.0. Though i have found this hole in several other
system, such as System V, BSD and a few others.
The only problem with this 'hole' is that the system manager will
sometimes know that you are doing this (that is if the manager know what the
hell he is doing). The problem occurs when attempts to tftp the /etc/passwd
is done too many times, you may see this (or something like this) when you
logon on to your ? account. (This is what I buffed this off
plague.berkeley.edu, hmm i think they knew what i was doing <g>).
*
* DomainOS Release 10.3 (bsd4.3) Apollo DN3500 (host name):
* This account has been deactivated due to use in system cracking
* activities (specifically attempting to tftp /etc/passwd files from remote
* sites) and for having been used or broken in to from <where the calls are
* from>. If the legitimate owner of the account wishes it reactivated,
* please mail to the staff for more information.
*
* - Staff
*
Though, if this is not done too much it can be a use full tool in hacking
on Internet. The tftp is used in this format is as follow:
tftp -<command> <any name> <Internet Address> /etc/passwd <netascii>
Command -g is to get the file, this will copy the file onto
your 'home' directory, thus you can do anything with
the file.
Any Name If your going to copy it to your 'home' directory
you may want to name anything that is not already
used. I have found it best to name it 'a<and the internet
address>' or the internet address name, so I know
where is came from.
Internet This is the address that you want to snag the passwd file
Address from. I will not include any for there are huge list that other
hackers have scanned out, and I would be just copying their
data.
/ETC/PASSWD THIS IS THE FILE THAT YOU WANT, ISN'T IT ? I DO NOT THINK YOU
want John Jones mail. Well you could grab their mail, this
would be one way to do it.
netascii This how you want file transferred, you can also do it
Image, but i have never done this. I just leave it blank, and it
dose it for me.
& Welcome to the power of UNIX, it is multitasking, this little
symbol place at the end will allow you to do other things (such
as grab the passwd file from the UNIX that you are on).
Here is the set up:We want to get the passwd file from sunshine.ucsd.edu.
The file is copying to your 'home' directory is going to be named
'asunshine'.
*
* $ #tftp -g asunshine sunshine.ucsd.edu /etc/passwd &
*
d Basic Fingering
Fingering is a real good way to get account on remote sites. Typing 'who'
of just 'finger <account name> <CR>' you can have names to "finger". This
will give you all kinds info. on the persons account, thus you will have a
better chance of cracking that system. Here is a example of how to do it.
*
* % #who
* joeo ttyp0 Jun 10 21:50 (bmdlib.csm.edu)
* gatsby ttyp1 Jun 10 22:25 (foobar.plague.mil)
* bbc crp00 Jun 10 11:57 (aogpat.cs.pitt.edu)
* liliya display Jun 10 19:40
/and fingering what you see
* % #finger bbc
* Login name: bbc In real life: David Douglas Cornuelle
* Office: David D. Co
* Directory: //aogpat/users_local/bdc Shell: /bin/csh
* On since Jun 10 11:57:46 on crp00 from aogpat Phone 555-1212
* 52 minutes Idle Time
* Plan: I am a dumb fool!!
* %
*
From there i can just call 'aogpat.cs.pit.edu' and try to hack it out.
Try the last name as the password, the first name, middle name and try them
all backwards (do i really need to explain it any more). The chances are real
good that you WILL get in since you now have something to work with.
If there are no users in line for you to type "who" you can just type
"last" and all the user who logged on will come rolling out, and "finger"
them. The only problem with using the last command is aborting it.
You can also try and call them and say you are the system manager, and
bull
shit your way to your new account! But i have not always seen phone numbers,
only on some systems....
11 Networks You Will See Around
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
I though I would add this as a reference guide to some common networks on
the Internet. If anything, you can know what people are talking about on some
good BBSs you may be on. NOTE I assembled this list from various information
I have.
AARNet - Australian Academic and Research Network, this network is to
support research for various Australian Universities. This
network supports TCP/IP, DECnet, and OSI (CLNS).
ARPANET - Getting sick of reading about this yet ? Well i am getting
sick of typing it.
BITNET - Because It's Time NETwork (BITNET) is a worldwide network that
connects many colleges and universities. This network uses many
different protocols, but it dose use the TCP/IP. Maybe you will
come across it.
CREN CSNET - Corporation for Research and Educational Network (CREN), The
Computer + Science research NETwork (CSNET). This network
links scientists at sites all over the world. CSNET providing
access to the Internet, CRET to BITNET. CREN being the name
used today.
CSUNET - California State University Network (CSUNET). This net
connects the California State University campuses and other
universities in California. This network is based on the CCITT
X.25 protocol, and also uses TCP/IP, SNA/DSLC, DECnet, etc etc.
The Cypress Net - This network started as a experimental network. The use
of this network today is to connection to the TCP/IP Internet
as a cheap price.
DRI - Dirty Rotten Oops, _Defense _Research _Internet is a WAN that
is used as a platform from which to work from. This network has
all kind of services, such as multicast service, real-time
conference etc. This network uses the TCP/IP (also see RFC
907-A for more information on this network).
ESnet - Is the new network by the Department of Energy Office of Energy
Research (DoE OER). This net is the backbone for all DoE OER
programs. This network replaced the High Energy Physics DECnet
(HEPnet) and also the Magnetic Fusion Energy network (MFEnet).
The protocols offered are IP/TCP, and also DECnet service.
JANET - JANET is a Joint Academic NETwork based in the UK, connected to
the Internet. JANET is a PSN (information has pass through a
PAD) using the protocol X.25 though it dose support the TCP/IP.
This network also connects PSS (Packet Switched Service is a
PSN that is owned and operated by British telecom).
JUNET - Japan's university message system using UUCP, the Internet
as its backbone, and X.25 (Confused, read RFC 877). This network
is also a part of USENET (this is the network news).
Los Nettos - Los Nettos is a high speed MAN in the Los Angeles area. This
network uses the IP/TCP.
MILNET - When ARPANET split, the DDN was created, thus MILNET (MILitary
NETwork) being apart of the network. MILNET is a unclassified,
along with three other classified networks which make up the
DDN.
NORDUNet - This net is the backbone to the networks in the Nordic
Countries, Denmark (DENet), Finland (FUNET), Iceland (SURIS),
Norway (UNINETT), and Sweden (SUNET). NORDUnet supports TCP/IP,
DECNet, and X.25.
NSN - NASA Science Network (NSN), this network is for NASA to send and
relay information. The protocols used are TCP/IP and there is a
sister network called Space Physics Analysis Network (SPAM) for
DECNet.
ONet - Ontario Network is a TCP/IP network that is research network.
NSFNet - National Science Foundation Network, this network is in the
IP/TCP family but in any case it uses UDP (User Diagram
Protocol) and not TCP. NSFnet is the network for the US
scientific and engineering research community. Listed below are
all the NSFNet Sub-networks.
BARRNet - Bay Area Regional Research Network is a MAN in the San
Francisco area. This network uses TCP/IP. When on this
network be sure and stop into LBL and say hi to Cliff
Stool! Welp, I do not think there is a bigger fool!
(yeah I read his book too, i did not stop hacking for a
weeks after reading it).
CERFnet - California Education and Research Federation Network is
a research (welp, there is a lot of research going to in
the Internet, huh ?) based network supporting Southern
Californian Universities communication services. This
network uses TCP/IP.
CICNet - Committee on Institutional Cooperation. This network
services the BIG 10, and University of Chicago. This
network uses
JvNCnet - John von Neumann National Supercomputer Center. This
network uses TCP/IP.
Merit - Mert is a network connects Michigan's academic and
research computers. This network supports TCP/IP, X.25
and Ethernet for LANs.
MIDnet - MIDnet connects 18 universities and research centers in
the midwest US. The support protocols are TELNET, FTP
and SMTP.
MRNet - Minnesota Regional Network, this network services
Minnesota. The network protocols are TCP/IP.
NEARnet - New England Academic and Research Network, connects
various research/educational institutions. You
can get more information about this net by mailing
'nearnet-staff@bbn.com'. That is if you have address
like I do.
NCSAnet - National Center for Supercomputing Applications
(hell, there is a network for this ? I can think of
a lot of application for it a Cray, Kracking K0dez
maybe?) supports the whole IP family (TCP, UDP, ICMP,
etc).
NWNet - North West Network provides service to the Northwestern
US, and Alaska. This network supports IP and DECnet.
NYSERNet - New York Service Network is a autonomous nonprofit
network. This network supports the TCP/IP.
OARnet - Ohio Academic Resources Network gives access to Ohio
Supercomputer Center. This network supports TCP/IP.
PREPnet - Pennsylvania Research and Economic Partnership is a
network run, operated and managed by Bell of
Pennsylvania. It supports TCP/IP.
PSCNET - Pittsburgh Supercomputer Center serving Pennsylvania,
Maryland, and Ohio. It supports TCP/IP, and DECnet.
SDSCnet - San Diego Super Computer Center is a network whose
goal is to support research in the field of science.
The Internet address is 'y1.ucsc.edu' or call Bob
at 619/534+5o6o and ask for a account on his Cray. I
am sure he will be happy to help you out.
Sesquinet - Sesquinet is a network based in Texas, TCP/IP are the
primary protocols.
SURAnet - Southeastern Universities Research Association Network
is a network that connects southern institutions. It is
more of a south eastern connection, than a southern
connection.
THEnet - Texas Higher Education Network is a network that is run
by Texas A&M University. This network connects to host
Mexico.
USAN/NCAR - University SAtellite Network (USAN)/National Center
for Atmospheric Research is a network for the for
a information exchange.
Westnet - Westnet connects the western part of the US, not
including California. The network is supported by
Colorado State University.
USENET - USENET is the network news (the message base for the Internet).
This message base is the largest i have ever seen, with well
over 400 different topics, connecting 17 different countries.
I just read the security, unix bugs, and telco talk posts with
each of those subs having 100++ posts a day, i send a few hours
reading. There is just too much!!
12 Internet Protocols
~~~~~~~~~~~~~~~~~~~~~~
TCP/IP is a general term, this means everything related to the whole
family of Internet protocols. The protocols in this family are IP, TCP, UDP,
ICMP, ROSE, ACSE, CMIP, ISO, ARP and Ethernet for LANs. I will not go into
the too in depth, as to not take up ten-thousand pages, and not to bore you,
if you want more information, get the RFCs. RFCs authors (yeah authors, some
RFC are books!!) are stuck up Ph.d.s in Computer Science, hell I am just some
dumb Cyberpunk.
TCP/IP protocol is a "layered" set of protocols. In this diagram taken
from RFC 1180 you will see how the protocol is layered when connection is
made.
Figure is of a Basic TCP/IP Network Nodes
-----------------------------------
| Network Application |
| |
| ... \ | / .. \ | / ... |
| ------- ------- |
| | TCP | | UDP | |
| ------- ------- |
| \ / | % Key %
| ------- --------- | ~~~~~~~
| | ARP | | IP | | UDP User Diagram Protocol
| ------- ------*-- | TCP Transfer Control Protocol
| \ | | IP Internet Protocol
| \ | | ENET Ethernet
| ------------- | ARP Address Resolution
| | ENET | | Protocol
| -------@----- | O Transceiver
| | | @ Ethernet Address
-------------- | ------------------ * IP address
|
========================O=================================================
^
|
Ethernet Cable
TCP/IP: If connection is made is between the IP module and the TCP module
the packets are called a TCP datagram. TCP is responsible for making
sure that the commands get through the other end. It keeps track of
what is sent, and retransmits anything that does not go through. The
IP provides the basic service of getting TCP datagram from place to
place. It may seem like the TCP is doing all the work, this is true
in small networks, but when connection is made to a remote host on
the Internet (passing through several networks) this is a complex
job. Say I am connected from a server at UCSD, and I am connection
through to LSU (SURAnet) the data grams have to pass through a NSFnet
backbone. The IP has to keep track of all the data when the switch is
made at the NSFnet backbone from the TCP to the UDP. The only NSFnet
backbone that connects LSU is University of Maryland. U. of Maryland
has different circuit sets, thus having to pass through them. The
cable (trunk)/circuit types are the T1 (a basic 24-channel 1.544 Md/s
pulse code modulation used in the US) to a 56 Kbps. Keeping track of
all the data from the switch from T1 to 56Kbs and TCP to UDP is not
all it has to deal with. Datagrams on their way to the NSFnet
backbone (U. of Maryland) may take many different paths from the UCSD
server.
All the TCP dose is break up the data into datagrams (manageable
chunks), and keeps track of the datagrams. The TCP keeps track of the
datagrams by placing a header at the front of each datagram. The
header contains 160 (20 octets) pieces of information about
the datagram. Some of the information in this is the sending FQDN to
the receiving FQDN (more over the port address, but Fully Qualified
Domain Name is a much better term). The datagrams are numbers in
octets (a group of eight binary digits, say there are 500 octets of
data, the numbering of the datagrams would be 0, next datagram 500,
next datagram 1000, 1500 etc.
UDP/IP: UDP is one of the two main protocols to count of the IP. In other
words the UDP works the same as TCP, it places a header on the data
you send, and passes it over to the IP for transportation through out
the internet. The difference is in it offers service to the user's
network application, thus it dose not maintain a end-to-end
connection, it just pushes the datagrams out!
ICMP: ICMP is used for relaying error messages, such as you may try to
connect to a system and get a message back saying "Host unreachable",
this is ICMP in action. This protocol is universal within the
Internet, because if it's nature. This protocol dose not use port
numbers in it's headers, since it talks to the network software it
self.
Ethernet: Most of the networks use Ethernet. Ethernet is just a party line.
When packets are sent out on the Ethernet, every host on the Ethernet
sees them. To make sure the packets get to the right place the
Ethernet designers wanted to make sure that each address is different.
For this reason 48 bits are allocated for the Ethernet address, and a
built in Ethernet address on the Ethernet controller.
The Ethernet packets have a 14-octet header, this includes
address to and from. The Ethernet is not too secure, it is possible to
have the packets go to two places, thus someone can see just what you
are doing. You need to take note that the Ethernet is not connected to
the internet, in other words a host on the Ethernet and on the
Internet has to have both a Ethernet connection and a Internet server.
ARP ARP translates IP address to Ethernet address. A conversion table is
used (the table is called ARP Table) to convert the addresses. Thus
you would never even know if you were connected to the Ethernet
because you would be connecting to the IP address.
This is a real ruff description of a few Internet protocols, but if you
would like to know more information you can access it via anonymous ftp from
various hosts. Here is a list of RFC that are on the topic of protocols.
|~~~~~~~~~~~~~~~|~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~|
| RFC: | Description: |
| | |
|~~~~~~~~~~~~~~~|~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~|
| rfc1011 | Official Protocols of the Internet |
| rfc1009 | NSFnet gateway specifications |
| rfc1001/2 | netBIOS: networking for PC's |
| rfc894 | IP on Ethernet |
| rfc854/5 | telnet - protocols for remote logins |
| rfc793 | TCP |
| rfc792 | ICMP |
| rfc791 | IP |
| rfc768 | UDP |
| | |
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
13 Hostname and Address
~~~~~~~~~~~~~~~~~~~~~~~~
This is for those of who like to know what they are doing, and when it
comes to address, you will know what you are looking at.
Hostnames:
Internet address are long and hard to remember such as 128.128.57.83. If
you had to remember all the hosts you are on you would need a really good
memory which most people (like me) do not have. So Being humans (thus lazy)
we came up with host names.
All hosts registered on the Internet must have names that reflect
them domains under which they are registered. Such names are called Fully
Qualified Domain Names (FQDNs). Ok, lets take apart a name, and see such
domains.
lilac.berkeley.edu
^ ^ ^
| | |
| | |____ ``edu'' shows that this host is sponsored by a
| | educational related organization. This is a
| | top-level domain.
| |
| |___________ ``berkeley'' is the second-level domain, this
| shows that it is an organization within UC
| Berkeley.
|
|__________________ ``lilac'' is the third-level domain, this indicates
the local host name is 'lilac'.
Here is a list of top-level domain you will run into.
|~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~|
| Common Top-Level Domains |
| |
| COM - commercial enterprise |
| EDU - educational institutions |
| GOV - nonmilitary government agencies |
| MIL - military (non-classified) |
| NET - networking entities |
| ORG - nonprofit intuitions |
| |
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Addressing:
A network address is that numeric address of a host, gateway or TAC.
The address was though of with us in mind, meaning it is easy to scan
(war dial, wonder etc..). The address are maid up of four decimals numbered
slots, which are separated by the well know dot called a period. The think I
will place at the end of this sentence. See it, it is four word over from the
word four. Now that we have that down <Grin>, we can move on. There are three
classes that are used most, these are Class A, Class B, and Class C. I know
this has nothing to do with you, but I feel you should know what they are...
Class A - from '0' to '127'
Class B - from '128' to '191'
Class C - from '192' to '223'
Class A - Is for MILNET net hosts. The first part of the address has the
network number. The second is for the their physical PSN port
number, and the third is for the logical port number, since it is
on MILNET it is a MILNET host. The fourth part is for which PSN
is on. 29.34.0.9. '29' is the network it is on. '34' means it is
on port '34'. '9' is the PSN number.
Class B - This is for the Internet hosts, the first two "clumps" are for
the network portion. The second two are for the local port.
128.28.82.1
\_/ \_/
| |_____ Local portion of the address
|
|___________ Potation address.
Class C - The first three "clumps" is the network portion. And the last one
is the local port.
193.43.91.1
^ ^ ^ ^
\_|_/ |_____ Local Portation Address
|
|__________ Network Portation Address
14 Tips and Hints
~~~~~~~~~~~~~~~~~~
When on a stolen account these are basic thing to do and not to do.
- Do not logon too late at night. All the manager has to
do is see when you logged on by typing "login". If it
sees 3 am to 5 am he is going to know that you were
in the system. I know, I love spending all night on a
account, but the best times are in the middle of the day
when the normal (the owner) would use the account. (NOTE
this is what they look for !)
- Do not leave files that were not there on *ANY*
directory, checks are sometimes made. This is on a
system security check list, which is normally done from
time to time.
- When hacking, do not try to hack a account more than
three times. It does show up on a logon file (when more
than three try are made on the same account !), and it
will also not let you logon on the account even if you
do get it right (NOTE this is not on all UNIX systems).
- Do not type in your handle ! you real name etc ..
- Encrypt all the mail you send.
- Leave VMS alone, VMS and TCP/IP do not mix well. It is
not worth your time. VMS is better for a X.25 network.
- DO send The Gatsby all the accounts you will get and
have.
@#$$%@#$%@#$%@#$%@#$%@#$%@#$%@#$%@#$%@#$%@#$%@#%@#$@#$%
# @
$ I would like to take this time to thank #
% Doctor Dissector for getting me on in the $
@ The Internet in the first place, and %
# for helping me correct the errors in @
$ the first release. #
% $
@ The Gatsby 1991 %
# @
@#$%@#$%@#$%@#$%@#$%@#$%@#$%@#$%@#$%@#$%@#$%@#$%@#$%@#$
This has been a AXiS Production!
|\ /|
(6_9)
'U`
.
=/eof .
--------------------------------------------------------------------------------
Downloaded From P-80 International Information Systems 304-744-2253 12yrs+
