|
==Phrack Magazine== Volume Five, Issue Forty-Six, File 27 of 28 **************************************************************************** International Scenes There was once a time when hackers were basically isolated. It was almost unheard of to run into hackers from countries other than the United States. Then in the mid 1980's thanks largely to the existence of chat systems accessible through X.25 networks like Altger, tchh and QSD, hackers world-wide began to run into each other. They began to talk, trade information, and learn from each other. Separate and diverse subcultures began to merge into one collective scene and has brought us the hacking subculture we know today. A subculture that knows no borders, one whose denizens share the common goal of liberating information from its corporate shackles. With the incredible proliferation of the Internet around the globe, this group is growing by leaps and bounds. With this in mind, we want to help further unite the communities in various countries by shedding light onto the hacking scenes that exist there. If you want to contribute a file about the hacking scene in your country, please send it to us at phrack@well.com. This month we have files about the scenes in Denmark and Russia, updates from Australia and Argentina, and a scan of Norway's toll-free exchange. ________________________________________________________________________________ The Computer Underground in Denmark Dear Phrack Readers, what follows is a little about the Danish computer underground, focusing on the hacking/phreaking scene. A little introduction: Even though Denmark itself is little country, with a little over 5 million citizens, an active computer underground community thrives upon the growing network links and computer systems which in these days seems to pop up all over country. The history of the hacking community in DK is not very old, but since the first Danish hackers appeared some 5 years ago, there has been increasing hacking activity, bringing on a history of busts, paranoia and times of war; but also a history of great friendships, supremacy over the corporate machine, and a process of learning more about the world we live in. But before we take a look at the networks, boards and the community itself, let's go back in time, and find the place where it all started. The Past: The first hackers to appear in DK was JubJub Bird and Sprocket, two high school students which broke into 100's of computers world wide. At that time there was no H/P scene in DK, no boards, no HP networks and no fellow hackers. Nevertheless, JubJub's role in the Danish HP history plays a key role. JubJub got busted early January '90, after being discovered in some of NASA's non public machinery, and being under surveillance for a period of time. This was the beginning of what was to become the Danish hacking scene. JubJub and Sprocket never got a sentence, since the court had absolutely no idea of how to handle a case like this. The court sat down a period of 2 years, and if JubJub or Sprocket was caught in hacking within that period they would get a verdict. Anyway, after the bust of JubJub and Sprocket, the first stirs of hackers appeared and began to expand like rings in water. And suddenly we had a growing happy hacking community. Hackers from all over the country gathered at newly started 'HPA only boards' which was a rarely seen thing among the sea of WaReZ boards. One of the coolest boards was Fantasia, the headquarters of MoTIGoL, which was being run by Netrunner. Fantasia was the largest in Denmark, maybe even in Scandinavia, and had callers from all over the world. At that time, nobody was afraid of getting busted, and A LOT of BlueBoxing, X25, and general hacking on Inet was done. But one day all that changed. During the winter '91 DIKU (Institute of computer science, Copenhagen university) was used as a meeting place of hackers. A lot of novice hackers used the machines to learn about Internet and UNIX in general, skating through the internet, trading info, chatting at IRC and stuff like that. What nobody knew was that Jgen Bo Madsen, security expert and high paid consultant working for UNI*C, was monitoring all traffic from and off DIKU, with evil intentions of busting! The law enforcement specter was soon to cast its dark shadow on the whole of the Danish scene. It all ended one winter afternoon. I remember turning on the TV, not really paying attention to the news, reading a book or so, when suddenly the news lady starts speaking about how the secret service is soon to unravel the biggest hacker conspiracy ever in Denmark, one hacker was already arrested and 10 more would be arrested in near future. Saron was the one who got busted. He had used an x25 datapak link, which normally only was used for electronic mail, to access DIKU, coming in from a German PAD to make tracing harder, but also making a hell of a big bill for the stolen NUI's owner. Anyway, it came out that JBM (Jgen Bo Madsen) had traced 76 calls to DIKU, and had monitored the breakins of computers in Greece, Brazil, Mexico and USA. At that moment the entire scene more or less panicked. Most dudes moved their precious machinery out of the house and all boards closed down. A period of isolation began. The SysOp of Fantasia, Netrunner pulled out his harddisk hiding it somewhere out of reach, if JBM and his secret service buddies should show up. No more busts happened and people calmed down after a month or so. Everybody knew that things wouldn't be the same after the DIKU incident. Netrunners harddisk broke down after he had reinstalled it, because all the dirt it had consumed from 2 years constant running, was too much for the thing to handle when it was powered back on. So, Fantasia closed and the underground network PhoenixNet also closed when it came out that JBM had infiltrated the net. An era was over, and a new was to begin. The Present: Today's scene is doing quite good. It has became harder in a way, more careful and more closed than ever. But still, we have open boards and a public network. FOOnet which focuses on computer security and is used as an forum open for discussions. Mostly by hackers and people into computer security in general, but every once in awhile JBM and Sysadm's drop by too. Also, the Danish scene is proud to release CrackerJack, made by Jackal, which we still claim is the fastest UNIX passwd cracker available for PC. Not that cracking passwd files is a major element in hacking, but its nice to have a fast cracker every once in awhile :) The Danish computer underground scene is filled with WaReZ boards, but only a few real H/P/A boards are running. Boards like Free Speech Inc. and Freeside are places where the Danish hackers hang out. None of these boards are public, but JBM is quite aware of them and had once infiltrated Freeside, even though it was clearly stated that the bbs was private and no one related to any gov agencies was allowed to use the board. So, JBM is actually doing what he has accused us for over the years, which is intruding people's privacy. Other than FOOnet, there is a few other networks, such as SDC which once had a good mail flow in the hacking conferences, but today more is turning into a demo/warez net. A few other truly H/P nets are running successful with a good mail flow, but those shall remain anonymous in this article. The links from the Danish scene to fellow hackers around the world is very good. Due to numerous nights spent at QSD, connections is established to a lot of dudes in Brazil which frequently drops by Free Speech Inc. and Freeside, dudes in UK as well as fellow hackers in US like Alby/Empire. Okay, this is it. The section about hacking in Denmark. The stuff that you had to read all the above boring shitty sentimental stuff, to get to!! Hacking in Denmark: The two main networks in DK which is used for hacking and meeting fellow hackers are, (of course) Internet and the X25 datapak link. Internet is accessible via all Universities like diku.dk, daimi.aau.dk, auc.dk and so on. (Nobody uses DIKU anymore though). The university is doing a brave struggle to keep the hackers out by upgrading to C2 passwd security, meaning that passwds must be at least 8 chars, contain 1 uppercase and 1 non alphabetic char. The upper level of the top 10 of chosen C2 security passwd's goes something like: q1w2e3r4*, a1s2d3f4*, these do not contain any uppercase chars and therefore should not have been accepted as a passwd by the system, but apparently the C2 software finds them secure. Also, a nice thing to do is taking your wordlist and using Therion's Passwd Utility, TPU which is a word list manipulator, and add a 1* to all words in the list and uppercase the first letter. Gives a lot of accounts. Another popular thing, in order to keep hackers out, is to setup a so-called 'modem security password' on all dialups. So when you call up the system, before you ever get to the server you have to enter a password. And if you get through, not all accounts are cleared to use the modem dialup facilities, and unless you've got your sleazy hands on a cleared account, you get the boot. Even though the universities puts such a great effort into keeping hackers out, they aren't doing very good. In fact, they are doing real bad. A legit account costs appr. 1900 dkr, which is about a little over 300$ US., which goes into the pockets of UNI*C, so its no wonder that we like to use the nice free facilities present at the universities. Other ways to get on Internet, are via other machines under the ministry of education and certain private and government systems. It's surprising how many bugs (that we all know of) in certain UNIX versions, that still have not been patched, and therefore leave the systems wide open. This goes not only for Denmark, but generally throughout machines on Internet in Europe. Also, a well known phenomena in DK throughout the sector of private corporation computer systems, is lousy security. Elementary stuff like bad file permissions, left over suid shell scripts, and open guest accounts are everywhere. Regarding the X25 datapak links. The official Danish PAD can be reached at dialup 171. This is totally free number just like 80xxxxxx are, which doesn't affect your phone bill. Keep in mind that all calls made in DK are billed, even local calls within same city are charged, and charged high! I remember a time when I was kind of addicted to a certain MUD. For one month alone I got a bill on 1800 dkr, appr. 300 US$! So, the 171 X25 link is nice thing, since all calls are billed to the owner of the Network User Id (NUI) and NOT on your phone bill. However, X25 can be a dangerous thing to use. Especially if you only have a single NUI to use. The phone company is having some trouble tracing the 171, but all calls made in DK on digital lines are logged. So, when some corporation gets a bill on, say 2-3000$ or an amount much higher than usual, the phone company can compare the logs on who dialed 171, to the X25 logs, on which date and time the NUI in question was abused, and figure out who abused the NUI. On analog lines the logging is harder to do, and only goes back a month or so. The format of the NUIs consist of a user number and a password. The first char indicates either a K or J, depending on the NUI's owner, either located under KTAS or JTAS districts. Jutland is covered by JTAS and Copenhagen Sjlland, by KTAS. Then follows 7 or 8 numbers and usually a word of 7-8 chars. Like, K0100872DKDIANEC, this is a valid NUI open for public use by everybody, but its restricted to only to connect to a specific system. Sum lame menu database thing. Most NUI's allows access to most computers, world wide on the X25 network, by an NUA (network User Address). The most use of X25 is to gain free access to Internet by connecting to a PAD which allows telnet. Most of the telnet PAD's has been closed recently because of an increasing (ab)use. However, there is still sites like isosun-t. ariadne.gr which carries an X25 PAD, and because the sysadm there comes off like a dick and is a jerk I'll give u all his NUA. Its 020233181282010. Also, check out gw.sdbs.dk, carries a 9k6 x25 link as well as normal Inet axx. A few people to mention, who either has or is playing an important part of the Danish hacking community: JubJub Bird, Sprocket, Saron, Ravan, Netrunner / Sense/NET, Descore, WedLock, Le Cerveau, Parrot-Ice, Jackal, Temp, Therion, and myself I guess... :) If u like, check out: Free Speech Inc. (+45) 4 582 5565 SysOp: NiteCrawler Freeside (+45) 3 122 3119 -"- : Descore (Off. CJ Dist. site.) This is it. Hope u enjoyed this little file. We are always happy to meet foreign hackers, so call one of the above boards and lets exchange accou.. ehh... intercultural hacking research information :) ----------------------------------------------------------------------------- Why would you or why wouldn't you want to hack in the ex-USSR or in other words what the hell do we do up here. By Digital Empiror and Stupid Fucker Russia is a great country, with absolutely no laws against hacking or phreaking, both are very easy to do and get away with. It's for that reason, that most of the famous online services like CompuServe and Delphi closed registrations coming out of the biggest country in the world via SprintNet, (you guys think we still can't get in? ... take that as a hint). If some great telephone company installed a payphone that can charge calls onto a credit card (very rare in this country) then we can use it as well, credit card numbers are not hard to compile, especially if you know that it is not really illegal. What about those great cellular telephones, you know, we love to use those for free, (can't you guys get it? we know that we are pain in the ass, but LIVE WITH IT!). Most of our switchboards in Russia are very ancient, screwed up relay-analog switches, they don't have methods for protocol-ing telephone calls and present undependable methods for identifying telephone numbers. Also there is special equipment which allows making it impossible to detect your phone number, or even making detection equipment mistake your phone number. Interstate switchboards have to have special methods of detecting your phone number, which are of course only accessible to Interstate switchboards and not to the rest of commercial companies. There was a case once were SprintNet caught one of our great hackers, but he had sent them to his great grandfather's (wanna try doing that with the FBI?) because as he said 'You can't really be sure that it was really ME calling since in this country you can't rely on your number detection equipment...' Another great thing is how the networks are set up in Russia. The greatest and the biggest X.25 network is of course SprintNet (for which they have to pay of course, if not them then somebody else...), it's a little slow here, but that's OK. The administrators who set up the PADs are very lame and stupid, and of course can't set up their PADs like SprintNet would want them to. They can, for example, they were setting up their PAD so, that it would let you connect with virtually ANY system without asking for a NUI, and even when they detected, that hackers do it, they couldn't do anything besides changing their PAD instead of just changing one register! Besides that, their is no problem with finding a NUI for Russian X.25 networks, most of them don't support collect calls like SprintNet, so most Russian services that would like their customers to access their service via X.25 give the users a unique NUI, that specifies that they can only access THIS service, but they usually forget to set it up right so the stupid customers like another of our great hackers, will instead of getting charged for the service, go to an outdial and call his favorite BBS in Clearwater, FL for an example (do they have boards there?). I don't know if you like to access CitiBank machines from SprintNet, but we love to do stuff like that. For example, recently we found a lone standing computer, I don't think the guys in CitiBank really understood what they were doing when they left their modem setup option on that machine without a password, it was a pleasure to change their modem strings knowing that it's absolutely legal to do so and nobody has even a right to call about it! Also there are Internet providers in Russia, only two, from which only one is interesting - RELCOM! Most of Internet in Russia is done via UUCP and costs a bundle of money, so if I am in a bad mood, I'll drop 10-20 megs of mail into an address that doesn't exist, and will laugh and you know why? In RELCOM, everybody pays the central router - KIAE.SU, so if you send megs of stuff, it will go through a lot of systems that will have to pay first each other then to KIAE.SU, but there will be THE last system, that will say 'ya know? there is no such address!', so then the trouble will start. So if you are in a bad mood, then please, do us a favor, drop a gig or 2 to machine that does not have an IP address, better for it to go via a few of those machines, for example, to be original: kaija.spb.su!arcom.spb.su!<any machine in USA>!kiae.su!kaija.spb.su!root I am sure if you have NSLOOKUP, you can be original and make your best route via a dozen systems. When doing it, you can be sure, that it will call a lot of arguments from every one of that dozen concerning to who will pay for that gig (1mb of mail in Russia costs $50 - $150, that enough money for poor Russian Internet hosts). It's all really great, but we are all on our own, and are not organized into a group. There are not many of us and we are not known by any of our western colleagues, to contact us, mail us at: an58736@anon.penet.fi ----------------------------------------------------------------------------- PhreeFone Numbers in Norway Research and Norwegian Edition by cyber aktiF (01-Feb-94) English Translation by Codex/DBA (26-Apr-1994) ----------------------------------------------------------------------------- DISCLAIMER: The author of this document takes no responsibility as to how the information herein is used. I hope everyone who uses this information use it for inquisitive purposes only, and don't use it for ANY destructive purposes whatsoever. WARNING: Unauthorized use of PBX and other communications equipment owned by others, be it private or business, is illegal and may result in banishment from the Norwegian telephone company (Tele- verket) and/or punishment by law. --- After many sporadic travels over the phone network, in other words scanning the number region 800 3xxxx, I've come across several interesting things. I therefore thought it was in its right place to make a complete list of which numbers have a carrier and which have not. The carriers only apply to modems. Televerket has (currently) allocated the region 800 30000 to 800 3500 for these services. These lines are 100% phreefone, which means that the owner of these services pays for the conversation plus a surcharge per unit. This allows for long permutations of numbers and passwords without adding to your own phone bill. On the other hand, the owner of the line will have a phonebill which equals American Express's. Televerket and/or the company/person supplying the service(s) have NO problem finding out what the caller's number is. This is regardless whether or not you have filled in the "don't reveal my number to those I call" part of Televerket's connection form/document. Therefore, nosing around these numbers should be done with some care. I haven't tried blueboxing 800 numbers (too much work for something which is free in the first place), but theoretically it is possible. [Codex: Would this lessen the number identification risk?] I had severe difficulties with a number which answered with an 1800Hz tone in 1 second, after which it became silent. This box phoned me in intervals of 5 minutes from 12:00 the next day -- in other words, an automatic WarDial :/. If you discover the same problem, the following solution is a guaranteed success: Program your local trunk to send all incoming calls to ANOTHER number which answers with an 1800Hz tone. Let this be active an hour's time, and you should be rid of it. - MODEM - The list of numbers where modem carriers are commented with a single line. I haven't (at the time of writing) done a deeper investigation of any of the services, so none of them should be inactive. There are several interesting things -- especially the gateways and the X.25 PAD. Please note that the security at most of the systems are pretty good. Obscure terminal types, data locks and systems which won't identify themselves are the most common types. Someone has done a good job in making the system safe from unauthorized sources. However, as said before, phreefone numbers can be exposed to attacks and permutations of zimmering quantities. When I had a look at the unidentified services, the best way to connect was using a raw-mode tty which won't accept special characters. If you run a cooked-mode terminal, the text will become even more unreadable. -- Modem carrier tones ------------------------------------------------------ 80030004 - Data Lock (1) 80030010 - *no output* 80030067 - *no output* 80030068 - Courier ASCII Dev. adapter 80030078 - Courier ASCII Dev. adapter 80030095 - Modem Outdial (password) 80030115 - *no output* 80030130 - *uknown* 80030180 - *uknown* 80030225 - *no output* 80030301 - *no output* 80030404 - *unknown* - prompts @ter 80030456 - *unknown* - terminal 80030485 - *unknown* 80030456 - Data Lock 4000 (1) 80030514 - garbage - password 80030606 - *no output* 80031040 - *no output* 80031065 - *no output* 80031315 - IBM Aix v3 RISC system/6000 (2) 80031470 - garbage 80031490 - Dr V.Furst. Med. Lab 80031666 - prompts - @ter 80031815 - prompts - < 80031920 - *unknown* - password 80031950 - *unknown* - hangup after 5 seconds 80032165 - Dr V.Furst. Med. Lab 80032340 - *uknown* 80032410 - Wangvs VAX/VMS 80032470 - *no output* 80032480 - Perle Model 3i - V 02.00G - Apotekernes F. Innkj 80032590 - *unknown* - password 80032635 - *unknown* - terminal 80033338 - TSS Gateway (3) 80033443 - *no output* 80033490 - *no output* 80033580 - *unknown* - hangup after 5 seconds 80033601 - *no output* 80033620 - TIU Gateway (3) 80033720 - *no output* 80033815 - *unknown* - hangup after 5 seconds 80033914 - *unknown* dumps lots of texts [Codex: What type?] 80034248 - *unknown* - prompts for login 80034866 - X.25 PAD (1) DATA LOCK If someone can get into one of these, he/she can look forward to getting a Nobel prize. Data locks are modem front-end protectors, almost impossible to crack without physical access. (2) IBM AIX AIX is one of the best flavors of UNIX there is (even though it was made by IBM) -- unfortunately the security at this site was so terrible that anyone with a minimal knowledge of UNIX and access to this machine could pull it apart blindfolded (making the life really unpleasant for the estate agents who own the LAN. Write me for an account ;). (3) GATEWAYS Free internet access within grasping distance if you can break through. Not easy, but possible. ;) I am already working on it, so I'm not sure how long it will take until they increase the security. [Codex: Comment about Study-By-Byte removed, as I didn't know what to call the school in English ;). Another fact was that since no number was provided, and little seemed to be gained by access to this site anyway, I figured it wasn't too important. Get hold of cyb3rF is you really think it's needed.] -- End of modem carrier listing --------------------------------------------- - VOICE/PBX/FAX - Here, ladies and gentlemen, is the list of all the phones in the 800 3xxxx region which answer. Which is what, I'll leave up all you people out there. I have mapped some of the list, but won't spread it [Codex: Yet? ;)]. Only one number per line is noted down. This is to easy the job for everyone who's going to (and you will try ;) run these numbers through their scanner scripts on the lookout for PBX's and other oddities. Good luck guys! cyber aktiF - 01/02/94 -- Answering 800 3xxxx services --------------------------------------------- 80030000 80030001 80030002 80030003 80030005 80030006 80030007 80030008 80030009 80030011 80030012 80030014 80030015 80030016 80030017 80030018 80030019 80030022 80030023 80030024 80030025 80030027 80030028 80030029 80030030 80030032 80030033 80030035 80030036 80030037 80030043 80030044 80030045 80030046 80030048 80030050 80030051 80030053 80030055 80030057 80030058 80030060 80030065 80030066 80030070 80030071 80030072 80030073 80030074 80030075 80030077 80030080 80030082 80030088 80030094 80030096 80030097 80030098 80030099 80030100 80030101 80030102 80030103 80030105 80030106 80030110 80030111 80030113 80030114 80030116 80030120 80030131 80030136 80030140 80030144 80030151 80030155 80030160 80030166 80030170 80030171 80030175 80030177 80030189 80030190 80030195 80030199 80030200 80030202 80030203 80030205 80030210 80030211 80030212 80030213 80030215 80030222 80030227 80030230 80030233 80030235 80030239 80030250 80030255 80030258 80030260 80030265 80030270 80030275 80030277 80030288 80030290 80030294 80030295 80030297 80030299 80030300 80030302 80030303 80030305 80030306 80030308 80030310 80030311 80030313 80030315 80030318 80030319 80030322 80030323 80030330 80030333 80030336 80030337 80030340 80030344 80030345 80030355 80030360 80030363 80030366 80030377 80030380 80030388 80030390 80030395 80030400 80030401 80030407 80030408 80030411 80030415 80030420 80030422 80030433 80030440 80030445 80030450 80030452 80030466 80030470 80030472 80030475 80030480 80030488 80030490 80030495 80030500 80030501 80030502 80030511 80030520 80030522 80030531 80030540 80030545 80030550 80030555 80030560 80030565 80030566 80030570 80030571 80030580 80030585 80030600 80030601 80030603 80030600 80030601 80030603 80030610 80030616 88030640 80030650 80030666 80030670 80030680 80030683 80030690 80030700 80030701 80030707 80030725 80030730 80030750 80030770 80030777 80030788 80030800 80030803 80030811 80030828 80030830 80030840 80030844 80030850 80030855 80030860 80030866 80030870 80030875 80030880 80030888 80030889 80030890 80030900 80030906 80030910 80030911 80030915 80030920 80030922 80030930 80030940 80030950 80030955 80030959 80030960 80030975 80030990 80030994 80031000 80031001 80031006 80031007 80031008 80031010 80031020 80031030 80031031 80031043 80031044 80031048 80031055 80031058 80031060 80031064 80031066 80031070 80031075 80031080 80031082 80031085 80031092 80031097 80031103 80031108 80031110 80031111 80031112 80031113 80031122 80031123 80031140 80031144 80031150 80031151 80031155 80031160 80031166 80031180 80031188 80031200 80031210 80031211 80031212 80031220 80031221 80031229 80031230 80031231 80031234 80031240 80031241 80031244 80031250 80031255 80031266 80031288 80031290 80031300 80031306 80031310 80031313 80031318 80031336 80031340 80031343 80031344 80031355 80031360 80031366 80031400 80031404 80031410 80031412 80031420 80031422 80031430 80031440 80031441 80031447 80031455 80031460 80031466 80031510 80031535 80031540 80031545 80031550 80031560 80031566 80031570 80031571 80031580 80031590 80031600 80031606 80031610 80031611 80031620 80031630 80031631 80031640 80031660 80031661 80031680 80031688 80031690 80031700 80031701 80031707 80031713 80031717 80031740 80031760 80031777 80031780 80031800 80031801 80031809 80031811 80031820 80031830 80031831 80031833 80031840 80031850 80031851 80031866 80031880 80031888 80031900 80031907 80031919 80031927 80031937 80031947 80031957 80031958 80031959 80031970 80031994 80031995 80031999 80032000 80032001 80032002 80032005 80032008 80032011 80032020 80032032 80032040 80032062 80032066 80032080 80032092 80032101 80032105 80032113 80032123 80032130 80032140 80032144 80032150 80032152 80032155 80032166 80032173 80032176 80032200 80032202 80032210 80032212 80032220 80032222 80032223 80032225 80032232 80032255 80032280 80032320 80032323 80032325 80032330 80032332 80032333 80032350 80032355 80032383 80032390 80032399 80032400 80032412 80032415 80032420 80032424 80032425 80032432 80032444 80032450 80032455 80032460 80032466 80032500 80032511 80032520 80032525 80032530 80032540 80032550 80032555 80032560 80032565 80032571 80032578 80032600 80032639 80032660 80032666 80032668 80032680 80032690 80032750 80032754 80032808 80032820 80032832 80032850 80032875 80032880 80032899 80032900 80032907 80032927 80032987 80032990 80032997 80033000 80033003 80033011 80033013 80033016 80033300 80033301 80033302 80033303 80033304 80033305 80033306 80033310 80033311 80033312 80033313 80033315 80033317 80033318 80033320 80033321 80033322 80033325 80033330 80033331 80033332 80033333 80033334 80033335 80033341 80033345 80033350 80033353 80033355 80033370 80033372 80033373 80033377 80033380 80033383 80033385 80033394 80033399 80033410 80033411 80033420 80033432 80033433 80033440 80033444 80033445 80033448 80033450 80033455 80033456 80033460 80033466 80033477 80033488 80033499 80033500 80033505 80033510 80033515 80033520 80033535 80033540 80033550 80033555 80033566 80033567 80033570 80033577 80033585 80033590 80033600 80033610 80033611 80033616 80033622 80033626 80033630 80033633 80033644 80033650 80033655 80033660 80033666 80033670 80033678 80033690 80033711 80033717 80033730 80033733 80033740 80033760 80033770 80033775 80033777 80033779 80033780 80033788 80033800 80033808 80033810 80033818 80033820 80033833 80033838 80033840 80033844 80033855 80033856 80033860 80033866 80033880 80033888 80033890 80033899 80033900 80033920 80033930 80033933 80033940 80033950 80033960 80033970 80033977 80033980 80033990 80033994 80033999 80034000 80034011 80034020 80034022 80034024 80034025 80034030 80034033 80034034 80034035 80034040 80034043 80034044 80034050 80034055 80034070 80034077 80034080 80034088 80034090 80034100 80034110 80034111 80034115 80034123 80034125 80034134 80034135 80034140 80034144 80034150 80034155 80034160 80034166 80034170 80034180 80034210 80034220 80034222 80034240 80034250 80034260 80034266 80034270 80034880 80034888 80034889 80034910 80034966 80034988 80034999 80035000 -- End of list of answering 800 3xxxx services ------------------------------ This file was brought to you in English by Codex/DBA, 26-Apr-1994. I didn't ask cyb3rF for permission to translate this document, but I hope he won't mind. I also understand that the document is of varied use to some people (those of you who can't dial in free to Norway (cc 47), don't bother), but I thought any information, however useful might be of some interrest to the English speaking crowd out there. Re: cyb3rF, Sicko, BattleAng, Maelstrom, Uridium, Enigma, Golan, BadS, vale_ and any other people I've forgotten to mention right now (flame me on #phreak, guys ;). I'll be back in Norway in June. Codex/DBA, 26-Apr-1994. -- "Men I haelvete gutar, vaent paa meg!!" ---------------------------------- ----------------------------------------------------------------------------- More about the Argentine Internet scenery. It's difficult to add something to an already good article like Opii's one, but here is some info which may interest you besides what you already know: * The local Net started as late as January 1989, when the National Commission for Atomic Power (CNEA) connected to the BITNET network. The three first nodes were: ARGCNE (an IBM 9370-60 mainframe), ARGCNEA1 (IBM/370 158), and ARGCNEA2 (Comparex 7/68), all running RSCS V1. Release3 for data comm. The node ARGCNEA2 was (I think it still is) the main link in Argentina to Bitnet. Until late 1992, they still used a manual DIAL-UP LINK (!) to the Chilean node UCHCECVM (IBM 4341MO2) at the Chile's National University in Santiago city, connecting at 9600 bps to exchange mail. I'm not sure about if the Chilean link is still working, due to the existing new leased line connection of the government's foreign office. In mid-1990, the national university of La Plata, joined ranks and also connected to the Bitnet network. The two nodes, CESPIVM1 and CESPIVM2 (Running on IBM mainframes) also served as hosts to a VAX 11-780, and a experimental link to some computers in Uruguay's (country) national University. Another different beast is what's called the RAN network (National Academic Network), which is nothing more than a UUCP network connecting a hundred different nodes through the country. Again, until mid-92 they used X.25 ARPAC connections (!!EXPENSIVE!!) and manual Dial-up calls(!!) for the "international" connection into UUCO. More recently (two months ago), they have got their own 64kbps leased line to the US, which finally will let people around the world to mess and GET into our computers :-). While the project was to connect to Maryland University (financed by the US National Science Foundation, they love us), I still don't know what's the host at the other side of the leased line. Well, that's the end of the FACTS that I have... now some political opinions: Things are getting a *little* better, but I don't expect any improvements for "Joe average" user, since to make things work, we must get rid off the current LD and data monopoly of the two European private telcos that own us. Until 1999, they have the exclusive right to use and abuse the market of both voice and data transmissions, and no competition can enter without passing through their satellite links (and rates). Very nice for a government that is always speaking of "free markets". Until we get AT&T and/or MCI competing for the market, we won't have affordable rates, and US companies like CIS, Delphi, etc. than could be doing BIG business NOW, will have to wait until late 1999, when the monopoly ends by law. (Or, BTW: or they can talk to Mr. Al Gore, so he can kick a little our beloved president to end the telcos ripoff). Chileans, in contrast, have a lot better scene, with well-established direct internet links, an X.25 network with 9600bps access through the country, and even Gopher servers since a long time ago!. Following is a quick and dirty list of Internet domains for both Chile and Argentina: ARGENTINA: ar.ar (unspecified) athea.ar (unspecified) atina.ar (united nations development programme, argentina) (RAN UUCP HOST) ba.ar (unspecified) cb.ar (unspecified) com.ar (unspecified) edu.ar (unspecified) gov.ar (government of argentina) <- give my regards to our corrupt gvt! mz.ar (unspecified) ncr.ar (national cash register corporation, argentina) nq.ar (unspecified) org.ar (centro de estudios de poblacion corrientes',) sld.ar (unspecified) subdomain.ar (unspecified) test.ar (unspecified) tf.ar (unspecified) tm.ar (unspecified) buenosaires.ncr.ar (national cash register corporation, buenos aires, arg) city.ar.us (unspecified) datage.com.ar (unspecified) guti.sld.ar (unspecified) secyt.gov.ar (unspecified) unisel.com.ar (unspecified) unlp.edu.ar (universidad nacional de la plata, argentina) CHILE: altos.cl (altos chile limiteda. el corregidor, santiago, chile) apple.cl (axis calderon, santiago, chile) ars.cl (ars innovandi (el arte de innovar), chile) bci.cl (unspecified) campus.cl (indae limiteda. area de computacion, manuel montt, chile) cepal.cl (comision economica para america latina (cepal) santiago, chile) conicyt.cl (unspecified) <-- Government education branch contag.cl (contagio avda. ricardo lyon, idencia, santiago, chile) cronus.cl (familia fuentealba olea, chile) <-- a family with their node! difusion.cl (editorial difusion, chile) eclac.cl (unspecified) epson.cl (epson, chile) eso.cl (european southern observatory la silla, la serena, chile) frutex.cl (frutexport lota, santiago, chile) fundch.cl (fundacion, chile) fwells.cl (fundacion wells claro solar, casilla, temuco, chile) gob.cl (unspecified) <--- CHILEAN GOVERNMENT! Send a note to Mr. Pinochet! ingenac.cl (ingenac pedor de valdivia, idencia, santiago, chile) lascar.cl (university of catolica, chile) mic.cl (las condes, santiago, chile) ncr.cl (national cash register corporation, chile) opta.cl (opta limiteda. las violetas, idencia, santiago, chile) orden.cl (orden huerfanos piso, fax, santiago, chile) placer.cl (placer dome) <--- WHAT IS THIZ??? "Pleasure dome?" !!!!!!!!!! puc.cl (catholic university of chile (universidad catolica de chile) rimpex.cl (rimpex chile pedro de valdivia, casilla, correo santiago, chile) safp.cl (superintendencia de administradoras de fondos de pensiones, chile) scharfs.cl (scharfstein, las condes, santiago, chile) sisteco.cl (sisteco, santiago, chile) sonda.cl (sonda digital teatinos, santiago, chile) tes.cl (d.c.c. sistemas, chile) uai.cl (unspecified) ubiobio.cl (unspecified) uchile.cl (universidad de chile) ucv.cl (unspecified) udec.cl (universidad de concepcion de ingenieria de sistemas,) unisys.cl (unisys, chile) unorte.cl (universidad del norte, antofagasta, chile) usach.cl (universidad de santiago de chile de ingenieria informatica,) uta.cl (universidad de tarapaca, arica, chile) utfsm.cl (universidad tecnica de electronica, valparaiso, chile) ac.cam.cl (unspecified) agr.puc.cl (agriculture department, catholic university of chile astro.puc.cl (catholic university of chile (pontificia universidad catolica bio.puc.cl (catholic university of chile santiago) cec.uchile.cl (universidad de chile) cfm.udec.cl (universidad de concepcion, concepcion, chile) dcc.uchile.cl (department o. de ciencias de la computacion) dfi.uchile.cl (universidad de chile) die.udec.cl (universidad de concepcion de ingenieria de sistemas) dii.uchile.cl (universidad de chile) dim.uchile.cl (universidad de chile) dis.udec.cl (universidad de concepcion, concepcion, chile) disca.utfsm.cl (universidad tecnica federico santa maria, chile) dpi.udec.cl (universidad de concepcion de ingenieria de sistemas) elo.utfsm.cl (universidad tecnica federico santa maria, ) finanzas.fundch.cl (fundacion, chile) fis.utfsm.cl (universidad tecnica federico santa maria,) inf.utfsm.cl (universidad tecnica federico santa maria,) ing.puc.cl (engineering, catholic university of chile ) mat.puc.cl (mathematics department, catholic university of chile mat.utfsm.cl (universidad tecnica federico santa maria, qui.puc.cl (catholic university of chile santiago) seci.uchile.cl (universidad de chile) soft.udec.cl (universidad de concepcion de ingenieria de sistemas,) ----------------------------------------------------------------------------- Australian Scene Report Part II by Data King ------------------------------- This is the sequel to the Australian scene report that appeared in Phrack Issue 45. There have been a few developments since I wrote that report which I think people may be interested in. Old NEWS ~~~~~~~~ But first before I deal with what's new, I need to deal with something that's old. Shortly after Phrack 45 was published, I received a fakemail that basically threatened me and also made a lot of claims, I would like to take this opportunity to reply to the author of this letter. First of all this person claims I have not been in the scene for ages, well if I am not in the scene that is news to me! The letter contained several threats to do something like redirect my telephone number to a 0055 number, for people outside of Australia, a 0055 is a recorded timed call service. To this I say: 'Go ahead, if your capable DO IT!' I wont bother dealing with most of the rubbish contained in the article, it was just general BS. Finally I have something to say directly to the person who wrote the mail: "If your so goddamn good, then don't hide behind fakemail, come out in the open and let us all fear you, come one get your lame ass on IRC and lets talk!" Also I was told not to submit anything more to Phrack for publishing or bad things would happen, Well I guess either I have no phear, or I don't take these threats seriously. New NEWS ~~~~~~~~ AusCERT Australia is forming it's own version of CERT, to be called AusCERT and based in Queensland, Australia. Everybody is shaking in their boots worrying - NOT! Networks In the last report you may remember I talked about the Australia Military Network in a very vague fashion, well now I have some more detailed info for you. The Australian Defense Forces (ADF) have what they call "the Defense Integrated Secure Communications Network (DISCON)". This network is relatively new. Circuit switched operations only began in 1990. Packet switching came into effect during 1992. It provides all the ADF's communication needs in terms of data, voice, video, and so on, secure and non secure communications. Main control is exercised from Canberra (believed to be from within the DSD compound at Russell Offices), and the network is interconnected via a total of 11 ground stations across the country using Aussat. Also the Australian Federal Police have an internet connection now. sentry.afp.gov.au is the main machine from what I can tell, from the looks of it, the machine is either a setup or they don't know much about security. NeuroCon There was a Con organized by The Pick held here in Melbourne a little while ago, from all reports it was a total disaster, once again showing the apathy of Australian people in the scene. For Instance the organizers kept the location secret, and where supposed to pick people up in the city, at several allocated times they did not show up. When one of the potential attendees rang and asked what was going on they were told by the organizers: "We are too drunk to come and get you". Come on guys this is LAME, sure everyone likes a drink, but if you keep the location secret, make sure someone is able to go and get the people waiting to be picked up! HackFEST 94 The Year is quickly approaching an end and as yet I have not managed to fully organize this event. I am in need of people who wish to speak on various topics, so if you are so inclined and have an idea, send me mail and we will see what we can organize. As always I can be contacted at dking@suburbia.apana.org.au, but please note my PGP signature has changed, so please do a finger on the account if you want my new PGP signature. Information in this article has come from various sources, but they shall remain nameless as they do not wish the attention of the AFP. They know who they are, and I send them my thanks - Thanks Guys!