TUCoPS :: Phrack Magazine Issue #54 :: p54-01.txt

Introduction

---[  Phrack Magazine   Volume 8, Issue 54 Dec 25th, 1998, article 01 of 12


-------------------------[  P H R A C K     5 4     I N D E X


--------[  Living in SYN

Things that we want for Christmas:  Functional remote operating system
detection.  Functional remote promiscuous mode detection.  Functional agent
based intrusion detection.

A note about this issue.  Loyal and perceptive readers will notice this issue
is a bit smaller.  There are two reasons for this.  The first is swift
delivery.  We are attempting to make Phrack issues a bit more svelte in
order to pump them out on a more timely basis.  The other reason is quality.
There is enough garbage out there.  We turn down at least half of all
submissions to bring you the good stuff.  Enjoy.

Rewind to August 1998.

It's Sunday morning in Las Vegas, about 5:00am-ish.  Angstrom and I decide
to leave the Hard Rock Hotel.  It's been a long night of drinking and
gambling.  I am up maybe $200.  He's up about $30.  We're both inebriated
beyond repair.  We return to Jackie Gaughan's Plaza Hotel and Casino, a
wretched place where the old go to get older and everyone's got at least one
foot in the grave.  Back to the Future II?  Biff's Pleasure Palace?  Welcome
to the Plaza Hotel.

Anyhow, we saunter on in, make our way over to the lounge and find Artimage, 
Asriel, Glyph, and Alhambra.*   After some random dialogue (the specifics of
which I have completely forgotten) Asriel tells me I should play some more 
Blackjack.

    "I only have hundreds." was my reply.  I didn't want to play anymore
    anyhow.  This was the 6th day of my Vegas stint and I was burnt on
    gambling.

    "<shrug> Bet a hundred then." says As.

    "<shrug>  Ok."  I caved.

I plop down on a unoccupied blackjack table and plunk my hundred down.  The
dealer was a gentle looking 200 year old man from Laos.

    "MONEY PLAYZ!" I say.  I remember being very drunk.

    "Money plays?" He questions?  The pit boss wakes up.

    "Money plays." I confirm

    "Money plays!" He announces to the pit boss.  The pit boss scribbles in his
    book.

Here's where the details get fuzzy.  I can't remember the hand I was dealt, nor
any subsequent cards.  All I know is I played textbook blackjack.  That's all
you need to know here.  I played according to the `book`.  I lost that hundred.
At that point, my blackjack betting system kicked in.  I lay down 2 more
bills.

    "Money playz." I repeat.

    "Money plays!" He announces to the pit boss.  The pit boss scribbles
    something else in his little book.

My system is simple and almost foolproof.  Bet small when you are just fucking
around.  Bet big when you want to win big.  Lose a big hand?  Double your bet.
Lose again?  Double it again.  Lose again?  Goto 1.  The odds in blackjack
tend to hover around .05% house favor (this can vary widely depending on
several factors including the type of blackjack, the number of decks, the
skill of the player, whether or not the player counts cards, the card counting
scheme used, etc**).  Eventually, odds are, you will win all your money back,
AND THEN SOME!***  Of course, this relies on both your bankroll and the table
maximum being unlimited.  Small details I usually overlook.

So I lose the 2 hundred.

THE SYSTEM IS STILL IN FULL EFFECT.  I plunk down another 4 small.

    "Money plays?" The dealer musses?  I nod.

    "Money plays." The pit boss scribbles.

I lose another hand.  Bye-bye 4 hundred.

Asriel is laughing at this point.

    "Dude, I think you should quit now."  He offers.
    "Nah.  I'm not done yet."

Hrm.  Time to gather my thoughts.  No more namby-pamby.  Time to separate
the armchair gamblers from the hard-core haggard idiot types who end up having
to live in Vegas.  I peel off 10 hundreds.  1 large is placed in that little
betting circle thingy.

    "Money plays." The pit boss scribbles, Onlookers gawk, I pray.

Now this hand I remember distinctly.  First card: an 8.  Hrm.  Second card: a
6.  Ugh.  Dealer shows an 8.  FUCK.  Oh.  Good.  Well, that's $1700 well spent
in about 2 minutes.  Well.  I had to hit.  I get a 6.  Wow.  WOW!  Dealer
flips his hold card.  A 10.

    "HAHAHAHHAHAHAHAHAHA" I proclaim.

    "10 blacks out" The dealer shouts.  The pit boss stops writing.

    "Want to be rated?"  He asks.

    "Nope!  Bye!"  And off I went to cash out.


* http://www.infonexus.com/~daemon9/PIX/Misc/defcon6/r00tdinner%2b/latenite3.jpg
** Actually, playing basic strategy alone can sometimes give you a pretty
close to even odds (or even better then even).  Usually, however, you will
find that you will need to count cards in addition to basic strategy to have a
real advantage.
*** Assoc. Editor's note:  If you take this advice, chances are you'll be
a very upset and angry gambler come next Defcon.  Whine to route when you
can't afford a hotel room, not me.  Maybe he'll let you sleep on his floor.

A special shout-out to Ron Rivest.  It has worked its way down the grapevine
that he reads Phrack.  Add one more to the Super Elite People That REad Phrack
(SEPTREP) list.  If you are or know one of these people, please send email to
the editor to be added to the list (See linenoise for the list).

A word of caution about P54-06 and P54-10:  If you attempt to apply the kernel
patches for these articles in succession on the same system, the second one
will fail at the syscalls.master file.  You will need to patch this by hand.
It's not hard.  Go ahead and try it.  I trust you.

Enjoy the magazine.  It is by and for the hacking community.  Period.


-- Editor in Chief ----------------[  route
-- Associate Editor ---------------[  alhambra
-- Phrack World News --------------[  disorder
-- Phrack Publicity ---------------[  dangergirl
-- Phrack Webpage Guy -------------[  X
-- Phrack Typographical fixer -----[  silitek
-- Phrack Special Consultant ------[  redragon
-- Mad Cow disease ----------------[  sir dystic and dildog
-------- Elite -------------------->  daveg
-- Official Phrack/r00t auto ------[  BMW M3
-- Your trusted security advisors -[  p and sw_r
-- Shout Outs and Thank Yous ------[  kamee, vision, artimage, chris, meenk,
-----------------------------------|  the former SNI team, n8, phundie, par,
-----------------------------------|  radium, k0re, horizon, dhg, mds, mudge,
-----------------------------------|  bioh, pm (for the elite dox)


Phrack Magazine V. 8, #54, Dec 25th, 1998.  ISSN 1068-1035
Contents Copyright (c) 1998 Phrack Magazine. All Rights Reserved.  Nothing
may be reproduced in whole or in part without written permission from the
editor in chief.  Phrack Magazine is made available quarterly to the public,
free of charge.  Go nuts people.

Contact Phrack Magazine
-----------------------
Submissions:        phrackedit@phrack.com
Commentary:         loopback@phrack.com
Editor in Chief:    route@phrack.com
Associate Editor:   alhambra@phrack.com
Publicist:          dangergrl@phrack.com
Phrack World News:  disorder@phrack.com

Submissions to the above email address may be encrypted with the following key:

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2

mQENAzMgU6YAAAEH/1/Kc1KrcUIyL5RBEVeD82JM9skWn60HBzy25FvR6QRYF8uW
ibPDuf3ecgGezQHM0/bDuQfxeOXDihqXQNZzXf02RuS/Au0yiILKqGGfqxxP88/O
vgEDrxu4vKpHBMYTE/Gh6u8QtcqfPYkrfFzJADzPEnPI7zw7ACAnXM5F+8+elt2j
0njg68iA8ms7W5f0AOcRXEXfCznxVTk470JAIsx76+2aPs9mpIFOB2f8u7xPKg+W
DDJ2wTS1vXzPsmsGJt1UypmitKBQYvJrrsLtTQ9FRavflvCpCWKiwCGIngIKt3yG
/v/uQb3qagZ3kiYr3nUJ+ULklSwej+lrReIdqYEABRG0GjxwaHJhY2tlZGl0QGlu
Zm9uZXh1cy5jb20+tA9QaHJhY2sgTWFnYXppbmU=
=1iyt
-----END PGP PUBLIC KEY BLOCK-----

As always, ENCRYPTED SUBSCRIPTION REQUESTS WILL BE IGNORED.  Phrack goes out
plaintext.  You certainly can subscribe in plaintext.

phrack:~# head -20 /usr/include/std-disclaimer.h
/*
 *  All information in Phrack Magazine is, to the best of the ability of the
 *  editors and contributors, truthful and accurate.  When possible, all facts
 *  are checked, all code is compiled.  However, we are not omniscient (hell,
 *  we don't even get paid).  It is entirely possible something contained
 *  within this publication is incorrect in some way.  If this is the case,
 *  please drop us some email so that we can correct it in a future issue.
 *
 *
 *  Also, keep in mind that Phrack Magazine accepts no responsibility for the
 *  entirely stupid (or illegal) things people may do with the information
 *  contained herein.  Phrack is a compendium of knowledge, wisdom, wit, and
 *  sass.  We neither advocate, condone nor participate in any sort of illicit
 *  behavior.  But we will sit back and watch.
 *
 *
 *  Lastly, it bears mentioning that the opinions that may be expressed in the
 *  articles of Phrack Magazine are intellectual property of their authors.
 *  These opinions do not necessarily represent those of the Phrack Staff.
 */

-------------------------[  T A B L E   O F   C O N T E N T S

 1 Introduction                                            Phrack Staff   22K
 2 Phrack Loopback                                         Phrack Staff   58K
 3 Phrack Line Noise                                       various        90K
 4 Phrack Prophile on the parmaster                        Phrack Staff   26K
 5 Linux and Random Source Bleaching                       phunda mental 174K
 6 Hardening OpenBSD for Multiuser Environments            route          90K
 7 Scavenging Connections On Dynamic-IP Networks           Seth McGann    34K
 8 NT Web Technology Vulnerabilities                       rfp            40K
 9 Remote OS detection via TCP/IP Stack Fingerprinting     Fyodor         58K
10 Defeating Sniffers and Intrusion Detection Systems      horizon       100K
11 Phrack World News                                       Disorder      240K
12 extract.c                                               Phrack Staff   32K

                                                                         966K

-----------------------------------------------------------------------------

    "...a bellvue in the mental hospital world of media whore web pages..."
        - xanax on #phrack, 10-13-1998, when asked to comment on Antionline.

    "This is not a tool we should take seriously, or our customers should take
    seriously..."
        - Edmund Muth, Microsoft, as reported by the New York Times,
          referring to Back Orifice.  (How many thousands of machines were
          owned with BO?)

    *deraadt* your style is so unlike anyone elses, that is makes no sense that
    you have this "style"
        - Theo Deraadt, OpenBSD project leader, refering to route's code in
          this issue.

    "So I thought of something useful I could do with the money. I bought
     a Nintendo 64 for one of my sisters, who has a slight mental retardation. 
     The reason for this was because the doctors have always told us that
     things to stimulate her hand eye coordination would help her."
        - Chameloen of the `masters of downloading` "hacking group",
          commenting on why he didn't spend money on medical care for his
          sister.

-----------------------------------------------------------------------------

----[  EOF

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH