💾 Archived View for aphrack.org › issues › phrack22 › 9.gmi captured on 2021-12-04 at 18:04:22. Gemini links have been rewritten to link to archived content

View Raw

More Information

⬅️ Previous capture (2021-12-03)

-=-=-=-=-=-=-

                                ==Phrack Inc.==

                      Volume Two, Issue 22, File 9 of 12

            PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN
            PWN                                                 PWN
            PWN        P h r a c k   W o r l d   N e w s        PWN
            PWN        ~~~~~~~~~~~   ~~~~~~~~~   ~~~~~~~        PWN
            PWN                Issue XXII/Part 1                PWN
            PWN                                                 PWN
            PWN           Created by Knight Lightning           PWN
            PWN                                                 PWN
            PWN              Written and Edited by              PWN
            PWN         Knight Lightning and Taran King         PWN
            PWN                                                 PWN
            PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN


What Is Wrong With This Issue?                                     Introduction
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
There is a distinct difference in this issue of Phrack World News, which may be
attributed to the unfortunate final outcome of my self-enforced exile from the
mainstream modem community.  In the "prime" days of PWN, many of you may have
enjoyed the numerous "bust" stories or the ever suspenseful undercover
exposures of security trying to end the hacking community.  Those days are over
and have been for quite some time.

To put it simply, I do not have the economic resources to legally run around on
the nation's bulletin boards or to go and gather information on suspected
security agents.  Perhaps this is for the better.  However, I have a feeling
that most people disagree and rather enjoyed those types of stories.  Its no
longer in my hands.  Its obvious that I need help with such a task and that
help can only come from you, the community itself.

I am easily reached... I am on Bitnet.  Even people who own MCI Mail, GTE
Telemail, or Compuserve accounts can send me mail thanks to experimental
gateways.  People on ARPAnet, Bitnet, or UUCP should have no problems
whatsoever.  So please go ahead and drop me a line, I would be interested in
what you have to say.

:Knight Lightning (C483307@UMCVMB.BITNET)

Much of this issue of Phrack World News comes from Internet news sources such
as the Risks, Virus-L, and Telecom Digests.  Some news stories come from other
magazines and newspapers, and a few come from Chamas, the online Bitnet
bulletin board run by Terra of the Chaos Computer Club (CCC).  A very special
thanks goes to The Noid of 314 for all his help in putting this issue together.

A couple last things to mention... the upcoming files on hackers abroad have
taken a slightly different direction.  There will be news on foreign hacker
activities presented in PWN (starting this issue), but actual files on the
subject will be presented by the hackers themselves so watch for them.
_______________________________________________________________________________

Who Is Clifford Stoll?                                    Pre-Issue Information
~~~~~~~~~~~~~~~~~~~~~~
This issue of Phrack World News features many stories about the Internet Worm
and other hacking incidents on the Internet.  One person who plays a prominent
role in all of these stories is Clifford Stoll, a virtual unknown prior to
these incidents.  However, some checking into other related incidents turned up
some very interesting information about Cliff Stoll.

Clifford Stoll, age 37 (as of May 2, 1988) was a system's manager at
California's Lawrence Berkeley Laboratory.  He might still retain this
position.  Stoll is the master sleuth who tracked down the West German hacker,
Mathias Speer, who infiltrated the Internet via the Space Physics Analysis
Network (SPAN).  The game of "cat and mouse" lasted for 10 months until
Clifford Stoll eventually set up an elaborate sting operation using files
marked "SDI Network Project" (Star Wars) to get Mathias to stay online long
enough to trace him back to Hannover, FRG.

I was able to contact Clifford Stoll at LBL (which maintains a node on Bitnet).
However, outside of a confirmation of his presence, I was never able to really
converse with him.  Recently he has been seen on DOCKMASTER, a node on ARPAnet
that is operated by the National Security Agency (NSA).  He has also been seen
as having accounts on many other nodes all across Internet.  Either he has come
a long way or was just not as well known prior to the Internet Worm incident.

For more information see;

        Time Magazine, May 2, 1988 and/or New Scientist, April 28, 1988
        -------------                     -------------
Thought you might be interested to know about it.

:Knight Lightning
_______________________________________________________________________________

Dangerous Hacker Is Captured                                 PWN Special Report
~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Last issue, I re-presented some memos from Pacific Bell Security.  The first
of which featured "Kevin Hacker," who I now reveal as Kevin Mitnick.  The
original intent was to protect the anonyimity of the said hacker, but now that
he has come upon public fame there is no longer a reason to keep his identity a
secret.

The following memo from Pacific Bell Security was originally seen in Phrack
World News Issue XXI/1.  This version leaves the legitimate information intact.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

On May 14, 1987, Electronic Operations received a court order directing Pacific
Bell to place traps on the telephone numbers assigned to a company known as
"Santa Cruz Operations."  The court order was issued in order to identify the
telephone number being used by an individual who was illegally entering Santa
Cruz Operations' computer and stealing information.

On May 28, 1987, a telephone number was identified five separate times making
illegal entry into Santa Cruz Operations' computer.  The originating telephone
number was 805-495-6191, which is listed to Bonnie Vitello, 1378 E. Hillcrest
Drive, Apt. 404, Thousand Oaks, California.

On June 3, 1987, a search warrant was served at 1378 E. Hillcrest Drive, Apt
404, Thousand Oaks, California.  The residents of the apartment, who were not
at home, were identified as Bonnie Vitello, a programmer for General Telephone,
and Kevin Mitnick, a known computer hacker.  Found inside the apartment were
three computers, numerous floppy disks and a number of General Telephone
computer manuals.

Kevin Mitnick was arrested several years ago for hacking Pacific Bell, UCLA and
Hughes Aircraft Company computers.  Mitnick was a minor at the time of his
arrest.  Kevin Mitnick was recently arrested for compromising the data base of
Santa Cruz Operations.

The floppy disks that were seized pursuant to the search warrant revealed
Mitnick's involvment in compromising the Pacific Bell UNIX operation systems
and other data bases.  The disks documented the following:

  o  Mitnick's compromise of all Southern California SCC/ESAC computers.  On
     file were the names, log-ins, passwords, and home telephone numbers for
     Northern and Southern ESAC employees.

  o  The dial-up numbers and circuit identification documents for SCC computers
     and Data Kits.

  o  The commands for testing and seizing trunk testing lines and channels.

  o  The commands and log-ins for COSMOS wire centers for Northern and Southern
     California.

  o  The commands for line monitoring and the seizure of dial tone.

  o  References to the impersonation of Southern California Security Agents and
     ESAC employees to obtain information.

  o  The commands for placing terminating and originating traps.

  o  The addresses of Pacific Bell locations and the Electronic Door Lock
     access codes for the following Southern California central offices ELSG12,
     LSAN06, LSAN12, LSAN15, LSAN23, LSAN56, AVLN11, HLWD01, HWTH01, IGWD01,
     LOMT11, AND SNPD01.

  o  Inter-company Electronic Mail detailing new login/password procedures and
     safeguards.

  o  The work sheet of an UNIX encryption reader hacker file.  If successful,
     this program could break into any UNIX system at will.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Ex-Computer Whiz Kid Held On New Fraud Counts                 December 16, 1988
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
By Kim Murphy (Los Angeles Times)(Edited For This Presentation)

Kevin Mitnick was 17 when he first cracked Pacific Bell's computer system,
secretly channeling his computer through a pay phone to alter telephone bills,
penetrate other computers and steal $200,000 worth of data from a San Francisco
corporation.  A Juvenile Court judge at the time sentenced Mitnick to six
months in a youth facility.

After his release, his probation officer found that her phone had been
disconnected and the phone company had no record of it.  A judge's credit
record at TRW Inc. was inexplicably altered.  Police computer files on the case
were accessed from outside... Mitnick fled to Israel.  Upon his return, there
were new charges filed in Santa Cruz, accusing Mitnick of stealing software
under development by Microport Systems, and federal prosecutors have a judgment
showing Mitnick was convicted on the charge.  There is, however, no record of
the conviction in Sant Cruz's computer files.

On Thursday, Mitnick, now 25, was charged in two new criminal complaints
accusing him of causing $4 million damage to a DEC computer, stealing a highly
secret computer security system and gaining access to unauthorized MCI
long-distance codes through university computers in Los Angeles, California,
and England.

A United States Magistrate took the unusual step of ordering "Mitnic    k] held
without bail, ruling that when armed with a keyboard he posed a danger to the
community.' "This thing is so massive, we're just running around trying to
figure out what he did," said the prosecutor, an Assistant United States
Attorney.  "This person, we believe, is very, very dangerous, and he needs to
be detained and kept away from a computer."

Los Angeles Police Department and FBI Investigators say they are only now
beginning to put together a picture of Mitnick and his alleged high-tech
escapades.  "He's several levels above what you would characterize as a
computer hacker," said Detective James K. Black, head of the Los Angeles Police
Department's computer crime unit.  "He started out with a real driving
curiosity for computers that went beyond personal computers... He grew with the
technology."

Mitnick is to be arraigned on two counts of computer fraud.  The case is
believed to be the first in the nation under a federal law that makes it a
crime to gain access to an interstate computer network for criminal purposes.
Federal prosecutors also obtained a court order restricting Mitnick's telephone
calls from jail, fearing he might gain access to a computer over the phone
lines.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Dangerous Keyboard Artist                                     December 20, 1988
~~~~~~~~~~~~~~~~~~~~~~~~~
LOS ANGELES (UPI) - In a rare ruling, a convicted computer hacker was ordered
held without bail Thursday on new charges that he gained illegal access to
secret computer information of Leeds University in England and Digital
Equipment Corportation.

Kevin David Mitnick, age 25, of Panorama City, is named in two separate
criminal complaints charging him with computer fraud.  Assistant United States
Attorney, Leon Weidman said it is unusual to seek detention in such cases, but
he considers Mitnick 'very very dangerous' and someone who 'needs to be kept
away from computers.'

United States Magistrate Venetta Tasnuopulos granted the no-bail order after
Weidman told her that since 1982, Mitnick had also accessed the internal
records of the Los Angeles Police Department, TRW Corporation, and Pacific
Telephone.

"He could call up and get access to the whole world," Weidman said.

Weidman said Mitnick had served six months in juvenile hall for stealing
computer manuals from a Pacific Telephone office in the San Fernando Valley
and using a pay phone to destroy $200,000 worth of data in the files of a
northern California company.

Mitnick later pentrated the files of TRW Corporation and altered the credit
information of several people, including his probation officer, Weidman said.

He said Mitnick also used a ruse to obtain the name of the police detective
investigating him for hacking when he was a student at Pierce College.  He
telephoned the dean at 3 a.m., identified himself as a campus security guard,
reported a computer burglary in progress and asked for the name of the
detective investigating past episodes, Weidman said.

The prosecutor said Mitnick also gained access to the police department's
computer data and has impersonated police officers and judges to gain
information.

A complaint issued charges Mitnick with using a computer in suburban Calabases
to gain access to Leeds University computer data in England.  He also allegedly
altered long-distance phone costs incurred by that activity in order to cover
his mischief.

A second complaint charges Mitnick with stealing proprietary Digital Equipment
Corporation software valued at more than $1 million and designed to protect the
security of its computer data.  Mitnick alledgedly stored the stolen data in a
University of Southern California computer.

An affidavit filed to support the complaints said unauthorized intrusions into
the Digital computer have cost the company more than $4 million in computer
downtime, file rebuilding, and lost employee worktime.

A computer operator at Voluntary Plan Assistance in Calabasas, which handles
disability claims for private firms, told investigators he allowed his friend
unauthorized access to the firm's computer.  From that terminal, Mitnick gained
access to Digital's facilities in the United States and abroad, the affidavit
said.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Kevin Mitnick's fate is in the hand's of the court now, but only time will tell
what is to happen to this dangerously awesome computer hacker.
_______________________________________________________________________________

Trojan Horse Threat Succeeds                                  February 10, 1988
~~~~~~~~~~~~~~~~~~~~~~~~~~~~
During the week prior to February 10, 1988, the Chaos Computer Club of West
Berlin announced that they were going to trigger trojan horses they'd
previously planted on various computers in the Space Physics Analysis Network
(SPAN).  Presumably, the reason for triggering the trojan horses was to throw
the network into disarray; if so, the threat did, unfortunately, with the help
of numerous fifth-columnists within SPAN, succeeded.  Before anybody within
SPAN replies by saying something to the effect of "Nonsense, they didn't
succeed in triggering any trojan horses."  However the THREAT succeeded.

That's right, for the last week SPAN hasn't been functioning very well as a
network.  All too many of the machines in it have cut off network
communications (or at least lost much of their connectivity), specifically in
order to avoid the possibility that the trojan horses would be triggered (the
fifth-columnists who were referred above are those system and network managers
who were thrown into panic by the threat).  This is rather amazing (not to
mention appalling) for a number of reasons:

    1)  By reducing networking activities, SPAN demonstrated that the CCC DOES
        have the power to disrupt the network (even if there aren't really any
        trojan horses out there);
    2)  Since the break-ins that would have permitted the installation of
        trojan horses, there have been a VMS release (v4.6) that entails
        replacement of ALL DEC-supplied images.  Installation of the new
        version of VMS provided a perfect opportunity to purge one's system of
        any trojan horses.
    3)  In addition to giving CCC's claims credibility, SPAN's response to the
        threat seems a bit foolish since it leaves open the question "What
        happens if the CCC activates trojan horses without first holding a
        press conference?"

Hiding from the problem doesn't help in any way, it merely makes SPAN (and
NASA) look foolish.

                            Information Provided By
                     Carl J. Ludick and Frederick M. Korz

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

This is a perfect example of a self-fulfilling phrophecy.  The Chaos Computer
Club's announcement that they were going to trigger their Trojan horses in the
Space Physics Analysis Network (SPAN) illustrates the potent power of rumor --
backed by plausibility.  They didn't have to do anything.  The sky didn't have
to fall.  Nervous managers did the damage for the CCC because they felt the
announcement/threat plausible.  The prophecy was fulfilled.

                       "And the more the power to them!"

:Knight Lightning
_______________________________________________________________________________

TCA Pushes For Privacy On Corporate Networks                   October 19, 1988
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
By Kathy Chin Leong  (Computerworld Magazine)

SAN DIEGO -- As more and more confidential data winds its way across computer
networks, users are expressing alarm over how much of that information is safe
from subsidiaries of the Bell operating companies (BOCs) and long-distance
firms providing transmission services.

This fear has prompted the Tele-Communications Association (TCA) and large
network users to appeal to the Federal Communications Commission to clarify
exactly what network data is available to these vendors.

Users with large networks, such as banks and insurance companies, are concerned
that published details even of where a circuit is routed can be misused.  "We
don't what someone like AT&T to use our information and then turn around and
compete against us," said Leland Fong, a network planner at Visa International
in San Francisco.  Users are demanding that the FCC establish a set of rules
and regulations so that information is not abused.

At issue is the term "customer proprietary network information" (CPNI), which
encompasses packet data, address and circuit information and traffic statistics
on networks.  Under the FCC's Computer Inquiry III rules, long-distance
carriers and Bell operating companies --- specifically, marketing personnel ---
can get access to their own customers' CPNI unless users request
confidentiality.  What his group wants, TCA President Jerry Appleby said, is
the FCC to clarify exactly what falls under the category of CPNI.

Fong added that users can be at the mercy of the Bell operating companies and
long-distance vendors if there are no safeguards established.  Customer
information such as calling patterns can be used by the operating companies for
thier own competitive advantage.  "At this time, there are no controls over
CPNI, and the users need to see some action on this," Fong said.

                              Spread The Concern

At a meeting here during the TCA show, TCA officials and the association's
government liason committee met with AT&T to discuss the issue; the group will
also voice its concerns to other vendors.

Appleby said the issue should not be of concern just to network managers but to
the entire company.  Earlier this month, several banks, including Chase
Manhattan Bank and Security Pacific National Bank, and credit card companies
met with the FCC to urge it to come up with a standard definition for CPNI,
Appleby said.

While the customer information is generally confidential, it is available to
the transmission carrier that is supplying the line.  The data is also
available to marketing departments of that vendor unless a company asks for
confidentiality.  Fong said that there is no regulation that prevents a company
from passing the data along to its subsidiaries.
_______________________________________________________________________________

Belgian Leader's Mail Reportedly Read By Hacker                October 22, 1988
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Taken from the Los Angeles Times

Brussels (AP) -- Belgian Prime Minister Wilfried Martens on Friday ordered an
investigation into reports that a computer hacker rummaged through his
electronic files and those of other Cabinet members.

The newspaper De Standaard reported that a man, using a personal computer, for
three months viewed Martens' electronic mail and other items, including
classified information about the killing of a British soldier by the Irish
Republican Army in Ostend in August.

The newspaper said the man showed one of its reporters this week how he broke
into the computer, using Martens' password code of nine letters, ciphers and
punctuation marks.  "What is more, during the demonstration, he ran into
another 'burglar' ... with whom he briefly conversed" via computer, the
newspaper said.
_______________________________________________________________________________

Police Find Hacker Who Broke Into 200 Computers                October 24, 1988
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
London (New York Times) - Police said yesterday that they had found and
questioned a 23-year-old man who used computer networks to break into more than
200 military, corporate, and university systems in Europe and the United States
during the past five years.

The man was asked about an alleged attempt to blackmail a computer
manufacturer, but an official for Scotland Yard said that there was not enough
evidence to pursue the matter.  He was released.

The man, Edward Austin Singh, who is unemployed, reportedly told the police he
had been in contact with other computer "hackers" in the United States and West
Germany who use communications networks to penetrate the security protecting
computers at military installations.

Singh's motive was simply to prove that it was possible to break into the
military systems, police said, and apparently he did not attempt espionage.

London police began an investigation after the man approached a computer
manufacturer.  He allegedly asked the company for $5250 in exchange for telling
it how he had entered its computer network.

The company paid nothing, and London police tracked the suspect by monitoring
his phone calls after the firm had told Scotland Yard about the incident.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

University of Surrey Hacker                                   November 10, 1988
~~~~~~~~~~~~~~~~~~~~~~~~~~~
There has been a lot of recent publicity in the U.K. about the arrest of a
hacker at the University of Surrey.  There were stories about his investigation
by Scotland Yard's Serious Crimes Squad and by the U.S. Secret Service, and
much dicussion about the inadequacy of the law relating to network hacking.  At
this date, he has only been charged with offences relating his unathorised
(physical) entry to the University buildings.

An interview with the individual, Edward Austin Singh, reveals that his
techniques were simply ased on a program which tricked users into
unsuspectingly revealing their passwords.  "I wrote a program that utilized a
flaw that allowed me to call into the dial-up node.  I always did it by
phoning, never by the network.  The dial-up node has to have an address as
well, so I was calling the address itself.  I called the dial-up node via the
network and did it repeatedly until it connected.  That happened every 30
seconds.  It allowed me to connect the dial-up node at the same time as a
legitimate user at random.  I would then emulate the system."

He used to run this program at night, and specialized in breaking into Prime
computer systems.  "I picked up about 40 passwords and IDs an hour.  We were
picking up military stuff like that, as well as commercial and academic," he
claims.  This enabled him to get information from more than 250 systems
world-wide, and (he claims) in touich with an underground hackers network to
"access virtually every single computer system which was networked in the US -
thousands and thousands of them, many of them US Arms manufacturers."

The article states that "Prime Computers have so far declined to comment on his
approach to them or his alleged penetration of their computer systems, until
the American Secret Service completes its inquiries."

                     Information Provided By Brian Randell
_______________________________________________________________________________