💾 Archived View for gemini.spam.works › mirrors › textfiles › magazines › EMPIRE › empire-5.phk captured on 2022-06-12 at 11:35:15.
-=-=-=-=-=-=-
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
% T H E E M P I R E T I M E S %
% ------------------------------- %
% The True Hacker Magazine %
% %
% October 18th, 1994 Issue 5 %
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
This Issues Features:
# Selection Author Size
- ------------------------------- ------------- ----
X. Introduction armitage 4k
1. Raw Irc in a Nutshell PuD C0ur13r 4k
2. DMS Family of Switches erudite 6k
3. Defcon III Update dark tangent 3k
4. Bust of Mercury (aka merc) & others invalid media 10k
5. LDDS Multimedia, Operator Scams entropy 12k
6. NCSA Telnet x 6k
7. OSCINT Overview (Part 1 of a series) firefly 7k
8. OSCINT (Part 2 of a series) firefly 7k
------------------------------------------------------------------------------
Founder: Albatross
Editor: Armitage
Contributors: Entropy,
Erudite,
Firefly,
Invalid Media,
PuD Courier,
The Dark Tangent,
X.
Special Thanks: Northern Telcom,
Sevenup,
Noelle.
===========================================================================
-=- The Empire Times -=-
Introduction
Empire Times was once a rumor, but led by the know how of albatross,
they created an image, a way of life, an Empire. We brought it back, I
thought that there was no reason to let this empire die. This issue just
proves that we are back, and will keep going, the last issue was power-
packed, but it was not the last. The empire lives on, through busts,
complications and hardships.
Late? What do you mean late? So maybe you should just consider the
_actual_ release date about a week or so, or so, or soo after the date that
I tell you I plan to release it? Don't bitch at me, just wait a little
while longer, at least you still read it. I still plan on doing it on a
monthly schedule, but not exactly month after month, maybe a week or so late
every month, but it'll still be considered. "About Monthly". You know how
much support I get doing this? Not much, but there are a few helping hands,
(firefly, roach..). Other than that... I've had one complaint about this
zine, but I don't care, it's not my problem. Manowar --> fuck off, go away,
and stop wasting my time.
Brought back from the trenches of distractions such as irc. I just
thought The Empire Times was something we would do for fun, but somehow
people got my mail address, and sent for copy after copy of it. I've
assembled a mailing list for the magazine, I never thought we'd get this
kind of responses.
Hype. That is what everything these days is about. I don't know if
that is good, or bad. With all the things that have happened to the (602)
locals.. Invalid Media, VaxBuster, Merc and all them. I don't think I
want to understand. Whatever the case, someone is out there, someone is
leaking, but at this point, I don't care. I remind all of you to stay safe
and not to be as open as the next person. Invalid wrote something special
for Empire Times about the roundabout happenings in the (602) Scene.
At this time I would like to say a few things about current (well at
the time I am writing this) events. Invalid Media is looking to put upt
on the net. I think that is good and bad, it's good because it'll be net
accessible, but I think it's bad because more people will try to get in.
I hope it doesn't lose it's private factor. Reminder to all that UPT is
up, and still elite, so get the info and call.
Digital Anarchy is going better than ever. I'd like to mention it as
a really quality bbs, but don't want to offend the other great boards that
still exist. Boards are 99% dead, since the erruption of the internet.
That is good in some cases, but it does take most of the fun out of dialing.
However there are some still worth calling. Empire, Digital Anarchy, Plan-9,
Secret Techtonics, Unphamiliar Territories, Planet 10, Unauthorized Access,
Lucid Nightmare... Boards arn't the answer, but a social side, and an
alternative to irc.
Pumpcon is coming around the corner, at the end of October. Okinawa
thought it'd be a good idea to make it private. Well if you've seen the
info sheet, you'd see that it's not _that_ private. I hope it goes over
well, seeing that okinawa and ixom are putting out money, and taking the
trouble to do it. I think all in all it will come and go, with not many
people remebering it. That _should_ be due to the fact that pumpcon has
always been the party con(cept partycon). Whatever happens, I'm sure it
will go over nicely. I'm excited about it.
Till the next Empire Times,
armitage@dhp.com
===========================================================================
-=- The Empire Times -=-
Issue 5, File 1 of 8
IRC, The Untold Story
By PuD C0ur13r
You want to IRC, but don't have a client offhand, or you a client
is too hard to compile? Well, here's a secret for you.
You don't need a client for the irc. Try IRC raw.
No, I don't mean a hamburger raw. Sheesh. ;) Really,
though, raw is pure IRC. But personally I don't like raw irc.
Theres too much information there in Raw, and its a bit
confusing. But with info, it should be made easy.
Any irc server can be an anonymous IRC site. All you have to do is to telnet
to port 6667. ie - telnet irc-2.mit.edu 6665..6667
irc.colorado.edu 6667
irc.uiuc.edu 6667
poe.acc.virginia.edu 6667
hope.gate.net 6667
irc.iastate.edu 6667
cs-pub.bu.edu 6667
Once you are connected, you need to login. you do this with the following two
commands :
( note, do not try /user, this doesn't work)
user [put your 'real' user name here] 0 0 :[your 'full name]
ie - user PuD_r0ks 0 0 :PuD C0ur13r
(note - the 0's used to be fields for an ip address. However, this is obtained
via backwards checking now so these fields are redundant. On some
systems, most notably UMD, this will not work to change the 'real' user name
because it supports the identd protocol at port 113.)
nick [what you want your nick to be]
ie - nick roach
(again, don't try /nick. this is raw, not a client.)
you can join channels with
join #channel
ie - join #hack
(uhuhuhu, don't do /join either)
say your on #hack, and you wanna talk. Well just do this command:
privmsg #channel :[whatever you want to say]
ie - privmsg #hack : y0y0y0y0, PuD r0ks.
(note, the colon is needed).
And if you privately want to message someone, try this command.
privmsg [person's name] :[whatever else]
ie - privmsg armitage : hey, when is the next empire times?
the only things you can't do like this that I know of are - emotes and DCC
transfers. Emotes are lame anyway, and dcc is blocked out on most if not all
anonymous irc sites.
So there you have it. IRC raw in a nutshell.
But if you try IRC raw, and you think "Bleh, this is pretty
wierd. Is there any anon irc sites I can try?"
Well here are a few:
irc.nsysu.edu.tw login: irc
cybernet.cse.fau.edu login: bbs
suncc.ccu.edu.tw login: guest or gopher
dallet.channel1.com login: irc
ilink.nis.za login: irc
freenet.detroit.org login: guest
There are others, but those are the few that I know that work.
If anyone wants to update this article, or improve it (I
always need more anonymous irc sites. I could always make a
huge article on anon IRC sites. :) email me at roach@tmok.res.wpi.edu
SHOUTOUTS: (yhea, I want to shoutout too. ;)
armitage: PHRACK BOY, I MEAN ARMITAGE.
shadowdancer: d00d, watch out. keep yourself safe.
fenris wolf: Without you, this article could not have been
made. Thanks. :)
albatross: Wassup Homeboy?
y-windoze: HEY, WHEN IS MY PUD ARTICLE GOING TO BE PUBLISHED?!?
squinky: fry shit up, d00d.
Rest of the DC crew: w3rd up.
=============================================================================
-=- The Empire Times -=-
Issue 5, File 2 of 8
DMS Family of Digital Switching Systems
by Erudite
In this Infoarticle I hope to cover the capablities and flexabilities of
all the DMS Digital Switching Systems, I will also talk about other
Northern Telecom Devices and Systems. The majority of the file is based
on the DMS-100 system.
First we have breif descriptions of the DMS Switches:
DMS-10
------
This is a versatile switch which is cost-effective for the duties that
it was created for. It is a digital switch that services suburban and
rural areas. It is in service internationally as well as in the US
(rural and suburban areas). It allows access to local and long-distance
service. It can handle up to 12,000 subscribers. It is the smallest of
the DMS family.
DMS-100
-------
The purpose of the DMS-100 Switch is to provide coverage and connections
to the public network. It is designed to deliver services over subscribers
lines and trunks. It provides POTS (Plain Old Telephone Service), along
with very sophisticated business services such as ACD (Automatic Call
Distribution), ISDN (Integrated Service Digital Network), and MDC (Meridian
Digital Centrex).
DMS-200
-------
The DMS-200 switch has toll capabilities, it is used for toll-center
applications. It provides TOPS (Telephone Operator Position System) which
is the world's premier operator service, from Northern Telcom.
DMS-100/200
-----------
Simply, this combines the DMS-200 Toll capabilities and applications, with
the DMS-100 public networking, which makes it possible for this switch to
service subscriber lines, long distance circuits with toll applications.
DMS-250
-------
This is the long distance tandem switch that connects long distance calls.
It is used by the interexchange carriers. It is powerful, and they are
used to connect most of the U.S. population.
DMS-300
-------
This is the international exchange, which gates calls internationally.
It provides the most advanced range of international services. This
international digital switch can interface with almost *any* country in
the world. Talk about power. It is known as the International Gateway
System.
DMS-Supernode
-------------
This is faster, and can handle more throughput that the DMS-100.
DMS-Supernode SE
----------------
This is a reduced size Supernode system, it has a DMS-Core processing
engine, DMS-Bus high-speed messaging component, the Link Peripheral
Processor (LPP), and the Enhanced Network non-blocking switching network
(ENET), which makes it a cost effective system, combined all into one
compact unit.
DMS-MTX Cellular Switch
-----------------------
Northern Telcom's Cellular Switch. The DMS-MTX was the first cellular
switch in Northern American to offer subscribers.
DMS Architecture & Functionality
Messaging - "DMS-Bus" is the high speed data bus connecting most components
of the switch. This makes the DMS-Supernode system a true step up
communications platform.
Switching - The switching matrix calls to their destination. Currently
in planning is future switching fabrics that will allow for broader
data applications, including (ATM) Asynchronous Transfer Mode.
Maintenance & Billing - The DMS Systems provide full feature testing, and
other transaction and maintenance procedures.
Multicomputing platform - The DMS systems enables a high capacity, and other
"information" age applications and functions. Such as Videoconferencing,
transmission of imaging, and dialable ds-1 backup.
DMS Family Setup
Below will be a simple, common setup of dms systems to form a wide range
communications system.
DMS-100 ----------------- DMS-200 ----------------- DMS-250
(end office) /(Tandem office) (ld services)
/ |
/ |
/ |
/ |
/ DMS-300
DMS-Supernode ---------- DMS-100 (int services)
(maint,billing) / | \ |
(subscriber lines) |
+--- International
Gateway
DMS Applications and Markets
Switch Application Class Market
------- --------------------------- --------- -------------------------
DMS-100 End Office 5 Local Exchange Carriers
DMS-200 Toll Office 4 Local Exchange Carriers
DMS-
100/200 End Office/Toll Office 5 Local Exchange Carriers
DMS-250 Tandem Toll Center 4,3,2,1 Interchange Carriers
DMS-300 International Gateway CTI-3,CTX Int. LD Carriers
DMS-MTX Mobile Telephone Center Cellular Servers
Meridian
ACD Srvr Adjunct ACD Switch Local Exchange Carriers
Refrences: The DMS100 Advantage (nt)
=============================================================================
-=- The Empire Times -=-
Issue 5, File 3 of 8
Defcon III Update
by The Dark Tangent
XXXXXXXXXXXXXXXXXXXXXXXX XX DEF CON Announcement
XXXXXXXxxxxXXXXXXXXXXXXXXX XX DEF CON Announcement
XXXXXXxxxxxxXXXXXX X X DEF CON Announcement
XXXXXxxxxxxxxXXXXXXX X
XXXXxxxxxxxxxxXXXX XXXXXXXXX
XXXxxxxxxxxxxxxXXXXXXXXXX X
XXxxxxxxxxxxxxxxXXXXXX XX X
XXXxxxxxxxxxxxxXXXXXXXX
XXXXxxxxxxxxxxXXXXXXXX X XX
XXXXXxxxxxxxxXXXXXXXXXX XX X
XXXXXXxxxxxxXXXXXXXXX X DEF CON Announcement
XXXXXXXxxxxXXXXXXXXXXXXXXX DEF CON Announcement
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX DEF CON Announcement
Ok, nothing too fancy in this announcement. Just that DEF CON III is going
to be happening a little later next year, the first weekend in Augest '95
in Las Vegas.
There is a slight problem, however. We grew too large for most of the
Hotels. That means it is expensive for me to rent space large enough for
everything on the weekends. Sure the convention could be during the
weekdays, and everything would cost 1/2 as much, but everyone I talk to
tells me to do it on a weekend or not at all, so... Rooms will be around
$90 a night for a double.
We'll have three areas along one hallway. A double section for the
speaking, a section for people to hang out and talk and a section for
computer hookups and movies.
We have a mailing list up for information, etc. If you want to subscribe
mail majordomo@fc.net with "subscribe dc-announce" in the body of the
message.
There are lots of things being planned, but since shit always happens at
the last minute I'm not gonna say anything too early. We'll have more of
a focus on technical hacking this year, though.
Audio tapes, shirts, etc. are still available from DC II, if you are
interested mail dtangent@defcon.org for more info.
Thanks Armitage for putting this out...
The Dark Tangent
--
PGP Key (2.3a & 2.6) Available. Voice (AT&T) 0-700-TANGENT FAX 513-461-3389
DEF CON mailing list, mail: majordomo@fc.net with "subscribe dc-announce" in
the body. DEF CON FTP Site: fc.net, /pub/defcon WWW: dfw.net/~aleph1
============================================================================
-=- The Empire Times -=-
Issue 5, File 4 of 8
The Bust of Mercury (aka merc)
+other related busts
by Invalid Media
This is the unofficial textfile describing how merc got busted. A
litte background first - merc was the cosysop of Unphamiliar Territory (and
ran the board on many occasions when I wasn't up to it), he was also a
member of "the Posse" - a group which does not exist (its a figment of
Len Rose's imagination).
The source(s) for all of this information will not be disclosed and
real handle's will not be used to protect many people. If I were speaking of
The Dark Druid (for example) I might say Hacker A. Also please note that the
source for this information is NOT merc -- he is refusing to talk to anyone
at this point in time.
I. How it all started
Late August, merc was playing around with his lock-picking set and
decided to go to a bar. He was standing outside of The Dirty Drummer when a
cop strolled by. He was with non-Hacker A when this occurred. They both
got questioned and promptly arrested. His truck was seized at this time.
The morning of September 1st, merc's apartment was raided by many
different groups which include (but not limited to) Secret Service, Federal
Bureau of Investigations, IRS, Gail Thackeray (in person!).
Merc was (allegedly) dealing with the following:
a) Cellular telephony including engineering phones, making fraudlent
calls via tumbling and cloning.
b) Hacking and gaining complete control of many computer systems
(you know, all those that the Posse are accused of hacking).
Why was his apartment raided? Well, Gail Thackeray somehow found
out about his B&E bust and decided to take action right away - plus she
feared that he would go complete cellular and she would not be able to keep
track of his activities.
II. The following days
Well we all knew about his B&E bust but didn't know anything else
had happened. I was on irc a couple days after merc's bust and was /msg'd
by Hacker B with something along the lines of:
"what the hell is stuck up merc's ass? i called him and say hey and
he just hung up on me"
Not knowing anything other than the B&E bust, I just said that he
was most likely paranoid about it and doesn't want to take any chances until
things are completely cool again.
Having known merc for years, I decided to give him a call since he
obviously wouldn't hang up on one of his best friends.
RING, RING, RING... "i can't talk to you anymore..." <CLICK>
This is where I started getting really concerned. After repeated
attempts at trying to call him and stopping over at his apartment (with
little to no luck) I decided to give some other people a call.
Turns out, that same day Neurosis was busted, Mind Rape was visited,
and Richard Finch (a journalist who set us all up with an interview on KFYI
radio and who organized many 2600 meetings in Arizona) was also busted.
We called up Hacker C. He told us all he knew (and it was basically
information we already knew with the following additions):
a) merc was under investigation for at least a year
b) a wiretap and/or datatap has been plaguing merc for at least
an entire year.
c) they took fingerprints at merc's apartment
d) they didn't know much about Posse so they questioned him for hours
on the subject
III. Other related busts
It seems that on September 1st a lot of people were busted. On Sept-
ember 15th, a "security" user on my board, Keith Jensen of Sprint, posted
the following message:
--Begin UPT capture--
Subject: September 4th
From: sprinter@gail.upt.org (Keith Jensen - SPRINT)
Date: Thu, 15 Sep 94 16:42:25 PST
Organization: (Newsgroup) alt.neutral
September 4th at 4:09p, the Police, Secret Service and F.B.I. stormed
into the offices of Sprint in New York, promptly arrested me and seized
all the computer equiptment in my office.
I was charged with hidering an investigation taking place in New Orleans
into the escapades of Renegade, Dr. Demonsus, Wiseguy, and Revelation. I
have never heard of these people so please tell anything you know about
them. I was allegedly providing them with information they needed to gets
into TransUnion and Information America through Sprintnet.
According to them, I also helped them break into Government and Military
systems to obtain more credit card information.
They found a RS tone dialer in my office (which was not modified to make
it a red box) and charged me with possession of a toll-fraud device. I
have no idea what is going on. My office is still empty and raided and I
have taken an involuntary month-long vacation from Sprint until this will
clear up. Hopefully it will.
They asked me a lot of information about The Posse, my connections with
8BBS, Modem over Miami, The Phoenix Project, and MOD. I used to call some
of these boards many years ago but never did anything illegal through them
and it was over 10 years since I've heard 8BBS brought up.
A much pissed of Sprinter
--End UPT Capture--
There were a lot of posts about Sprinter's bust as well as merc's.
The following was posted by bobby0 on the general chit-chat forum:
--Begin UPT Capture--
Subject: merc/etc
From: bobby0@gail.upt.org (Bobby Zero - Normal User)
Date: Sat, 17 Sep 94 10:16:15 PST
Organization: (Newsgroup) alt.system.news
Would merc/mr/etc getting busted have anything to do with what happenee
er, happened to Sprinter? The timing seems pretty close.
Read this in CU digest today:
NEW ORLEANS (AP) -- "Dr. Demonicus," "Renegade" and four other
hackers used computerz to steal credit card numbers and used them
to buy $210,000 in gold coins and high-tech hardware, federal
prosecuters said Wednesday (Sep 8, 1994)
The nine-count indictment unsealed wednesday charged 5 men from
Lousiana and one from New York with conspiracy, computer fraut,
access device fraud, and wire fraud, US Attourney Eddie Jordan Jr. said.
Some of their hacker nicknames [gawd] were included. They were
identified as Dwayne "Dr. Demonicus" Comerger, 22; Brian Ursin, 21; John
Christopher "Renegade" Montegut, 24; Timothy "Revelation" Thompson, 21;
James McGee, 25; and Raymone "Wiseguy" Savage, 25, of Richmond Hills,
N.Y.
.. it doesn't mention phx at all, but I thought the timing was just kinda
odd.
--End UPT Capture--
At this point everyone is scared. A lot of hackers were busted and
the main thing they all had in common was an interest in Cellular telephony.
A week after Sprinter's post which set us all off, he posted the following:
--Begin UPT Capture--
Subject: my bust
From: sprinter@gail.upt.org (Keith Jensen - SPRINT)
Date: Wed, 21 Sep 94 16:32:36 PST
Organization: (Newsgroup) alt.neutral
This morning I was promptly visited at my house with one of the arresting
officers (Richard Dapesio) who apologized for the arrest and quickly
brought me back all the seized equiptment. They even gave me a check for
$75 to replace the tone dialer which they took apart and could never put
back together again.
I was told that the investigation was regarding only The Posse and many
people were visited. They told me that they apprehended all of the people
who they were going to already (on September 1st, my bust came on the 4th
because it took them a couple more days than it should have to get the
proper paperwork done). He said they got everyone they were looking for
except a few who they can't find because they are mobile. The reason I
was apprehended was because there was some information on my system that
was placed there by the New Orleans hackers (who are in the Posse group
he said) and they thought that I had given them access to my system and
its databases, but that wasn't true. They got in through a backdoor I
have yet to find. Its running BSD, so if anyone has BSD backdoors please
let me know.
Was this Operation Sundevil II? 46 hackers busted in one day. All those
busted were involved in credit card fraud or (the biggest fear people
have now) cellular phone fraud. People were using tumblers to make free
phone calls from their cellular phones and that had to be quickly
stopped. If you are involved in any way with the following things, I
would recommend stopping them:
Cellular phone fraud using tumblers or clones
Credit card fraud especially from Novell, Microsoft, and other
giant computer conglomerates.
46 hackers, 84 computers, hundreds of thousands of dollars in pirated
software, and thousands of dollars in carding computer equiptment,
software and cellular phones.
--End UPT Capture--
Ouch.
IV. Conclusion
Between August 31st and September 4th, a lot of hackers were busted.
The following is a list and reason (I'm just guessing)
Hacker Date Status Reason
------ ---- ------ ------
merc 01Sep94 Bust Cellular, Posse
involvement
Neurosis 01Sep94 Bust Cellular, Making
redboxes
Mind Rape 01Sep94 Questioned ??
Richard Finch 0?Sep94 Bust 2600
We don't know the current status of merc but he was always a good
hacker and friend and we wish him luck.
Invalid Media
upt@bud.indirect.com
upt@cyberspace.org
imedia@tdn.net
==============================================================================
-=- The Empire Times -=-
Issue 5, File 5 of 8
A Guide to the Wonders of LDDS
Metromedia and the World of
Operator Scamming
by Entropy
Ever find yourself at a payphone, without a redbox, code,
card, or other device by which you might place that essential call
to the warez boyz back home? Now assuming you (like most of us)
have some supernatural phear of quarters (or just dont have any)
you will need to find some other way to place your call. Now its simple.
You'll never have to hear another operator say: "Sir, how in gods name
are you putting those quarters in so fast?" or "Sir, you have yet to
deposit any real money!"
PART 1: Third Party Billing
---------------------------
- Billing From an Ordinary Payphone
You can't 3rd party bill to another payphone. Unless of
course you are know of a COCOT that accepts charges and doesn't
have an evil explanatory message saying something to the affect of,
"This is a payphone, fuck off." It's been that way for awhile now,
right?
Wrong. It can be done, it can be done easily, and it can be
done ANYWHERE IN THE CONTINENTAL UNITED STATES. The key is LDDS
Metromedia, the 4th largest long distance carrier in the US.
You've probably heard of Metromedia or some other company with a
similar name. They are tricksters with many divisions and they are
protecting their kodez, therefore they are known by MANY names,
some phone books even list LDDS Metromedia, and Metromedia as
seperate companies, but to my knowledge they are one and the same.
Generally you must be at a bank of phones (2 or more phonez)
for these techniques to work, unless you are at a COCOT, but i'll
get into that later. Here's how it works.
You approach a payphone in hopes of calling your mommy in
Atlanta but soon realize your redbox was stolen from your pocket
protecter by a group of bad bullies. Casually you move over to the
payphone beside yours and jot down its number. If the number isn't
on the phone you will have to call an 800 ANI to get it. (A list
of 800 ANI's is located at the end of this file.) Removing Entropy's
Paper Redbox from the pocket of your Guess jeans you note the 10-direct
code for LDDS Metromedia. You return to your original phone and dial:
109990+ACN
You will hear: "Welcome to LDDS Metromedia Operator Services,
to place a collect call press 1 or to bill this call to a calling
card enter the card # now. If you need operator assitance press 0."
In order to 3rd party bill you will have to go through an
operator. Don't be shy, they are friendly and have never heard of
toll fraud in their lives. Press 0 and when the operator comes on
tell her you want to place a 3rd party billed call. They will ask
you for the # to bill the call so you give them the # of the phone next
to you. If you're calling from an actual payphone (as a opposed to
a "standard" phone) they will put you on hold to verify the charges
and you will hear it ringing in the background. When the phone
beside you rings (it will ring) answer it (dont even worry about
changing your voice) and tell them you will accept the charges.
Heres an example:
1) Dial 109990-516-751-2600
2) Press 0, and wait for the operator.
3) Operator? Yes I'd like to bill this call to my friend at
411. Yes thats right 411. You won't bill to Sherry at
directory asistance? Would it help if i gave your her
operator number? (Try this from a COCOT, on occasion I
have gotten away with billing to directory assistance,
but I had to be tricky and give them a nunber like 617-
555-1212. Tricky, tricky eh?) Well then just bill it
to SUM-PAY-PHONE.
4) "Yes hello, oh yeah i talked to you a minute ago, yeah I
just like to bill my calls to this payph...i mean my
other line to save money... Yeah well it's a cellular
phone...uh huh, yes I know there if no logic to that I
just like to do it that way.... (If she persists.)
...Look lady, I am in a state of permanent psychosis, i'm
very scared right now."
5) "y0y0y0 e-man, how ewe doing ?@!$ eye g0t ewe y0r
warez!!@$"
This works, I am told, because LDDS does not use the database of
blocked numbers/payphones, or at least the one they have is
horrendously small. Bascially this means you can bill a call to ANYONE,
even if they have specifically requested that no collect calls be allowed.
And of course, (as you already know) you can 3rd party bill a call to your
favorite payphone - legally. Well at least _somewhat_ legally.
Yes thats right, the nice operators and helpful customer service
representatives concluded after hours of heated discussion that anything
LDDS is used for _MUST_ be completely legal - otherwise you couldn't do it.
...And you've been sitting home weekends soldering crystals...
Possible problems:
P: The operator recognizes your voice.
S: 1) Disguise your voice.
2) tell her that was your brother on the other other line
and that you are identical twins.
3) You want to fuck her like an animal.
P: The phone doesn't ring.
S: Your at a phone that does not accept incoming calls. This is
a problem, this means it won't work. If you ask the operator
whats wrong she will tell you the number you are billing to is
no longer in service and that no further information is available
about that number. There really isn't anything you can do about
it when this happens.
P: The number of the payphone isn't on the phone.
S: Use an 800 ANI. (See end of file)
- Billing from a COCOT
To quote 2600 Magazine, "Stupidity is an Olympic event in the
COCOT world..."
Countless articles have been written on the subject so I will assume
the reader is generally familiar with COCOT's (Customer Owned Coin
Operated Telephones.) The main weakness behind such phones is that they
were (and still are) subscriber loops. Originally the label "payphone"
was not associated with COCOT's and they could be abused in countless
ways. Now however, many phone companies have them "marked" as payphones,
you can't bill to them...etc. If you happen to be at a bank of two or more
such phones you can easily dial the operator and 3rd party bill to the
phone beside you. Unfortunately there are all sorts of things COCOT's
do to keep you from billing to the phones. Many COCOT's don't have the
number on them (use an 800 ANI) and in this area most COCOT's have
messages for operators saying not to bill to that line. This is however,
hardly the most powerful thing one can do with such a phone: when combined
with (you guessed it!) LDDS Metromedia a COCOT becomes a dangerous weapon.
In this case it is not so much the fault of the phone, but rather LDDS.
LDDS Metromedia classifies lines as "standard," a typical
residential line, and "payphone." Almost _ALL_ COCOTS are
classified by LDDS as "standard" phones. Now to save time and
money LDDS has implemented a particular policy having to do with
3rd party billing: they don't verify 3rd party billed calls when
made from a standard phone. Thats right, you can pick up your home
phone, dial 109990+617-GRENDEL and have the call billed to 202-456-
1414. They will do it without verification. This is great if you
want to go to prison when your number shows up on their bill at the
end of the month. I am unsure as to whether or not the billed party's
number has to needs be valid. If not a phreak would most likely get
away with billing from home. LDDS Metromedia will also 3rd Party Bill
calls to the phone you are calling from. (Use this as a last resort if
you get them to bill a call otherwise.)
You've probably realized by now that from a COCOT you should
be able to bill a call to the phone you are standing at or any
other random number that pops into your head. Using LDDS to bill
to a COCOT is even easier than boxing a call. All you have to do
is dial 109990+ACN, ask for the operator, and tell her to 3rd party
bill the call to wherever you want. Its that damn easy.
[Note: Just before the release of this file LDDS began asking for
full real (hah) names, they now keep them in a database... Apparently
some of Entropy's friends used this billing method a bit much. Just
billshit the name, and if they tell you the party is not accepting 3rd
calls then try again. No biggie.]
Part II: Fucking People Over
----------------------------
Scenario: Your friend just pissed you off. Your friend is
going to wish he never pissed you off.
Solution: Go to your local COCOT (or someone else's
subscriber loop) and call 109990+310-516-1119 (deadline).
Ask the operator to bill the call to the assholes house.
When you here a loud click the deadline has answered
and you can leave the phone hanging there and just walk
away. You might even want to put a little "Out of Order"
or "Do not hangup" sign on it, or rip the receiver right
off the phone. Doing both seems to produce (on the average)
much higher bills.
Part III: Collect Call Messaging and Operator Phun
--------------------------------------------------
This article is about practical methods of placing calls. The
information may or may not be new, and some sections may be considered
somewwhat lame. But everything in this phile is easy to do...and it
works. With that in mind lets move on to Part III.
Have you ever wanted to give someone a quick 15 second message
without bothering with the usual billing shit? Simply pick up your
payphone, or home phone for that matter, smack 0+ACN and just
select collect when you are given the option. When it asks you for
your name say something like, "Dont accept, the warez are on their
way!!" If you speak in a very distinct manner it may say it didn't
get your name. Try to slur 3 or 4 words together so it thinks of
each slur as being a segment of your name. The same goes for
slurring too much, if it hears one long "blahahhhh" it will ask you
to repeat.
Amazingly this technique even works with live operators. All
you have to do is tell them your name is "Dewd 'I have the k0d3z'
Michaels" or something to that effect. Tell them its a secret
thing between the two of you and if the operator doesnt say it they
won't know its you. In most cases the ops are required give them
that name.
And finally a list of k0d3z needed to do much of the shit in this
phile. Abuse them fully. Its a great compact carry-it-everywhere list
of ods and ends for the modern phreak. Have phun.
Entropy's Paper Redbox
To set up a a conf--
ATT Meetme: 1-800-232-1111
Alliance Dialin: 0-700-345-1000/2000
LDDS Metromedia: Dial 109990+ACN
Encore: 1-800-288-2880
ANI's: 1-800-568-3197
1-800-959-9090
1-800-769-3766 (hit 1 twice)
Deadlines: 310-516-1119
0-DaY GreeTz AnD SuCH!@#$
-------------------------
SuPaH-D00PaH y0y0'z g0 0ut t3w: Armitage, Da TeLc0PiMP
X, z00m, Olphart,
Kalen and the resta
the DC PoSSeY!@>#!11
(We have your inpho.)
Send all warez, (GaM3z ONliE Pl33Ze)
inph0, h0h0'z, k0d3z, & GiRLiEZ to: entropy@dans.dorm.umd.edu
"Phun is phucking a h0h0"
-Entropy, Octobah '94
=============================================================================
-=- The Empire Times -=-
Issue 5, File 6 of 8
Being Elite with NCSA Telnet
(common telnet used in computer labs)
written and tested by X
College campus is a great place to live. Especially if you have
ethernet in your rooms. However if you don't have ethernet, don't be
discouraged. Ethernet can be just as easily used from one of the greatly
convenient labs on campus, especially those that stay open 24 hours a day.
Most campus machines that I have delt with have NCSA Telnet that
connects people to the internet. TN3270 is the version that I have used
for years, and is the version from which I have tested my information.
However I have gotten these simple tricks to work on many other versions
including NCSA Telnet 2.5 for the Macintosh.
First off you need to find the directory on the network containing
the telnet files. Example: F:\APPS\TN3270\ or F:\PROGRAMS\TELNET\ or
whatever your administrators have decided to put it in. Unless you have
supervisor access on the network, you won't be able to edit the necessary
files on the network, therefore you should copy all these telnet
files into a temp directory onto the C drive. i.e. C:\TEMP. Next you need
to find the file called CONFIG.TEL. This is the file in which all the
information is kept, i.e your designated i.p. address. You need to edit
this file and since you now have your own version of telnet now on the C
drive, you won't hurt anything.. yet. Here is a shortened clip of an example
of a CONFIG.TEL file, my comments will be preceded by "***" :
CONFIG.TEL
--------------------------------------------------------------------------
# WARNING: The values for "myip" and "myname" are reserved for this
# Machine only. Do not use these values with any other machine.