{\rtf1\ansi\deff0{\fonttbl{\f0\fnil\fcharset0 Courier New;}}
{\colortbl ;\red0\green0\blue128;}
\viewkind4\uc1\pard\cf1\lang9225\b\f0\fs24\par
\par
\par
THE GUIDE\par
\par
To (mostly) HARMLESS\par
\par
HACKING\par
\par
\par
\par
\par
\par
\par
\par
\par
\par
\par
#Contents of Volume 4: \par
\par
-Hacker Wars: Fighting the Cybernazis \par
 \'b7 what are hacker wars \par
 \'b7 Web page hacking \par
 \'b7 denial of service \par
 \'b7 sniffing \par
 \'b7 social engineering \par
 \'b7 ISP hostage taking \par
 \'b7 the damage hacker warriors may do to bystanders \par
 \'b7 why you may get hit someday \par
 \'b7 how to get into a hacker war (some people want to!) \par
 \'b7 how to keep from getting caught -- NOT! \par
 \'b7 defense techniques that don't break the law \par
\par
\par
\par
\par
\par
\par
\par
\par
__________________________________________________________ \par
\par
Guide to (mostly) Harmless Hacking \par
Vol. 4: Information Warfare Series \par
No. 1:  Hacker Wars: Fighting the Cybernazis \par
__________________________________________________________ \par
 \par
\par
\tab There is a war underway in cyberspace. It is a war between the forces of \par
repression and those of us who treasure freedom. On the side of repression \par
are governments who fear the untrammeled freedom of speech that is today's \par
Internet -- and several bands of computer criminals who have the nerve to \par
call themselves hackers. \par
 \tab I prefer to call them cybernazis. They are the spiritual descendants of the Nazis of the Germany of the 1930s, who burned books in their campaign to \par
keep the German people ignorant. \par
 \tab The tactics of today's cybernazis are to shut down people's email accounts, deface Web pages, and to use terror tactics to get people kicked of their Internet service providers. In some cases cybernazis also target their \par
victims with massive credit card fraud, death threats, and worse. \par
 \tab So far, the cybernazis have been far more successful than governments in \par
shutting down Web sites with which they disagree, blocking email, and \par
getting people whose ideas they dislike kicked off Internet service \par
providers. \par
 \tab It's a war that has targeted this Happy Hacker email list ever since we \par
started it in August 1996. The cybernazis have felt we merit a wide range of \par
attacks, not only digital but including blackmail and threats against those \par
who have been courageous enough to be part of Happy Hacker. \par
\tab The most serious battle in these wars took place Oct. 4-21, 1997. It \par
targeted Bronc Buster. During the course of this battle, jericho and Modify \par
sent me many email messages that made it clear that Bronc was being hit \par
because of his high quality Web site (hope you can find it still up at \par
http://showdown.org) and his association with Happy Hacker. \par
 \tab This war escalated beyond an initial spate of forgeries beginning Oct. 4, \par
1997 that attempted to make it look like Bronc was a self-confessed \par
pedophile, into scorched-core warfare that shut down the Succeed.net ISP \par
repeatedly. They attacked Succeed.net because it was providing Bronc with a \par
shell account. \par
 \tab I helped muster both the FBI and volunteer technical help from an Internet \par
backbone provider to aid Succeed.net in its struggle against these \par
vindictive computer criminals. If you, too, get hit by the cybernazis, too, \par
tell me about it. I will be delighted to help you fight them. \par
\par
************************************************************ \par
I don't want to get sued disclaimer: Just because jericho and Modify acted \par
as spokesmen for the attackers, and in the case of jericho claimed \par
considerable knowledge of technical details of the attacks, does not mean \par
they are guilty of anything. Nosirree. I am not saying they did it. \par
************************************************************ \par
 \par
\tab So, do you want to join us in our battle against those cybernazis, against \par
those who are trying to wipe out freedom on the Internet? Want to enlist in \par
the good guy side of information warfare? One way is to learn and practice \par
defensive skills against hacker war criminals. \par
 \tab In this GTMHH No.1 of the Information Warfare Volume we will cover hacker \par
war only. But an understanding of hacker war will prepare you for No. 2, \par
which will help you protect yourself from far broader attacks which can even \par
lead to your 'digital death," and No. 3, which will lay the foundation for \par
becoming an international information warfare fighter. \par
\par
\par
What Exactly Are Hacker Wars?\par
 \par
 Hacker wars are attempts to damage people or organizations using  cyberspace. There are several types of hacker war tactics. In this Guide we \par
will discuss some of the more common attacks. \par
\par
\par
Web Page Hacking \par
 \par
Lots of people ask me, "How do I hack a Web page?" Alas, gentle reader, the first step \par
in this process ought to be physiologically impossible and \par
unsuitable for description in a family publication. \par
 \tab The typical Web page hack begins with getting write permission to the \par
hypertext files on the Web server that has been targeted. Amazingly, some \par
Web sites accidentally offer write permission to anyone (world writable)! If \par
so, all the hacker warrior need do is create a bogus Web page, give it the \par
same name as the desired page on the Web site to be hit, and then transfer \par
it via ftp. \par
 \tab Otherwise it is usually necessary to first break into the Web server \par
computer and gain root or administrative control. \par
 \tab Hacked web pages usually consist of dirty pictures and bad language. I have hunted \par
down many hacked Web sites. Wise political analysis, witty repartee \par
and trenchant satire have been absent from every one I have ever seen -- \par
with the single exception of one hack in Indonesia by the East Timor freedom \par
fighter group. Perhaps because they risked their lives to have their say, \par
they made their hack count. \par
 \tab But maybe my standards are too high. Judge for yourself. Parental \par
discretion and antinausea medicine advised. Collections of hacked Web pages \par
may be found at \par
  http://www.skeeve.net/ \par
  http://www.2600.com/hacked_pages \par
 \tab However, even if someone's cause is good and their commentary trenchant, \par
messing up Web sites is a pitiful way to get across a message. They are \par
quickly fixed. One has to hack a really famous Web site to make it into an \par
archive. \par
 \tab If you believe in freedom enough to respect the integrity of other people's Web \par
sites, and are serious about making a political statement on the Web, the legal and \par
effective way is to get a domain name that is so similar to \par
the site you oppose that lots of people will go there by accident. For \par
example, http://clinton96.org was hilarious, clean, effective, and legal. \par
http://dole96.org was also taken by parody makers. They are both down now. \par
But they were widely reported. Many political sites linked to them! \par
 \tab To get your web spoof domain name, go to http://internic.net. You will save a lot of money by purchasing it directly from them instead of through an \par
intermediary. In fact, all you need to do is promise to buy a domain name. \par
If you get tired of your parody Web site before you pay for it, people have \par
told me they have just given the name back to Internic and no one demanded \par
payment. \par
\par
*********************************************************** \par
You can get punched in the nose by a giant corporation warning: If you get a \par
parody domain name so you can put up a Web site that makes fun of a big \par
corporation, even though you are not breaking the law, you may get sued. \par
Even if you win the lawsuit, you could spend a lot of money in self defense. \par
But you may be able to get lots of good publicity by alerting reporters to \par
your plight before taking down your Web site. So in the end, especially if \par
you get sued, you may make your views known to even more people than if you \par
had hacked their Web site. \par
*********************************************************** \par
 \par
If you want to keep your Web site from being attacked, I recommend using a \par
company that does nothing but host Web pages. This makes it easier to avoid \par
being hacked. This is because the more services an Internet service provider \par
offers, the more vulnerabilities it exposes. For example, my http://techbroker.com is hosted by a Silicon Graphics box that does nothing \par
but run a Web server. My @techbroker.com email, by contrast, is hosted on a \par
machine that does nothing but host a POP (post office protocol) server. For \par
sending out email, I use yet another computer. \par
\par
\par
DOS Attacks \par
\par
 A second type of hacker war is denial of service (DOS)attacks. Because they harm many \par
people other than the direct targets, DOS may well be the most \par
serious type of hacker war. \par
 \tab Spammers are a favorite target of DOS warriors. Spammers also, if my \par
sources are telling the truth, fight back. The weapon of choice on both \par
sides is the mail bomb. \par
 \tab Recently (June-Oct. 1997), hackers fought a massive war against spammer \par
kingdom Cyber Promotions, Inc. with the AGIS Internet backbone provider \par
caught in the middle. Cyberpromo went to court to force AGIS to give it \par
Internet access (AGIS eventually won and kicked off Cyberpromo). But in the \par
meantime it was seriously hurt by a barrage of computer vandalism. \par
 \tab While the vandals who attacked AGIS probably think they have a good cause, \par
they have been doing more damage than any hacker war in history, and harming \par
a lot of innocent people and companies in the process. \par
 \tab According one source on the AGIS attacks, "The person who really did it \par
'owned' all of their machines, their routers, and everything else inbetween \par
(sic)." So, although the attacks on AGIS apparently consisted of computer \par
break-ins, the use of the break-ins was to deny service to users of AGIS. \par
\par
******************************************************** \par
Newbie note: An Internet backbone is a super high capacity communications \par
network. It may include fiber optics and satellites and new protocols such \par
as Asynchronous Transfer Mode. An outage in a backbone provider may affect \par
millions of Internet users. \par
******************************************************** \par
\par
******************************************************** \par
You can go to jail warning: Attacking an Internet backbone provider is an \par
especially easy way to get a long, long stay in prison. \par
******************************************************** \par
 \par
Other DOS attacks include the ICMP (Internet Control Message Protocol) \par
attacks so familiar to IRC warriors; and an amazing range of attacks on \par
Windows NT systems. http://www.dhp.com/~fyodor/ has a good list of these NT \par
DOS vulnerabilities, while Bronc Buster's http://showdown.org is great for \par
Unix DOS attacks. Please note: we are pointing these out so you can study \par
them or test your own computer or computers that you have permission to \par
test. \par
While Windows NT is in general harder for criminals to break into, it is \par
generally much easier to carry out DOS attacks against them. \par
\par
******************************************************** \par
You can go to jail, get fired and/or get punched in the nose warning: DOS \par
attacks in general are pathetically easy to launch but in some cases hard to \par
defend against. So not only can one get into all sorts of trouble for DOS \par
attacks -- people will also laugh at those who get caught at it. "Code \par
kiddie! Lamer!" \par
******************************************************** \par
\par
\par
Sniffing \par
 \par
Sniffing is observing the activity of one's victim on a network (usually \par
the Internet). This can include grabbing passwords, reading email, and \par
observing telnet sessions. \par
 \tab Sniffer programs can only be installed if one is root on that computer. But it isn't enough to make sure that your Internet host computers are free of \par
sniffers. Your email, telnet, ftp, Web surfing -- and any passwords you may \par
use -- may go through 20 or more computers on their way to a final \par
destination. That's a lot of places where a sniffer might be installed. If \par
you really, seriously don't want some cybernazi watching everything you do \par
online, there are several solutions. \par
 \tab The Eudora Pro program will allow you to use the APOP protocol to protect \par
your password when you download email. However, this will not protect the \par
email itself from snoopers. \par
 \tab If you have a shell account, Secure Shell (ssh) from Datafellows will \par
encrypt everything that passes between your home and shell account \par
computers. You can also set up an encrypted tunnel from one computer on \par
which you have a shell account to a second shell account on another computer \par
-- if both are running Secure Shell. \par
 \tab You may download a free ssh server program for Unix at \par
ftp://sunsite.unc.edu/pub/packages/security/ssh/ssh-1.2.20.tar.gz, or check \par
out http://www.cs.hut.fi/ssh/#ftp-sites. \par
 \tab If you are a sysadmin or owner of an ISP, get ssh now! Within a few years, \par
all ISPs that have a clue will require ssh logins to shell accounts. \par
 \tab For a client version that will run on your Windows, Mac or any version of \par
Unix computer, see the DataFellows site at http://www.datafellows.com/. But \par
remember, your shell account must be running the ssh server program in order \par
for your Windows ssh client to work. \par
 \tab To get on the ssh discussion list, email majordomo@clinet.fi with message \par
"subscribe ssh." \par
 \tab But ssh, like APOP will not protect your email. The solution? Encryption. \par
PGP is popular and can be purchased at http://pgp.com. I recommend using the \par
RSA option. It is a stronger algorithm than the default Diffie-Hellman \par
offered by PGP. \par
\par
************************************************************ \par
Newbie note: Encryption is scrambling up a message so that it is very hard \par
for anyone to unscramble it unless they have the right key, in which case it \par
becomes easy to unscramble. \par
************************************************************ \par
  \par
************************************************************ \par
Evil genius tip: While the RSA algorithm is the best one known, an \par
encryption program may implement it in an insecure manner. Worst of all, RSA \par
depends upon the unprovable mathematical hypothesis that there is no \par
polynomial time bounded algorithm for factoring numbers. That's a good \par
reason to keep up on math news! \par
 \tab The key plot element of the movie "Sneakers" was a fictional discovery of a fast algorithm to factor numbers. Way to go, Sneakers writer/producer Larry \par
Lasker! \par
************************************************************ \par
\par
************************************************************ \par
You can go to jail warning: In many countries there are legal restrictions \par
on encryption. In the US, the International Traffic in Arms Regulations \par
forbids export of any encryption software good enough to be worth using. If \par
we are serious about freedom of speech, we must find ways to keep our \par
communications private. So fighting controls on encryption is a key part of \par
winning the battle against repression on the Internet. \par
************************************************************ \par
\par
\par
Social Engineering \par
 \par
As we saw in the GTMHH on how to break into computers, social engineering \par
usually consists of telling lies that are poorly thought through. But a \par
skilled social engineer can convince you that he or she is doing you a big \par
favor while getting you to give away the store. A really skilled social \par
engineer can get almost any information out of you without even telling a \par
lie. \par
 \tab For example, one hacker posted his home phone number on the bulletin board \par
of a large company, telling the employees to call him for technical support. \par
He provided great tech support. In exchange, he got lots of passwords. If he \par
had been smart, he would have gotten a real tech support job, but then I can \par
never figure out some of these haxor types. \par
ISP Hostage Taking \par
 \tab A favorite ploy of the aggressor in a hacker war is to attack the victim's \par
Internet account. Then they trumpet around about how this proves the victim \par
is a lamer. \par
 \tab But none of us is responsible for managing the security at the ISPs we use. Of course, you may get a domain name, set up a computer with lots of \par
security and hook it directly to an Internet backbone provider with a 24 hr \par
phone connection. Then, checking account depleted, you could take responsibility for your own Internet host. But as we learned from the AGIS attacks, even Internet backbones can get taken down. \par
 \tab If you point this out, that you are not the guy running security on the ISP you use, bad guy hackers will insult you by claiming that if you really knew \par
something, you would get a "secure" ISP. Yeah, right. Here's why it is always easy to break into your account on an ISP, and almost impossible for your ISP to keep hackers out. \par
 \tab While it is hard to break into almost any computer system from the outside, there are vastly more exploits that will get you superuser (root) control from inside a shell account. So all your attacker needs to do is buy an \par
account, or even use the limited time trial account many ISPs offer, and the \par
bad guy is ready to run rampant. \par
  \tab You can increase your security by using an ISP that only offers PPP (point \par
to point) accounts. This is one reason that it is getting difficult to get a \par
shell account. Thanks, cybernazis, for ruining the Internet for the rest of \par
us. \par
 \tab But even an ISP that just offers PPP accounts is more vulnerable than the \par
typical computer system you will find in a large corporation, for the simple \par
reason that your ISP needs to make it easy to use. \par
  \par
******************************************************** \par
Newbie note: A shell account lets you give Unix commands to the computer you \par
are on. A PPP account is used to see pretty pictures while you surf the Web \par
but in itself will not let you give Unix commands to the computer you are \par
logged into. \par
******************************************************** \par
 \par
Because it is easy to break into almost any ISP, haxor d00d cybernazis \par
think it is kewl to take an ISP hostage by repeatedly breaking in and \par
vandalizing it until the owner surrenders by kicking the victim of the \par
attacks off. This was the objective in the assaults on Succeed.net in Oct. \par
1997. \par
\par
******************************************************* \par
You can go to jail warning: I usually fubar the names of ISPs in these \par
guides because so many haxor types attack any computer system I write about. \par
Succeed.net is a real name. If you want to attack it, fine. Just remember \par
that we have boobytrapped the heck out of it. So if you attack, men in suits \par
bearing Miranda cards will pay you a visit. \par
******************************************************* \par
\par
\par
Why Should I Give a Darn? -- Ways Bystanders Get Hurt \par
 \par
To most people, hacker wars are Legion of Doom vs. Masters of Deception \par
stuff. Interesting, but like reading science fiction. But what does it have \par
to do with your life? You may figure that if you never do anything that gets \par
some computer dweeb who thinks he's a haxor mad, you won't have a problem. \par
 Yet chances are that you may already have been brushed by hacker war. Have \par
you ever tried to login to your online provider and couldn't make a \par
connection? Did you call tech support and they told you they were "down for \par
maintenance"? Tried to send email and gotten a message "cannot send mail \par
now. Please try again later"? Sent email that disappeared into cyberspace \par
without a trace? Gotten email back with a "User unknown" or worse yet, "host \par
unknown" message? Been unable to surf to your favorite Web site? \par
 \tab It could have been technical error (cough, cough). But it may have been \par
more. A cardinal rule of online services is to never, ever admit in public \par
to being hacked. Only if a reporter "outs" them first will they reluctantly \par
admit to the attack. This is because there are cybernazi gangs that, when \par
they hear of an online service under attack, join in the attack. \par
  \tab Why cybernazis do this is not clear. However, what they accomplish is to \par
make it hard for small companies to compete with giants such as America \par
Online. The giant online services can afford a large staff of computer \par
security experts. So with the cybernazis rampaging against the little \par
Internet service providers, it is not surprising that so many of them are \par
selling out to the giants. \par
 \tab I don't have any evidence that the cybernazis are in the pay of giants such as AOL. In fact, I suspect cybernazis are trying to drive the small \par
competitors out of business solely on the general principle that they hate \par
freedom of anything. \par
 \tab It is common for hacker wars that start as a private disagreement to spill \par
over and affect thousands or even millions of bystanders. \par
 \tab For example, in Sept. 1996, syn flood attackers shut down the Panix ISP for several days. In Oct. 1997 the ISP Succeed.net was shut down by a team of \par
hackers that deleted not just Bronc's but also over 800 user accounts. Many \par
other ISPs have suffered shutdowns from hacker wars, often because the \par
attackers object to political views expressed on their Web pages. \par
  \tab On June 4, 1997, hacker wars made yet another quantum leap, shutting down \par
the Internet backbone service provider AGIS in retaliation for it allowing \par
Cyberpromo and several other spam empires to be customers. \par
 \tab Tomorrow these skirmishes could pit nation against nation: power grids that serve hundreds of millions failing in the dead of winter; air traffic \par
control systems going awry with planes crashing; hundreds of billions, \par
trillions of dollars in banking systems disappearing without a trace. Pearl \par
Harbor. Digital Pearl Harbor. Famine. Years before we could climb out of an \par
economic collapse as bad as the Great Depression. \par
You think this is a ridiculous exaggeration? Those of use who have \par
been in the bullseye of the cybernazis find this future easy to believe. \par
 \tab Winn Schwartau has been warning the world of this coming disaster since \par
June of 1991. Someone must be listening, because in September 1997 an \par
industry group, formed in the wake of hearings by the US Senate's Permanent \par
Subcommittee on Investigations, appointed Schwartau team leader, Manhattan \par
Cyber Project Information Warfare/Electronic Civil Defense (see \par
http://www.warroomresearch.com/mcp/ and http://www.infowar.com). \par
 \tab Schwartau, in his book Information Warfare, tells us about some of the \par
attacks the cybernazis have made on his family. These attacks have included \par
massive credit card fraud, tampering with his credit rating, turning off his \par
home power and phone, and even tampering with the local emergency services \par
dispatch system so that all ambulance, fire and police calls were directed \par
to his home instead of to those who called 911 for emergency help. \par
 \tab Those of us on the front lines of cyberwar have seen these attacks first \par
hand. The cybernazis, as Schwartau discovered, were willing to even risk the \par
lives of people who had nothing to do with him. \par
Yes, we know hacker wars do to us, and we know what it does to you \par
bystanders. \par
\par
\par
Why You May Get Hit \par
\par
 Hacker war happens to other people, right? Spammers get hacked. Hacker \par
gangs pick fights with each other. But if you behave politely around \par
computer criminals, you are safe, right? OK, as long as you don't live in \par
the neighborhood of one of us Internet freedom fighters like Schwartau or me \par
you are safe. \par
 \tab Wrong. Dead wrong. \par
 \tab Let's look at an example of a hacker war, one that doesn't seem to have any motivation at all. We're talking the Internet Chess Club. Not exactly \par
controversial. In mid Sept. 1996 it was shut down by a syn flood attack in the aftermath of daemon9 publishing a program to implement the attack in the ezine Phrack. \par
 \tab There have been many bystanders hit with the wars against this Happy Hacker list. It all started with cybernazis who wanted stop you from getting email from me. For example, on Dec. 6, 1996, someone had written to the dc-stuff \par
hackers email list (subscribe by emailing majordomo@dis.org with message \par
"subscribe dc-stuff) saying "I think they (or maybe 'we') will survive, \par
Carolyn's book." Rogue Agent replied: \par
I'm just doing my part to make sure that it doesn't happen.  Ask not \par
what the network can do for you, ask what you can do for the network.  \par
We shall fight them in the routers, we shall fight them in the fiber, we \par
shall fight them in the vaxen... I'm an activist, and I won't stop my \par
activism just because I know others will take it too far.\par
 \tab On Dec 20 Rogue Agent wrote to me: \par
Ask Netta Gilboa; her magazine's in shambles and her boyfriend's in \par
prison, while she lives in fear.  Ask Josh Quittner (author of  Masters \par
of Deception); for a while there, he had to change his (unlisted) phone \par
number literally every two weeks because of the nightly anonymous calls \par
he was getting. Somehow they always got the new number.  Ask John \par
Markoff (coauthor of the hacker best-seller Takedown); he can't even let \par
people know what his email account is or he gets spammed the next day. \par
This is not a threat... All I'm doing is telling you what's coming... \par
you're playing with fire. There is a darker element in my culture, and \par
you're going to meet it if you keep going.\par
 \tab "This is not a threat." Yeah, right. That's what most of the guys who \par
threaten us say. \par
 \tab Five days later, while it was still dark on Christmas morning, the owner of the Southwest Cyberport ISP where I had an account was woken by an alarm. \par
His mail server was down. No one using that ISP could get email any more. \par
They had been hit by a massive mailbombing by someone styling himself johnny \par
xchaotic. jericho surfaced as the public spokesman for the attacker, \par
claiming intimate knowledge of his techniques and motivations. \par
  \tab The evening of Dec. 28, someone cracked the dedicated box that Cibola \par
Communications had been providing us at no cost to run the Happy Hacker \par
majordomo. The intruder erased the system files and sent email to the owners \par
threatening worse mayhem if they didn't cave in and boot us off. The \par
attackers also wiped the system files from a computer at the University of \par
Texas at El Paso that I was using for research, and sent threats to all \par
email addresses on that box. The attacker called himself GALF. It was not \par
the first or last time that GALF has struck Happy Hacker. \par
 \tab Damaged computers, threats, extortion, blackmail. That's life around here. \par
After awhile it gets kinda boring, yawn -- just kidding. \par
\par
********************************************************* \par
Newbie note: In case you are wondering whether you can get killed in one of \par
these battles, I have found no reports, not even rumors, of any hacker war \par
murders. These guys only kill people by accident as a side effect of their \par
digital mayhem. Like sending an ambulance that could save a dying child to \par
the home of an Internet freedom fighter instead. However, if someone should \par
threaten to kill you, you should report it and any associated computer \par
attacks. Despite what you may hear, those of us hackers who are not computer \par
criminals cooperate enthusiastically with law enforcement. \par
********************************************************* \par
\par
\par
How to Get into a Hacker War \par
\par
 "I want to fight in a hacker war. How do I get in?" \par
 I get email like this all the time. Many newbie hackers long for my \par
frequent experiences of being attacked by a talented gang of computer \par
criminals. The excitement! The opportunity to go mano a mano with bad dudes \par
and prove you are better than them! \par
 \tab There is some truth to this view. To be honest, I get a thrill fighting \par
those criminals -- using legal tactics, of course. Believe me, if we catch \par
the Succeed.net attackers, you will hear about it. But before you make the \par
decision to join us freedom fighters, count up the cost. It isn't always \par
fun. \par
 \tab But I've stood up to them. And, shoot, I'm just an old lady. So if you want to attract a hacker war, and believe you are as tough or tougher than me, be my guest. But before you start provoking attacks, please wait for me to get \par
out the next two parts of this Information Warfare series, so you can learn \par
how to repair your credit rating and recover from other digital disasters. \par
You'll find plenty of things in the next Guides in this series that will \par
help you survive even the most determined hacker war. Even the kind of war \par
that attempts to steal all you own, wipe out your identity, and threaten the \par
lives of your family. \par
 \tab So just how do you get into a hacker war? The easiest way is to attend a \par
hacker convention. There are all sorts of twisted people at these things, \par
kind of like the bar scene in Star Wars. "He said, he doesn't like the way \par
you look." If you fail to grovel and suck up to those d00dz, or, worse yet, \par
tell them firmly that you favor freedom of speech, or even worse yet, make \par
fun of them for being cybernazis, you can be in for lots of excitement. \par
\par
\par
How to Keep from Getting Caught -- NOT! \par
\par
 \tab So you want to be the attacker in a hacker war? So you think you can keep \par
from getting caught? According to jericho, writing in his "F***ed Up College \par
Kids" ezine, "You have media whores like Carolyn Meinel trying to teach \par
people to hack, writing guides to hacking full of f***ups. Telling these \par
people what to do, but not giving them enough information to adequately \par
protect themselves." \par
 \tab I agree with jericho, if you decide to become a computer criminal in a \par
hacker war, I'm not talented enough to teach you how to keep from getting \par
caught. \par
 \tab In fact, no one can teach you how to keep from getting caught. I'll tell \par
you exactly why, too. \par
 \tab At a Def Con V panel I hosted (Las Vegas, July 1997), jericho boasted "When I break in, I close the doors behind me." He makes a big deal about how \par
hackers can keep from getting busted by deleting or modifying log files. \par
Yeah. Right. Not! \par
 \tab Let me tell you the REAL story about what happens when hackers think they \par
are covering their tracks. Sure, an ordinary sysadmin can't restore a \par
deleted file on a Unix system. But there are people out there with the \par
technology to restore deleted files -- even files that have been overwritten \par
hundred of times. They can restore them regardless of operating system. \par
There are people out there who can extract everything that has been on a \par
hard disk for the last several months -- or years. I know those people. I \par
arrange for them to read those hard disks. Guess who's toast:):):) \par
 \tab Then there is surveillance. Some 31337 haxor is sitting at his box raising \par
hell and "closing doors after him." What he doesn't know is that thanks to a \par
court order inspired by his boasts, someone is sitting in a van a hundred \par
yards away -- picking up every keystroke. Van Eck radiation, luser. Or \par
picking up the signals that run down the power cord of your computer. Ever \par
heard of Tempest? \par
 \tab Even if the cybercrime detective doesn't have all this high-tech hardware \par
on hand, the history of hacker crime shows that criminals will talk in \par
exchange for lenient sentencing. Commit one easy-to-prove federal felony, \par
let's say posting someone's stolen email on one's public ftp server (who do \par
we know who has done this?), and the Feds have lots of bargaining power \par
against him. \par
 \tab So even if I wanted to help people become ubercriminals, I can't. Not \par
because I don't know how. Because there is no way. The 31337 d00dz who tell \par
you otherwise are seriously ignorant. \par
 \tab I predict the Succeed.net attackers are will wind up in jail. Soon. Perhaps not for that crime. But their days of freedom are numbered. It is only a \par
matter of picking which of their many crimes will hold up best in court, and \par
who will give evidence against whom. Time to study game theory -- can you \par
say "prisoners' dilemma," wannabe ubercriminals? Who's the narc? \par
 \tab "But, but," I can hear the Super Duper computer criminals sputtering. "My \par
buddies and I break the law all the time and we've never been busted. OK, \par
OK, my other buddy got busted, but he was lame." \par
 \tab It's just a matter of time. They need to go straight before their number is up. Or make the decision to obtain their "get out of jail free" cards by \par
informing on their gang before their day of doom comes up. They have much \par
better bargaining power if they make a deal before arrest. \par
******************************************************** \par
If you happen to be a cybernazi who is having second thoughts, and would \par
like help making a deal with the authorities, please contact me anonymously \par
using my pgp key: \par
-----BEGIN PGP PUBLIC KEY BLOCK----- \par
Version: PGP for Personal Privacy 5.0 \par
mQENAzRWYacAAAEIALYjWhzd8qO/MteFrb2p9SsY5GHdFAxT7R1M4X/jt5Nd/VKR \par
qCJoS4F/kQ6NwsM/mopjd4yVunxvs4QUK7eZ5A2rZuEps4EadXwwBPI63RfHci5o \par
BiXs9fGYtpTx7bv9dJE/Z9tved8s24asib06vLDqzyCFDXrRoYLO8PwEmifwWVWW \par
OL+5Th45m6cirXuwi1Idjy66AZwt8ARFnns5FA5OCb82NW54RsFKbKR2u2wUfT72 \par
rRJg0ICt/WtZdr2dBccXEgp1232s5rgwiRvqmGjMOruUDfU2nNHH3pOk8JrefIXl \par
dwV0yjErb7wcecCFIrHfQKcxVoNXHlgJ6afePjcABRG0J0Nhcm9seW4gTWVpbmVs \par
IDxjbWVpbmVsQHRlY2hicm9rZXIuY29tPokBFQMFEDRWYaceWAnpp94+NwEB9bsH \par
/ilWgT2ix3B79UFfrjSE9EYCjKh1CWiIGMohdjjmV8Q3lSJIoikPtUZNak4lBTh/ \par
wuD5ea0DZuoDe6i4EagBmRgTCvATXQqD74XtNSZSPhIQMOytJUJLlmuAnDEm96XS \par
30xguSFrXNjHYS19prE1yi2vQe/PJ7/K1QQwy725hjI5fnq4TnldxloaESNvurKh \par
Mc3GwQWF1JmpaFup3+hrEwUxcQ2PJn3xkgcjKkj1x7emDIGLCgF1RIJDLM63Q5Ju \par
bCqodumjX0pe8kHL3tRaDux+eAZ4ZD73HvF4lYi7QLKGDwX1Vv9fmbJH4tCqo3pq \par
RBhG32XmkTuDe0EExdSET+w= \par
=09hD \par
-----END PGP PUBLIC KEY BLOCK----- \par
************************************************************ \par
\par
\par
\par
\par
How to Protect yourself in a Hacker War \par
\par
 What, you don't find getting caught up in a hacker war immensely \par
entertaining? You don't want to be the innocent bystander caught in the \par
crossfire of an rm command? Here are a few rules that can help you. But \par
remember, these are only the most basic of protections. We'll cover the \par
industrial-strength techniques in later Guides in this series, as well as \par
how to catch the culprits. \par
\par
Top Ten Beginner Defenses in Hacker Wars \par
\par
10) Backup, backup, backup. \par
9) Assume anything is being sniffed, unless protected by strong encryption. \par
8) Assume your phone is tapped. \par
7) Never, never, ever telnet into your shell account. Use Secure Shell \par
instead. \par
6) Pick a good password. It should be long, not a name or a word from a \par
dictionary, and should include numbers and/or characters such as !@#$%^&*. \par
If you use a computer where others have physical access to it, don't write \par
your password on anything. \par
5) This applies to shell accounts: assume your attacker will get root \par
control anyhow, so your password won't do you any good. That means you \par
should encrypt any files you don't want to have passed around, and send your \par
shell history files to /dev/null each time you log out. \par
4) Do you use the Pine or Elm email programs? Don't keep email addresses in \par
your shell account. Your saved mail files are a good place for cybernazis to \par
find email addresses and send out threatening and obscene messages to them. \par
GALF specializes in this tactic. \par
3) Regularly patrol your Web site. You never know when it may sprout rude \par
body parts or naughty words. Preferably use a Web server hosted on a \par
computer system dedicated to nothing but Web sites. Best of all, use a MacOS \par
web server. \par
2)Disable Java on your Web browser. Don't even *think* of using ActiveX or \par
Internet Explorer. \par
And, the number one defense: \par
1) Join us Internet freedom fighters. It will take many of us to win the \par
battle against those who want to pick and choose whose voices will be heard \par
on the Internet. \par
\par
  \par
\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\'00\par
}