... have i told, you lately, that i love you, secret squirrel? ... ,ab da, ,ab da, ,ab'` 'dab'` 'da, ,ab'` 'da$$$.. $$$ab'` 'da$$$: $$$ab'` 'da$$$: $$$: $$$ $$$: `""""""' $$$$$::: `""^%.,g#7$$$$: °$$$$$: $$$: $$$ `""""^%gHHHg.`"""^&^"""^%ghh77' `""""'' '$$$$$: $$$: $$$ .ggg. $$$$$: .gghgg. $$$$$: .ggghh. $$$$$>> $$$: $$$ $$$: $$$$$: $$$$$: $$$$$: $$$$$: $$$$$: $$$: $$$ $$$: $$$$$: °$$$$$: $$$$$: $$$$$: $$$$$: $$$: $$$ $$$: $$$$$: $$$$$: $$$$$>> ¬¼"`` ``"È$: $$$: $$$ $$$>> $$$$$: $$$$$: $$$$$: l anarkzznOn l: $$$: $$$ $$$: $$$$$: $$$$$>> $$$$$: $»,.. ..,ɬ: $$$>> $$$ $$$: $$$$$: $$$$$: $$$$$: $$$$$: $$$$$: $$$: $$$ $$$: $$$$$: $$$$$: $$$$$: $$$$$: $$$$$: $$$: $$$ :: :::: $$$::: $$$$$:: :$$$$$: ::$$$$$::: $$$$$: ::$$$$$:: :$$$:: :$$$ ::: :: $$$:` `"""""""^%$$$$$: $$$$$: $$$$$: $$$$$: $$$: °$$$ $$$: .gggaa: $$$$$: °$$$$$: `"""""""""""""""' ggg. :$$$ ``"Ó%g³$$$$b: `"$$$: ``777"ýý%%ýý"777 .sysfail12$$$³g%½"'' `Ó*f_ `"ýý%%ýý"' `"ýý%%ýý"' _f*½` ` ÄÄ ..>> systemfailure#12 <<.. ÄÄ ' sys#12. anarchist noname .----------------------------------------------------------------------------. | System Failure: Issue #12 | `----------------------------------------------------------------------------' Yeah yeah, so I'm late getting the issue out. What else is new? Sorry for the delay in releasing this issue, I've been busy with school-type stuff like finals and such. But hey, now that I'm finished with high school, I can sit in my room all day and devote ALL my time to System Failure! Well, maybe not. Anyway, this is our one-year anniversary issue; the group was started a year ago on May 3rd, so like, happy anniversary to us, dammit!@# Speaking of holiday-type stuff, happy birthday to Infinite Zero too, whose birthday is this weekend. Thanks once again to Anarchist for the opening ascii (what would we ever do without you?). Look for a big site update in a few days (after I've finished with graduation and had time to chill). Enjoy the issue! --Logic Box [6/3/98] .----------------------------------------------------------------------------. | http://www.sysfail.org/ | | [sysfail@syfail.org] | `----------------------------------------------------------------------------' .----------------------------------------------------------------------------. | CONTENTS | | SysInfoTrade by SysFail Staff | | The History of System Failure by Logic Box | | Milw0rm Hacks Nuclear Site: An Interview With J.F. by Pinguino | | Advanced Looting and Trashing by Mr. Sonik | | Kids and Violence Today by Saint skullY the Dazed | | Bypassing Your Friendly Neighborhood Firewall by Duncan | | Messing With Cell Sites by Skitso | | Reading and Understanding the Assignment Area from A "T" Order by FoneMan | `----------------------------------------------------------------------------' <-------+ | SysInfoTrade +----------------> staff@sysfail.org --Pinguino's cat Linenoise is the new System Failure mascot. Go look at his page at http://www.leper.org/~linenoise/ ... you can e-mail him at kitten@linenoise.org (courtesy of Alienphreak and JF). --A girl in Fallbrook, CA by the name of Mary Kait Durkee refused to say the pledge during history class. She claims to not believe in God, thinks that society is violent, and the government corrupt. She refuses to show respect to a pledge with whose beliefs she didn't believe in. After being sent to detention, she contacted the ACLU and are fighting for her first amendment rights. They're suing her school. --The goldmine of webpage information sources is at www.webproforum.com, sponsored by the IEC (International Engineering Consortium). With online tutorials by companies such as Nortel, Sun, Lucent, HP, AT&T, and BellSouth, they cover topics such as radio telephony, ss7, pcs, programmable switching, ATM, cable modems, net security, and so much more. The main page at www.iec.com lists major technology conventions and other interesting topics. --E3 was last weekend, and Sega announced a console that will outdo current game consoles. Dreamcast. It runs on Windows CE, has a 200MHZ chip, and 64 audio channels. The new improvements are courtesy of Yamaha, Hitachi, Microsoft, and NEC. [Editor's Note: BAH! Fuck Sega!] --milw0rm has been VERY active recently.. http://www.hektik.com/hacked/ shows before/after of all of their recent webpage hacks. --Saint skullY is starting a new project called Open Linux Standard Distribution (OpenLSD). Basically, he's gonna combine the OpenBSD source tree with the Linux kernel. For more info or to help, go to http://www.openlsd.org/ or e-mail skully@openlsd.org. --April 1998- MOD is apparently still quite active and hitting the news with their recent breakin and theft of Defense Information Systems Network Equipment Manager (DEM). That long phrase is just a piece of software used for tracking and communication with submarines. The DOD claims that the program is unclassified. An interview between Wired and a 24-year old Russian member claimed a different side of the story. "We could launch the DEM program using the DISA systems as a trusted gateway, thus gaining very important router/repeater information about the DISA," he said. "We could then either reconfigure/shut down the equipment, or attempt to compromise it to change routes through systems we 'own,' then sniff from the owned DISA boxes," he said, describing a process of setting an invisible recorder to capture keystrokes or network traffic on a system." "Our goals are to demonstrate the power of 15 or so individuals over large organizations, through publicizing break-ins and data retrieved," he said. --May 18, 1998 -- BEEPLESS! (submitted by Kaeiri) Today over a million people lost their pager service due to a "satellite spinning out of control". PageNET, Airtouch, and other pager companies were affected, including MY pager! Damn satellite control centers. Important resources like hospitals/doctors, fire departments, police, etc lost their critical paging protocol. Police report there was a lowered rate in drug deals because of narcotics dealers losing their ever-used paging (and cellular? being investigated) needs. The newspapers report that service will be back up by tommorrow morning, and they are investigating longterm effects and damages. Check out http://www.pagemart.com/satellite.htm for more info. --Checkout www.linenoise.org ..active (is that my word of the day or something?!@$) web board where you can network with people in your area, and a nice collection of textfiles.. soon they will offer every issue of System Failure as well. =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- The History of System Failure by Logic Box (logic@sysfail.org) =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Contrary to what some people may think, System Failure was never an organized project to begin with. The zine--and the group--was born on May 3rd, 1998, in Cupertino, California. I had met Pinguino on IRC a couple of weeks earlier. After seeing a particularly elaborate graphic that she'd drawn for someone's webpage, I followed the accompanying link to www.penguinpalace.com--Penguin Palace Multimedia. I read a bit about the history of the company, about the things they did, the places they'd been, and an in-depth history of a very amazing girl named Joyce Kolb--or, as most of us know her, Pinguino. I was very impressed with her website, and what I knew about her. I'd seen her in #rock on IRC for awhile, but I'd never really bothered to talk to her. I saw #peng mentioned on penguinpalace.com, and decided to go there and check things out. I talked to Pinguino for awhile, and started hanging out in #peng a lot. Pinguino and I became friends pretty fast; she even sent me cookies and stuff for my birthday. :) A couple weeks after I'd started hanging out there, I saw Pinguino talking to someone about a trip to the San Jose area that she was making on the next weekend. Seeing as how I live in the San Jose area, I thought it might be pretty cool to meet her. So, I grabbed my good friend Darkcactus and we headed over to DeAnza Community College, where she was helping her friend Mr. Frost out with an anti-gun thing called TAG (Tuffmen Against Guns) at DeAnza's monthly expo-type thing. After walking around the expo for a couple hours, we eventually met up with Pinguino, Mr. Frost, and his girlfriend Gerry. Me, Ping, and DC walked around the college campus for a while and talked about various things. We found out that she planned to move to Denver, Colorado in the next two weeks. We went back to Mr. Frost's house to chill for awhile, and watched Pinguino dewdle. After sitting on our asses for an hour or so, we decided we were hungry, so the three of us (me, Ping, and DC) went out to eat at a pizzeria down the street called Gumba's. Over lunch, we talked about Penguin Palace and the various projects she had going. One, she said, was a H/P-themed electronic zine that touched a bit on social issues and the like. Originally conceived to act as a sort of replacement for the recently-retired PLA (with which I had been--and still am--heavily involved), she called this project System Failure. She wanted to associate a tight-knit group with it that would grow over time, and she asked me to head the project, with Darkcactus as my second-in-command. Since the retirement of PLA, Kenshiro Cochrane and I had been throwing around the idea of starting our own zine. Remembering this, I asked her if he could be involved with this project as well. She knew him from IRC too, and said yes. System Failure was born. We spent the next few days planning out the layout of the zine and the website. We also drew up a detailed list of membership acceptance guidelines, which would be made known only to members of the group. After a few more days of hanging out, we said goodbye to Pinguino, and she went home to San Diego. I thought the project over. I was excited at the idea of starting a zine, and maybe--just maybe--having it be a huge success. I had no clue how big of a following we would get. Boy, was I surprised. The first issue released in late June, with the second issue--and the website--going up the day before Darkcactus and I left for DefCon 5. We hooked up with Pinguino once again at DefCon, and managed to pull off a pretty successful showing with our booth and all (I'd call radio coverage, TV coverage, and the fact that a newspaper reporter took us trashing a pretty successful showing, wouldn't you?). The zine grew over the next few months. While it was difficult at first to get people to submit enough articles (I made a rule never to publish without at least seven articles), it became easier as time progressed. The group also grew steadily. I knew from day one that Saint skullY and Mr. Sonik, my longtime friends from Oregon, would be members of System Failure in time. Spee was a pretty unexpected--but worthwhile--addition. Though Darkcactus is a good friend to all of us, he left the group in April of 1998, due to lack of interest (he just isn't the writing type). Months passed, the zine grew, we all had our ups and downs, and Pinguino eventually relocated to Texas. She came to visit in February of 1998 for a month, and we began planning for DefCon 6 (we've got some cool stuff planned too). I've become very close to her in the year that I've known her, and she has managed to convey a very strong "family" feeling among the members of the group. Unlike a lot of huge groups you see out there every day, System Failure is not just a ragtag band of like-minded people who are in a group for name recognition--we are a group of very close friends (this is why we're so selective of our members--and why we have so few compared to other groups). And now, a year has passed. A year since I met Pinguino--who, in that short time, has become my best friend. A year since System Failure was started--the group, the zine, the following. A new year begins here. We never could have made it this far if it had not been for our readers, and our contributors. While I am grateful to each and every one of you, extra-special thanks goes to these people: Anarchist (practically all the opening asciis we've ever had) BarKode (all your support and the stuff you've done for us) JF (yours and Milw0rm's support) Junk (your criticism and publicity) Mr. Frost (one of the biggest moral supporters we've got) Muerte (lots of moral support) Pesto (for helping us when things aren't going too good) RedBoxChiliPepper and Colleen Card (we wouldn't be here if it weren't for you) Velocity (your criticism, your support, and just being really fucking cool) =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Milw0rm Hacks Nuclear Site: An Interview With J.F. by Pinguino (pinguino@sysfail.org) =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Ping: J.F... of Milw0rm.. where did you guys come up with that name? J.F.: Well, it was a joke really... hehe. We wanted something funny, yet topical on the military side of things, as that's what we planned to do. We act as a trojan "worm" within the military.. not just US military but other military, such as India. :) Ping: Milw0rm is an international group.. with members in which countries? J.F.: 2 in UK, 2 in US, 1 in NL (Netherlands), 1 in NZ (New Zeland). Ping: Describe your recent break-in with the Indian nuclear facility. J.F.: Well...it was easy, lame security, it's funny because they had their internal LAN connected up to the internet without a firewall or anything. The motd said - PLEASE DO NOT TURN OFF MACHINES AFTER USE.. hahaha.. lame ass fucks.. and we gained sensitive data regarding the recent nuclear test by India. Ping: Why do you think they were so lax in security? Ignorance? J.F.: Probably didn't realize, perhaps they couldn't afford it? Who knows. Ping: Do you think your act will spur similar instillations to secure their systems? Not only in India, but in other nations? J.F.: Well it had better, because Pakistan WILL be owned.. that's a promise. Ping: Are you now on a crusade to show the truth to the world about nuclear threats, or something different? J.F.: Basically, we are against all this nuclear shit, what's the point? We want peace, not war, and surely the only use of nuclear weapons is for war. We want to uncover details of these tests and prove that nothing is safe, and we will do that. We have already started work and scanned everything, madly... we will expose more. Ping: For the most part the general population feels "safe," with no threat of nuclear war anytime soon. Is your hacking a demonstration to show that there is a threat? Or are you actively deleting files that will hinder the testing and research of these deadly weapons? J.F.: Well... I haven't personally deleted any files, although I know one member of Milw0rm did wipe out several subnets on their server (not a good idea). What I am basically showing is.... that DATA IS NOT SAFE, it should not be kept on a server which is accessible from the internet. If I was an international terrorist I could cause A LOT of trouble, but I'm not. But seriosuly, the info I have is nothing to be joked with, it's mad info which does NOT need to fall into the wrong hands. Ping: Kinda funny that its people like you that these corporations are afraid of. What would you recommend to these companies to prevent similar attacks? J.F.: I would tell them to stop putting sensitive dox on networks that can be accessible from the internet, it's dumb and should be stopped. I would also patch a hell of a lot on their server. Ping: Has the Indian site responded in any way yet? Notices on their webpage or anything? What's the URL anyway? J.F.: They have patched it, but I have still got access to their server (I'm on it now, BTW). The URL is http://www.barc.ernet.in/ Ping: Has Milw0rm decided what they want to do with the information obtained from that particular site? J.F.: We are playing it by ear, gaining more info, seeing what happens. We have not yet found out India's reaction to what has happened.. as far as I know they were unavailable to comment. Ping: Do they realize how much information you guys have, or just think that their webpage was hacked (in your estimation)? J.F.: They think it's a webpage hack... but they know more. They just don't know the extrent. J.F.: Here's a quote by Peter Neumann, a critical infrastructure and security expert with SRI International: he said that the three teens weren't as much of a threat as terrorists, but that India was "way behind" America in terms of security. HOW THE FUCK DOES THIS G1MP KNOW WE AREN'T TERRORISTS?? They are treating us like "dumb kids" but how does he know we don't work for a terrorist organization? Although, we don't, it shows how easy it is to own this sort of thing. It's stupid and people like Peter Neumann should NOT say things like that without knowing the TRUE extent of what we have. That really annoys me, I just saw that and he talked about our hack and the info we pull.. .it just goes to show how clueless they all are.... Ping: No kidding.. he assumes that since the media thus far has called you "kids," that you work alone. People shouldn't assume things when many lives could be at risk. J.F.: We have information realting to ALL the tests, detailed intrinsic reports, everything.... Ping: With that sort of information, what *could* Milw0rm do? On its own, without selling the information to anyone.. hypothetically. J.F.: Unless we wanted to declare our own war, nothing really. We could only use the information to work with others, but that would start a war and that's not what we want. This is a demonstration to show how easy it is to do this. We could, in theory, start a nuclear war. We know the exact limitations of India's nuclear weapons from their test results.... this could easily be exploited. We do NOT want this information to get into the wrong hands, which is why it should be taken off... it's crazy and it makes me angry. :/ Ping: Right... I'm sure that governments have their own private staff that tries to accomplish what you guys did in under 20 minutes. J.F.: It took us about 10 minutes to root the server (maybe less) and then we just pulled the dox. So why don't they fix it? Stupid fools. Ping: They prolly didn't know it was broken. =) J.F.: Probably not...hehe.. J.F.: A VERY HAPPY 1ST YEAR ANIVERSARY TO SYSFAIL!#@! I LUB J00 ALL... and I hope to see you all at DefCon. I just gotta raise some more cash (if anyone wants to donate...tell me!#@!). LATERS Y'ALL! =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Advanced Looting and Trashing by Mr. Sonik (sonik@sysfail.org) =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- By now you have probably seen plenty of articles on trashing and looting for anything from free food to eleet telco warez. That's the problem--I have read plenty of articles and consider myself an expert on this topic, and I've decided to give some good ideas and info to help you make the most of your time. I have spent many hours of my time reading docs about trashing before accually trying it; I have had to throw most of the knowledge away that I have gained through reading, simply because it's nothing like some people say it is. My first trip to the telco yard was a waste; I listened to an article that said things like "make your trip fast" and "get things that are easy to grab." Bullshit, if you want to get somthing neato you're gonna have to look hard and take a little time to make your trip worth going on. First off, let's look at a list of things to take with you on your trip. 1. A police scanner is a must; since my favorite telco lot is just near the edge of city limits, I put the police and sheriff in one empty memory bank and scan between the two of them. I also have an earphone so that I don't have to have the scanner blaring away and giving me away to any concerned citizens or security. 2. Some nice black clothes and a black hat. This is wise because you're going to be out at night (most likley). Make sure that you have plenty of pockets for your scanner, a flashlight, wire cutters for barbed wire, and some other tools like mace or whatever makes you feel safe. Make sure you can get to these tools quickly in case you have to take some evasive action. 3. A duffle bag or a backpack. I prefer a backpack beacause it's easier to run with it on compared to a duffle bag, but that is my own personal preference. 4. Tools. Some of the things I like to take with me are a good heavy duty flashlight. I like the little mag lights that take two "AA" cells; these lights are around $12 and are waterproof and very durable. I'm sure you could use it to break a window, and they come with a spare bulb. The batteries seem to last longer than the "AAA" cell lights and they are a tad brighter, plus they are small enough to fit in your back pocket. Another tool I may invest in is a slim jim to open car doors without breaking windows out. I also like to have some good sharp side cutter pliers that are capable of cutting chain link fence and barbed wire. The last thing that may be handy is some 18-inch handle bolt cutters. These work great on padlocks, but require a little more muscle than the longer-handled ones; they fit in a backpack easily and are about $30 at a local hardware store like Home Depot. Although the bolt cutters are handy, they are certainly not required, and you may choose to leave them behind because of their weight. It's your call. 5. Now for some things that you should absolutely _not_ take with you. A laptop computer, your mother, noisy key/wallet chains, your pet rock, dog, cat, frog, etc. And definitely not that noisy-ass motherfucker down the street, or anyone you can't trust. Okay, now that you have a starting point of what to pack, here's what to do when you get there. First, scope the place out a time or two. I reccomend going on a couple of different scouting trips at different times of the night to see if there are any security guards there or maintenance crews of 24-hour staff people. While you're there, take note of the different entrance and exit points that you think are fairly secluded and easy to use. If you have to take the fence apart, try not to break it; use your cutters as a last resort. Remember, the less tracks you leave, the better. I like to bend the corner of the fence apart and crawl underneath it whenever possible. If the fence has fat holes in the chainlink (like my local telco yard) that is easy to climb, go for it. Remember never to break the golden rule of silence--if you make noise trying to climb a fence, then you might as well go home. You may feel stupid trying to be like a ninja or some sniper-type shit, but it pays off. Once you have the place scoped and can get in and out easily, here's what to look for. Dumpsters: these have more often than not payed for a trip to the yard for me. I have found ANI, loop information, employee numbers, old interoffice memos, and other interesting shit like instruction books to handsets and whatnot. Trucks: Once you have trashed a little, you may want to get some neato tools and equipment from the trucks. When breaking into trucks, look for toolbelts and toolboxes that may have neat stuff in them. All the toolbelts I have seen are fully loaded with tools and sometimes a handset clipped to them. Also keep an eye out for little yellow plastic boxes with shoulder straps and little black cloth pouches. The bigger yellow boxes are usually loop testers, which can do all kinds of neat shit. If you're extremely lucky, you can get a DOS terminal box. These have VT100 terminal emulators and all kinds of neat telco info on them. I have never found one, just the instruction booklet to it. Also, some of the most important things you can get are papers of any kind from the trucks. Just go apeshit and load up on them; you can sort through them later. Once, I had to take a very large pair of cable cutters to cut the fence apart to escape with. :) I only recomend staying a maximum amount of 20-25 minutes per trip. I usually grab stuff that looks neat or expensive, but remember to only take what you can carry. Some other places to go looting besides telco yards are local electronics stores, computer stores, and large chain stores like Office Max and Office Depot. I have found a discarded printer, monitor, and serial cables as well as a shitload of cd jewel cases and a desk pen and pencil holder with minor damage to it. I also found two PS/2 bus mice for a Compaq, and a software install disk for a IBM Thinkpad. I have heard of non-working computer systems thrown away that need only minor repairs. I reccomend trying to find out what day the trash is picked up at your target store and looting on that day or the day before for maximum profits. If you have any suggestions, feel free to contact me. =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Kids and Violence Today by Saint skullY the Dazed (skully@sysfail.org) =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- It's happened again. Another kid went on a rampage with a gun. The other times it happened, I wasn't too concerned. They were all thousands of miles from me. What makes this time different? I live only 15 minutes from the school where it happened. This time, it wasn't at some school I had never heard of. It wasn't some distant town I probably would never visit. When it happens at a school in the next town, you sit up and take notice. You wonder how it could happen in your town. Well, if it can happen here, it can happen anywhere. As you may or may not know, the school I'm taking about is Thurston High School in Springfield, OR. Thurston had never had much violence. It didn't fit the profile of a school infested with gangs. It was closer to a school of the 50s then a school of the 90s. Yet it happened there. You may be wondering what can be done about this problem. Well, the solution is not easy. I'm sure that because of this, there will be another big push for gun control. Because of this, I'm sure there will be a push for limits on your free speech (banning of heavy metal music, violence on TV and movies, etc). We must not fall into that trap. Because despite what people may tell you, music, TV, and movies are not to blame for violence. Rather, the parents of the children who are violent should be blamed. Would you be willing to give up your right to listen to whatever music you like? How about watching what you want to watch? Even for a cause so noble as helping children, I don't think that censorship is the answer. Rather, I think that parents need to take the time to supervise their children. They need to know what their kids are watching, what music they choose to listen to, and be frank and earnest when their kids have questions. The kids in Kentucky who shot at their classmates after pulling the fire alarm thought they were playing a game. They didn't have an understanding that death is permanent. Had their parents took the time to not only show them how to fire a gun, but also how to safely handle the gun, and what to shoot and what not to shoot, the tragedy in Kentucky may have been avoided. Had the student in Springfield been better supervised by his parents, he may not have killed two classmates, his own parents, and wounded 20 others. The student in Springfield had been voted most likely to start World War III. Should he have been considered violent? Yes. Does it look like this is something that started long before he was a freshman? Yes. In short, violence is something that grows and builds, not something that's sparked instantly. So if you're a parent, please supervise your kids, take an active part in their lives, help them grow up to be a good person. If you're an older sibling, help your parents bring your younger siblings up right. And if you have no siblings, or they are all already grown up, please remember this for when (if) you have kids of your own. If for no other reason, the please think about yourself and how embarrassed you'd be if a massacre happened because of your child. But hopefully it will be because you want to avoid a massacre like that, period. Addendum -------- The last part was written the same day the shootings took place. Now, a week later when the facts have come out, and everyone has had time to calm down, let's straighten out some things I said earlier. I chose to leave the above in place to show what happens when you let your emotions guide you rather than think things through. It turns out that the Kinkles were trying to help Kip and were trying to figure out how to best help their son. The paper recently announced that Kip's father had called about enlisting his son in the National Guard. Kip had a longtime interest in guns and violence, and in an attempt to dissuade the unhealthy interest he had (guns seemed to be his life) his parents bought him a gun and taught him to use it responsibly. There is nothing wrong with learning to handle guns properly. However, Kip was mentally disturbed, and even if his parents had not bought him the gun, he would probably have still committed the massacre. So, how do we avoid things like this? The short answer: we don't. The long answer: there are many answers. Some suggest guns, some suggest violence on TV/movies. However, I don't think either of those are at cause. It is a tough decision, and I'm not exactly sure what my own opinion is. One theory I've heard put forward that I agree with is that there are too many bullshit rules in schools, and not enough common sense issues. One example, is that I got reprimanded for having a pager, supposedly because it could disrupt class, yet I could walk in wearing just enough clothes to cover myself without getting arrested for indecent exposure, and nothing would be said. Maybe teachers should use a little common sense and recognize that I have a pager for work and not for dealing drugs. Or maybe kids should just fight every so often to release all the frustration, where the worst that happens is they walk around a couple weeks with a black eye and a few bruises (assuming no weapons were used), rather then the frustration building up and finally getting released via a gun pointed at fellow students. At any rate, the answer to this is not going to be simple, and is not going to be quick. I have no doubt that there will be more shootings, and we may very well lose many of our rights due to knee-jerk reactions rather then those in power taking time to find a good fix and/or the people exercising their rights to contact their representatives. If you have any comments or responses to this, feel free to submit them to System Failure. Who knows, it may spark a huge debate and prompt me to set up a web board on sysfail.org. ;=) =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Bypassing Your Friendly Neighborhood Firewall by Duncan (duncan@arena.cwnet.com) =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Well, here you are, sitting at work, minding your own business when you up and decide to build yourself a Linux box. Why, you ask? Because, you have 8 840 meg hard drives, 3 computers, 2 monitors, 123 keyboards, and 52 some-odd mice sitting next to you, and more time than Death on your hands. Well, you build your Linux box and then you ask "What next?" Well, maybe your first thought is "Can I IRC from it?" Mine sure as hell was when I did it, and yours will be too. But after that, you say to yourself, "I have this Ethernet connection that goes to waste from the hours of 6pm to 4am". And this is of course wrong not to use this prime bandwidth, so, we embark upon the bypassing of your firewall, for reasons only attuned to causing large amounts of havoc to small groups of people on connections far less than yours. You may view firewalls as some prime example of network security that are set up by highly-paid network professionals like you and I hope to be. Well, my future hope is that I know more than the clueless dolts who thought that if they install it directly out of the box, it would work just like they want it to. Unfortunately, that is a little bit off from the truth. Firewall installations will allow for port 25 connections (STMP) and most connections over port 1024. System administrators will not see the need to block anything above that, as it can be used by servers for outbound port connections. Well, we can use this to our advantage. Port 25, on the other hand, is far more insidious, as it is the mail port of the machine, and allows outside mail delivery. The most obvious way to do this is to just redefine our portmapping scheme on our new Linux box (let's call it tequila). You have two choices here. You can edit your /etc/inet.conf file, and change : smtp stream tcp nowait root to smtp stream tcp nowait root /usr/sbin/tcpd in.telnetd That is a quick way to do it. That will make your STMP port (25) point to your newly bound telnet port. All you have to do is reload inetd.conf and kill your sendmail program. The second way, which is a bit more permanent, and a bit more risky (i.e., I did it the first way, so I recommend that more) is to modify your port settings in /etc/services. So: telnet 23/tcp to telnet 1100/tcp And now we have an open port on your new machine that will bypass your firewall at port 1100 that is linked to your telnet port. Again, you will have to kill your inetd and such, but you will leave your mail server, so you could receive mail on your new system that is not supposed to be there. That will, of course, work with ssh and everything else that you would like to have bypass the firewall (just to mention, sshd can be run at boot time with a different port other that the default port of 22). Dedicated to Tequila. You were the too young to go (if you know, you know why). =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Messing With Cell Sites by Skitso (skitso@teleport.com) =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Clyde works for AT&T. He also goes to my church, which means certain perks for me. He offered me a tour of the cell site "because I seem to have an unusual interest in phones" (heh) and the tour was pretty boring until he let me listen in on a few conversations and disconnect a few people. Then I realized, what if I could come back and do this anytime? Here's how. First line of defense: A fence. It _looks_ electric (it's not), and probably has barb wires along the top; if you're planning on coming back, throw something on the barb wire and climb over (if you cut it, they'll be sure to beef up the security). Second line of defense: Door lock. Fairly cheap one, pick it if you can, but if you can't, then drill it and never come back. :) Final defense: Silent alarm. It trips like the light in your refrigerator (and no, you can't just put your finger in it). Once inside, you've tripped the alarm, and the police are supposedly on the way; however, there should be something that looks like an electrical outlet, execpt with a keyhole. It will say "Tech on site" on/above it. Follow the wire comming out of this along to the wall to the "alarm" panel. Open it (pull really hard); there will be two vertical rows of metal prongs. Look for wires going to a set that has a label on it ('tech on site'). Connect these prongs with a paper clip or something, and that's it. The way this works is, if a technician comes in, he trips the alarm, and by turning the key, he sends a second (different) alarm signal that overrides the first. Once you're in, there should be some binders laying on a table; steal them all (logs, frequencies, manuals). There should also be a spectrum analyzer lying around (like a 50 lb. one); it seems to have a 386 processor built in, but I never got to mess with it much. Find where the coaxial cable comes in from the tower (hard to miss, its a 6''-1' diameter cable that hugs the ceiling). Follow it to where it enters the radio circuitry; there will be headphone jacks (the big ones). Either plug in the headphones and listen in, or find a homosexual headphone wire (I call it that because it's male on both sides), plug it in, and make a loop. Since you can't call out with the radio stuff, and it'd be a pain to beige that complex stuff, they hide a phone in the drawer of a desk. Just plug it in behind the desk and you're set. A few tips: ----------- * Don't worry about doing this around 2am, there are legit people that fix problems 24/7 (actually 2am would be best). * If there's a car/jeep/telco van parked _inside_ the big fence, come back another day. * If you're really paranoid (or can't override the alarm), just remember, it takes cops an average of 20-30 minutes to get there, so carry off all you can. * Remember, this info came from a Portland, OR cell site. Security may differ elsewhere. =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Reading and Understanding the Assignment Area from A "T" Order by FoneMan (e-mail staff@sysfail.org to contact) =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- In this article I'm going to show you how to read and understand the assignment area from a "T" order. First I'll blow up an example of an assignment area and then break it down into smaller portions so it's easier to understand. Let's have a look at the entire assignment area. ---ASGM G1 TN 708 304 1250 FA 520 SHORELY DR, BARINGTN, IL /LOC APT 101/RT 1005/RZ 13 IOE 01010-011-30/EXK 708 381/TN 708 304-1250/LPS/DF F10-04- 064C/OAB KAY G2 WC 708 381/CT IF1 /CA 25/PR 2324/DF F10-04-106V /PRQ N/BP G-W+V-BR/OPC BL-R+W- BL/TEA CP200 E NW HWY; EXJ /TPR 111613 RO ORD F004546723 DD 95-06- 12 IF2 /CA 200N/PR 126/BP 1/TEA IT 520 SHORELY DR; CIW Okay, now you're probably looking at that wondering what the hell it all means. The G1 area shows the phone number for the following cable and pair assignment. Yes, that's right, that TN stands for Telephone Number. Wow, it's that easy, FoneMan? Damn straight biznich. The FA part of the assignment contains the destination address. Obviously if the town name is too large they're going to abbreviate it like the example above. See, this isn't too hard. The G2 line is very important. The first part shows the wire center. Wow, there's another one of those acronyms. That's right, WC stands for Wire Center. Often the telco will refer to the WC as the EWO. If you see CT in the second part, that means it's a cut-through. Wow FoneMan, this shit is easy! The IF1 section gives details about the cable that leaves the CO. In this case, the new service leaves on cable 25, and pair 2324. This cable runs to a Cross Box at 200 E. Northwest Hightway (TEA). To connect this cable to the next leg of cable, the tech will connect the white-striped green wire (from the F1 cable) to the red-striped blue wire (of the F2 cable) and the brown-striped violet wire (F1) to the black-striped white wire (F2). Actually, this is already done in this case. You can tell by the EXJ (EXisting cross-connect Jumper) after the semicolon. The IF2 section tells the tale of the cable that left the cross-box headed for the customer. From this we can derive the cable name (/CA 200N/) the cable pair (/PR 126/) and terminal binding post (/BP 1/). We can also determine that it is an inside terminal (/TEA TI) and the terminal's address (520 SHORELY DR). The CIW at the end tells us that the inside wire is already connected. If IT is not shown, assume that the terminal is outside, common for single-family dwellings. In place of CIW you may find the following: PIW Place Inside Wire (not a CT) CDW Connected Drop Wire (a CT) PDW Place Drop Wire (not a CT) Well, that's pretty much it. I hope this article has helped you some. The person reading this should have a basic knowledge of phones to understand things such as cable, pair, wire center, etc. This is one of the few articles I write about phreaking, or anything for that matter, so enjoy. Peace out. =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Well, this marks the beginning of a new year for System Failure. We've done better than either Pinguino or I ever expected to, and we've come a long way from the small zine that was born in that pizzeria. Thanks to all our supporters and readers, and we hope you'll continue to read System Failure for many years to come! RAPE THE SYSTEM FAILURE =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-E-O-F-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-