-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- = = - WELCOME TO THE THIRD ISSUE OF - = = - -=>PHANTASY<=- - = = - A MONTHLY PUBLICATIOM AND NEWSLETTER OF - = = - THE - = INTERNATIONAL = - INFORMATION - = RETREIVAL = - GUILD - = = -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Volume Number One,Issue Number Three Dated 12/16/90 Table of Discontents: [1] Phone and Home Security By: The Mercenary. [2] An Insiders View of the Information Game By: Name Withheld by Request [3] "NAPALM" (The Ultimate Home Barbecue Starter) By: Knight Hack [4] Chlorine Bombs! By: Name Withheld by Request [5] PHANTASY TIDBITS [6] Listing of PHANTASY Distribution Sites [7] End of the Year Comments By: The I.I.R.G. OFFICIAL DISLAIMER... All information in PHANTASY is from USER contributed material The Publishers and Editors of PHANTASY and THE IIRG disclaim any liability from any damages of any type that the reader or user of such information contained within this newsletter may encounter from the use of said information. All files are brought to you for entertainment purposes only! PHANTASY is (C) 1990 by The IIRG IIRG and INTERNATIONAL INFORMATION RETREIVAL GUILD is (C) 1982 -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Section One: Phone and Home Security By: The Mercenary How Vulnerable are Hacker's to the threat of Electronic Invasion? Sources have speculated that during the last several years, more than 200,000 to 300,000 bugs have been planted in Homes,Businesses and by employers. Cheap bugs that will suffice for "Joe Shmoe" can be bought through catalogs for as low as $10.00 and up to $1000.00. These bugs only take seconds to install and if you think your "SAFE", please read this article. Now assuming that most people reading this article are one way or another connected with the computer underground, We'll look at the risk of each. 1. The Software Pirate: Your chances of being bugged are minimal, your main threat comes from not dealing with trustworthy contacts or balanced individuals. Most likely you will never be bugged with the possible exception of a Major Cracking Group. Most likely some jealous teenager will turn you in for a reward from the Software Publishers Association or similar organization. 2. The Hacker: Your Chances of being bugged are minimal to good, depending upon your proficiency and whose systems your tinkering with. If your hacking through a Network such as Telenet or similar node, you increase your chances of detection. Don't let anyone fool you, with the proper warrants they can trace you coast to coast in 8 to 10 minutes. 3. The Phreaker: Your chances of being bugged are good to excellent, I've never seen a phreaker who really gets too upset about it though. Most likely your being monitored by the company your "Borrowing" time and resources from. Phreakers are tolerated to an extent by communication companies because they are a GOOD Tax write-off. If what they put on there tax returns was the actual amount of time used by Phreakers, they would never have any legitimate users. But I'm digressing- Politics and Hacking just don't mix. Well, lets deal with sweeping your Computer Room first... Now for the average Hacker/Phreaker, you don't want to run out and buy a couple thousand dollars of anti-bug hardware. But these are some basic,simple things you can do to protect yourself. Federal Agencies seem to have a love affair with light-switches and electrical sockets,( Plus they don't think Civilians are intelligent ). Just unscrew your plates and look for a Bug wired across the switch (Or socket). In the case of a switch bug, it will be wired so that its active only when the lights are on (In most cases),an electrical socket bug will be always on. P.S.- Check your power strips too!!, These are parasitic bugs in that you are supplying the power to them and this is also a great place to hide them. A colleague of mine spent One whole afternoon reciting dirty-limericks to his light switch bug at college. Needless to say when he got back from classes the next day the bug was gone. (Guess the people investigating him had no sense of humor, or just didn't like his recording debut??) I've always advocated Cheap 1 piece phones, In that the mouthpiece can be unscrewed to place a bug in the handset, and by superglueing the body a parasitic bug cant be implanted into the phones circuit board. Also obtaining some "Void if removed" stickers and placing them across the cross sections is another wise idea. (Don't strictly count on them though,whatever you can buy..Big brother can too..) In this way I've secured my phone locally, and if tampered with a replacement will only cost me $10.00 to $20.00 dollars. If you must have a phone that can be unscrewed or Violated, follow these precautions. 1. Check the hand set for anything that is wired across the connections. This is an old method and is only used by amatuers nowdays. Most agencies replace the whole mouthpiece with a self-contained bug thats undetectable to the naked eye. 2. If you just bought your phone, save the schematics and take a polaroid of the circuit board. Compare these to your phone on a regular basis. 3. Place a scratch on the handset and mouthpiece cover thats barely visible, line this up at all times and look at it frequently. If they dont match up someones been in your phone! 4. Avoid all this hassle and buy a 1 piece phone! Another place to think about is your windows, Most hackers will go outside and visually inspect there windows two to three times a week. Look for a glob of epoxy or clear silicon with a bug placed inside the goop. This is a quick way for an agency to bug your room without actually entering it. Also direct sound surveillance and laser monitoring of window sound vibrations are a possibility. These are easily defeated by doing what the pentagon does, Place a boom box right up to the window and play it at a level just like you would normally. This masks basic conversation. ON A NOTE: Most Agents prefer a steady mix of music, I's suggest play a mix of Black Sabbath, Led Zeppelin,and Blue Oyster Cult. On Sundays please me mellow, a few Barry Manilow and Englebert tunes should send your benefactors off to la-la land very quickly. Desktop items such as trinkets,lamps,rolodexes are also a prime area for voice or keycap bugs. (A keycap bug is a bug that will monitor what keys on your typewriter or computer you are pressing) Just a good basic visual inspection will turn-up any of these or run a metal detector over plastic items. Your biggest and most damaging Item is your computer and modem, Check the internals frequently as well as your keyboard and desk itself. A parasitic bug can be easily placed in any of your computers or modems circuits in less than 10 minutes. External microwave monitoring of your computers CRT through a fiber-optic hole or window is a possibility. Monitor the room with a Microwave leakage detector available at Rat (Radio) Shack and you will know if this is being used. As for what to do if this happens to you, search your walls for a fiber hole or put up some curtains lined with aluminum foil. A normal spy vid-cam can also use a fiber hole, search the walls with a magnifying glass or just paint the walls heavily, frequently. Mini-tape recorders are most frequently used by private-dicks and reporters. These will usually be spliced into your phone cable or at your junction box. Search these for wired bugs and mini-tapes frequently. Most phone techs can be bribed very easily and will take you on a tour of your line to the box for a $20 or case of beer. If he refuses just increase the bid.. We've never had one refuse in this neck of the woods yet. Or if your more adventurous do it yourself, but read up on line-bugs or you'll skip right over one. Finding and avoiding bugs is just good plain common sense, if your lax and don't check, your vulnerable. On the other hand don't run out and do everything immediatly as if your bugged you'll draw undue attention to yourself. Never say anything when you do find a bug. either make up phony info to feed them (Disinformation isn't just a Govt. Practice) or make your location Sterile (Get rid of anything Damaging) Burn,Erase,Format and never leave the chance of Data Recovery (AKA-Norton Utils,PCTOOLS) and call in the Feds, Nothing like having them remove there own bugs. Then stay clean until your out of the "Lime-Light" Although most hackers like to make things sterile then recite useless babble to the bug. This of course tips your hand and the bug will disappear or the Suits will show up at the door. We discourage Phreaks from using this approach. as the evidence on you has probably been acumulated for some time. Well thats it for now, have a "silent" Holiday Season and from myself a Hearty Merry Christmas and a Happy New Year. Mercenary.... 12/10/90 -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Section Two: An Insiders View of the Information Game. From : Name withheld by Request Date : Fri Nov 30, 1990 An Insiders View of the Information Game. Did you ever wonder what happens when a computer system is hacked? Of course there is the anti-computer phobia of people destroying systems, but that is not the real danger that the F.B.I. or S.S. is worried about. The Electronic Spy Game is real and its in every city in the country. The U.S. is one of the most vulnerable countries because of the many different types of business's that are housed here. The one Business that we the Americans can say is most beneficial is the telephone communication industry. Many people know how to make boxes and many have heard of wiping phone bills, but there are folks out there that sell just about every piece of information the main computers house, including future stock sales. The folks who I refer to are not some kid who wants to call long distance for free. These are adults who sell unpublished numbers and sell a list of phone numbers going to any address. Going rate is 35 bucks for an unlisted number and up to 125 bucks for the list of numbers that called a number. The computer can tell who calls any number at any time. Example... If someone wanted to know who hacks a particular system, all the F.B.I. has to do is trap that number. Then a list of numbers of telephones calling that system has been hacked. The computer hangs on to the list for around 62 days before it is cycled. So if a breech of security has taken place a list of numbers is generated to see who called the system. This process takes as long as the speed of the printer. The next step is getting locations of the dialing systems. Then checking that against the list of people and systems with access to the system."Bang" a whopping 42 seconds later a list of all unauthorized calls is generated and that list includes a profile of the people making the call. By the way that profile system is in Chicago. There are a variety of things for sale on the insiders open market, just about anything that you can imagine. From the people who hack the Social Security system to stealing earnings histories, To the guy who sells the information out of the NCIC system. Yes they are real!, One was busted in California earlier this year. They are the real problem although the guys who found the way into the NYSE system now have a knife in the countries jugular. Hacking can be fun but please use restraint when going into systems, and also who you tell when you get in. If you tell the wrong person you may just end up in a trunk, with a guy named "Vito" laughing at dockside as you slowly sink to the bottom of a river. "JUST For PHUN?????" -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Phantasy Section Three: NAPALM!! (The Ultimate Barbeque Starter) By: Knight Hack Napalm is very simple to make,Basically all it is 1 part gasoline and 1 part soap. I realize some of you out there might not know what soap is, but thats the stuff you see in those silly little dishes over sinks. But heres how you make the stuff, 1. Get a double boiler, fill the bottom half with water and bring to a boil. 2. Remove from the stove and go outside with it. 3. Now place the top half over the boiling water. 4. Fill the top with very small amounts of gasoline 5. Allow it to heat as much as possible from the still hot water 6. Add 1 part Ivory soap flakes to the gas and stir until it thickens 7. (The flakes must melt or the concotion is useless) 8. Allow to cool, Pour into bottles, add a rag , light rag and throw! Some Notes: Heated gasoline is EXTREMELY DANGEROUS, make small batches to start and never smoke,have near an open flame,or anything that would cause a spark!!! This file is for the enlightenment of its readers and should only be tried by the knowledgeable chemist or hobbyist!! -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Phantasy Section Four: Chlorine Bombs By: Name Withheld by Request Chlorine Bomb #1 ------------------ Ok this is fairly simple, all you need is some sort of jar or bottle with a cap (I like 16 oz. - 2 liter plastic soda bottles the best, theyre the loudest). You also need maybe a tablespoon or two of granular pool chlorine, now this stuff is expensive, so I suggest stealing a 50lb. tub of it from someone with a pool, This is more then enough chlorine to meet anyones needs.. (I've been making these for 2 years out of the same half-tub of chlorine). Stealing it is the best, because a tub that size costs around $150 or $200 to buy... ( I think, Figuring that a 7lb bucket of the stuff runs about $35). Anyway, What you do, is take a clean, DRY bottle, and put the chlorine in it. (just pour it in). Ok now you need a little bit of soda ( I recommend Coca Cola , It seems to work the best). I put the Soda In a squeeze bottle like Dishwashing liquid soap, or pancake syrup come in, that way you can get it out fast. Ok heres the set up, You really need two people for this... one to Hold the bottle with the chlorine in it, and in the other hand hold the cap ready to put on HURRIEDLY. The Other person Squirts the Coke in, and as soon as he squirts in about a tablespoon (use your brain and estimate, dont measure, fools.) of soda, the other person must QUICKLY screw on the cap and throw the bomb, It will explode quickly... Allright, now this bomb is VERY loud, and when it explodes it makes Chlorine Gas (which is poisonous, so don't walk away after bomb just exploded, unless you LIKE poisonous gasses, and death.. that sort of thing...). It is also a defoliant (or something else produced in the reaction is.. ) So if you throw it on someones lawn, chances are there will be big swaths of dead grass left (at least thats what it did to my lawn...) One more thing, I suggest bending the bottle in the middle (like push one side in) before you add the soda, so that the person who is holding it knows that as soon as he feels it expanding (theres heat too) he has too throw it THEN, whether the cap is on or not (otherwise It'll blow Chlorine Gas in your face... this is NOT fun ) Chlorine Bomb #2 ------------------ Basically this is the same as the other one, except you use Brake Fluid instead of Soda as the liquid. Also, this sometimes takes longer, the reaction can take up to two minutes or more to happen, so after you throw the bomb, if it doesnt explode right away, DONT go pick it back up! But this Explosion is much more spectacular, you get a fireball.... Also a cloud of thick white smoke (which I think may be poisonous as well, at least my friend came out of it coughing and gagging horribly, threw up.. ). Ok, Now just a couple practicle uses for these two things: Riots: Throw them in the midst of the police lines, its better then teargas. Killing Spree: Throw them in the Midst of everyone, its better then teargas. ah well... The riots one could be useful, If they start trying to draft people for an imperialist invasion of Iraq, then we might actually have rioting, wherever people stand up to the oppression of the government. (thats my bit of leftist dogma for the day... ). -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- = The International Information Retreival Guild = - -=>Presents<=- - = Phantasy Tidbits = - (A collection of News and Views) - = Compiled and Edited by: Mercenary = -=-=-=-=-=-=--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Dateline: Dec 5th, 1990 Editors Note:- Once again more BAD publicity for the hacking community Washington (Associated Press)- A thief can steal more money with a computer than with a gun and a terrorist can spread more chaos with a keyboard than with a bomb, experts said today. "We are at risk." the National Research Council said in a 300-page report. "Increasingly, America depends on computers. They control power delivery, communications,aviation and financial services". "They are used to store vital information.from medical records to business plans to criminal records. Although we trust them,they are vulnerable." The report, titled "Computers at risk," calls for a coherent national effort to develop security systems and increase public awareness of the dangers posed by vulnerable computers to accidents and deliberate attack. "To date,we have been remarkably lucky," the council said. It pointed out that although money and information have been stolen,lives have been lost because of computer errors and communications and financial systems have been disrupted, there has been no systematic attempt to subvert critical computing systems. "Unfortunately,there is reason to believe that our luck will soon run out," the report said. "Thus far we have relied on the absence of malicious people who are both capable and motivated. We can no longer do so. We must instead attempt to build computer systems that are secure and trustworthy." As evidence of how untrustworthy computers are,the report listed these examples: 1. A nearly succesful attempt to use thousands of phony Bank of America automatic teller machine cards fabricated with personal identification numbers stolen from an on-line data base. 2. Thousands of reported virus attacks and hundreds of different viruses identified such as Stoned,Devils Dance,1260,Jerusalem,Yankee Doodle, Pakistani Brain,Icelandic-2,Ping Pong,and December 24. 3. A software design error that froze much of AT&T's long distance network. 4. The German Chaos Computer Club break-ins to the NASA Space Physics Analysis Network. EDITORS COMMENTS: Ok, once again we see some gross inacuracies on the part of the established media. Virus,Virus,Virus... Thats all we hear from the government controlled media. If they have thousands of reported attacks lets see them back up there claims with substantial proof. According to our sources 92% of all virus problems come from buying pirated software or downloading pirated software from BBS systems. So does this mean Uncle Sams cronies are down-leeching pirated software or buying it from back-alley copiers?? I think not... That 92% figure comes from HOME users of software not government networks or systems. Get your facts straight boys!! You've only got an 8% ratio!!! Also show me one person who's been killed by a hacker modifying a patients medical records. If you can prove that one to me, I'll personally buy you a 10 course dinner. I've worked in a hospital and its not possible. We enter what we've given the patient not read what he's supposed to get. Your incompetence truly amazes us. And lordy,lordy get your stories straight boys according to the Secret Service, "Acid Phreak" was supposed to have caused the AT&T system crash, Oh well, I suppose when you lie for a living you get you stories crossed from agency to agency. Dateline: Nov 11th, 1990 WARNING: FBI to investigate Anti-war Movement! FBI agent Steve Sterrit, Legal advisor to the FBI in Las Vegas, announced on 11/08/90 that the agency was actively investigating those who oppose Bush's war effort in the Mideast. EDITORS NOTE: Hmmmm... Since many of you out there do oppose the fight to keep Japans oil safe. I tacked this one on the news... Dateline: Jan 91-June 91 DECnet Vax Network Security Seminars Length 2-days Price $795.00 Boston Mass. at Back Bay Hilton Jan 10-11 (617)236-1100 Orlando,FL. at Hotel Royal Plaza Feb 21-22 (800)248-7890 Los Angeles,Ca. at L.A. Airport Hilton Mar 7-8 (213)410-4000 Boston Mass. at Vista International Mar 28-29 (617)290-5600 Los Angeles,Ca. at L.A. Airport Hilton Jun 6-7 (213)410-4000 Philadelphia,Pa. at Sheraton Valley Forge Jun 27-28 (215)337-2000 -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Section 6: Phantasy Distribution Sites Phantasy's Distributions Site's have changed,we apologize if you called a board and didn't find the Mag. But were organized a little better now and these will be the permanent sites as long as these systems are up and operating. 1. IIRG Headquarters- The Rune Stone BBS - 1200/2400 Baud 24 Hours Call for the Earliest possible releases of Phantasy and other IIRG files, at (203) 485-0088. 2. Lightning Systems- 24 hours - at (414) 363-4282 3. Sycamore Elite- 24 Hours - at (815) 895-5573 4. BlitzKrieg BBS at (502) 499-8933 5. The Works BBS at (617-861-8976) Largest Text Files BBS in the world, 3500+ text files online. 300-2400bps To get PHANTASY by mail on a 1.2 meg or 360K floppy mail the following to this address: Mail 12 Disks and $5.00 in stamps to The I.I.R.G. 862 Farmington Ave Suite-306 Bristol,Ct. 06010 Specify Format of Disk Please! We will include any of the IIRG's releases for that month on disk (Space Permitting) =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Phantasy Section Seven: End of the Year Comments... Well, hopefully with the new year upon us the Feds,Media,and public will have a better understanding of the Hacking Community in general. Negative news potrayals and Sun-Devil were unwarranted and only an attempt to draw attention from the real culprits, The Government itself!!! Why is the Army,NSA,and CIA recruiting Virus writers and Worm programmers? Because Uncle Sam wants to invade other countries computer systems!! We believe when history reveals itself, the Govt. will be shown as the major Computer Vandals they truly are and not the Hacking community... Some of there experiments have escaped from the lab!! Oh well... Phantasy will be published monthly (Hopefully), and we hope to keep you up to date as to whats going on in the community for 1991. So for now, Merry Christmas and a Hacking New Year... The I.I.R.G. and the Phantasy Staff -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- END THIS ISSUE OF PHANTASY =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- (C)IIRG 1990 May Odin Guide Yor Way!