What's New!

Chat with

How to Defend
Your Computer 

The Guides
to (mostly) 
Harmless Hacking

Happy Hacker 
Digests (old stuff) 

Hacker Links 


Meet the 
Happy Hacksters 

Help for 



It Sucks 
to Be Me!

How to Commit
Computer Crime (not)! 

What Is a 
Hacker, Anyhow? 

Have a 
Great Life! 

News from the 
Hacker War Front

Carolyn's most
popular book,
in 4th edition now!

For advanced
hacker studies,
read Carolyn's
Google Groups
Subscribe to Happy Hacker
Visit this group

From: Nils van den Heuvel <n.heuvel@pi.net>
Organization: Planet Internet
Subject: Guide to mostly harmless hacking


I think the guide to mostly harmless hacking is very clear to newbies
(such as myself).

But now I have a problem...
I want to connect directly to the Internet (without my ISP between me
and the Internet). But, how do I do this?
I hope you can help me.

Nils van den Heuvel

ps. I hope you can devote an issue on how you can cover up your trails.

(Moderator’s note: use a PPP connection so you won’t leave a shell log file
at your ISP.)

From: "Charles Duffy" <duffy@lightspeed.net>
To: "Carolyn P. Meinel" <>
Subject: Re: Happy Hacker Digest. Dec. 14-15, 1997
Date: Thu, 16 Jan 1997 06:06:23 -0800
X-MSMail-Priority: Normal

> I've found Win32 console-based telnet, whois, finger and host programs
> patterned after their UNIX equivalents... any advantage of the UNIX ones,
> tho? (that is, do I still need a shell account?)
> (Moderator's note: OK, OK, Windows NT and Windows 95 -- the 32 bit
> systems -- have more and more great TCP/IP utility programs coming out.
> I still think Unix rules!)

I gave it a try and installed Linux on my P5/133... I feel more nerdly
already... <grin>...

From: Nils Janson <wyoguys@twd.net>
To: "Carolyn P. Meinel" <>
Subject: Linux
References: <>

Ok, I've just got a few tips for newbies who want to install Linux.  I,
myself, have just -->recently<-- installed Linux, Red Hat 4.0 flavor.
It is so unbelievably easy to install, if you just know a few basic
things about computers, you should get a good installation in no time.
Took me about 30 minutes, that’s with getting the BusLogic Flashpoint
drivers from http://www.dandelion.com/Linux , backing up, partitioning
my hard drive, and finally running the install prog.  I got it off a CD,
cost $53 incl. S&H, but thats just 'cause I live in Germany.  They have
a really nice packet manager, and an interface in X thats akin to Win95,
only better ;) Just thought I'd share that with you, since I've seen a
few 'help me with Linux/'installing Linux was bloody hell' type
things.  Have fun, and friends don't let friends use DOS.

(Moderator’s note: since we’re on the topic of Red Hat, you may want to
check out the latest security flaw discovered in it. The following post is
from the top computer security list on the planet: Bugtraq. It releases
security news way ahead of CERT, CIAC etc. In fact, much of what you read on
this list you won’t ever see anywhere else. But it’s controversial because
it releases exploit code, too. If you are really, really tempted to try out
their exploit codes, remember to do it on your own computer or one owned by
someone who agrees to let you try it out. To subscribe to the Bugtraq list,
email aleph1@underground.org and politely request a subscription.)

Approved-By:  Aleph One <aleph1@DFW.NET>
Date:  Thu, 16 Jan 1997 10:21:44 -0600
Reply-To: Erik Troan <ewt@redhat.com>
Sender: Bugtraq List <BUGTRAQ@netspace.org>
From: Erik Troan <ewt@redhat.com>
Subject:      [linux-security] SECURITY: Important bug fix for /sbin/login
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@netspace.org>

Their is a buffer overrun in /bin/login which has the potential to
allow any user of your system to gain root access. util-linux-2.5-29
contains a fix for this and is available for Red Hat Linux 4.0 on
all four platforms.  We strongly recommend that all of Red Hat 4.0
users apply this fix.

Users of Red Hat Linux versions earlier then 4.0 should upgrade to 4.0 and
then apply all available security packages.

Users whose computers have direct Internet connections may apply
this update by using one of the following commands:

rpm -Uvh ftp://ftp.redhat.com/updates/4.0/i386/util-linux-2.5-29.i386.rpm

rpm -Uvh ftp://ftp.redhat.com/updates/4.0/axp/util-linux-2.5-29.axp.rpm

rpm -Uvh ftp://ftp.redhat.com/updates/4.0/sparc/util-linux-2.5-29.sparc.rpm

All of these packages have been signed with Red Hat's PGP key.


[mod: Forwarded by Richard Jones, Mangled by me to make this appear
to have been sent by Erik himself... -- REW]
- -----------------------------------------------------------------------------
|       I told you I'm not very bright -- Sugar in "Some Like It Hot"         |
|      "RPM is the greatest thing since swap-space" - Bryan C. Andregg
|                                                                             |
|       Erik Troan   =   ewt@redhat.com     =    ewt@sunsite.unc.edu          |

Sat Jan 18 09:55:34 1997
X-UIDL: 7c120d9c3ef409770fabd1401179ed71

Happy Hacker Digest Jan. 17, 1997

Folks, remember to check out our Hackers forum at
http://www.infowar.com/cgi-shl/login.exe. Lot's of people are posting really
good information there now. In fact, if you find it is easier to use the Web
forum than receive the Happy Hacker Digests, you can unsubscribe to this
list by emailing with message "unsubscribe."

We are about to release two new editions of the Guide to (mostly) Harmless
Hacker. Vol.3 No.1 is on how to foil email bombings. Vol. 3 No. 2 is on how
to map the Internet. We make a hacker visit to the University of Natal's EE
department! Both issues are out for technical review. Hurry up, reviewers!

From: Bryce Lynch <bryce@telerama.lm.com>
Subject: Re: Happy Hacker Digest. Dec. 14-15, 1997
To: "Carolyn P. Meinel" <>

> 1.) how does one become an ISP?
> (Moderator's note: With just a PC, Linux and an ISDN line you can launch a
> half-way decent ISP. See the book "Building a Linux Internet Server," by
> George Eckel and Chris Hare, published by New Riders, 1995. It even includes
> a CD-ROM with Linux.)

Actually, you can use a 28.8 SLIP line and Linux to become an ISP of
sorts.  You just have to use a technique known as IP masquerading (making
users who dial into your box appear to be multiple sessions coming from
console) to make it work effectivly this way.  And yes, Carol, it's
perfectly legal to do so.

> 2.) how does one become a sysadmin?
> (Moderator's note: learn TCP/IP and Unix or Windows NT inside and out.)

A thorough knowledge of C/C++ and shell script programming can't hurt,

> 3.) if information about a user is contained in the packets that TCP/IP

The information inside an IP packet is the address to send to, a checksum
(to prevent errors), and the tty of the username it's to be sent to.

> sends out, is there any way to disguise it or alter it? I think doing so
> would be difficult, because then if an error occurred during transmission
> it would be difficult for the remote computer to request resends of the
> messed-up packets.
> (Moderator's note: that's IP spoofing. Good question on resending messed up
> packets. Anyone else have an answer?)

IP spoofing is a method of generating packets to a system to make it
think you are a legit user.  First, it helps to map out the remote
services the site being cracked, as these are what will be manipulated.
What is called a trust relationship between nodes on the network being
cracked is ascertained:  it is possible to make any system on a given
network implicitly trust a given user through the use of a .rhosts file
in the home directory, which outlines which usernames at which sites are
to be allowed passwordless access.  Doing so is a combination of probing
remote services and guessing which users might have such access.

One of the trusted systems on foo network is syn packet bombed.  That is,
a packet generator is used to send a lot of login requests from
fictitious addresses to the trusted system to keep it busy.  A packet
sniffer on the system is used to figure out how packets generated
by the trusted system are numbered, and that pattern is used to generate
packets supposedly from the jammed system.  The system tries to send
responses to fictitious IP addresses, and so ignores legit acknowledgment
packets sent to that system.  Kind of like tapping your right shoulder
from your left side, and you never think to look to your left.

A packet generator is used to create a response from the jammed IP
address saying, in effect, "Yeah, it's me.  How about a third packet to
seal the deal, bro?"  The system being attacked then sends a response to
the jammed IP address, but the cracker sends another faked IP packet
acknowledging THAT acknowledgment, and the system under attack dutifully
spawns a login shell for that user.  The cracker then creates IP packets
that contain commands for the system, most normally adding wildcards to
the ~/.rhosts file that allow any user at any system free access to that
account.  A packet containing a logoff is sent via generator, and the
trusted node on foo network is allowed to go about its merry way, which
consists of it trying to get rid of all those empty packets.

A remote shell or remote login session is then done normally, and the
system has been cracked.

If you know a good deal of C and have an understanding of how packets are
structured, it is possible to code both the sniffer and the packet generator.

> Oh and something else I have two bios crackers and they both do not work (I
> have set a pass and they do
> not reveal it )I wanna know just for the fun . Do you have any bios
> crackers?? And is it difficult to become an expert hacker (Some say it only
> takes to know the assembly language...

And to know how the BIOS chip is laid out.  Each BIOS breaker works on
only one brand of BIOS chip, and then revisions of the software can make
it maddening to find the right one.

> hi again-creator2. I've spent a week now trying to find a shell account.
> called at least 10-15 ISP's and *nothing*. keep referring to different
> places and telling me that there is no market for them so they won't
> sell 'em. went to search engines and get a 1,000 different accounts.

WHAT?!?  Shell accounts no longer being offered?  Simply nauseating..
how are people supposed to learn how to use Unices then..?  Sheesh..

Autarkis Aetherjammer

From: root <abszero@epix.net>
Subject: How to find your shell account.

> OK.  Please bear with me cuz I'm a newbie.  All right, when I log on to
> concentric.net, I dial in and then when it's connected I start
> Netscape.  When you wrote about shell accounts, were you talking about
> going through something like Hyperterminal?  If this is the case, will I
> need a Unix password or just my own?  Thank you for all your help.  You
> seem to be one of the nicer "hackers" out on the net.  :o)


> hi again-creator2. I've spent a week now trying to find a shell account.
> called at least 10-15 ISP's and *nothing*. keep referring to different
> places and telling me that there is no market for them so they won't
> sell 'em. went to search engines and get a 1,000 different accounts.
> -creator2

Most PPP dial-up accounts come with shell accounts (A.K.A. "text only" or
"asynch" accounts.  Most ISPs don't tell you this.  To find yours, try these
options (in approximate order of preference).

0) If you need to give a command to start your PPP connection (E.G. PPP), try
saying "echo Test... Test...".  If you get back "Test... Test...", you have
found your shell account.

1) If your ISP has some automatic thing to find your local dial-up number
(try their 1-800 number, their web page) see if it also has the number for
the "text" or "shell" or "asynch" dial-ups. (Mine does)

2) Call their living phone receptionist and ask for the dial-up number for
the "text only accounts".  You might need to say you have one.

3) Try calling the number for dialing up via PPP/SLIP +1 and -1. (E.G. if
123-4567 is your PPP dial-up number, try 123-4568 and 123-4566.) Try this
before #2 if your ISP is a phone co., or the number for PPP is a "nice even
number" (repeated digits, 0s, etc.)

4) Your out of luck.

Once you get the correct phone number.

1) Try logging in with the same user-name/pwd. as for your PPP account.

From: fianov <nethead@sea.ntplx.net>
Subject: email spoof

I know you can prove who posted a message to a sysadmin, but can you
find the email address of a spoofer with only a header?  It seems like
there is no way to, but it also seems like there is no way to show it to
a sysadmin (which there is).

Just wondering.  I've seen many a post inviting people to mail them

Please make this anonymous.
  I'm sure this is a silly question, but please answer if you can:
  If the country I am in now went to war with another country, it would
be legal to hack that other country's computers. I checked this out in
obscure legal textbooks.
  Would it not be a good idea to suggest that evil genius types with too
much time on their hands direct their activities to, say, Iraq, if we
went to war with them?

(Moderator's note: chances are the US DoD would be paying good money to evil
genius hackers to help out in event of war.  To learn more about
opportunities for hacker warriors, keep up to date at the site

From: "Todd Kruger" <zyper69@hotmail.com>
Subject: Hello?

   OK I was at your site and read everything then downloaded everything and
tried to do what it said like where do you type
the command  "finger Joe_Schmoe@fubar.com"  and what if I ask for
a shell account and he asked what for so you can hack.

(Moderator's note: Tell your ISP that you want a shell account so you can
study Unix. Promise to BE GOOD.)

or where do I type
"telnet boring.isp.net 79"

(Moderator's note: at the prompt for your shell account.)

I'm not dumb or a newbie at computers
I have a lot of skill in everything but hacking and programs.  I'm learning c++
and trying to learn the art of hacking.  My goal in life is to become a HACKER.

(Moderator's note: if you're studying C++ you're already half-way to
becoming an elite hacker.)

From: "." <nate.fisk@netheaven.com>
Subject: NovellNetware w/Iclass front end

 OK, here's the deal: I am a newbie hacker (like most people posting to
this group) and have no experience because I live in the middle of nowhere.
I Have found (finally) a LAN to hack but need to know how one goes about
getting IP addresses (Don't answer if that is somewhere in one of the GTmHH
posts please, I'll find it) and any back doors, hacks etc for NovellNetware
with an IClass front end (IBM Classroom System Administration) Thanks.....

From: mozment@juno.com (Michael T Ozment)

I've read every text file I can find on having win95 and Linux on one
hard drive, but I'm still worried about dividing my hard drive in
half...I'm not the only one that uses my computer <only working modem in
the house> and if anything happened to win95 my parents would probably
kill me.  also I have some questions about which distribution to get, the
best I have found has been Red Hat 4.0. I'd like to know your feelings
about this particular distribution, and where EXACTLY I can get it, I've
looked through every directory at redhat's ftp site and I still don't
know what file(s) I should get.
thank you for any help you can offer,
michael ozment

From: Brancaleoni Raffaele <s940195@student.ulg.ac.be>
Subject: About the problem with root access on Linux


>> part.  I logged in as another user I made earlier, and tried to edit it
>> back.  The other user has Read only capabilities when in the passwd file. So
>> now here is my question.  Can this be undone. Do I have to reformat my
>> Linux partition?  How do I reformat my Linux partition?  ohh yeah can you

>Yes. Look into booting into "Single User Mode". Read the manual for

Or just take your installations disks and boot from them.
On the "boot:" prompt type "mount root=/dev/<the device where is your
Linux system>"

When booting sequence is finished you should be able to login as root
without password.

To complete the operations you know what you have to do ;)

Go work ;)

Brancaleoni Raffaele               E-Mail : s940195@student.ulg.ac.be
IRC-Undernet : Darkstalk(er) on #linux, #belgique, #funplace, #liege
 /\     /\ /\  /\ /\  /\ /\  /\
       / /    / //  \/ // / / / \ \/ /  ... The choice of ...
      / /___ / // /\  // /_/ / / /\ \         ... a GNU generation ...
      \____/ \/ \/  \/ \____/  \/  \/

Sun Jan 19 12:21:45 1997
Subject: Happy Hacker Digest Jan. 18-19, 1997

Moderator's notes: Gordon Brandt has posted at our Infowar site
(http://www.infowar.com/cgi-shl/MISC/verify.exe) the answer to one of the
most burning questions of the Happy Hacker list: how to get a shell account.
He points out that http://www.celestin.com/pocia/ has a detailed list of
ISPs including information on whether they offer shell accounts. If you
don't already have one, get one today! You'll find it useful when our next
few Guides to (mostly) Harmless Hacking come out.

And don't forget to sign up at our Infowar site (again, that's
(http://www.infowar.com/cgi-shl/MISC/verify.exe). It's free, and on another
location on this site you can find hilarious stuff written by Winn Schwartau
about his adventures at hacker conventions.

We've had a lot of questions from port surfing enthusiasts about  port
assignments: To get a complete list of all port assignments in existence,
not only for the Internet but Ethernet and many other networks, too, see

There are thousands and thousands of them!..

Now, on to news from other folks:

From: Mike <mrbrown@cyberstation.net>
Subject: Shells

I've seen some posts about people having problems getting shell accounts.
Yeah for some reason or another some ISPs either don't offer a shell
account alone or at all. So here are 2 that do: wf.net and
cyberstation.net. Web Fire charges $6 a month for a shell and here at
Cyberstation we charge $10 bucks a month. You could e-mail
help@cyberstation.net or info@wf.net to find out more info on either.

From: jericho@dimensional.com
Subject: Re: Happy Hacker Digest Dec. 16, 1996

> Happy Hacker Digest Dec. 16, 1996

> it possible to have a good shell account, etc, on a Macintosh? how is
> hacking on the Macintosh?

Use a Macintosh terminal program to connect to an ISP that offers shell
accounts. It is the same thing.

There are also at least 2 variants of unix that can be installed on Macs.


> I want to connect directly to the Internet (without my ISP between me
> and the Internet). But, how do I do this?
> I hope you can help me.

You have to connect to an ISP somewhere to be on the net. Unless you would
like to upgrade to your own 540GB backbone.

> (Moderator's note: use a PPP connection so you won't leave a shell log file
> at your ISP.)

Link your shell history to /dev/null

From: Pete <pete@servtech.com>
Subject: Mac Hacking

>I know next to nothing about UNIX or shell accounts, something which
>frustrates me to no end. but another factor is the fact that I use a
>Macintosh computer. personally, I prefer them over other types of
>computers. the fact that when I say that scores of 'elite hacker warriors"
>spare no effort in telling how much of a piece of crap Macs are and how
>stupid I am for using one.

Ah, those sad, disillusioned fellows.

>I would appreciate an informed answer (and perhaps an opinion, if I can
>receive one without opening the dreaded computer holy war book again.)...is
>it possible to have a good shell account, etc, on a Macintosh? how is
>hacking on the Macintosh?

I'm an avid mac user, so this is a little bit skewed, but... Anyway, I've
got a PPP account as well as a shell account with a local provider, and I
use FreePPP and Zterm for them, respectively. It is possible to run UNIX on
a Mac, using MkLinux. I think Apple's web site has something about that,
I'm not sure. I've never tried installing unix on a mac, so I don't know
what that might mean... For telnet I use NCSA Telnet, which is pretty good.
You can telnet to any port you want to. There are also some cracking
programs for the Mac out there, and you can e-mail me for the URLs (I don't
think Carolyn would like that kind of information on this list). As for
"How is hacking on the Macintosh," it's pretty much the same once you
telnet somewhere. After that, it's all Unix...

Pete Hopkins       | "I got both a humidifier and a de-humidifier for my
pete@servtech.com  |  birthday, so I put them in a room together and let
                   |  them battle it out." --Steven Wright

Hello Carolyn,

I ask that you please keep this anonymous.
I recently Telneted (using windows 3.1) to XXX.com. At the login in
screen i typed "root" and then at the password screen i typed "sysadmin"
After a few seconds it said "Not on system console". The UNIX ver. was 4
My question is do i need an actual shell account to get in or is it
something else? Is this considered cracking? I hope not.
Any help would be appreciated.

From: wizard@bga.com (John)
Subject: Re: Happy Hacker Digest Dec. 16, 1996

>I know next to nothing about UNIX or shell accounts, something which
>frustrates me to no end.
that can be rectified...  I did it :)  The problem, though, is exposure --
you have to expose yourself to these systems.  When I learned about unix
and whatnot, my dad was a professor at a public university in California.
During the summer, I would go in with him when he went to work.  I would go
into the computer center and muck about with unix, pdp 11/44s, APL, RSTS,
teletypes, and all sorts of other stuff.  I wasn't there too long before
people were giving me money to get me to help them with problems.  I
haven't forgotten much....

>I would appreciate an informed answer (and perhaps an opinion, if I can
>receive one without opening the dreaded computer holy war book again.)...is
>it possible to have a good shell account, etc, on a Macintosh? how is
>hacking on the Macintosh?
good for you!  Congratulations on having a 'real' computer!  <grin>  See, I
have a mac, too.

Shell accounts are independent of whatever platform you're running on.
They're provided by your ISP, not your home computer; when you use a shell
acct, the computer you're using is THEIRS, and yours is just acting as a

As far as hacking on a mac, well, it depends on what you want to hack :)
Any ideas yet?

From: jericho@dimensional.com

> Happy Hacker Digest Jan. 17, 1997

>(Moderator's note: chances are the US DoD would be paying good money to evil
>genius hackers to help out in event of war.  To learn more about
>opportunities for hacker warriors, keep up to date at the site

They already have several teams that do that.

From: "saurabh singhvi" <saurabhsinghvi@hotmail.com>
Subject: i surrender to you oh master

hello there.
I'm 17 and I'm from India. Somehow I've always had this sort of dark twin within
me which tries to find every opportunity to perform some melancholy deed. don't
really know why this happens but anyway the advent of the Internet into our
country was like a ray of hope for me as i was quite aware of its predominant
underground and thought that it would be the ultimate guinea pig for me to toy
           The Internet came over here on the 15th of august 1995. pretty late
but  at least we have access. we have access to the shell a/c and the tcp/ip
a/c. i do not have my own a/c yet but I'm proud to say I'm ripping off some
freak who remains ignorant of the fact.
           However I've been doing a lot of reading on hacking and stuff and I
have gained quite a lot of things (i learnt unix thanx to sir hackalot). I
haven't really managed to break into the system over here.
they have this os called "digital unix" over here. i find getting root a very
tedious task and i start to feel that it is just not possible at times.
          I'd be the happiest guy if i managed to break on through to the other
         Anyway whoever is reading this mail me back and help me out man.

(Moderator's note: I hope that by "break through to the other side" you mean
you want to be able to use your hacking skills in a legitimate, high paying
job such as sysadmin. If one of your problems in rounding out your education
is inability to get manuals, you can find tons of free information on line
at http://nic.ddn.mil/LIBRARY/.  This site provides the RFC's (requests for
comments) which are the Bible of how the Internet works.)

From: Theodorou Zenonas <dorothy@cytanet.com.cy>
Subject: Your Hacking Files

Dear Carolyn,

I have been reading your hacking files and to say the least I am thrilled
but I have a few Questions.

In your very first file you said that somebody could finger someone using:

telnet llama.swcp.com 79

I want to know in more detail how this is accomplished plz...

Does it only work when you are on the Internet and does it apply to everyone
on or just the people using that computer...thank you...

I hope this isn't one of those stupid questions some ask..

Theodorou Z

Moderator's note: First, llama doesn't run finger any more. So you'll have
to pick a different Internet host computer for this. Also, finger works in
different ways on different hosts, depending on what finger program it runs
and how it is configured. But struggling with all these variations is part
of the fun of hacking.

I decided to try finger on you.

First, I tried the obvious. I logged into my shell account using the bash shell:

->finger dorothy@cytanet.com.cy
finger: cytanet.com.cy: unknown host
->telnet cytanet.com.cy 79
cytanet.com.cy: unknown host
telnet> quit

So when this didn't work, I checked your full header and discovered the full
name of the host from which you sent this message was platon.cytanet.com.cy.
So I tried:

->telnet platon.cytanet.com.cy 79
Trying ...
Connected to platon.cytanet.com.cy.
Escape character is '^]'.

Bingo! I'm on your computer! I tried several commands, including the obvious:


But every time I got:

Connection closed by foreign host.

What was interesting was that the command:

->finger dorothy@platon.cytanet.com.cy

Just bombed me out!

It looks to me like you could have a lot of fun trying to figure out what
commands would do what on platon.cytanet.com.cy, port 79.

And the rest of you guys on this list, please give platon.cytanet.com.cy a
break. Port surf on another box. You can do this by getting names off the
full headers of email you receive.

If the sysadmins on this box in Cyprus suddenly see several thousand telnet
attempts form all over the world thanks to the Happy Hacker list, they will
get really paranoid. It is good hacker etiquette to not harass any one
computer excessively.

Happy hacking, and be good!  


 © 2013 Happy Hacker All rights reserved.