What's New!

Chat with
Hackers

How to Defend
Your Computer 

The Guides
to (mostly) 
Harmless Hacking

Happy Hacker 
Digests (old stuff) 

Hacker Links 

Hacker
Wargames 

Meet the 
Happy Hacksters 

Help for 
Beginners 

Hacker 
Bookstore 

Humor 

It Sucks 
to Be Me!

How to Commit
Computer Crime (not)! 

What Is a 
Hacker, Anyhow? 

Have a 
Great Life! 

News from the 
Hacker War Front

Carolyn's most
popular book,
in 4th edition now!

For advanced
hacker studies,
read Carolyn's
Google Groups
Subscribe to Happy Hacker
Email:
Visit this group


Jan. 29, 1999
_______________________________________________________________________
See the Happy Hacker web site at http://www.happyhacker.org
Your local firewall blocks you? Try http://happyhacker.org
Svenska:
http://w1.340.telia.com/~u34002171/hhd/gtmhh/svenska/hhdsvensk.html
URL of the day:
http://www.radium.ncsc.mil/tpep/library/rainbow/ (Rainbow books)
_______________________________________________________________________

Opening Comments
URLs
News
Reader Submissions
Reader Questions
Basic UNIX commands
Editor's Comments

***********************************************************************
      *** Opening Comments
***********************************************************************

Yep, you have Yet Another Editor, and this is my first stab at the
digest. I hope you all enjoy it. Please send any and all UNIX-related
submissions to unixeditor@cmeinel.com

***********************************************************************
      *** URLs
***********************************************************************

Reliable places to download or purchase some flavors of UNIX:

Linux (bigger list at www.linux.org)
 -Debian www.debian.org
 -Caldera www.caldera.com
 -Red Hat wwww.redhat.com
OpenBSD www.openbsd.org
FreeBSD www.freebsd.org
NetBSD www.freebsd.org

Technotronic - A good site with news, exploits, bugfixes, etc.
www.technotronic.com

Subversion: The Neglected Aspect of Computer Security
http://www.jya.com/subversion.htm

3-user demo of Novell Netware 5.0 for $15(US)
http://www.novell.com/netware5/demo.html

Contributed by Lord Chr0n0s:
Lots of books on Unix, Linux, TCP/IP, programming, and more. 
http://www.itlibrary.com/

***********************************************************************
      *** News
***********************************************************************

LINUX FOR MACS
A company called LinuxPPC is unveiling its version of the Linux
operating system that runs on the Macintosh PowerPC platform.  The
LinuxPPC 5.0 software will be available for downloading free on the
Internet, and an expanded CD version, which includes development tools,
AppleShare integration and other features, will be sold for $32. A full
version bundled with Applix's ApplixWare will be available for $125.
Once LinuxPPC is loaded onto a PowerPC machine, it can run either Mac
OSX or LinuxPPC, a feature that may add to its popularity.  "A lot of
people are looking for an alternative operating system," says the
director of product management for Applix.
(TechWeb 7 Jan 98)

-----------------------------------------------------------------------

A CALL TO ACTION AGAINST WASSENAAR
The following is a message posted by John Gilmore to many
security-related sites recently about pending sanctions against
cryptographic software:

The US Wassenaar initiative is an attempt to deny the public not only
all future strong crypto developments, but all existing ones.  As
today's message from Denmark makes clear, the freedom-hating
bureaucrats are threatening to prosecute a citizen merely for
publishing PGP on his web page.

Let's at least ensure that they don't eliminate *today's* strong
crypto, by replicating crypto archives behind each Berlin Wall they
threaten to erect.  Today we depend on a small number of archives (in
a small number of countries) containing source and binaries for PGP,
SSH, Kerberos, cryptoMozilla, IPSEC, and many other useful crypto
tools that we use daily.

Let's replicate these archives in many countries.  I call for
volunteers in each country, at each university or crypto-aware
organization, to download crypto tools while they can still be
exported from where they are, and then to offer them for export from
your own site and your own country as long as it's legal.  (The
Wassenaar agreement is not a law; each country has merely agreed to
try to change its own laws, but that process has not yet started.)

And if at some future moment your own government makes it illegal for
you to publish these tools, after all your appeals are denied, all the
pro-bono court cases rejected, and all the newspaper coverage you can
get has been printed, then restrict your web site so that only your
own citizens can get the tools.  That'll still be better than the
citizens of your country having NO access to the tools of privacy!

(I suggest putting these tools on a Web site on a machine that you
own, rather than on a web site where you buy space from someone else.
That way there'll be nobody for the freedom-squashers to threaten
except you.)

I'm sure that John Young's excellent http://jya.com site will be happy
to provide an index of crypto archives around the world, if people
will send him notices at jya@pipeline.com as your sites come up.
(Each archive should locally mirror this list, so that we won't depend
on a single site.)

Rather than having their desired effect of squelching crypto
distribution, perhaps their overbold move can inspire us to increase
strong crypto distribution tenfold, by making it clear to the public
that if you don't keep a copy on your own hard drive, the governments
of the world will be merciless in scheming to deny you access to it.
And if crypto developers have to publish on books, or rely on
smugglers to get crypto from country to country, then at least each
country will have its distribution arrangements already ready for when
the book is scanned or the smuggler arrives.

***********************************************************************
      *** Reader Submissions
***********************************************************************

NiEls <root@the.carota.net> wrote:

Hey there,
I would just like to comment on the proxy story below, that contrary to
common belief most proxies won't make you "anonymous". The much used
Squid proxy for instance will (by default, it can be  turned off) add a
line to each HTTP request you do containing your real IP address. A
fast way to check would be to run your own webserver, create a (cgi-bin
or other) script which display the HTTP_X_FORWARDED_FOR environment
variable, and access your own script through the proxy. An empty
reponse will most likely mean the proxy can be used for "anonymous"
use. (Beware that the above variable is used by Squid and not
necessarily others. You might want to display ALL variables and see if
your IP/hostname shows up somewhere.) You were probably already aware
of this; just thought it might be useful for others. Not sure if it has
been mentioned before either, I'm not on the list that long.

Keep up the good and happy work,
NiElS

> You have a browser configured to access a web proxy.  You send a
> request for a web page, and the proxy services it...the proxy
> sends the request to the target.  Now, the target sees a request
> coming from the proxy...which has a different IP address than
> yours.  The proxy then forwards the response to you...

> Step 1.  Issuing the request.

> [u.u.u.u]  -->  [p.p.p.p]
>   You             Proxy

> Step 2.  The proxy forwards the request.

>              [p.p.p.p]  -->  [t.t.t.t]
>                Proxy           Target

> **To the target, the request is coming from IP "p.p.p.p"

> Step 3.  The response is sent to the Proxy> 
>              [p.p.p.p]  <--  [t.t.t.t]
>                Proxy           Target

> Step 4.  You get the response from the Proxy.

> [u.u.u.u]  <--  [p.p.p.p]
>   You             Proxy


> Now, the same is true when you use telnet and a shell account or
> two.  You mask the IP address of the computer you are sitting at
> by telnetting to one or more shell accounts and then telnetting to
> the final target.  This uses the same principle as was described
> above.

-----------------------------------------------------------------------

Troy Davis <troy@ltnx.net> wrote:

http://netscan.org has the first (relatively) complete database of
ICMP directed broadcast networks ("smurf amplifiers").  All allocated
IPaddresses ending in .0 or .255 have been pinged and measured, so
it's complete short of pinging the whole 'Net.
It's queryable by IP address/subnet/broadcast (same output) and a list
of the worst 1024 networks, rescanned this morning, is available.
We're hoping netscan.org will get enough publicity that admins will be
pressured - both by user comments and bandwidth limitations - to fix
their router configurations.

Cheers,

Troy Davis

-----------------------------------------------------------------------

Frode Egeland <egeland@csi.com> wrote:

Hi,

First, the fan-boy stuff: I really enjoy HH, both the mailing list
and the website. You guys are great!

Now, on with my suggestion:
I'd like very much if you would put some "Linux hacking for newbies"
info together. The basics, you know? It feels like all the info "out
there" is for *nix experts, and people like me, who have just
installed Linux, don't have a really good starting point...

Anything would be great! :)

Regards,
Frode Egeland

[Ed- Check the Basic UNIX Commands section below for some Linux
 commands to play with. Or, feel free to check
 http://members.xoom.com/finite2/dw0rd/techbib.txt for some info
 about beginning hacking. I haven't read the whole thing, but what
 I've seen so far is pretty decent.]

-----------------------------------------------------------------------

Roger A. Prata <rprata@prodigy.net> wrote:

>Where are the shadowed passwords on an AIX 4 system placed?  And,
>how do you interpret what appears to be two different tokens in the
>password field (two shadow files maybe?!?)?
>Thanks for your help...
Hello. AIX shadowed passwords are kept in /etc/security/passwd,
which can only be gotten to as root.  You cannot even cd to
/etc/security unless you have root on the box.  On my AIX 4.2
(RISC/6000) system, there is only one token in /etc/passwd that I can
see.  Hope this helps...

-R

-----------------------------------------------------------------------

Stalk3r <XStalk3r@aol.com> wrote:

Hey... I've looked around and I've found probaly the best shell for
$10.00. It is the Legion Of Doom's, at www.lod.com. SSH, bitchx, irc,
anonymity, compiler access. Also...... considering it's THE Legion Of
Doom I don't think they mind you *playin* from the box.

Carolyn's Creation, Stalk3r

-----------------------------------------------------------------------

anonymous wrote:

Hey Carolyn, if you want, you can tell your readers about this great
program that totally eliminates the risk of back orifice.  It is
really cool, and if your readers use it, they would never have to
worry about getting it, and I won't have to waste my time reading
$%&@*)# 500 articles every week from some dumbass who just found out
his pc had BO. The program I speak of is called linux.  Yea, linux,
the OS.

anonymous

(seriously, ever since BO was released, there hasn't been one digest
that went without mentioning it)

[Ed- And now there will be another one. ;) After this, though, I
 don't anticipate seeing Back Orifice again. This IS a UNIX digest
 after all.]

-----------------------------------------------------------------------

Patrick Gilbert <gilbert@pgci.ca> Posted to Bugtraq:
(Bugtraq archives can be found at www.geek-girl.com/bugtraq)

Like many system administrators, paranoia comes as a sixth sense.
They don't like their networks prodded or probed by outsiders; this
would be like bursting in their office while they are taking their
coffee and groping them.

So, after having my fun with nmap-2.00, I decided to conjure
something that will monitor for this type of network reconnaissance.

The monitor works with tcpdump, and perl provides flexibilty. Feel
free to improve on it, and mail me a copy. You must provide the
network to monitor and ports to exclude and you can also add filters
for larger networks.

Here are a few suspicious packets it looks out for, with added
features you can read about and grab the source at
http://www.pgci.ca/syn.html

icmp packets (you can add filters), udp packets (same) , TCP packets
with no ACK , Fragmented IP packets, IP packets with options,
Packets with X.X.X.255 destination, Packets with X.X.X.0
destination.

Cheers,
--
Patrick Gilbert
PGCI Inc.
http://www.pgci.ca
Montreal (QC), Canada CE AB B2 18 E0 FE C4 33  0D 9A AC 18 30 1F D9 1A

***********************************************************************
      *** Reader Questions
***********************************************************************

Faizal Noble <Faizal@rpcdata.info.bw> writes:

I am still a newbie at Unix and was wondering if you could help me with
FreeBSD or Linux. I am currently making an effort to get FreeBSD 2.2.8
and RedHat Linux but I am running into problems because I don't know
what I'm supposed to have and what I am not in reference to files and/or 
directories in each of the two programs. I have looked around on the
net but all I got was installation instructions and FAQs and the Linux
HOWTOs but they don't tell me how I'll know that I have a complete
system or not. Can you help? If not do you know where I can get help?
Lastly, if you can't help with these and can with another flavour of
unix then that would be helpful too. 
FAIZAL@MEGA.BW
Thanx a Tonne

[Ed- There's really no such thing as a "complete" system. Depending on
 what you plan on doing, you'll need different programs. For example, if
 you plan on coding in C++, you'll need the g++ compiler or something
 that can take its place. If you want Xwindows, then you'll have to
 install that. It's like a big picnic with lots of food. Take what you
 want, and leave the rest to others. So try to figure out what you want
 to do with your computer and dig up the packages you want.]

-----------------------------------------------------------------------

Zhina Rihana <zebedee@usa.net> wrote:

This is my first time e-mailing you on happy hacker. I've read it for a
long time though :) and it is very good.  I have a question about IRC
when I am using Linux 2.0.34 and BitchX75p1.  I need to masquerade (?)
my hostname in BitchX as I am being attacked very often by DoS. I do
not know how this works, and if I could do it I would be grateful.

Zhina <zebedee@usa.net>

-----------------------------------------------------------------------

Quantum <fusion77@bellsouth.net> wrote:

Hi I was wondering - I've read lots of tricks & such for unix, but the
main thing is, it never informs you of how to get your program on the
remote machine. Could you please tell me how to open editors & upload &
such to unix systems.  Please respond ASAP, thank you.

[Ed- There are two different kinds of exploits. Remote and local. To
 use a local exploit, you need access to a shell account on the
 computer. A remote exploit can be performed from any computer on the
 internet (assuming the target computer is connected too)]

-----------------------------------------------------------------------

Hal Bennett <halapino@kamloops.net> wrote:

I know that you get a lot of question from beginners but this one will
be short and sweet. The last computer that I had was a Tandy 80 I now
have this good multimedia system with decent software.  my problem is
that I am lost in the information age. What I want to know is one good
basic starting point? I understand that reading is the basis but when
I start on one subject the info quickly leads me to something else.

[Ed- That's the best way to go, studying where your interest leads you]

All I am looking for is what to start on I can do the digging from
there? The idea of hacking intrigues me and I believe it is something
that I must pursue. Not for malicious purposes but let's face it
computers are still young and the ones that understand them the best
will be the ones that survive the best.
thanks
pino (halapino@hotmail.com)

-----------------------------------------------------------------------

COMLONGO@aol.com wrote:

Carolyn :
Recently I was reading one of the back issues of the Happy Hacker
Digest. In it, someone asked how to get rid of the LILO master boot
loader. Your answer was to type fdisk /mbr at the dos prompt. After I
read this I did the same. The I frogot was that I did not have a
Linux (Red Hat 5.1)boot disk. So then, I decided to reinstall Linux
to get the Boot disk.   When I did so, every time when I get to the
actual installation part, after a little while, I get error messages
saying that I had no more room, but in reality, I had hundreds of
megabytes free. Is it because that I need to delete everything in the
Linux partition before I start? Please reply, I am in really big
trouble and I don't think I can get out of it alone.
Thanks in advance

[Ed- Before you install, you'll probably need to reformat the old
 Linux partition and _then_ reinstall your files. This is part of the
 installation process in Debian Linux, but I'm not quite sure about
 Red Hat in particular.]

-----------------------------------------------------------------------

Jim Fielder <bigjim@softcom.net> wrote:

I just recently set up a linux box at work. I am looking for a good
website to answer my questions as they come up. I have a couple books
on the subject but occasionally I still can't find what I'm looking
for. Do you have any recommendations for such a web site?
TIA
---------------------------------------------
Jim Fielder
bigjim@softcom.net
www.softcom.net/users/bigjim

-----------------------------------------------------------------------

Yan Haijin <seascene@163.net> wrote:

Dear Sir:
Happy new Year!
I am an engineering student in China. Now i encountered a question
about C language.
I downloaded some source code and want to compile it under solaris
2.5 and there is one line that cc gives me the error:

    u_long get_sp(void)
    {
        _asm_(mov %sp,%i0);
    }
   
Here the function get_sp wants to get the value of sp - it uses
embedded asm, but the function wants a return value while in the
function there's no return. So the cc compiler gives the error that
get_sp must specify a return value and exits the compiling process.
I do not know what to do because almost all the overflow source code
is written in this way. So would you please tell me how to solve this
problem? Your help will be greatly appreciated! 
Thank you very much!
seascene 

[Ed- Not ever having used inline assembly, (yes, bad me) I had to
 resort to asking a friend of mine who'd know a bit better. Here's
 what he had to say:

 I will assume that the mov is copying a value to the place where it
 would be returned, yes? Then I can say that the compiler isn't
 recognizing it as a return; there's no actual return statement.
 Make a temp variable, mov into the variable, and return the
 variable.]

-----------------------------------------------------------------------

Amal Nandan Prasad <prasada@delpo1.in.unisys.com> wrote:

Hello,
I am submitting the following queries about UNIX:

1) What are the real-time operating system(RTOS)? Is UNIX a RTOS?
   If no, can we manipulate it to act like one?

2) In almost all the Unix flavours, except Digital Unix, I have seen
   only the year field(yy). Are all other flavours Y2K compliant? if
   not, why are they able to show accurate results for cal 2000?

I would be grateful, if you can satisfy these queries at the earliest.

Thanks and Regards

Amal

-----------------------------------------------------------------------

The Dog <gr8_n8@hotmail.com> wrote:

Please help me. I am having trouble getting help setting up my linux.
I actually was refused help from their support line. I can't seem to
get my modem running. Please help.

[Ed- Please be alot more specific in your submissions. What type of
 Linux? What modem? What version? As for the support line, I'm
 assuming you're using Red Hat or some other commercial brand, and
 never actually paid for the product. That's probably why you got
 refused.]

***********************************************************************
      *** Basic UNIX commands
***********************************************************************

[Ed- I thought it'd be appropriate if I'd give a little overview of some
 basic UNIX commands to those newbies out there. Some of this stuff has
 been covered already, but I don't see why I couldn't go over it again
 as I've gotten a few mails asking how to do basic things. Enjoy, and
 feel free to send me any questions, comments or suggestions. Man pages
 are great fun - for extra info on any of these, type "man ls" or
 whichever one you're interested in (without the quotes)]

cat - concatenate files and print on the standard output

cat readme.txt
-This will just spit out the contents of readme.txt to your screen.

ls - list contents of directories

ls -al /etc
-This will show all (a) files and subdirectories in the directory /etc
-in long (l) format

cd - change working directory

cd /usr/bin
-This will change your current directory to /usr/bin

pwd - print name of current/working directory

passwd - change login password and password attributes

mkdir - make directories

mkdir priv
-This makes a subdirectory named priv in the current directory

rmdir - remove empty directories

rm - remove files

rm -i *.txt
-This removes all files ending in .txt and prompts you for each one

ps - report process status

ps -A
-This prints out a listing of ALL processes running

df - summarizes free disk space

ln - make links between files

ln -s /etc/passwd /home/coder/readme.txt
-This makes a link from /home/coder/readme.txt to /etc/passwd
-Basically, readme.txt just points to /etc/passwd and acts like
-it in most ways.

pico - simple text editor in the style of the Pine Composer

pico index.html
-This brings up the file index.html in a very strightforward editor

pine - a Program for Internet News and Email

ftp - file transfer program

telnet - user interface to a remote system

telnet koan.happyhacker.org 80
-This will try to connect to port 80 on the wargame computer koan

lynx - a text-based web browser

nslookup - find IP addresses for hostnames, and vice versa

nslookup ftp.microsoft.com
-This will return the dotted IP address of ftp.microsoft.com, which
-happens to be 198.105.232.1

ping - send "are you alive" packets to network hosts

ping koan.happyhacker.org
-This will (most of the time) tell you if koan is alive on the
-network and how long it takes for information to reach it. Press
-CTRL-C to quit pinging, if it is doing it repeatedly.

who - show who is logged on

finger - display information about local and remote users

finger root
-This will display information about root on your local computer

[Ed- Again, I highly encourage you to read the man pages on these
 commands. Please note these are not even close to all of the
 commands available to you. And please don't complain "why didn't
 you mention this one"...I picked some out of the blue. If you
 want more information about a particular command, by all means
 ask, though :)]
 

***********************************************************************
Editor comments
***********************************************************************

First off, I'd like to say that I'm very grateful to Carolyn for letting
me take over as the new editor of the Happy Hacker Unix Digest.
Hopefully I can contribute as much as the rest of you do, and help to
answer questions you may have. I'm very open to (constructive) criticism
from anyone willing to give it. And thanks to all of you for keeping
this alive for so long. I've been a subscriber since 1996 (I think) and
it's good to see so much interest out there.

  --Unix Editor

***********************************************************************


   
 

This is a list devoted to *legal* hacking! If you plan to use any
information in this Digest or at our Web site to commit crime, go away!
Foo on you! Don't email us bragging about any crimes you may have committed.
We mean it. 

For Windows questions, email keydet89@yahoo.com or editor@cmeinel.com
For Unix questions, contact unixeditor@cmeinel.com.
For Macs, email Strider <s.corinth@iname.com> 

Happy Hacker staff: Unix editor, <unixeditor@cmeinel.com>;
Windows editor, Keydet89 <editor@cmeinel.com>; postmasters Jonathan D.
Zerulik and William Lewis <>; Hacker Wargame Director,
Mark Schmitz <wizard@rt66.com>; Wargame Sysadmin, Satori <Satori@rt66.com>;
Grand Pooh-bah: Carolyn Meinel <>

Happy Hacker is a 501 (c) (3) tax deductible organization 
in the United States operating under Shepherd's Fold Ministries. Yes! 
This is all a plot to save your immortal souls!

 © 2013 Happy Hacker All rights reserved.