Carolyn's most popular book, in 4th edition now!
For advanced hacker studies, read Carolyn's
|
| Subscribe to Happy Hacker |
| Visit this group |
Better living... through (mostly) Harmless Hacking
Unix Edition
Jan. 31, 2000
_______________________________________________________________________
See the Happy Hacker web site at http://www.happyhacker.org
Firewall gives you problems? Try http://happyhacker.org
_______________________________________________________________________***********************************************************************
*** Editor's Comments
***********************************************************************Quick appendix to last weeks digest (quoted from
http://www.linuxdoc.org/LDP/LG/issue33/tag/ipmasq.html):>I've heard conflicting reports about using 192.168.0.* and 192.168.255.*
>(the first and the last of this range). So I don't recommend it. If you
>needed a very large network of "private net" (RFC 1918 --- aka RFC 1597)
>addresses you could also use 172.16.*.* through 172.31.*.* --- that's
sixteen
>adjacent class B networks, or your could use 10.*.*.* --- a full class A.This is, of course, the IP addresses that are reserved for use for
non-Internet computers.One another note. Someone on this list (I will not mention who right now, I
might later) sent me a nice little macro virus. I don't know if it was
deliberate, it spreads by changing your signature, so he could've been a
victim. If it was deliberate... I _will_ track you down, and I _will_ kill
you. If it was an accident, use McAfee, their latest version picked it right
up. 'Course, I don't run Outlook Express or IE (especially not on the
UNIXeditor box, duh) but it caught it. I'm studying it now, I might post
parts of it as an interesting virus case study... with delibarate
obfuscation, of course... I know at least one script kiddie who reads this
list... I'm sure there's at least several hundred more. The KAK worm (as I'm
so naming it... I forgot what McAfee called it) is kinda creative... but not
very effective. An annoyance... but nothing _that_ hard to remove. Oh... and
I find out who wrote it, I'll kill you. On to happier thoughts...***********************************************************************
*** Readers' Submissions
***********************************************************************Chameleon990@aol.com asks:
Hi wussup
i dont know if you can help me or not but you seem to know a lot of
computer stuff so mabey you can
i just got Red Hat linux 6.1 and installed the Gnome workstation this isnt
really a hacking related question but i am getting fustrated looking for an
answer my ? is how do set up hardware like sound card and modem
and then after i set up my modem how do i get online using aol?
if you dont know a answer could you possibly proved some good sites that
have
info on this os
oh one last thing is it better to install it on a blank hard drive or one
with windows or dos already on it cuz honestly i dont have a clue what im
doing or how to run it really but you website said it would help in hacking
so i got it
anyways any help i would love to have
later
Chameleon[Editor: Ok, first, you can't use AOL with Linux. Philosophically, it's
impossible... in addition, there's no software to do it anyway :). As far as
setting up hardware, start reading the HOWTO's first. Linux is not like
Windows, it's not _that_ intuitive, and a little advance planning (read:
research) goes a very long way. As far as a fresh drive goes, it's usually
preferable (especially for a newbie), assuming you have the drive availible.
It's quite possible to set up a partition, but it's not really worth it if
you don't have to. Good luck.]-----------------------------------------------------------------------
Aaron Jones <kjones1@elp.rr.com> asks:
I would really like to get linux but i have win98 can i run to operating
sytems and switch between them when i need to.if so could you put a section
up on the happy hackers site to show everybody how.[Editor: Ok, Aaron, I hate to do this to you, and it's not personal, but I'm
kinda sick of doing answer this windows/Linux question. USE THE WEB, people.
Read the past few digests, then fire up the ole browser, check out some
Linux documentation first.]-----------------------------------------------------------------------
Sean Ellis <sellis@intergate.bc.ca> suggests:
Ahoy,
prolly a little tedious to always be having the same answer, but it's
O'Reilly again.They've recently put out 'Using Samba'. It's an outstanding book, even by
O'Reilly's high standards. It's very clear, with a logical organization. 10
out of 10 for this one. I also have the Sam's 24 hour Samba book. It's
cheaper, and it got me going OK, but there's no comparison between these
two books,have a good one,
sean
[Editor: Ahoy, matey. There you go... another vote for O'Reilly. BTW, /.
(that's slashdot.org for the unfamiliar) just reviewed a perl book that's by
a publisher I haven't really heard of: Manning Press published
_Elements_of_Programming_with_Perl_, and supposedly it might be the start of
some competition for O'Reilly. But my heart (and wallet) will stick with the
animals for now...]-----------------------------------------------------------------------
zee180@lebhost.com.lb <zee180@lebhost.com.lb> is back:
Hey there, here's an interesting admin tool.
It uses Doom's graphical interface to view and kill processes.
You actually use machine guns and grenades instead of kill -9.http://www.cs.unm.edu/~dlchao/flake/doom/
Declare war against processes ;-)
[Editor: Wow. I think you sometimes write more than I do. Anyway, check out
this site... pretty nifty concept.]-----------------------------------------------------------------------
Ktinga <ktinga@unm.edu> sent in:
> [Editor: Thanks for the multiple posts. The most useful unassigned IP's
are
> the Class C's in the 192.168.x.x range. There's also an unassigned class
B,
> and I think even a class A, but I'm not certain about that. As far as
> snooping on RF ethernet... does anyone have any knowledge of such a task?
> I'm sure a scanner should do it... or is it more complex. Do they run
trunks
> (like many PD + FD's do these days)? It might be an interesting topic to
> explore... maybe on the antionline mailing list directly.]Ok, well you *almost* all you need is a scanner. You also need
some software solution. As for Fire and Police departments, some don't
even bother with tryint to encrypt or scramble their transmissons. Some
states consider the airwaves in use by F/PD to be public and open.
As you can guess with state service, not a whole lot goes into
fortifying the encryption schemes of radio. Usually, it's an encoding
process.> You can find more information about SAMBA (the software package)
In case you are wondering, Samba is also a very sensous and
intense dance from South America.> Fatal Error <lazerus001@juno.com> begs:
>
>
> Maybe you can help me. I'm looking for a free distro of linux that'll run
on
> my PS/2 77i. It has MCA bus, 24 megs RAM, 2 gig HD, and a 486 DX/4 133mhz
> AMD CPU. I was hoping to breath some life into my comp before I result in
> getting a new one. Can you help me out?Besides Linux, you may wish to consider BSD. You may also want to
consider Solaris 8 Early Edition. The Hardware Compatability List that Sun
gives...http://soldc.sun.com/support/drivers/hcl/8/S8EA/files/c0108.htm
...seems to imply that it can run on a 486.
> To the poor dummie( for example ME..), they tell how to set up
> Xwindows, how to set up the root password, but they do not teach you
> how the file system is organized. i know that the Unix file system is
> fully customizable so it could change from user to user or from a
> corporate to another one, but for example what is the difference
> between /usr/bin and s/bin... nobody tells you where to find the
> thing.It's mostly historical. /usr was at one time meant for "special"
applications, such as AutoCad, Pine, and /usr/games (I think) and /bin was
just a place for very basic programs, like "ls", "cat", and so
forth. /sbin or related is for Super Root binaries, like servers and
daemons. /usr was also used for storing home directories of users.
/etc is for configuration files. /dev is for physical device
files. /lost+found is where some core and other types of files would be
stored after a system crash. /tmp is for temporary files, just like on
Windows. /var was for log files, and I think maybe daemons.
Each variant of UNIX has it's own variant on this system. /home in
Linux, for example, is where users directories are stored. Of course, it
could be anywhere. Just make sure that you change your entry in your
shadow and normal passowrd, group, and NIS map files. You should also
change utilities such as adduser. Solaris splits up the /dev directory
into differnt directories, some for tty (pts in AIXspeak), some for disks
or printers.> Another example, they tell to the dummie how to set up the DNS, so
> they throw you to a file on the path /somtehing/another_thing/file.
> but what about the TSR called daemons and where to find them and what
> is there purpose. You could do it by following the instructions, wich
> are sometimes lightly buggy but working. When it works but you remain
> with a missing segment in "you knowledge chain"For DNS, you can get it at
http://www.isc.org/products/BIND/
Again, the best things to look at are the Animal Series, published
by O'Rielly.> -Icepik
> "Just because your paranoid, doesn't mean they're not after you!"
>
>
> [Editor: "Even paranoids have enemies" (Henry Kissenger)]Everyone's out to get me just because I'm paranoid!
> -----------------------------------------------------------------------
> Martijn Linssen <email@withheld.com> asks
>
>
> Hi Happy Hacker,
>...
...> Martijn Linssen
>
>
> [Editor: Nifty idea. Has anyone tried this... does it work on different
> systems? BTW, I suppose you don't want to hear the lecture on using the
same
> password... the HH Digest still exists (you're reading it now :) ) I
> presume, because of the antispam instructions on your email addr, you
didn't
> want it posted, correct?]Depending on what kind of system you want, you can have sixty-four
charachter passwords, special charachters included.> [Editor: Hmmm. Sure this is a unix question? I think nuking is a topic
> that's been beaten to death already... basically, it's a Denial of Service
> attack. If you're not familiar with the idea... imagine giving someone a
> nervous breakdown by calling their housing non-stop... on all 10 of their
> lines... for a week... with a shrill ringing sound played when they
answer.
> Oh, and they need to let legit calls get through. That's a DOS. if you
were
> on IRC, your IP addr is easy to find (/whois + /who). If you were on a
java
> based chat... it'd depend. Basically... there are mean people out there.
If
> you're running windows <insert flame here>, and download NukeNabber. For
> Unix... you should be safe.]You may also want to invest in a personal firewall.
[Editor: Whoa again. Ok, point by point. Trunking (for those unfamiliar with
the scanning scene) is a technique for frequency hopping: many police
departments now use it. It's part privacy (though all you need is a scanner
that can follow trunks), and part to make more efficient use of the
airwaves. I've never seen a PD that encrypts their communications (except
for SWAT and the like), and I live in New York, where all they use are trunk
s.
I did not know about SAMBA, thanks for the directory info.]-----------------------------------------------------------------------
Phil Dibowitz <<script language="JavaScript"><!-- var name = "webmaster"; var domain = "ipom.com"; document.write('<a href=\"mailto:' + name + '@' + domain + '\">'); document.write(name + '@' + domain + '</a>'); // --></script>> asks:
On the gtmhh, a program called TTY Watcher is mentioned briefly,
and it sounded very usefull, and so I downloaded it. And I was
skimming through the .readme file, and there were 2 sets of
install instructions... one for Sunos 4.x and one for Sunos 5.x.
The instructions weren't typical "./configure;make;make install;"
type thing either, it was pretty elaborate, having you build
different parts in different orders depending on what you were
running, etc.So I went a little further along, and they said they'd never
tried to install on linux... so my question is, has anyone tried
TTY Watcher on linux (any distro)? Any install problems? Were you
successful? Any special things you need to do? Which distro ya
runnin'?I don't mind fooling around and expiramenting with my system, but
I figure if someone else has already done it, why screw with my
system if I don't need to.Thanks!
Phil
[Editor: I don't recall offhand how to install it, but maybe someone reading
this does...]-----------------------------------------------------------------------
mike barrett <mikebarrett@centropolis.org> has this problem:
I have bought and installed Linux-Mandrake 6.0 and I am having a problem.
The disk included Boot Magic and Patition Magic. So, I installed those to
help with the install. When I get Linux installed it works until I reboot
it. Then Boot Magic comes us like it should but when I select Linux my box
says:Preparing your machine to load "Linux":
-------
And then it freezes (I think). I have reinstalled Linux three times and the
same thing is happening. What is wrong with my box and how do I fix it?[Edutir: Hmm. Is Linux the only OS you have installed? If so, why are you
running boot magic? If not, where (physically) on the hard drive is it
installed? I.e., is it within the first 1024 cyl's? Is your hard disk
physically defective?]-----------------------------------------------------------------------
Matthew Martin <mdmartin@alpha.delta.edu> writes:
Hi, my name if Matt. I'm (trying to) learning Unix right now. I'm taking
a course at a community college, learning the basics, which I'm getting
down pretty fast. I also put SuSe on my laptop (Compaq Presario) and
tomorrow I'm getting an external modem to start trying to get on teh web.
But I totally don't understand how to administer the thing. Like how to
work with the environment; it's extrememlly complicated and definately not
user-friendly. But it is very powerfull, and I'd like to learn to use
that power. I guess I don't understand at a very deep level how the
intenet es put together. All theses servers and entrypoints and gateways
and things go over my head. I'd like to learn about htem, and how to use
Linux effectivly; the capabilities of the machine. The class I'm taking
really if for people who use basic programs, editing, mail, news and file
managing (simple) things throught a terminal. But nothing that has to do
with running your own machine, especialy on the internet, using it full
capabilities. Could you please direct me, guide me a little, as to where
I need to go next, what are the next things I need to understand. And
maybe where i could go. websites, a specific book, anything really.
I know you understand the ins and the outs of it all. Honestly, I don't
have a ton of time to learn. I am leaving for school in S. America this
April, where for the most part, I woun't have computer access. So I'd
like to learn as much as possible in this short amount of time. I
understand that know why things work the way they do is important, but i
also don't want to spend all my time studying computer science when I
could be learning how the thing works and it's capabilities. But you know
better than I do. Thanx a ton for taking the time to read all this. I do
appreciate it, and hope you'll be able to help my out a litte and give me
some direction.
confused, but not hopless,[Editor: Good for you. It's nice to see people who know what they know, what
they don't, and don't ask: can you teach me how to run my system... in 5
minutes. Pick up a copy of "Essential System Administration" by O'Rielly,
and read that, it should help. As far as internet connectivity... the best
thing is to have some idea of sysadmining before your box is put on the
internet... otherwise, it'll be cracked pretty fast. Good luck. And P.S.,
flattery never hurt anyone :)]-----------------------------------------------------------------------
Joanne Farrell <itb@gofree.indigo.ie> wrote:
Hi, I hope some of the people on the list can help me! Basically, i set up a
student computer society in my newly opened college, (It's RedHat 6.1 on a
PIII500 128mb ram) and we have the usual stuff on it.....programming tools,
mail, news, apache, irc etc etc....
Our computing services officer is a bit publicity mad, and tells me that
there's funding there for some kind of Xeon server - which would be much
appreciated- *if* we come up with something unique to implement on our
server, that will draw attention to our college (as it is brand new). He is
kinda hinting toward a SQL/database kinda project or something that shows
integration between NT and linux, but my problem is: i can't think of
anything to do!!
If anyone can suggest a project for us, i'd be much obliged!
Joanne Farrell[Editor: Cool. I have no idea... but if anyone else does... And how thankful
would you be... a nice shell maybe?]-----------------------------------------------------------------------
This is a list devoted to *legal* hacking! If anyone plans to use any
information in this Digest or at our Web site to commit crime, go away! We
like to put computer criminals behind bars where they belong!Email addresses:
Unix Editor Mike Miller unixeditor@techbroker.com
Windows Editor Greggory Peck wineditor@happyhacker.org
Hacker Wargame Directors Vincent Larsen vincent@sage-inc.com
John Vranesevich jp@antionline.com
Clown Princess Carolyn Meinel To Subscribe computer program
antionline-subscribe@onelist.com
To Unsubscribe computer program
antionline-unsubscribe@onelist.com
List owner John Vranesevich antionline-owner@onelist.comHappy Hacker is part of a 501 (c) (3) tax deductible organization