What's New!

Chat with
Hackers

How to Defend
Your Computer 

The Guides
to (mostly) 
Harmless Hacking

Happy Hacker 
Digests (old stuff) 

Hacker Links 

Hacker
Wargames 

Meet the 
Happy Hacksters 

Help for 
Beginners 

Hacker 
Bookstore 

Humor 

It Sucks 
to Be Me!

How to Commit
Computer Crime (not)! 

What Is a 
Hacker, Anyhow? 

Have a 
Great Life! 

News from the 
Hacker War Front

Carolyn's most
popular book,
in 4th edition now!

For advanced
hacker studies,
read Carolyn's
Google Groups
Subscribe to Happy Hacker
Email:
Visit this group

Unix Edition
Mar. 8th, 2000 Part One

.... .- .--. .--. -.-- .... .- -.-. -.- . .-. -.. .. --. . ... -
See the Happy Hacker web site at http://www.happyhacker.org
Firewall gives you problems? Try http://happyhacker.org
.... .- .--. .--. -.-- .... .- -.-. -.- . .-. -.. .. --. . ... -

***********************************************************************
*** Editor's Comments
***********************************************************************

Hi everyone, I'm really sorry this issue came out almost a week late, but last
Monday, I woke up with a high fever, which later turned out to be strep. I was
basically in bed until about Thursday or so... the few waking hours I had were
devoted towards keeping up with my schoolwork, so the digest kind of had to be
put on hold. Anyway, I'm feeling better now, caught up on my thermodynamics,
so here goes.

I have one open ended question from myself. I was adding a new machine to my
network (Debian 2.1) and for some reason, giving the command "ifconfig eth0
192.168.1.3 netmask 255.255.255.0 up" wouldn't work (pings failed, and all
incoming packets showed up in the errors column. route -n had the correct
parameters. If I just told it "ifconfig eth0 192.168.1.3 up", and let it pick
the correct netmask, everything worked. route, however, listed a "genmask" of
255.255.255.0 instead of netmask of 255.255.255.0. Why?

If anyone is looking to write an article: I'd really appreciate if someone
understands things like IP Masquarading, Firewalling, and or NAT volunteers. I
can use all three, but only at a functional level... I don't really claim to
understand them. Thanks.

***********************************************************************
*** Readers' Submissions
***********************************************************************

Danny Soltesz <Dan20@umit.maine.edu> asks:

I was wondering if you could tell me when your new book is going to be
ready for purchase "Uberhacker"? Is this book a more advance form of
your previous book "The Happy Hacker"? I am a beginner and I have been
reading vast quantities of information on how a computer really works
(hacking stuff) for about 2 months. Like really reading and trying new
things, this hacking stuff is just consuming my mind and I can't stop
wanting to learn more. I purchased your book "The happy hacker" and
went through quite a bit of it, trying some of the things along the
way. I'm going to school for computer programming and I'm surprised at
so much stuff you "don't" learn in this degree. One other question. I
set up a dual boot on my laptop and I'm running redhat 6.1 linux and
win98. I'm trying to get on the net with linux since I couldn't find a
good shell account and I figured it would be better to know linux
anyway. I have a LT winmodem but I found a driver on the net so that I
can use it in linux but when I go to install the driver in linux at the
command prompt I keep getting a "init_module" like something is busy
and I can't figure out why it won't load the install setup program? Do
you think it would be better just to get a new pc modem card that will
work with both? Any help would be greatly appreciated. Thanks

ps. I was wondering if you new of any mentors or hacker groups around
the state of maine that I could get involved with?

[Editor: No idea on the book. As far as the curriculum for a degree goes,
yeah, you're right... although you have to remember your degree is not in
computer security. It's in computer science, I presume, so they want you to
know programming, and programming theory. As an aside, check out my
(mini-)section later on secure programming, and tell me how much of what I
write about has been discussed in your class. I'm a computer engineering major
(comp sci + EE), and I know about how much useful stuff I've learn.... zip.
With regard to using your WinModem, I remember that question came up about 7
or 8 issues ago, and there were two links posted. I've never used either (if
someone sends me a free winmodem, I'll be glad to test it out, <hint>,
<hint>), so I can't say. As a general rule, try and pick yourself up a normal
PCMCIA modem... even if you do get the winmodem working, it'll run slower,
probabaly, and have higher ping times, because the CPU is doing the processing
for it. The actual error message is telling you that modconf (or whatever your
module) file is can't load the driver, odds are because it's not configured
right. Make sure that when you compile your kernel, you have any parameters
you need to set set correctly. Also make sure PCMCIA support is enabled. As
far as people in Maine... anyone out there?]

------------------------------------------------------------------------

zee180@lebhost.com.lb <zee180@lebhost.com.lb> writes,

>[Editor. The .rpm files (not rmp) stand for Redhat Package M-something (or
>something close), and are the package files. Use whatever package program

M = Manager. You can get a working bin from http://www.rpm.org/

>The netstat command shows your "network status". The "t" asked it for
tcp/ip,
>the "u" asks for udp, the "w" asks for any raw sockets. (The "a" I'm not
sure
>but without it the string doesn't show anything on my computer)

A = Active ports. You can also use 'n' for a numerical form and 'r' for the
routing table.

z.

[Editor: Yeah, I should've known that. As an aside, since RedHat is so
popular, many place distribute tarballs and rpm's only... no regular .tgz
binaries. So most distro's have a redhat interface built in, or you can
compile your own from rpm.org. For example, on debian, use 'alien'. Note that
for netstat on windows (I'm not sure why I'm putting this here, maybe just as
a contrast), just do a 'netstat -a'.]

------------------------------------------------------------------------

Scott Barlow <scott_2000@yahoo.co.jp> asks:

Hi,

Sorry for such a basic question, but I don't know where to turn. I got
Solaris 7 from Sun since they are basically giving it away, but after
successfully installing it and getting on as root, I am having 2 major
problems.

The first is: I don't know how to configure the machine to recognize
my modem and dial out to my ISP so I can start surfing the web. I have
a generic 56k modem and the winblows drivers, but I know you can't use
those in UNIX. I have a PII233 self-built machine. Can you provide me
with any help?

Second is: How do I add myself as a user and create a user directory
in the right place (not just anywhere, because I guess there is a
typical way of setting users up) so I don't have to be root all of the
time. I mean, I heard it is bad to be logged in as root all of the
time because you might screw something up, but I'm always root (in the
Administrator group) on my WINNT 4.0 box.

Thanks for such a great service (HH) and for your response.

Regards,

Scott

[Editor: No problem. As far as your modem goes... can you dial out, but not
use ppp, or not even dial out. Try installing minicom (or something like it)
to see if you can get a response from your modem. You may already have
/dev/modem symlinked to whatever the correct port is... if not try /dev/ttyS?
or /dev/cua?, where ? = 0..3, with ttyS0 being COM1, ttyS1=cua1=COM2, etc. You
may want (and this is just a suggestion) to put Solaris aside, install a more
"user-friendly" distro to get the hang on Linux, and the put Solaris back. As
far as adding a user, try adduser. If that doesn't work, use useradd.]

------------------------------------------------------------------------

Shortyc <short_curcuit15@hotmail.com> inquires:

I got this file from etc/passwd from a site.
this is what was in it:
root:*:0:0:Charlie &:/root:/bin/csh
toor:*:0:0:Bourne-again Superuser:/root:
daemon:*:1:1:Owner of many system processes:/root:/nonexistent
operator:*:2:20:System &:/usr/guest/operator:/bin/csh
bin:*:3:7:Binaries Commands and Source,,,:/:/nonexistent
games:*:7:13:Games pseudo-user:/usr/games:/nonexistent
news:*:8:8:News Subsystem:/:/nonexistent
man:*:9:9:Mister Man Pages:/usr/share/man:/nonexistent
uucp:*:66:66:UUCP pseudo-user:/var/spool/uucppublic:/usr/libexec/uucp/uucico
xten:*:67:67:X-10 daemon:/usr/local/xten:/nonexistent
pop:*:68:6:Post Office Owner:/nonexistent:/nonexistent
nobody:*:65534:65534:Unprivileged user:/nonexistent:/nonexistent
ftp:*:14:5:Anonymous FTP Admin:/var/ftp:/nonexistent

what is this? i think it has something to do with passwords but i dont know
what it means. (not asking how to crack it)

ps
thankyou for setting me in the right direction. before I had ever seen your
site I thought hacking was all about destruction. I used to be one of those
people who would download all the programs from the sites with the skulls
and fire. I eventually figured out that the programs didn't work and that my
computer had some viruses. I got very mad. When I saw your site I thought
you were a lamer who didn't know about anything. as I started reading from
your book I finally knew what hacking was all about. not destruction but
information and fun. after getting your book and reading it I was inspired
to learn how to program. im in the process of learning co++, perl, and shell
programming. just thought i should tell you thanks!

[Editor: lol... I'm not really sure what to say here. First, I would say, stay
away from that system, because it looks like it would be so insecure (notice
there was no non-root users active... well, aside from operator, and 5 bucks
says he's got some pretty heavy access), and it would probabaly be too
tempting to break in. Yes, that is the password file (password = passwd).
Notice there are no passwords... the * is where the passwords should go...
look for /etc/shadow. In case it scares any of you newbies that the password
file is readable... it has to be. You're secure as long as the shadow file
isn't accessable.]

------------------------------------------------------------------------

SABER WOODARD <skulltwister@hotmail.com> sent in:

hi there! love your web site. following advice i read there (on your site) i
downloaded tty watcher on my linux box. i was wondering if you could offer
some help with the install. i'm new to linux you see. it's a 'tar.gz' file.
when i open it i'm confronted with about seventeen files of various types,
some of which are '.c' files, others i have no idea. can you throw me a
rope? much thanks!
Saber
ps i read the README file. it's about as much help to me as calling my ISP
help desk for instructions on configuring PPP dial-up under linux... (YOU
AREN'T USING WINDOZE?! SOMEONE COME TALK TO THIS FREAK!)
LOL

[Editor: Forget ttywatcher. You're not ready for it. Look for my first digest
(or my third), for the article on compiling programs. .tar.gz means first
someone user tar (Tape ARchiver) to smush all the files into one, without
compression, then gzipped them so they're smaller. The .c files are the source
code... you should also find a .h or two (maybe), a file called Makefile,
maybe one called configure, and most importantly, files called README, and
INSTALL. I'll leave it to you to figure out what those do. As far as the ISP's
go... I've dealt with four ISP's for Linux. My first ISP was named atlatl
(pronounce At-Lat'l), and I was their tenth customer... unfortunetely, they
closed after they hit about 15K users and their provider cut them off. I could
call tech support, the phone was answered in their NOC (network oparations
center), and discuss Linux, Cisco's, whatever, to my hearts content. The
second, radix.net, was also great about things like that. My next two were
nationals... mindspring and erols. Mindspring, while having good service for a
national, is terrible about intelligent tech support. So is erols, BUT. The
but is that erols runs (well, used to at least) on Linux, and I had a friend
who had a friend who worked in their NOC. I could call him, and he'd put me on
with one of his techie geek coworkers, and that was really helpful. So in
summary... look for one of those tiny, small, black and white ads in the
newspaper for a nice hole-in-the-wall ISP... they're much more likely to be
nice and friendly.]

------------------------------------------------------------------------

LAURIE REASONER <thefarm4@earthlink.net>

id like to thank you and the happy hacker organization it helped me clear up
some confusion about the diffrerenc between a hacker and a cracker. id also
like to ask for info on what would be a good resource to start learning
programing languages and basically a give me a decent base to start learning
more about hacking and the variuos aspects of computer/internet
technologies. i am by the way an adolescent male and already haveing a
previous run in with the federal authorities (an expeirance that in no way
wish to repeat believe you me) id like to help change the stigma associated
with hacking andits "evil techno criminal" image, thankyou for your time and
please excuse any spelling or grammar errors as im currently dosed up on
cold medicine

your admireing fan
sam

p.s. my runin with the authoritys was not computer related and im lucky that
im not currently serving time in a federal penetentary

[Editor: Hey LAURIE/sam. When you come down off your high, check out
"Essential System Administration" by O'Reilly, and for C... hmm... probabaly
the K&R book (they wrote the language, I think they know how to use it). Of
course, read "The Happy Hacker" by the world famous Carolyn Meinel (who even reads her fan mail :) ). After that... fire up the ole web browser, and start
browsing. There's so much free stuff... it's almost pointless to pay for most
things.]

------------------------------------------------------------------------

Cygnus Inc <cygnusinc@madmail.com> wants to know:

I have just recently discovered your enlightening website, and am now
wondering what the difference between Linux and Unix is, and what the
differences between FreeBSD / OpenBSd are -- that is to say if you have the
time. Can you tell me which OS you use, or atleast which is the best and
where I can get it? I also use Outlook to check some of my other mail, I
read in one of your "Sucks to be me. . . " letters that using Outlook is bad
for security, if not Outlook then what should I use? Thank you in advance
for your time.

Confused

[Editor: Linux is a flavor of Unix. So are the BSD's. Carolyn likes SuSE, I
use Debian, RedHat tends to be the most popular. Personally... I don't trust
RedHat, I think it's too insecure out-of-the-box to even mess around with. The
BSD's tend to be more secure, but less fun to use. I'd recommend SuSE if you
want the 5 gig worth of programs that come with it, or Debian (wait for the
new release, should be within the month) if you just care about power (it also
has some pretty nice bundled software, but they're kinda strict about their
definition of "free", like for example, Pine isn't included because of a
technicality. As far as using Outlook... it's ok iff (if and only if) you turn
off Java, JavaScript, RadioActiveX, and all that jazz. As an non-Unix
alternative, try Eudora (or PC-Pine :) ).]

------------------------------------------------------------------------

beta_tester@starmedia.com <beta_tester@starmedia.com> writes:

Hi, first of all i want to give a big hug to all of you ppl who want to learn
and find "what's going on" at the core of your systems.

I recently (and at last) install Linux on my PC, Red Hat 6.0 Kernel 2.2.5-15,
everything was just fine, a clean installation with no troubles
at all (it was my first time!) but my happines turn into problems when i was
trying to change the configuration of the X-server, you see:
the problem is this:
when i was changing the config of the X-server the power supply went out and
my PC die, then the power return and the system reboot normaly, at this point
the screen show "Failure" at some of the services and give me a screen that
says something like "Checking File System with errors, press ctrl-D for manual
administration or enter root password", i give my root pass and the system
throw me to a shell.
The system recomend to run fsck manually, i did it and it begins to ask if i
want to fix some blocks and delete some other "deleted/unused" things, i fix
everything and reboot again, the system initialize fine but when the login
prompt appear i give my root password and doesn't work, it says the "Login
incorrect" response. WHAT CAN I DO?.
Please help me, i can't just reinstall everything again.

By the way, i can access the whole system by connecting my HDD to another PC
and mounting it in that linux Box, i tell you that because if the problem can
be resolved changing something in some file of my system, i can do it.

My system is Red Hat 6.0 Kernel 2.2.5-15 on a i686 and the other one from
where i can connect my HDD is S.u.S.E 5.2 Kernel 2.0.30 on a machine with the
same architecture.

Thanxs for all.
Bye.

Beta Tester.

[Editor: Thanks for the *hug*. It's so nice to find people who really care.
Wait, let me get this straight. When you say you can "access", do you mean it
can boot, and login, or that you can type mount /dev/<olddisk> /olddrive and
access it? If it's number one, then maybe your keyboard is broken? If number
two, login, and go into /etc/shadow (on the "broken" HD), delete the root
password. Then, put it back into your old machine, and login to root (w/ no
password... WHILE OFF THE NET), and put back your pw. P.S., what are you beta
testing?]

.... .- .--. .--. -.-- .... .- -.-. -.- . .-. -.. .. --. . ... -

This is a list devoted to *legal* hacking! If anyone plans to use any
information in this Digest or at our Web site to commit crime, go away! We
like to put computer criminals behind bars where they belong!

 

Part 2 --->>

 © 2013 Happy Hacker All rights reserved.