HACKING 101 - By Johnny Rotten - Course #1 - Hacking, Telenet, Life --------------------------------------------------------------------- Since I have always felt that Baton Rouge was at a loss for *GOOD* hackers, I have taken it upon myself to educate the masses on this rather elusive of subjects. This course will cover a straight jaunt into Telenet, how to get there, what to do, where to go, and what to do once your in. The very first thing that you will need to do is to get NUAA from the Sprawl. This rather nifty utility scans Telenet for valuable, connectable "addresses". These addresses are a numeric code which is broken down as such: 508266 - typical Telenet address ^^^ This is basically an area code... The 266 part can also go up as high as 9999 (or above) That's the unique part of the address Alright, scan a known area code...you will almost certainly get a large number of connections, and using NUAA, it doesn't take very long (an hour or so to scan over 800 possible connections...indeed not very long). NUAA will produce a logfile, and another file of NUAs (network user addresss, get the connection?). Check this NUA file. All of those addresses are valid connects. And, it also gives the first line of text that came across on this system. This is where you will begin. Look through this list for anything that says Unix. Once you find a NUA that goes to a Unix, your work shall begin. The first thing to try and do when trying to access a Unix is to try "default" accounts. These are accounts that are built into an initial Unix installation. However, these accounts are usually changed. IF they were always changed, then we would never get in anywhere. The list of defaults for a Unix that I am aware of are: informix, sync, uucp, golden, anonymous, user, login, demo These accounts usually have the same password as their username. I.e. account "informix" will have it's password as "informix". Dr. Hacker and the Bladerunner have additional information concerning defaults, and I am sure that they will comment. What to do when you have gotten into the system ----------------------------------------------- Watch the logon screen for the last login date. If it was a day ago, or a few hours ago, or even a week ago, IMMEDIATELY hang up. These accounts are better left for the local pro (Dr. Hacker) or the semi-pros (myself and Bladerunner). However, if the last logon date was more than a week ago, or even a year ago, IMMEDIATELY hang up. Why? Well, unused accounts are just as dangerous as used accounts. You should call here and alert us to the system that you have found (in E-MAIL, not in the public forums). The only way that your further education in this matter can be attained is if you remain undetected, and the process to determine that is more complicated than I care to go into. But once you have determined that you can get in, let us know. So, that's the first part of this lesson. Once you have completed this much of it, then let me know, and I will go on to the next part, which is - "What kind of fun things are there here to do". Any questions...?? JR Downloaded From P-80 International Information Systems 304-744-2253