[ 28 63 29 20 31 39 39 39 20 63 72 75 63 69 70 68 75 78 20 68 77 61 ]
  =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-=
  ==========================================================================
  =                       <=-[ HWA.hax0r.news ]-=>                         =
  ==========================================================================
    [=HWA'99=]                         Number 24 Volume 1 1999 July 10th  99
  ==========================================================================
    [                     61:20:6B:69:64:20:63:6F:75:                    ]
    [               6C:64:20:62:72:65:61:6B:20:74:68:69:73:              ]
    [              20:22:65:6E:63:72:79:70:74:69:6F:6E:22:!              ]        
  ==========================================================================



          "software doesn't kill data -- people do."
                                 
                                 - Drew Ulricksen from zdnn 




     HWA.hax0r.news is sponsored by Cubesoft communications www.csoft.net
     and www.digitalgeeks.com thanks to p0lix for the digitalgeeks bandwidth
     and airportman for the Cubesoft bandwidth. Also shouts out to all our
     mirror sites! tnx guys. 
     
     http://www.csoft.net/~hwa
     http://www.digitalgeeks.com/hwa

     
     HWA.hax0r.news Mirror Sites:
     ~~~~~~~~~~~~~~~~~~~~~~~~~~~
     http://www.csoft.net/~hwa/ 
     http://www.digitalgeeks.com/hwa.
     http://members.tripod.com/~hwa_2k
     http://welcome.to/HWA.hax0r.news/
     http://www.attrition.org/~modify/texts/zines/HWA/
     http://packetstorm.harvard.edu/hwahaxornews/     * DOWN *
     http://archives.projectgamma.com/zines/hwa/.  
     http://www.403-security.org/Htmls/hwa.hax0r.news.htm

   
               
     
        
  
   SYNOPSIS (READ THIS)
   --------------------
   
   The purpose of this newsletter is to 'digest' current events of interest
   that affect the online underground and netizens in general. This includes
   coverage of general security issues, hacks, exploits, underground news
   and anything else I think is worthy of a look see. (remember i'm doing
   this for me, not you, the fact some people happen to get a kick/use
   out of it is of secondary importance).

    This list is NOT meant as a replacement for, nor to compete with, the
   likes of publications such as CuD or PHRACK or with news sites such as
   AntiOnline, the Hacker News Network (HNN) or mailing lists such as
   BUGTRAQ or ISN nor could any other 'digest' of this type do so.

    It *is* intended  however, to  compliment such material and provide a
   reference to those who follow the culture by keeping tabs on as many
   sources as possible and providing links to further info, its a labour
   of love and will be continued for as long as I feel like it, i'm not
   motivated by dollars or the illusion of fame, did you ever notice how
   the most famous/infamous hackers are the ones that get caught? there's
   a lot to be said for remaining just outside the circle... <g>
   
   

   @HWA

   =-----------------------------------------------------------------------=

                     Welcome to HWA.hax0r.news ... #24

   =-----------------------------------------------------------------------=


    
    We could use some more people joining the channel, its usually pretty
    quiet, we don't bite (usually) so if you're hanging out on irc stop
    by and idle a while and say hi...   

    *******************************************************************
    ***      /join #HWA.hax0r.news on EFnet the key is `zwen'       ***
    ***                                                             ***
    *** please join to discuss or impart news on techno/phac scene  ***
    *** stuff or just to hang out ... someone is usually around 24/7***
    ***                                                             ***
    *** Note that the channel isn't there to entertain you its for  ***
    *** you to talk to us and impart news, if you're looking for fun***
    *** then do NOT join our channel try #weirdwigs or something... ***
    *** we're not #chatzone or #hack                                ***
    ***                                                             ***
    *******************************************************************


  =-------------------------------------------------------------------------=
  
  Issue #24

  =--------------------------------------------------------------------------=
  [ INDEX ]
  =--------------------------------------------------------------------------=
    Key     Intros                                                         
  =--------------------------------------------------------------------------=
 
    00.0  .. COPYRIGHTS ......................................................
    00.1  .. CONTACT INFORMATION & SNAIL MAIL DROP ETC .......................
    00.2  .. SOURCES .........................................................
    00.3  .. THIS IS WHO WE ARE ..............................................
    00.4  .. WHAT'S IN A NAME? why `HWA.hax0r.news'?..........................
    00.5  .. THE HWA_FAQ V1.0 ................................................

  =--------------------------------------------------------------------------=
    Key     Content 
  =--------------------------------------------------------------------------=

    01.0  .. GREETS ..........................................................
     01.1 .. Last minute stuff, rumours, newsbytes ...........................
     01.2 .. Mailbag .........................................................
    02.0  .. From the Editor.................................................. 
    03.0  .. PacketStorm Security begins to rebuild and plans a come-back. ...
    04.0  .. New zine from .nz AnarchyNZ......................................
    05.0  .. DefCon & www.defcon.org cracked..................................
    06.0  .. BO2k to be unveiled at Def-Con on Saturday at 7pm, wait for it...
    07.0  .. CIA Not Breaking Into Banks .....................................
    08.0  .. SETI@home gets cracked...........................................
    09.0  .. Network Solutions DNS Spoofed ...................................
    10.0  .. Bad permissions set on passwords stored by WebTrends software....
    11.0  .. Three Blind Men Accused of Computer Tampering in Israel .........
    12.0  .. FBI Opens Seattle Computer Crime Squad ..........................
    13.0  .. Alaska Prosecutes First Case of Illegal Computer Intrusion.......
    14.0  .. NOAA website hacked..............................................
    15.0  .. U.S not the only ones to have high profile sites hacked .........
    16.0  .. Social Engineering Alive and Well ...............................
    17.0  .. Snooping OK on Pager Numbers?....................................      
    18.0  .. Fed Servers Face Severe Security Shortfall ......................
    19.0  .. Mitnick in the News .............................................
    20.0  .. Home PC Next Target for Hackers .................................
    21.0  .. LSA can be crashed ..............................................
    22.0  .. Hack-Net announces the BURN ANTIONLINE campaign..................
    23.0  .. All-Star voting cheater nabbed ..................................
    24.0  .. Hackernews Now Available on Palm VII ............................
    25.0  .. U.S. Vulnerable to Cyber Attack .................................
    26.0  .. Logging on to cyber-crime .......................................
    27.0  .. Parts 1 and 2 of the infowar series ran by the Christian Monitor 
    28.0  .. Novell Cracker Pandora 4.0 Released .............................
    29.0  .. Cypherpunks will hold meeting at DefCon .........................
    
    =--------------------------------------------------------------------------=   
    
    RUMOURS .Rumours from around and about, mainly HNN stuff (not hacked websites)
    
    AD.S  .. Post your site ads or etc here, if you can offer something in return
             thats tres cool, if not we'll consider ur ad anyways so send it in.
             ads for other zines are ok too btw just mention us in yours, please
             remember to include links and an email contact. Corporate ads will
             be considered also and if your company wishes to donate to or 
             participate in the upcoming Canc0n99 event send in your suggestions
             and ads now...n.b date and time may be pushed back join mailing list
             for up to date information.......................................
             Current dates: Aug19th-22nd Niagara Falls...    .................

    HA.HA  .. Humour and puzzles  ............................................
              
              Hey You!........................................................
              =------=........................................................
              
              Send in humour for this section! I need a laugh and its hard to
              find good stuff... ;)...........................................

    SITE.1 .. Featured site, .................................................
     H.W   .. Hacked Websites  ...............................................
     A.0   .. APPENDICES......................................................
     A.1   .. PHACVW linx and references......................................
 
  =--------------------------------------------------------------------------=
     
     @HWA'99

     
 00.0 (C) COPYRIGHT, (K)OPYWRONG, COPYLEFT? V2.0
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

          THE OPINIONS OF THE WRITERS DO NOT NECESSARILY REFLECT THE
          OPINIONS OF THE PUBLISHERS AND VICE VERSA IN FACT WE DUNNO
          WTF IS GONNA TAKE RESPONSIBILITY FOR THIS, I'M NOT DOING IT
          (LOTS OF ME EITHER'S RESOUND IN THE BACKGROUND) SO UHM JUST
          READ IT AND IF IT BUGS YOU WELL TFS (SEE FAQ).
     
          Important semi-legalese and license to redistribute:
     
          YOU MAY DISTRIBUTE THIS ZINE WITHOUT PERMISSION FROM MYSELF
          AND ARE GRANTED THE RIGHT TO QUOTE ME OR THE CONTENTS OF THE
          ZINE SO LONG AS Cruciphux AND/OR HWA.hax0r.news ARE MENTIONED
          IN YOUR WRITING. LINK'S ARE NOT NECESSARY OR EXPECTED BUT ARE
          APPRECIATED the current link is http://welcome.to/HWA.hax0r.news
          IT IS NOT MY INTENTION TO VIOLATE ANYONE'S COPYRIGHTS OR BREAK
          ANY NETIQUETTE IN ANY WAY IF YOU FEEL I'VE DONE THAT PLEASE EMAIL
          ME PRIVATELY current email cruciphux@dok.org
     
          THIS DOES NOT CONSTITUTE ANY LEGAL RIGHTS, IN THIS COUNTRY ALL
          WORKS ARE (C) AS SOON AS COMMITTED TO PAPER OR DISK, IF ORIGINAL
          THE LAYOUT AND COMMENTARIES ARE THEREFORE (C) WHICH MEANS:
     
          I RETAIN ALL RIGHTS, BUT I GIVE YOU THE RIGHT TO READ, QUOTE
          AND REDISTRIBUTE/MIRROR. - EoD
     
     
          Although this file and all future issues are now copyright, some of
         the content holds its  own copyright and these are printed and
         respected. News is news so i'll print any and all news but will quote
         sources when the source is known, if its good enough for CNN its good
         enough for me. And i'm doing it for free on my own time so pfffft. :)
     
         No monies are made or sought through the distribution of this material.
         If you have a problem or concern email me and we'll discuss it.
     
         cruciphux@dok.org
     
         Cruciphux [C*:.]



 00.1 CONTACT INFORMATION AND MAIL DROP
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


     Wahoo, we now have a mail-drop, if you are outside of the U.S.A or
    Canada / North America (hell even if you are inside ..) and wish to
    send printed matter like newspaper clippings a subscription to your
    cool foreign hacking zine or photos, small non-explosive packages
    or sensitive information etc etc well, now you can. (w00t) please
    no more inflatable sheep or plastic dog droppings, or fake vomit
    thanks.

    Send all goodies to:

	    HWA NEWS
	    P.O BOX 44118
	    370 MAIN ST. NORTH
	    BRAMPTON, ONTARIO
	    CANADA
	    L6V 4H5

    WANTED!: POSTCARDS! YESH! POSTCARDS, I COLLECT EM so I know a lot of you are
    ~~~~~~~  reading this from some interesting places, make my day and get a
             mention in the zine, send in a postcard, I realize that some places
             it is cost prohibitive but if you have the time and money be a cool
             dude / gal and send a poor guy a postcard preferably one that has some
             scenery from your place of residence for my collection, I collect stamps
             too so you kill two birds with one stone by being cool and mailing in a
             postcard, return address not necessary, just a  "hey guys being cool in
             Bahrain, take it easy" will do ... ;-) thanx.



    Ideas for interesting 'stuff' to send in apart from news:

    - Photo copies of old system manual front pages (optionally signed by you) ;-)
    - Photos of yourself, your mom, sister, dog and or cat in a NON
      compromising position plz I don't want pr0n. <g>
    - Picture postcards
    - CD's 3.5" disks, Zip disks, 5.25" or 8" floppies, Qic40/80/100-250
      tapes with hack/security related archives, logs, irc logs etc on em.
    - audio or video cassettes of yourself/others etc of interesting phone
      fun or social engineering examples or transcripts thereof.
    
    
    Stuff you can email:
    
    - Prank phone calls in .ram or .mp* format
    - Fone tones and security announcements from PBX's etc
    - fun shit you sampled off yer scanner (relevant stuff only like #2600 meeting activities)
    - reserved for one smiley face ->        :-)            <-
    - PHACV lists of files that you have or phac cd's you own (we have a burner, *g*)
    - burns of phac cds (email first to make sure we don't already have em)
    - Any and all telephone sounds/tones/beeps/trunk drops/line tests/etc in .ram etc format or .mp*
    

    If you still can't think of anything you're probably not that interesting
    a person after all so don't worry about it <BeG>

    Our current email:

    Submissions/zine gossip.....: hwa@press.usmc.net
    Private email to editor.....: cruciphux@dok.org
    Distribution/Website........: sas72@usa.net

    @HWA



 00.2 Sources ***
      ~~~~~~~~~~~

     Sources can be some, all, or none of the following (by no means complete
    nor listed in any degree of importance) Unless otherwise noted, like msgs
    from lists or news from other sites, articles and information is compiled
    and or sourced by Cruciphux no copyright claimed.

    News & I/O zine ................. <a href="http://www.antionline.com/">http://www.antionline.com/</a>
    Back Orifice/cDc..................<a href="http://www.cultdeadcow.com/">http://www.cultdeadcow.com/</a>
    News site (HNN) .....,............<a href="http://www.hackernews.com/">http://www.hackernews.com/</a>
    Help Net Security.................<a href="http://net-security.org/">http://net-security.org/</a>
    News,Advisories,++ .(lophtcrack)..<a href="http://www.l0pht.com/">http://www.l0pht.com/</a>
    NewsTrolls .(daily news ).........<a href="http://www.newstrolls.com/">http://www.newstrolls.com/</a>
    News + Exploit archive ...........<a href="http://www.rootshell.com/beta/news.html">http://www.rootshell.com/beta/news.html</a>
    CuD Computer Underground Digest...<a href="http://www.soci.niu.edu/~cudigest">http://www.soci.niu.edu/~cudigest</a>
    News site+........................<a href="http://www.zdnet.com/">http://www.zdnet.com/</a>
    News site+Security................<a href="http://www.gammaforce.org/">http://www.gammaforce.org/</a>
    News site+Security................<a href="http://www.projectgamma.com/">http://www.projectgamma.com/</a>
    News site+Security................<a href="http://securityhole.8m.com/">http://securityhole.8m.com/</a>
    News site+Security related site...<a href="http://www.403-security.org/">http://www.403-security.org/</a>
    News/Humour site+ ................<a href="http://www.innerpulse.com/>http://www.innerpulse.com</a>
    News/Techie news site.............<a href="http://www.slashdot.org/>http://www.slashdot.org</a>
    
    

    +Various mailing lists and some newsgroups, such as ...
    +other sites available on the HNN affiliates page, please see
     http://www.hackernews.com/affiliates.html as they seem to be popping up
     rather frequently ...

    
    http://www.the-project.org/ .. IRC list/admin archives
    http://www.anchordesk.com/  .. Jesse Berst's AnchorDesk

    alt.hackers.malicious
    alt.hackers
    alt.2600
    BUGTRAQ
    ISN security mailing list
    ntbugtraq
    <+others>

    NEWS Agencies, News search engines etc:
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    http://www.cnn.com/SEARCH/
    <a href="http://www.cnn.com/SEARCH/">Link</a>
    
    http://www.foxnews.com/search/cgi-bin/search.cgi?query=hack&days=0&wires=0&startwire=0
    <a href="http://www.foxnews.com/search/cgi-bin/search.cgi?query=hack&days=0&wires=0&startwire=0">Link</a>
    
    http://www.news.com/Searching/Results/1,18,1,00.html?querystr=hack
    <a href="http://www.news.com/Searching/Results/1,18,1,00.html?querystr=hack">Link</a>
    
    http://www.ottawacitizen.com/business/
    <a href="http://www.ottawacitizen.com/business/">Link</a>
    
    http://search.yahoo.com.sg/search/news_sg?p=hack
    <a href="http://search.yahoo.com.sg/search/news_sg?p=hack">Link</a>
    
    http://www.washingtonpost.com/cgi-bin/search?DB_NAME=WPlate&TOTAL_HITLIST=20&DEFAULT_OPERATOR=AND&headline=&WITHIN_FIELD_NAME=.lt.event_date&WITHIN_DAYS=0&description=hack
    <a href="http://www.washingtonpost.com/cgi-bin/search?DB_NAME=WPlate&TOTAL_HITLIST=20&DEFAULT_OPERATOR=AND&headline=&WITHIN_FIELD_NAME=.lt.event_date&WITHIN_DAYS=0&description=hack">Link</a>
    
    http://www.zdnet.com/zdtv/cybercrime/
    <a href="http://www.zdnet.com/zdtv/cybercrime/">Link</a>
    
    http://www.zdnet.com/zdtv/cybercrime/chaostheory/ (Kevin Poulsen's Column)
    <a href="http://www.zdnet.com/zdtv/cybercrime/chaostheory/">Link</a>
    
    NOTE: See appendices for details on other links.
    


    http://news.bbc.co.uk/hi/english/sci/tech/newsid_254000/254236.stm
    <a href="http://news.bbc.co.uk/hi/english/sci/tech/newsid_254000/254236.stm">Link</a>
    
    http://freespeech.org/eua/ Electronic Underground Affiliation
    <a href="http://freespeech.org/eua/">Link</a>
    
    http://ech0.cjb.net ech0 Security
    <a href="http://ech0.cjb.net">Link</a>

    http://axon.jccc.net/hir/ Hackers Information Report
    <a href="http://axon.jccc.net/hir/">Link</a>
    
    http://net-security.org Net Security
    <a href="http://net-security.org">Link</a>  
    
    http://www.403-security.org Daily news and security related site
    <a href="http://www.403-security.org">Link</a>
    

    Submissions/Hints/Tips/Etc
    ~~~~~~~~~~~~~~~~~~~~~~~~~~

    All submissions that are `published' are printed with the credits
    you provide, if no response is received by a week or two it is assumed
    that you don't care wether the article/email is to be used in an issue
    or not and may be used at my discretion.

    Looking for:

    Good news sites that are not already listed here OR on the HNN affiliates
    page at http://www.hackernews.com/affiliates.html

    Magazines (complete or just the articles) of breaking sekurity or hacker
    activity in your region, this includes telephone phraud and any other
    technological use, abuse hole or cool thingy. ;-) cut em out and send it
    to the drop box.


    - Ed

    Mailing List Subscription Info   (Far from complete)         Feb 1999
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~   ~~~~~~~~~~~~~~~~~~~         ~~~~~~~~

    ISS Security mailing list faq : http://www.iss.net/iss/maillist.html


    THE MOST READ:

    BUGTRAQ - Subscription info
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~

    What is Bugtraq?

    Bugtraq is a full-disclosure UNIX security mailing list, (see the info
    file) started by Scott Chasin <chasin@crimelab.com>. To subscribe to
    bugtraq, send mail to listserv@netspace.org containing the message body
    subscribe bugtraq. I've been archiving this list on the web since late
    1993. It is searchable with glimpse and archived on-the-fly with hypermail.

    Searchable Hypermail Index;

          http://www.eecs.nwu.edu/~jmyers/bugtraq/index.html

          <a href="http://www.eecs.nwu.edu/~jmyers/bugtraq/index.html">Link</a>

    About the Bugtraq mailing list
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    The following comes from Bugtraq's info file:

    This list is for *detailed* discussion of UNIX security holes: what they are,
    how to exploit, and what to do to fix them.

    This list is not intended to be about cracking systems or exploiting their
    vulnerabilities. It is about defining, recognizing, and preventing use of
    security holes and risks.

    Please refrain from posting one-line messages or messages that do not contain
    any substance that can relate to this list`s charter.

    I will allow certain informational posts regarding updates to security tools,
    documents, etc. But I will not tolerate any unnecessary or nonessential "noise"
    on this list.

    Please follow the below guidelines on what kind of information should be posted
    to the Bugtraq list:

    + Information on Unix related security holes/backdoors (past and present)
    + Exploit programs, scripts or detailed processes about the above
    + Patches, workarounds, fixes
    + Announcements, advisories or warnings
    + Ideas, future plans or current works dealing with Unix security
    + Information material regarding vendor contacts and procedures
    + Individual experiences in dealing with above vendors or security organizations
    + Incident advisories or informational reporting

    Any non-essential replies should not be directed to the list but to the originator of the message. Please do not "CC" the bugtraq
    reflector address if the response does not meet the above criteria.

    Remember: YOYOW.

    You own your own words. This means that you are responsible for the words that you post on this list and that reproduction of
    those words without your permission in any medium outside the distribution of this list may be challenged by you, the author.

    For questions or comments, please mail me:
    chasin@crimelab.com (Scott Chasin)


    
    Crypto-Gram
    ~~~~~~~~~~~

       CRYPTO-GRAM is a free monthly newsletter providing summaries, analyses,
      insights, and commentaries on cryptography and computer security.

      To subscribe, visit http://www.counterpane.com/crypto-gram.html or send a
      blank message to crypto-gram-subscribe@chaparraltree.com.  To unsubscribe,
      visit http://www.counterpane.com/unsubform.html.  Back issues are available
      on http://www.counterpane.com.

       CRYPTO-GRAM is written by Bruce Schneier.  Schneier is president of
      Counterpane Systems, the author of "Applied Cryptography," and an inventor
      of the Blowfish, Twofish, and Yarrow algorithms.  He served on the board of
      the International Association for Cryptologic Research, EPIC, and VTW.  He
      is a frequent writer and lecturer on cryptography.


    CUD Computer Underground Digest
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    This info directly from their latest ish:

    Computer underground Digest    Sun  14 Feb, 1999   Volume 11 : Issue 09
     
                      ISSN  1004-042X

       Editor: Jim Thomas (cudigest@sun.soci.niu.edu)
       News Editor: Gordon Meyer (gmeyer@sun.soci.niu.edu)
       Archivist: Brendan Kehoe
       Poof Reader:   Etaion Shrdlu, Jr.
       Shadow-Archivists: Dan Carosone / Paul Southworth
                          Ralph Sims / Jyrki Kuoppala
                          Ian Dickinson
       Cu Digest Homepage: http://www.soci.niu.edu/~cudigest



    [ISN] Security list
    ~~~~~~~~~~~~~~~~~~~
    This is a low volume list with lots of informative articles, if I had my
    way i'd reproduce them ALL here, well almost all .... ;-) - Ed


    Subscribe: mail majordomo@repsec.com with "subscribe isn".



    @HWA


 00.3 THIS IS WHO WE ARE
      ~~~~~~~~~~~~~~~~~~
 
      Some HWA members and Legacy staff
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      cruciphux@dok.org.........: currently active/editorial
      darkshadez@ThePentagon.com: currently active/man in black
      fprophet@dok.org..........: currently active/IRC+ man in black
      sas72@usa.net ............. currently active/IRC+ distribution
      vexxation@usa.net ........: currently active/IRC+ proof reader/grrl in black
      dicentra...(email withheld): IRC+ grrl in black


      Foreign Correspondants/affiliate members
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      
       Qubik ............................: United Kingdom 
       D----Y ...........................: USA/world media
       HWA members ......................: World Media
       
      
      
      Past Foreign Correspondants (currently inactive or presumed dead) 
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
       
       N0Portz ..........................: Australia           
       system error .....................: Indonesia           
       Wile (wile coyote) ...............: Japan/the East      
       Ruffneck  ........................: Netherlands/Holland 

       And unofficially yet contributing too much to ignore ;)

       Spikeman .........................: World media

       Please send in your sites for inclusion here if you haven't already
       also if you want your emails listed send me a note ... - Ed

      Spikeman's site is down as of this writing, if it comes back online it will be
      posted here.
      http://www.hackerlink.or.id/  ............ System Error's site (in Indonesian) 
       

       *******************************************************************
       ***      /join #HWA.hax0r.news on EFnet the key is `zwen'       ***
       *******************************************************************

    :-p


    1. We do NOT work for the government in any shape or form.Unless you count paying
       taxes ... in which case we work for the gov't in a BIG WAY. :-/

    2. MOSTLY Unchanged since issue #1, although issues are a digest of recent news
       events its a good idea to check out issue #1 at least and possibly also the
       Xmas issue for a good feel of what we're all about otherwise enjoy - Ed ...


    @HWA



 00.4 Whats in a name? why HWA.hax0r.news??
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                             
      
      Well what does HWA stand for? never mind if you ever find out I may
     have to get those hax0rs from 'Hackers' or the Pretorians after you.

     In case you couldn't figure it out hax0r is "new skewl" and although
     it is laughed at, shunned, or even pidgeon holed with those 'dumb
     leet (l33t?) dewds' <see article in issue #4> this is the state
     of affairs. It ain't Stephen Levy's HACKERS anymore. BTW to all you
     up  and comers, i'd highly recommend you get that book. Its almost
     like  buying a clue. Anyway..on with the show .. - Editorial staff


     @HWA

00.5  HWA FAQ v1.0 Feb 13th 1999 (Abridged & slightly updated again)
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    Also released in issue #3. (revised) check that issue for the faq
    it won't be reprinted unless changed in a big way with the exception
    of the following excerpt from the FAQ, included to assist first time
    readers:

    Some of the stuff related to personal useage and use in this zine are
    listed below: Some are very useful, others attempt to deny the any possible
    attempts at eschewing obfuscation by obsucuring their actual definitions.

    @HWA   - see EoA  ;-)

    !=     - Mathematical notation "is not equal to" or "does not equal"
             ASC(247)  "wavey equals" sign means "almost equal" to. If written
             an =/= (equals sign with a slash thru it) also means !=, =< is Equal
             to or less than and =>  is equal to or greater than (etc, this aint
             fucking grade school, cripes, don't believe I just typed all that..)

    AAM    - Ask a minor (someone under age of adulthood, usually <16, <18 or <21)

    AOL    - A great deal of people that got ripped off for net access by a huge
             clueless isp with sekurity that you can drive buses through, we're
             not talking Kung-Fu being none too good here, Buy-A-Kloo maybe at the
             least they could try leasing one??

   *CC     - 1 - Credit Card (as in phraud)
             2 - .cc is COCOS (Keeling) ISLANDS butthey probably accept cc's

    CCC    - Chaos Computer Club (Germany)

   *CON    - Conference, a place hackers crackers and hax0rs among others go to swap
             ideas, get drunk, swap new mad inphoz, get drunk, swap gear, get drunk
             watch videos and seminars, get drunk, listen to speakers, and last but
             not least, get drunk.
   *CRACKER - 1 . Someone who cracks games, encryption or codes, in popular hacker
                 speak he's the guy that breaks into systems and is often (but by no
                 means always) a "script kiddie" see pheer
              2 . An edible biscuit usually crappy tasting without a nice dip, I like
                  jalapeno pepper dip or chives sour cream and onion, yum - Ed

    Ebonics - speaking like a rastafarian or hip dude of colour <sic> also wigger
              Vanilla Ice is a wigger, The Beastie Boys and rappers speak using
              ebonics, speaking in a dark tongue ... being ereet, see pheer

    EoC    - End of Commentary

    EoA    - End of Article or more commonly @HWA

    EoF    - End of file

    EoD    - End of diatribe (AOL'ers: look it up)

    FUD    - Coined by Unknown and made famous by HNN <g> - "Fear uncertainty and doubt",
            usually in general media articles not high brow articles such as ours or other
            HNN affiliates ;)

    du0d   - a small furry animal that scurries over keyboards causing people to type
             weird crap on irc, hence when someone says something stupid or off topic
             'du0d wtf are you talkin about' may be used.

   *HACKER - Read Stephen Levy's HACKERS for the true definition, then see HAX0R

   *HAX0R - 1 - Cracker, hacker wannabe, in some cases a true hacker, this is difficult to
            define, I think it is best defined as pop culture's view on The Hacker ala
            movies such as well erhm "Hackers" and The Net etc... usually used by "real"
            hackers or crackers in a derogatory or slang humorous way, like 'hax0r me
            some coffee?' or can you hax0r some bread on the way to the table please?'

            2 - A tool for cutting sheet metal.

    HHN    - Maybe a bit confusing with HNN but we did spring to life around the same
             time too, HWA Hax0r News.... HHN is a part of HNN .. and HNN as a proper
             noun means the hackernews site proper. k? k. ;&

    HNN    - Hacker News Network and its affiliates http://www.hackernews.com/affiliates.html

    J00    - "you"(as in j00 are OWN3D du0d) - see 0wn3d

    MFI/MOI- Missing on/from IRC

    NFC   - Depends on context: No Further Comment or No Fucking Comment

    NFR   - Network Flight Recorder (Do a websearch) see 0wn3d

    NFW   - No fuckin'way

   *0WN3D - You are cracked and owned by an elite entity see pheer
   *OFCS  - Oh for christ's sakes

    PHACV - And variations of same <coff>
            Phreaking, Hacking, Anarchy, Cracking, Carding (CC) Groups Virus, Warfare

          Alternates: H - hacking, hacktivist
                      C - Cracking <software>
                      C - Cracking <systems hacking>
                      V - Virus
                      W - Warfare <cyberwarfare usually as in Jihad>
                      A - Anarchy (explosives etc, Jolly Roger's Cookbook etc)
                      P - Phreaking, "telephone hacking" PHone fREAKs ...
                     CT - Cyber Terrorism

   *PHEER -  This is what you do when an ereet or elite person is in your presence
            see 0wn3d

   *RTFM  - Read the fucking manual - not always applicable since some manuals are
            pure shit but if the answer you seek is indeed in the manual then you
            should have RTFM you dumb ass.

    TBC   - To Be Continued also 2bc (usually followed by ellipses...) :^0

    TBA   - To Be Arranged/To Be Announced also 2ba

    TFS   - Tough fucking shit.

   *w00t  - 1 - Reserved for the uber ereet, noone can say this without severe repercussions
            from the underground masses. also "w00ten" <sic>

            2 - Cruciphux and sAs72's second favourite word (they're both shit stirrers)

    *wtf  - what the fuck

    *ZEN  - The state you reach when you *think* you know everything (but really don't)
            usually shortly after reaching the ZEN like state something will break that
            you just 'fixed' or tweaked.
            
     @HWA            
     
     
                            -=-    :.    .:        -=-
                            
                            
                            

 01.0 Greets!?!?! yeah greets! w0w huh. - Ed
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

     Thanks to all in the community for their support and interest but i'd
     like to see more reader input, help me out here, whats good, what sucks
     etc, not that I guarantee i'll take any notice mind you, but send in
     your thoughts anyway.


       * all the people who sent in cool emails and support
       
     FProphet       Pyra                TwstdPair      _NeM_
     D----Y         Kevin Mitnick (watch yer back)     Dicentra
     vexxation      sAs72               Spikeman      
     p0lix          Vexx               
    
     
     Ken Williams/tattooman of PacketStorm, hang in there Ken...:(
          
     and the #innerpulse, crew (innerpulse is back!) and some inhabitants 
     of #leetchans ....  although I use the term 'leet loosely these days,
     <k0ff><snicker>  ;) shouts to #feed-the-goats and #cache
       
     
     kewl sites:

     + http://www.securityfocus.com NEW
     + http://www.hackcanada.com
     + http://www.l0pht.com/
     + http://www.2600.com/
     + http://www.freekevin.com/
     + http://www.genocide2600.com/
     + http://www.packetstorm.harvard.edu/    ******* DOWN ********* SEE AA.A
     + http://www.hackernews.com/ (Went online same time we started issue 1!)
     + http://www.net-security.org/
     + http://www.slashdot.org/
     + http://www.freshmeat.net/
     + http://www.403-security.org/
     + http://ech0.cjb.net/

     @HWA


 01.1 Last minute stuff, rumours and newsbytes
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

       "What is popular isn't always right, and what is right isn't
         always popular..."
                           - FProphet '99
                           
       

    +++ When was the last time you backed up your important data?
    
     ++ Read email from DNV in the mailbag about a bug in many www on-site search options
     
     ++ Packet Storm Security Data Returned 
     
        From HNN http:www.hackernews.com/

        contributed by Ken Williams 
        Harvard University has graciously shipped a 17.2GB hard
        drive that should contain the complete Packet Storm
        Security Archives to Ken Williams. Ken has told HNN that
        he is currently investigating the numerous offers he has
        received to host the site and hopes to have it back
        online soon. He has said that the legal issues
        surrounding this mess still need to be resolved.
        For more information on this story see the HNN archives.

        HNN Archive for July 1, 1999
        http://www.hackernews.com/arch.html?070199
        
     
     ++ GOBBLING UP A PAC-MAN RECORD (CULT. 3:00 am)
        http://www.wired.com/news/news/email/explode-infobeat/culture/story/20607.html
        
        from Wired News

        Practice makes perfect, and someone has reached the
        unreachable score on the popular Pac-Man arcade game. It
        only took Billy Mitchell 15 years to do it. By
        Leander Kahney.
        
     ++ INSIDE THE VIRUS WRITER'S MIND (POL. 9:15 am)
        http://www.wired.com/news/news/email/explode-infobeat/politics/story/20624.html
        
        from Wired News

        Hackers who author the programs that infect PCs are not all
        adult sociopaths or adolescent dropouts. But they are
        usually male and well-to-do. Vince Beiser reports from
        Las Vegas.
   
    ++  DEFCON: BRING IN DA NOISE (TECH. 8:15 am)
        http://www.wired.com/news/news/email/explode-infobeat/technology/story/20621.html
        
        from Wired News

        The annual hacker convention kicks off in Las Vegas Friday.
        Some will be here for talk of exploits and scripts. Others
        just want to party. By Polly Sprenger.
           . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
    ++  MAILZONE'S NEW MP3 MONITOR (CULT. 3:00 am)
        http://www.wired.com/news/news/email/explode-infobeat/culture/story/20619.html
        
        from Wired News


        New software can block MP3 file attachments in corporate
        email and tell the difference between legal and illegal
        music files. Skeptics abound. By Joe Ashbrook Nickell.
        
    ++  REPORT: MIDEAST MISSES THE NET (POL. 3:00 am)
        http://www.wired.com/news/news/email/explode-infobeat/politics/story/20616.html
        
        from Wired News

        Censorship, taxes, and traditional Muslim mores have curbed
        Net use throughout much of the Middle East. A human rights
        organization reports on the restrictions. Declan McCullagh
        reports from Washington.
           . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .


    ++ EX-SPAM KING SHOWS NO MERCY (POL. 3:00 am)
       http://www.wired.com/news/news/email/explode-infobeat/politics/story/20618.html
       
       from Wired News

       Once the undisputed king of spam, Sanford Wallace sues a
       competitor for US$1 million for allegedly libeling him as a
       spammer. By Deborah Scoblionkov.    



    ++ ONLY YOU CAN PREVENT CYBERCRIME (POL. Wednesday)
       http://www.wired.com/news/news/email/explode-infobeat/politics/story/20609.html
       
       from Wired News
 
       The man charged with streamlining the US government's cyber
       defenses says the public and private sectors must share
       resources to prevent attacks. Vince Beiser reports from
       Las Vegas.

    
      Thanks to myself for providing the info from my wired news feed and others from whatever
      sources, also to Spikeman for sending in past entries.... - Ed
      
     @HWA

 01.2 MAILBAG - email and posts from the message board worthy of a read
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
       
       From: dev-null@no-id.com 
       Date: Fri, 9 Jul 1999 20:13:53 -0400 
       Message-Id: <199907100013.UAA02126@pistol.cde.com> 
       To: hwa@press.usmc.net 
       Reply-To: hwa@press.usmc.net 
       Subject: Credit Card 
       reply-to: gadjoman@bigfoot.com 
       
       
       This time there is some news in france:
       It seems that a french techincian was able to break the credit card system used in france 
       (and worldwide) using some common hardware. Using his PC, he build a false credit card and
       used it (not in an illegal way).
       
       Of course, being a "good" citizen he warned the "banque de fance" (fench cental bank) of 
       the poblem. To thank him, he had the visit fom the fench cops and was chaged of credit card
       fraud ...
       
       
       for more infomation (sorry it is all in fench) see: http://altern.org/humpich/
       and http://www.zataz.com/Magazine/SH.html
       
       
       gadjo
       
       
       --
       This message has been sent via an anonymous mail relay at www.no-id.com.
       
       
       -=-     
            
       From: "DNV" <dnv@xxxxxx.dk> 
       Reply-To: "DNV" <dnv@xxxxxxx.dk> 
       Date: Wed,  7 Jul 99 23:40:48 +0100 
       To: hwa@press.usmc.net 
       Subject: a small Bug..and maybe old...I don't know! 
       
       
       HI!!
       Great Mag you got...keep you the good work.
       Anyway....
       I write to you because I found a funny 'bug'.
       On many homepages there is a "search" botten ,try it!!
       I tryed and found alot of funny stuff like emails,login...
       and other stuff. It can give you a good idea if you are going to SE the firm. The best 
       to look for is  files like .dat .passwd .htpasswd and other system files that 
       are interesting too "look" at.
       ----
       Here is one the exampel i tryed:
       www.global-one.net  (a very BIG ISP)
       search for .dat
       http://www.global-one.net/en/consultant/con-reg.dat
       ----
       I have seen many other site with the same 'bug' ,but I really don't know is its a old bug..
       or just a programmer error.
       please give me some credit for it if you are going to 
       publish it and if its any good.... (I hope so....hehehe)
       ------------
       Your fan and friend...
       DNV@xxxxxxx.dk     
       ================================================================
       
       
      @HWA


 02.0 From the editor.
      ~~~~~~~~~~~~~~~~

     #include <stdio.h>
     #include <thoughts.h>
     #include <backup.h>

     main()
     {
      printf ("Read commented source!\n\n");

     /*
      *Seems like Ken's doing ok with his data, after all the hullaballoo and
      *yellin it turns out Harvard kicked up the data that consisted of his
      *site so that poor packetstorm.nl.linux.org 486 needn't have gone thru
      *all that networking pain, well maybe this was a wake up call a great site
      *like PSS *should* be mirrored and it sounds like this is whats in the
      *works now with the new 'multiple server approach' to the rebuilding of
      *the site, so soon all you leeches (like me) can jump back in and grab
      *your fill of the 0-day security juarez....
      *
      *
      *Meamwhile, slim pickings this week, i'm not rich and can't afford the
      *flight to DefCon so i'll be reporting third hand as usual as to what's up
      *and will keep you up to date on the webcasts and shit like Parse doing a
      *gig from the conf... so this issue will probably be released after FedCon
      *erh DefCon 99...in case you hadn;t figured that out by reading it now.
      *
      *THE NEW AND IMPROVED (MORE STARCH!) ISSUE #24 IS NOW ON YOUR SCREEN!
      *visuals by Cruciphux, lenses by my Dad, Colour by colourful puppies
      *
      */
      printf ("EoF.\n");
      }

      

      Congrats, thanks, articles, news submissions and kudos to us at the
     main address: hwa@press.usmc.net complaints and all nastygrams and
     mailbombs can go to /dev/nul nukes, synfloods and papasmurfs to
     127.0.0.1, private mail to cruciphux@dok.org

     danke.

     C*:.


     @HWA
     
     
 03.0 PacketStorm Security begins to rebuild and plans a come-back       
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 
      From packetstorm.genocide2600.com July 6th 1999
      
      The index.html; (links not included, check it out yourself)
      
      
      Packet Storm Security is Closed.






                 But it will be coming back soon, bigger and better than ever, to servers (yes, servers is very plural) near you. 




                              And, of course, it'll be sponsor-free, banner-free, no membership fee. Just plain fucking FREE. :) 

                                       The way your personal and network security and privacy should be. 




                                                 FREE Security and Crypto warez here: 
                                                 
                                                  ATTRITION 
                                                  Bruce Schneier's Counterpane Systems 
                                                  Spaf's Hotlist 
                                                  HNN 
                                                  HNC 
                                                  Insecure.org 
                                                  John Young's Cryptome 
                                                  L0pht Heavy Industries 
                                                  s e c u r i t y f o c u s 
                                                  Technotronic 









                                                        pgp keys are cool 

                                                           click me! 

                                                          click me too! 

                                                          Hit me, baby! 




                                                You are visitor number 1 since Dec 31, 1969.




                                                       view the source, luke. 
      
      
      
      
      
      
      The HTML Source;                                
 
 
       <!---   what does JP really have to say?
       
       "One hardly has to "hack a webpage" to get their point of view told. That's the wonder of the Internet." -- John Vranesevich, Founder, AntiOnline
       
       "I'd like to take this opportunity to say that I do all of the html on this site by hand." -- John Vranesevich, Founder, AntiOnline, 10-13-98
       
       "I'm on AOL's restricted list. Oh well, it's worth it. Hahaha." -- John Vranesevich, Founder, AntiOnline, 10-13-98
       
       "'Confessions of a Script Kiddie', I can see it now..." -- John Vranesevich, Founder, AntiOnline, 10-5-98
       
       "Hack a site today, develop a strong political agenda tomorrow." -- John Vranesevich, Founder, AntiOnline, 10-5-98
       
       "For those neophytes reading this right now, he is NOT a hacker, he's what we in the computer security field call a jack ass." -- John Vranesevich, Founder, AntiOnline, 9-9-98
       
       "I just don't want to see anyone getting hacked, fired, or arrested, for publishing an article here on AntiOnline." -- John Vranesevich, Founder, AntiOnline, 7-22-98
       
       "It would take a lot more than an act of congress to get AntiOnline shut down." -- John Vranesevich, Founder, AntiOnline, 7-13-98
       
       "Do we object to hack attempts against our system? Well, I certainly haven't handed out invitations. But, being the type of site we are, and being as hated as I am, it's something that I've come to expect." -- John Vranesevich, AntiOnline Founder, getting a clue on 3/15/99
       
       "Well, some have written me accusing me of being a flat out biggot. But, I think that every week I take the opportunity to rag on a different country, nationality, or a University of Pittsburgh employee, equally." -- AntiOnline Founder John Vranesevich (JP), 3/22/99
       
       "Ok, last year it was some dude named Kalid Ibrahim from Harkat-ul-Anser with his yellow rider rent-a-truck, this year it's a disgruntled Brazilian. BTW: it's not my fault that their president can't get head." -- AntiOnline Founder John Vranesevich (JP), 3/22/99
       
       "Well, most of my investment money went to support a cocaine addiction, everything that I have left is going towards re-hab." -- AntiOnline Founder John Vranesevich (JP), 3/22/99, explaining what happened to all of the AntiOnline funding capital
       
       "As for my lobby, it's hardly unkept. We have a team of migrant mexican workers come in weekly to vacuum and dust." -- AntiOnline Founder John Vranesevich (JP), 3/22/99
       
       "Is it just me, or does this guy sound like he's spewing out propaganda fed to him by Janet Reno herself?" -- John Vranesevich, AntiOnline Founder, 4/5/99, responding to criticism from NeonSurge
       
       "The first minute I'm running a hacker underground railroad, the second I'm secret agent man." -- John Vranesevich, AntiOnline Founder, 4/5/99
       
       "Let's keep one thing straight. I never 'been there and done that'. I've always been on the right side of the law as far as those sort of things go (well, as far as all things go for that matter). In my case it's more like 'was there, watched that from a distance, took notes'. Heh." -- John Vranesevich, AntiOnline Founder, 4/5/99
       
       "God help me if she ever becomes a computer security expert." -- John Vranesevich (JP), AntiOnline Founder, 4/20/99, referring to his mother
       
       "Ok, so she wasn't a bitch, she was a whore (Did that last comment go to far? Last thing I need is to loose corporate sponsors. Oh well...)." -- John Vranesevich (JP), AntiOnline Founder, 4/26/99
       
       "If you see a man standing on a street corner snorting crack with a bunch of hookers, you can assume he's not the neighborhood priest. Well, you used to be able to assume that." -- John Vranesevich, AntiOnline founder and crackhead, in his "How To Be A Hacker Profiler - III" article
       
       "Believe me, you'll never know the true meaning of the word "cracker" until you've been down there [Tennessee]." -- AntiOnline Founder and ignorant bitch, John Vranesevich, 5/10/99
       
       "Start talking badly about the 'founder' of the group to other 'members' ... spread lies or rumors ... make fictitious posts to popular underground webboards." -- John Vranesevich, AntiOnline founder and crackhead, 5/3/99
       
       "Unfortunately, I've found myself looking in the mirror with disgust these past few months." -- John Vranesevich, Founder, AntiOnline, 6/4/99
       
       //-->
       
       

       <!-- for the record --

       AntiOnline's claims that i posted harassing and threatening comments, that i threatened JP and family, 
       that i posted anybody's names and addresses, that there was gay porn and "nuns covered in seminal fluid"
       are all pure BULLSHIT.  

       You are free to believe what you want.  JP's statements above say it all, imho.

       //-->
       
       -=-
              
       Here's an article of interest linked to from the old packetstorm url...
       
       http://www.globe.com/dailyglobe2/184/metro/Harvard_defends_role_in_dean_s_resignation_amid_porn_claims+.shtml
       
       Harvard defends role in dean's resignation
       amid porn claims 
 
       By James Bandler, Globe Correspondent and Ross Kerber Globe Staff, 07/03/99 
 
           n his first public comment on the matter, Harvard President Neil L.
           Rudenstine has defended his university's role in the forced resignation
       of the Harvard Divinity School dean who stepped down last fall amid
       allegations of pornography use on his office computer.
 
       Rudenstine rejected criticism in the press that divinity school technicians had
       violated the privacy of Dean Ronald Thiemann by notifying authorities about
       the presence of pornography on his office computer.
 
       ''At no time did any Harvard personnel violate Professor Thiemann's privacy,''
       Rudenstine said in a written statement released Thursday.
 
       The role of the university's technology staff was reviewed at the senior levels
       of the university and there was nothing invasive or inappropriate about the
       staff's actions, he said.
 
       ''Rather, staff members repeatedly and over a period of more than a year
       carried out tasks that the dean directed them to perform, consistent with their
       official duties, in a place that had clearly become part of their professional
       work environment. 
 
       ''In so doing, they were unavoidably and involuntarily exposed to inappropriate
       materials which they found to be not only offensive, but severely distressing.''
 
       Thiemann, who presided over the divinity school for nearly 13 years, stepped
       down in November citing personal and professional reasons. He has not
       commented publicly on the matter.
 
       Thiemann's lawyer, Harvard Law School professor Charles Ogletree, said
       Thiemann was profoundly disappointed by Rudenstine's statement. He said
       that it was difficult to understand why the university did not contact Thiemann
       about the allegations earlier if there really had been problems for a year.
 
       ''Dean Thiemann has made every effort to respect and maintain the privacy
       for him and his family and has avoided any public comment on the allegations,''
       Ogletree said. ''After 13 years of unprecedented success serving as dean of
       the divinity school, there is a strong feeling that he is now being kicked in the
       stomach when he's down, while the university continues to protect the privacy
       of those who have made allegations against dean.''
 
       Sources at Harvard said the pornographic material was discovered in October
       on Thiemann's Harvard-owned computer after he requested a new hard drive
       to replace his existing one, which was full. The computer was in the office of
       Thiemann's Harvard-owned residence.
 
       Sources said that an explicit pornographic image was on the computer screen
       when a technician walked into the room. Ogletree said the incident did not
       happen.
 
       In a process that involved down-loading the files from the old hard drive to the
       divinity school's mainframe to the new hard drive the technician saw sexually
       explicit file names crossing the screen, according to sources.
 
       Because of the presence of so many image files, the file transfer process took
       an entire work day, the sources said. When the technician's supervisor
       inquired why the transfer was taking so long, he did not want to answer, but
       eventually did, the sources said.
 
       Rudenstine said in his statement that staff members were ''reluctant to report
       the matter,'' and eventually spoke only to senior officers at the divinity school.
       After consultation, the senior officers reported the facts to the university
       president's office, Rudenstine said.
 
       After the pornography scandal became public this spring, Thiemann became
       something of a reluctant cause celebre among Internet privacy rights activists.
       In the Thursday edition of the Boston Phoenix, media critic Dan Kennedy
       singled out Rudenstine in his annual ''Muzzle Awards,'' a list of people who
       Kennedy said undermine free speech.
 
       Harvard, for the most part, declined to respond to the attacks. But it was the
       recent remarks of Harvard Law School professor Alan Dershowitz that
       prompted the university to defend its beleaguered information technology staff
       after he referred to them as ''snoops'' and ''peeping toms.''
 
       In other Harvard news, the university said that on Wednesday its technicians
       removed an independently produced Web site from school computers after
       receiving a complaint that it contained offensive material.
 
       University spokesman Joe Wrinn said the site was operated by a group known
       as PacketStorm Security, led by a site administrator in North Carolina.
       Harvard had made an unusual agreement recently to host the popular site in
       order to help distribute software security tools.
 
       But in addition, the PacketStorm's site included graphic sexual images and
       other material apparently intended to satirize a rival Web site, AntiOnline.com,
       devoted to software security matters.
 
       According to a letter to Harvard from AntiOnline founder John Vranesvich,
       the PacketStorm site included ''a large archive of libelous and, to put it bluntly,
       sick material,'' including '' images ranging from people engaged in homosexual
       activities, to a nun that appears to be covered in seminal fluid.''
 
       The descriptions were accurate, said Harvard spokesman Wrinn, prompting
       the university to remove the site from its computers because it violated school
       policies. Harvard is in the process of returning the data to PacketStorm
       administrator Ken Williams, Wrinn said.
 
       Williams could not be reached for comment, but in a letter posted on a
       different site on the Web he denied that his site had posed a threat to
       Vranesevich and complained that in shutting down the site, Harvard acted
       inapropriately, because ''no laws or rules were broken on my part.''
 
       This story ran on page B3 of the Boston Globe on 07/03/99. 
       © Copyright 1999 Globe Newspaper Company.   
                  
      @HWA            
     
 
 04.0 New zine from .nz AnarchyNZ
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~
      
      http://surf.tO/AnarchyNZ
      
      A new zine has just started up which intends to cover the underground scene in Auckland
      New Zealand, (a small island just off the coast of Australia)
      
      check em out they're brand new and looking for members...
      
      @HWA
      
      
 05.0 DEFCON
      ~~~~~~
      
      Friday June 9th, DefCon starts, www.defcon.org gets hacked by ADMcrew, claiming to be 
      representing ADM-con, checked this hack out it looks almost too neat to be for real but
      who knows? as a courtesy the original page is linked to at the bottom of the hacked page
      
      
      Intro; (Wired)
      
      Coming Soon: Back Orifice 2000
      by Niall McKay 

      3:00 a.m.  30.Jun.99.PDT
      An underground computer security group is poised to release a new version of a
      notorious software program that could allow crackers to watch and listen in on
      Windows-based PC users. 

      The Cult of the Dead Cow said it will release Back Orifice 2000 on 9 July -- at
      the annual Def Con convention in Las Vegas. 

      "This will demonstrate that Microsoft's operating systems are completely
      insecure and a bad choice for consumers and businesses who demand privacy,"
      said Oxblood Ruffin, a former United Nations consultant and current Cult of
      the Dead Cow spokesman. 


        
      Def Con is perhaps the most unusual gathering in the computer security field.
      Hackers, crackers, and self-proclaimed security experts will mingle with media,
      security professionals, federal law enforcement officers, and "script kiddies"
      who deface Web pages with prefab cracking code. 

      Security groups of all stripes use the occasion to release software and show
      off gadgets. But Back Orifice 2000 is perhaps the most anticipated item. 

      Unlike previous versions of the software, Back Orifice 2000 will run on Windows NT
      and feature strong encryption and a modular architecture that the group said
      will allow hackers and other security groups to write plug-ins. 

      The program will be released as open source to encourage further development
      by the security community. 

      Back Orifice, released at last year's DefCon, may allow malicious users to monitor
      and tamper with computers without the permission or knowledge of their owners. 

      The program is classified as a Trojan Horse because crackers need to dupe the
      user into installing an application on their hard disk. Despite this, Oxblood Ruffin
      said that the program is currently installed on up to a half-million PCs
      worldwide. 

      Though that number could not be independently verified, an Australian
      computer security group last November said that 1,400 Australian Internet
      accounts have been compromised by Back Orifice. 

      Back Orifice 2000 also promises to be a great deal more difficult to detect than
      its predecessor because it enables users to configure its port setting. Previously,
      intrusion detection and antivirus programs could detect Back Orifice because it used
      a default port setting of 31337. 

      A Microsoft Windows NT Server security manager said the company is closely
      monitoring Back Orifice development and is working with antivirus and intrusion
      detection software vendors to provide customers with utilities to combat the
      software. 
      
      "Trojan Horses are not technological issues but a social engineering problem
      because they rely on the ability of the cracker to trick the user into running an
      application," said Scott Culp. 

      "It's just a fact of computer science that if you run a piece of code on your
      machine you run the risk making your system vulnerable." 

      The solution, according to Culp, is to ensure that users do not install any
      software from untrusted sources and regularly update antivirus and intrusion
      detection programs. 

      Also at the show, independent security consulting firm L0pht Heavy Industries will
      release AntiSniff, a network monitoring tool, and will announce BootyCall, a
      PalmPilot War Dialer. Such programs will automatically dial telephone numbers in
      sequence, looking for modems. 

      Zero-Knowledge Systems is also expected to provide further details about Freedom,
      a network of servers promising total online anonymity. 

      Def Con will also feature some of its legendary sideshow attractions, such as
      the Spot the Fed contest. In this game, conference attendees are invited to point
      out suspicious attendees who may be working for federal law enforcement
      agencies. Winners will be awarded an "I spotted the Fed" T-shirt. 

      Other diversions include a fancy dress ball, Hacker Jeopardy, and the Hacker
      Death Match, a game that enables hackers to take their flame mails out of
      cyberspace and into reality by dressing up in giant inflatable Sumo suits to do
      battle. 

      Well-heeled attendees are invited to a US$100 outing to Cirque du Soleil. 

      Meanwhile, the conference will include sessions on how to detect wiretaps; the
      art and science of enemy profiling; hacking ethics, morality, and patriotism;
      cyber-forensic analysis; and a talk on the practice of hiring hackers as security
      consultants. 

      -=-
      
      
      And DefCon; heres an update from Wired on defcon;

      DefCon: Bring in Da Noise
      by Polly Sprenger 

      8:15 a.m.  8.Jul.99.PDT
      Every year it's the same. 

      DefCon rolls around, and every media outlet churns out an article citing an "old
      school" hacker complaining that the "script kiddies" don't have any skills, don't
      have any respect, and never had to rebuild an Altair with their bare hands. 

      Here you go: "I've been a hacker since before there were microcomputers," said
      Chris Tucker, a one-time hacker who is now semi-retired due to arthritis. "I see
      [DefCon] as an opportunity to act like a mentor, to say 'this is how it should be
      done, don't give in to the dark side kids.'"

      But while the older generation of DefCon attendees is hand-wringing over the fact
      that "kids these days don't even write their own exploits anymore," the younger
      generation is busy donning fright wigs and fingernail polish in preparation for another
      DefCon staple: the raves. 

      Hackers and raves have gone hand in hand since the industrial music of the '80s
      gave way to the electronica of the '90s, said The Clone, one of this year's
      attendees. 

      "DefCon is a weekend event held from early in the morning until about 10pm," he
      said. "What's there to do between then and morning? Sleep? Of course not. Going
      raving is where it's at." 

      This year's conference coincides with the anniversary party of Candy FactorE, a
      locale that The Clone said has propelled the Vegas raving scene. 

      "Two underground scenes combine in one city. What could be better?," he asked. 

      Brian Fite of HSK, a security-interest site, said that even the music divides the
      old-timer hackers from the younger generation. 

      "I came out of hard core punk, the old school," he said. "Now, house music and
      raves is the 'underground.'" 

      But if raves is what they come for, raves is what they'll get, Fite said. More than
      24 bands and DJs have been invited to perform onstage at DefCon. Their musical
      genres, listed on the DefCon site, range from industrial to house to jungle to
      trance. 

      Brandon Cox, another HSK staffer attending DefCon for the first time, said
      he expects the difference between the two groups of hackers to be obvious: "All
      the young guys will be walking around in baggy pants and Adidas', and all the old
      guys will be wearing Doc Martens and black T-shirts." 

      The musical performances will be Webcast by Pirate Radio UK, for anyone
      who wants to experience the music remotely. 

      Cox, 25, said hackers of his generation are attracted to the techno music both
      because of its roots in technology and the way it draws together the
      underground. "I think it was young, outcast kids, looking for a way to fit in,"
      Cox said. 

      "Maybe it's more that everybody is accepted," said Fite. "A lot of these
      hip-hop kids dress weird, and accept other, different cultures. Diversity is good
      for the species." 

      But ravers, like non-malicious hackers, resent the image that gets presented to
      the public about their subculture. 

      "There have been rumors of undercover reporters looking for 'hot' sweeps week
      stories in raves," said "Driz," a Vegas-area raver. "One misinformed story gives off a
      surprising amount of bad impressions. If there's a trace of something juicy,
      reporters seem to turn on their hidden cameras and focus on the negativity." 

      But ravers like Driz can see past the negativity. "There is nothing better when
      there's a smile on every face, the music is thumpin', everyone's dancing, and the
      vibes are good!" 
      
      
      
      More from Wired;
      
      Fear and Hacking in Las Vegas 
      by Polly Sprenger 

      3:00 a.m.  10.Jul.99.PDT
      LAS VEGAS -- The sun rose Friday morning on the first day of Def Con, the
      annual hacker conference, with labor crews hosing down the parking lots and
      the highways. 

      Workers were dealing with the aftermath of an unexpected thunderstorm that shut
      down the airport Thursday and left the city sunk in a thick layer of mud. 

      More than 600 of Def Con's 6,000 expected attendees were already in town
      for the Black Hat security conference. The timing was unfortunate, however.
      Next door to the predominately male-attended Black Hat conference was
      a teenage dance competition, where, after spending the day listening to talks
      on security issues, attendees could watch adolescent dancers shaking their
      groove thang. 

      "Someone's gonna get arrested," sighed Chris, from Toronto, in the bar of the
      nearby Hard Rock Cafe later. 


       But by mid-morning, hackers shook off their Thursday night hangovers to
      descend on the convention hall. Hacker groups and enthusiasts did a brisk trade
      in T-shirts, hacker equipment, and zines. 

      As a TV crew cruised the hall, an organizer asked everyone to be mature
      and not deface the camera. 

      "Be good, and next time Mom will let you wear the big pants," he said to the
      youthful, baggy-panted crowd. 

      Convention-goers were testing their competitive side in the sixth annual Spot
      the Fed contest (several agents were outed by early afternoon), and by
      donning inflatable sumo wrestling suits for a little all-in-fun mock violence. 

      "Always wanted to beat up some punk on the mailing list? You really hate the
      person who always argues with you?" DefCon organizers asked. "How about media
      vs. the underground? Or feds vs. hackers? We've rented giant inflatable
      sumo suits for you to do battle." 

      T-shirts like "I miss crime" and "I hate stupid people" caught approving glances
      from the crowd, while a photographer wandered around the room snapping
      shots of any available woman for the "Babes of Def Con" photo album. 

      Outside the smoky, crowded hall, a group of younger attendees was gleefully
      stringing cable from hotel room to hotel room, beefing up the paltry connection
      offered by the Alexa Park convention center and resort. 

      The "day in the sun" feeling was soured a bit as a group of security enthusiasts
      posted "wanted" signs accusing John P.Vranesevich, founder of AntiOnline, of
      criminal activities. They accuse the computer security pundit of paying
      crackers to hit sites in exchange the scoop. 

      Vranesevich and his supporter, Happy Hacker Carolyn Meinel, vocally deny that
      he has done anything wrong, and point the finger back at the accusers, who
      have posted material about Vranesevich on their Web site. 

      The controversy escalated last week, when a popular site for security
      information, PacketStorm, was removed from its host server at Harvard after
      university officials were told that the site had negative and allegedly libelous
      information about Vranesevich on it. 

      But according to Brian Fite of HSK, the tension only adds another dimension of
      excitement to the goings-on. 

      Also on the underground agenda is a party to announce the "launch" of Back
      Orifice 2000, a hacking tool for Microsoft office 2000; a formal black-and-white ball
      where T-shirts will be traded in for tuxes;  and assorted, sordid all-night raves. 
     
      
      -=-
      
      The aftermath according to HNN;
      
      
      Defcon Recovery 


      contributed by Space Rogue 
      We are still hung over and recovering from Defcon this past weekend. Our plane landed just hours ago and we
      are currently reading the 1200+ emails that have piled up over the last six days. We should hoepfully have
      regular news for your tomorrow. 

      Defcon Notes
      The estimated attendance for Defcon this year was 3000 people. 1200 more people than last year. 

      The BO2K presentation was standing room only. A few early copies of BO2K were thrown out to the crowd on
      CD. Someone took one of those copies and duplicated it. Unfortunately the dups are infected with CIH. If you
      did not receive an original copy be sure to double check it. 

      Carolyn Meinel was escorted out of the Alexis Park Hotel. The official reason given for the ejection was due
      to two seperate violations of press privilages. 

      The Defcon.org Web Page was cracked just as the con was starting on Friday. We should hopefully have an
      archived copy soon. 

      We hope to return to full coverage of all the news tomorrow. Hopefully we will be sober by then. 
      
      -=-
      
      The NYTimes;, Contributed by someone on IRC (#feed-the-goats?) sorry forget your nick...
      
      Hackers Say Government Falls Short on
      Computer Security

      By MATT RICHTEL  

           AS VEGAS -- A White House official took a verbal pounding
           Friday night at a conference of computer hackers and security
      professionals, some of whom accused the Government of inadequately
      protecting its computers. 

      The criticisms came during a panel debate called "Meet the
      Feds" at Defcon, the annual gathering of computer hackers. 

      After the discussion, Jeffrey A. Hunker, senior director for
      infrastructure protection for the National Security Council,
      conceded that the hackers have a point when they say that the
      Government has far to go. "We have something to learn from
      them," he said. 

      Malicious hackers, known as "crackers," have taught the Government
      several lessons in recent months, taking down several major Web sites
      including those of the White House, Senate and FBI. 

      Many of the more than 2,000 attendees at Defcon VII are not interested
      in wreaking havoc. They are computer security professionals and hackers
      with a general interest in deconstructing computer code, although their
      standard black attire and occasional arrogance gave the conference some
      menacing overtones. 

      Around 400 attendees gathered in a main auditorium to hear Hunker
      speak, and some took him to task and accused the Government of
      ignoring security issues for too long. 

      Chief among the criticisms was that the
      Government should not rely so heavily on
      software from the Microsoft Corp. The
      company is a perennial whipping boy at Defcon
      because many of its programs have been shown
      to contain security flaws. 

      Hunker and several other Government
      employees on the panel, including a
      representative from the Defense Department,
      said they have been hampered by limited funds and a lack of qualified
      technical personnel. Hunker said the Government is pouring resources
      into the security problem and that President Clinton's proposed budget
      for fiscal year 2000 includes $500 million in financing for research and
      development, of which a portion would go to bolstering the computer
      infrastructure. 

      "Almost all of the systems we are dependent on have significant
      vulnerabilities," Hunker said. "This conference is about identifying the
      vulnerabilities." 

      Some in attendance responded well to Hunker's conciliatory
      tone, complimenting him afterwards on his effort to start a
      dialogue with hackers. Hunker said that while he has followed
      cutting-edge hacking technology, the conference was
      the first time he has immersed himself in hacker culture. 

      At least one hacker in the crowd was unforgiving. "I hope they hack all
      the '.gov' sites in the next 12 months, just like they said they would," said
      a hacker in his mid-20s who identified himself only as "Codepoet,"
      referring to threats from cracker groups to take down all Government
      Web pages. "There's a lot of arrogance on the part of the Government
      about technology," he said. 

      Contributing to the tension between hackers and Government officials at
      the conference were the recent raids by the FBI on computer crime
      suspects. In June, a new cybercrime unit overseen by the United States
      Attorney's office in Dallas said it had issued 16 warrants in 12
      jurisdictions after a year-long investigation into hacking-related crimes,
      but had not yet charged anyone. 

      Before Defcon began, its organizers insisted the raids would have minimal
      impact on the conference. But a handful of crackers who confessed to
      participating in illicit activities privately whispered that they have
      newfound concerns about whether they might be next. 

      "They reacted, so we reacted, so they reacted, so we reacted," said
      Codepoet, referring to the arms race between crackers and government.
      (He identified himself as a hacker, not a cracker.) The tension "is
      somewhat heightened," he said. 

      Marc Maiffret, also known as
      Chameleon, had his home
      raided by the FBI last summer
      but was never charged with a
      crime. He said the raids have
      frightened some of the young
      hackers. Maiffret said he now
      works as a computer security
      professional. "People are
      afraid," he said. "There is a lot of
      pressure to go legit." 

      Some said they were on edge because they did not know who might be
      raided next or what activities might put them on the radar of Government
      agents. That uncertainty is perpetuated in part by the Government itself,
      which has not yet issued any charges or made arrests in relation to the
      June raids. 

      Nor has the Government said what areas of computer activity it is
      targeting, besides stating generally that the activities under investigation
      include stealing and misusing credit card numbers and computer
      passwords. A spokeswoman for the United States Attorney's office in
      Dallas, where the year-long investigation originated, declined to comment
      on what she described as an "ongoing investigation." 

      However, a representative of the Nevada Attorney General's office who
      spoke at Defcon conceded that the Government is having trouble finding
      evidence of crimes on computers that it has confiscated. 

      "We're behind on this stuff," said Kevin Higgins, Nevada's Chief Deputy
      Attorney General. "We may have gotten warrants and computers, but we
      may not know how to find" the evidence, he said. 

                                     In some respects, it is notable
                                     that these high-ranking
                                     Government officials came to
                                     mingle with a gaggle of hackers
                                     and crackers at all. The image is
                                     in stark contrast to the origins of
                                     Defcon seven years ago, when it
                                     truly was a small gathering of
                                     insiders from the hacker
                                     underground. 

                                     It used to be that hackers who
      spoke to the press were derided by their peers as "media whores." But
      this year, for the first time, the organizers of Defcon hired a publicity firm
      to work with reporters and set up interviews. Among the firm's other
      clients are Alicia Silverstone and Michael Richards (Kramer from
      "Seinfeld") -- not exactly icons of underground culture. 

      Some hackers said privately that Defcon, which was conceived as an
      underground gathering and flourished that way, may be dying as it
      attracts a more diverse crowd. But the newfound openness may well suit
      Hunker, the White House official, and others who want to co-exist with
      hackers and even learn from them. 

      "I want to get to know the hacker community better," he said. "These
      people are America's future." 


      Related Sites
      These sites are not part of The New York Times on the Web, and The Times has
      no control over their content or availability.

           Defcon 


      Matt Richtel at mrichtel@nytimes.com welcomes your comments
      and suggestions.

      -=-
      
      From ZDNet contributed by D----Y
      
       Privacy hits big at DEF CON
       By Robert Lemos, ZDNN
       July 12, 1999 11:58 AM PT
       URL: http://www.zdnet.com/zdnn/stories/news/0,4586,2292148,00.html
       
       LAS VEGAS -- As he sits across the table at DEF CON 7, Austin Hill, president and founder of
       the pro-privacy Zero Knowledge Systems Inc., makes the statement simply, boldly: "We are out
       to change the world." 
       
       His vision: A world without boundaries, law enforcement without wiretaps, corporations without
       databases, and e-mail without spam. 
       
                             Hill announced the start of that vision on Sunday at DEF CON: A
                             network that acts as a one-way mirror to the Internet -- the user can
                             see the Net, but no site will be able to identify who the user actually
                             is. 
       
                             Called Freedom Net, the virtual-network-within-the-Internet will
                             allow Web surfers and e-mail users to hide behind one or several
                             false identities. "This is the way the Internet should have been built,"
       said Hill. "It's not anonymous; it's pseudnonymous." 
       
       And it's not just for hackers, either, adds Hill. 
       
       Inequality of information
       The Montreal, Canada, resident sees a big problem with the inequity of information today: The
       government and companies have it while the public does not, he said. "We can do society more
       good by protecting the ninety-nine-point-nine percent of the people out there that are not criminals
       than by treating them as such just to catch the point-one percent that are." 
       
       In just the last year, Internet service providers, such as America Online Inc. (NYSE:AOL) and
       Yahoo! Inc. (Nasdaq:YHOO), have been subpoenaed to turn over the actual identity behind an
       online alias in not only criminal cases, but civil ones as well. 
       
       John Q. Newman, another speaker at the conference and author of many how-to privacy books,
       uses his pseudonym not only online, but in the real world as well. "There is a general feeling that
       the government and industry know too much about you," said the author, who doesn't use his real
       name. "Combine that and the Internet and you get a witch's brew that destroys privacy." 
       
       Beta testing on July 15
       Entering beta testing on July 15, the Freedom Network is guaranteed to prevent such use of
       personal information, said Zero Knowledge's Hill. 
       
       After downloading a free software client, users will pay for a pseudonym to use on the Internet.
       Since the audit trails associated with credit card payments are one way that a user's identity could
       be tracked, Zero Knowledge will disassociate a user's payment from the actual purchase or
       renewal of a pseudonym. 
       
       After that, the user just uses the Internet as they always would. All data transferred to and from
       the user's computer will pass through the silvered glass of the Freedom Net. The network fully
       encrypts data from end-to-end to hide the content of the data and uses random routes through the
       Internet so that no user always receives data from a single server, obfuscating the user's online
       tracks. 
       
       Using digital certificate technology, Zero Knowledge certifies that the data the user is receiving off
       the Internet is actually part of the Freedom Network, and thus "trustworthy." Yet, even the
       company cannot match usernames up with actual Web surfers -- none of that information is on any
       of its servers. 
       
       "There is basically zero point in coming to our office with a subpoena," said Ian Goldberg, Internet
       guru and chief scientist for Zero Knowledge. "All the information that we have is publicly available
       from our servers." 
       
       A lawsuit in waiting?
       And that makes Zero Knowledge and its Freedom Network a lawsuit waiting to happen, said Hill.
       Already, U.S. federal officials have noticed the start-up's efforts. Hill expects the situation to reach
       a boiling point before the end of the year. 
       
       "We are fully prepared to defend ourselves," he said. The company has been coached on strategy
       by the Electronic Frontier Foundation and other privacy groups. 
       
       Hill recognizes that the advent of the Freedom Network will make the job of law enforcement
       officers much harder. 
       
       However, he points to successful cases against child pornographers that are developed by officers
       going undercover. "That's the way it will have to be done," he said, advocating a return to the days
       before wiretaps. "Policing is only easy in a police state." 
      
      
      Wired; Aftermath , contributed by D----Y
      
      Wound-Up DefCon Winds Down
      by Polly Sprenger 
      
      3:00 a.m.  12.Jul.99.PDT
      LAS VEGAS -- The seventh annual DefCon hacker convention drew to a close Sunday, after a weekend of uninterrupted sensory overload. 
      
      The event was marked by massive enthusiasm over the release of a new remote administration tool from the much-heralded Cult of the Dead Cow,
      and the quizzical expressions on the faces of the media as they attempted to grasp "the meaning" of DefCon. 
      
      The CDC presentation featured a maelstrom of digital effects and technomusic that captured the energy of the three-day event. 
      
      
      Also: 
      Fear and Hacking in Las Vegas 
      Def Con: Bring in Da Noise 
      Inside the Virus Writer's Mind 
      
      
      ABCNews.com's Michael Martinez presented a talk on the persistent rift between hackers and the press on Saturday. He provided a forum for
      hackers to confront a member of the tech media with questions like, "Since all these reporters want to learn to be hackers, why don't they just hire
      hackers to be reporters?" 
      
      Martinez said that hackers had difficulty getting mainstream media to understand their message and perspective because so often communication
      breaks down between the two groups. 
      
      "We know the how, the where, and the when," Martinez said. "But why? You complain that we don't get it, and we complain that you won't let us." 
      
      Sunday morning and afternoon sessions were punctuated with rousing rounds of "Spot the Fed," the annual DefCon game of outing federal agents. 
      
      Anyone identified as a Fed was brought up on stage for questioning. The suspected Feds, all of whom were more than willing to whip out badges
      after a few minutes of interrogation, were dressed almost universally in polo shirts and khakis, their crew-cut stiffness a striking contrast to their
      black-clad accusers. 
      
      The audience hurled questions at them like, "Does your office have a ban on Furby's?" and "What does Dana Scully [the fictional X-files agent]
      really look like?" One Fed lost all hope of going undetected by responding, "Never heard of him." 
      
      The day hit high gear with the release show for BO2K, or Back Orifice 2000, one of the few software announcements that required a sign posted on
      the door warning that the presentation might be dangerous to people with heart conditions. 
      
      Nineteen of the 20 revered CDC members were present on stage, the most ever assembled in one place. The group took an older-but-wiser tone in
      its reverberating remonstrations to the audience. 
      
      "Pick the cause before you pick the site you're gonna hack," the group advised, "and use a fuckin' spell checker!" 
      Despite their bullying tone onstage, members of the CDC said later they're encouraged by the new, younger members of the hacking community. 
      
      CDC members said they hoped the new rev of Back Orifice, released under the Gnu open source license, would encourage younger hackers to go
      back to the basics -- scripting code and exploring the technology themselves -- instead of using cookie-cutter programs. 
      
      "They look at us up on stage and look at what we're doing, and they know they can't stand up there for doing something stupid," said CDC's Grand
      Master Ratte, MC of the group's gospel-like presentation. 
      
      But it was another old-school hacker who caused the big scene Saturday. Carolyn Meinel, a favorite target of many in the DefCon crowd, obtained
      a press pass despite the efforts of several conference organizers. 
      
      When Meinel wandered into the press area (with a sticker on her back that said "owned"), a Canadian reporter began interviewing her about her
      relationship with the organizers, asking why she wasn't granted a more civilized reception. 
      
      Meinel was interrupted, then ejected, by conference staff. But not without a fight. It was good sport for the assembled journalists, although the
      Canadian reporter was appalled. 
      
      "They invite criminals to speak at their conference, but they deny a freelancer a press pass?" said David Akin, technology reporter for the National
      Post in Toronto. 
      
      Emmanuel Goldstein of 2600, the hacker quarterly journal and Web site, presented a nine-minute preview of his documentary about the arrest and
      imprisonment of Kevin Mitnick. 
      
      Goldstein said the documentary was intended to be a counterpoint to the upcoming film, Takedown, which Mitnick supporters say unfairly casts the
      hacker as more devious and damaging than he really was. 
      
      Goldstein's presentation was followed by a mysterious "social engineering contest," details of which must remain confidential, since Wired News was
      forcibly ejected from the room. 
      
      Although the weekend was tempered with the expected disagreements between old hackers and young hackers, the media, and even a
      much-publicized argument within the community itself, DefCon 7 was undoubtedly an event to remember. 
      
      
      
      @HWA
                                              

 06.0 BO2k to be unveiled at Def-Con on Saturday at 5pm, wait for it.
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      
       (I got mine but don't ask for a copy wait for it to come out on the official site
       www.bo2k.com ... - Ed )
      
       Date: Fri, 2 Jul 1999 02:24:38 -0700 (PDT)
       From: Reid Fleming <rfleming@cultdeadcow.com>
       To: Christopher J. Rouland <crouland@iss.net>
       Subject: Back Orifice 2000
       
       Dear Mr. Rouland:
       
       Thank you for your letter requesting us to furnish Internet Security
       Systems with a prerelease copy of Back Orifice 2000.
       
       We had come to expect that the letter would contain an offer of money or
       other merchandise.  At least, your subordinate intimated as much on 
       Internet Relay Chat.
       
       Nevertheless, we are gladly willing to provide you with the software you
       desire if and only if you will, in exchange, grant us one million dollars 
       and a monster truck.  This fee is not negotiable.
       
       Thank you for your time.  We eagerly await your reply.
       
       
       best wishes,
       
       Reid Fleming, cDc
       http://www.cultdeadcow.com/~rfleming/
             
      
      Screen shot: 
      
      (from #defcon)
      <w1ck3d> http://ra.msstate.edu/~rwm8/bo2kscr.jpg
      
      
      Unknown how they got a copy in advance,(*g*) apparently some ppl from #bo were included in
      testing of the new BO and privy to inside stuff regarding its development... 
      
      . . . 
      
      A new year of hacker activity is being rung in with the release of Back Orifice 2k
      for the NT platform. source (gnu) will be released with this version so watch out for
      all the spinoffs... - Ed
      
      Hype on Back Orifice 2000 Reaches Fever Pitch 


      contribued by Reid Fleming 
      
      With the BO2K launch just days away the articles on
      BO2K are flourishing. HNN was able to get a sneak
      preview of the product and we think it will live up to all
      expectations and then some. This is a highly polished
      professional looking product. It will give the remote
      control vendors some competition. 

      The antivirus industry is gearing up for a busy weekend
      as they try to figure out a way to detect BO2K. But
      since cDc is releasing source code under the GNU public
      license there will be hundreds of spinoffs as people
      create their own versions of BO2k. Each version will
      need to be detected seperately by the antivirus
      software. When will Microsoft and the industry learn
      that antivirus detection is not the solution? 

      Time
      http://cgi.pathfinder.com/time/digital/daily/0,2822,27824,00.html
      
      MSNBC
      http://www.msnbc.com/news/287542.asp
      
      CNN
      http://cnn.com/TECH/computing/9907/07/nthack.idg/index.html
      
      
      Time;
      
      Hackers Take Microsoft to School
                   
      The makers of BackOrifice 2000, one of the
      most powerful hacker tools ever released,
      claim it's for our own good

      FROM WEDNESDAY, JULY 7, 1999
      It's the kind of thing bellboys have nightmares about —
      an entire hotel full of hackers, messing with the
      computers, screwing up the phones and generally
      raising hell. That's the scene at DEF CON, an annual
      hacker convention held at the Alexis Park Hotel in Las
      Vegas. At last year's DEF CON a hacker group called
      the Cult of the Dead Cow released a program called
      BackOrifice that can completely take control of a
      computer over the Internet. This Friday DEF CON 1999
      kicks off, and the Cult of the Dead Cow is back with a
      new version of BackOrifice that's more dangerous than
      ever. Should we be grateful?

                  A little disingenuously, the Cult of the
                  Dead Cow released the original
                  BackOrifice as "a remote
                  administration tool," a simple way of
      operating a computer running Windows 95 or 98 from a
      distance over an ordinary Internet connection. While
      it's possible to imagine scenarios in which having that
      kind of power would be useful — and there are
      legitimate applications that perform similar functions —
      such a tool is obviously very much open to abuse.
      Say, for example, allowing a hacker (or, as malicious
      hackers are sometimes called, a cracker) to take over
      a machine, read your personal information, send e-mail
      under your name and then erase your hard drive.
      Fortunately, BackOrifice has certain weaknesses. It
      can only take over machines on which BackOrifice has
      actually been installed, and once installed, it's not that
      hard to detect and remove.

      According to its creators, the new version of
      BackOrifice slated for release on Saturday is more
      powerful than ever. It's tougher to detect, gives the user
      a greater degree of control over the infected computer,
      and works on Windows NT, the heavy-duty version of
      Windows used by most large businesses. While the
      original version of BackOrifice was a threat to small
      businesses and private users, BackOrifice 2000, as it's
      called, will affect a much broader and more vital sector
      of the world's computers.



      So why does the Cult of the Dead Cow claim they're
      doing it all for our own good — and why do some
      computer programmers agree? To quote from the
      Cult's press release, "BackOrifice 2000 could bring
      pressure on [Microsoft] to finally implement a security
      model in their Windows operating system. Failure to
      do so would leave customers vulnerable to malicious
      attacks from crackers using tools that exploit
      Windows' breezy defenses." In other words, don't
      blame us, blame Microsoft for making a shoddy
      product — now maybe they'll improve it. As one poster
      on a hacking bulletin board wrote, "I feel better
      knowing that at least these holes will be known
      publicly and raise some sense of awareness rather
      than in a closed private environment where exploitation
      could continue unfettered."

      Not everybody agrees, but you can bet that Microsoft
      — currently at work on a new version of Windows
      largely based on NT — will be downloading a copy of
      BackOrifice 2000 and studying it closely. As the Cult
      of the Dead Cow — which claims to be one of the few
      hacker groups out there to include a female member
      — puts it, "Information is a virus. And we intend to
      infect all of you."

                                  -- LEV GROSSMAN
      
      MSNBC;
      
      ‘Cult’ gives hackers weapon vs. NT
      Group to release more powerful version of Back Orifice — and its
      own product to combat the hacking tool
                                                       By Bob Sullivan
                                                                 MSNBC

      July 7 — Computer security firms are bracing for a
      serious flare-up of hacker activity come Saturday
      afternoon. With great fanfare at a Las Vegas trade
      show, the hacker group Cult of the Dead Cow will
      release a new version of its Back Orifice tool. The
      software, which makes it easy for computer
      intruders to hijack Windows-based PCs connected
      to the Internet, will be freely available on the Net.
      Much mischief is expected to follow — as is a
      “fix” from the Cult itself.
      
      THE FIRST VERSION OF BACK ORIFICE, so
      named to poke fun at Microsoft’s Back Office product, was
      released in August last year at the annual hacking trade show
      called DEF CON. This year’s show starts Friday, with the
      release of Back Orifice 2.0 as the marquee event.
             Back Orifice usually arrives at a victim’s computer as
      an e-mail attachment. Once the victim is tricked into opening
      the attachment, the software secretly installs itself and turns
      the victim’s computer into a “client.” Then, anyone with the
      other half of the Back Orifice software (the administrator
      tool) can control the victim’s PC from anywhere on the
      Internet. The hacker can then stealthily do anything to the
      victim’s machine that the victim could do — even delete all
      the hard drive’s contents.
             Back Orifice is at the center of one of the key debates
      in the security industry — while the Cult maintains it
      produced the software to reveal security flaws in Microsoft
      products, and ultimately make them safer, Microsoft says
      that’s just a cover to legitimize hacking. (Microsoft is a
      partner in MSNBC.)
             The tool has been ragingly popular among hackers —
      the Cult says it has been downloaded 300,000 times. And
      even though all anti-virus packages now detect the program,
      security firm ICSA Inc. says there are “tens of thousands” of
      machines that are currently infected, unbeknownst to their
      users. Peter Tippett, chief technologist at ICSA, said he
      knows of individual networks where hundreds of machines
      are currently compromised.
             According to the Cult, Back Orifice 2.0 has several
      enhancements. Chief among them, it now works on the
      Windows NT operating system. It also employs stronger
      encryption, which will reportedly make it harder to detect.
      And it is open source — meaning it will be “radically
      polymorphic,” as hackers extend it and create their own new
      variations of the program.
             Anti-virus software companies plan to spend the
      weekend analyzing the new software and creating a defense
      that they can spread to clients. That’s expected to take 24 to
      48 hours.
             “It’s good that it’s being released on a weekend,” said
      Dan Takata of Data Fellows. “We’ll have time to play with
      it. Monday’s when I assume a lot of people will test it.”
             For that reason, software vendor Internet Security
      Systems Inc. asked Cult members for a pre-release version
      of the software. That way, clients could be protected before
      the product is released and a flurry of hacking followed.
             The Cult’s sarcastic reply: “We will gladly provide you
      with the software you desire if and only if you will, in
      exchange, grant us one million dollars and a monster truck.”
             “That shows they have no other intent than
      maliciousness,” said Jason Garns, Microsoft’s lead product
      manager for Windows NT security. “Unfortunately, they
      view this as being a game.”
             But Cult members say there are several good reasons
      not to give anti-virus vendors a leg up on Back Orifice. Chief
      among them — Sir Dystic, who authored the first version of
      Back Orifice, is working on what might be called a
      competitive product: a security software package that will
      protect users from Back Orifice and many other security
      threats. The group declined to offer more details.
             “We did think about giving it to all the AV vendors,” said
      a group member identifying himself as Tweety Fish. “But it’s
      a method of defense we don’t support.” Anti-virus software
      only reacts to known security threats; since Back Orifice is
      open source, many variants are expected, so the group
      believes most AV software will be ineffective anyway. 

             “We will be releasing tools at DEF CON or in the near
      future which we believe will provide a much more robust
      method of protecting your system than what the AV vendors
      can do today,” Tweety Fish said. 
             Also, if virus protection defeated Back Orifice
      immediately upon release, the tool would get no media
      attention.
             “It would dilute our press message,” said Reid Fleming,
      who wrote the sarcastic e-mail to ISS.
             That message, according to media-savvy Cult members,
      is that Windows NT is fundamentally flawed.
             Cult members describe Back Orifice as a remote
      administration tool, useful for network administrators to
      update software on user desktops. But software companies
      say that’s a smokescreen, and point out that the tool runs
      secretly, in the background.
             The Cult counters by saying Microsoft, trying too hard to
      simplify operating system administration, has created security
      holes. Windows shouldn’t allow a program to run secretly in
      the first place, the Cult says.
             “If Microsoft wasn’t so committed to hiding the real
      workings of desktop machines from users, it wouldn’t be a
      problem,” Tweety Fish said. “Microsoft is taking a complex
      problem of network and server security and trying to simplify
      it without acknowledging the consequences of that.”
             Still Microsoft’s Garns points out that ill-intentioned
      “remote administration tools” can be designed to attack any
      operating system and have existed for the Unix operating
      system for 20 years. 
             “There’s nothing fundamentally unique about what’s
      happening here. It does not take advantage of any security
      vulnerability in Windows NT. It attacks people, not
      technology,” he said. “It was not created for the benefit and
      benevolence of users.”
             Chris Rouland of ISS agrees the program was clearly
      designed with ill intentions.
             “It offers live video capture of the screen.... We
      understand you can even remotely fake a blue screen so the
      computer looks like it’s crashed, but you can keep operating
      in the background,” Rouland said. “It sounds like it’s going to
      be a pretty malicious piece of code.”
             It is not yet known how Back Orifice will spread, though
      it most likely will be hidden inside one of several programs
      that will be e-mailed as an attachment. There are likely to be
      several variations, so virus companies urge Net users to
      exercise the standard caution when opening e-mail
      attachments. Users should also update their anti-virus
      software after detection for Back Orifice 2.0 is included,
      probably Monday or Tuesday.
             
             Have a comment or suggestion about this story?
      Write to tipoff@msnbc.com
     
      CNN;
      
      http://cnn.com/TECH/computing/9907/07/nthack.idg/index.html

      New and improved Back Orifice
      targets Windows NT 

      July 7, 1999
      Web posted at: 10:36 a.m. EDT (1436 GMT)

      by Tom Spring 

      (IDG) -- In the consumer world,folks like Ralph Nader fight for
      consumer rights by helping pass tough consumer protection laws.
      Then there's the PC world. 

      For us, there's a self-proclaimed equivalent: Groups of (mostly
      teenaged) hackers basking in the glow of computer monitors, who
      release nasty computer bugs under the guise of strong-arming
      software makers to get tough on privacy and security. 

      "We want to raise awareness to the vulnerabilities that exist
      within the Windows operating system. We believe the best way
      to do this is by pointing out its weaknesses," says a member of
      the hacker group the Cult of the Dead Cow who goes by the pseudonym Sir
      Dystic. 

      The Cult of the Dead Cow created and released the program Back Orifice
      last year to the general public at the Las Vegas hacker and security
      conference DEF CON. The program allows its users to remotely control
      victims' desktops, potentially undetected. 

      At this year's conference, on July 9, Sir Dystic says the cult will outdo itself
      and release Back Orifice 2000. The program, he says, is smaller, nimbler, and
      twice as nefarious. 

      Computer security experts question the Cult of the Dead Cow's intent. Releasing
      a hacking tool like Back Orifice 2000 in the name of safeguarding computer privacy
      is a bit like the American Medical Association infecting cattle with the deadly e.
      coli bacteria to inspire food companies to sell healthier meats. 

      New and Improved

      Unlike earlier versions that affected consumers and small businesses, Back Orifice
      2000 hits large organizations because it runs on Windows NT systems, which are more used
      by businesses. Also, the updated program is modular, so users can add additional functions.
      For example, they could hide files or activate a computer's microphone for real-time audio
      monitoring, according to Cult of the Dead Cow. 

      Back Orifice 2000 will also be more difficult to detect via network monitoring programs,
      according to Sir Dystic. This is because the program can communicate back to the sender
      by using a variety of different protocols, making it hard to identify. The group also says
      it will make the source code available for Back Orifice 2000, which will likely
      spawn multiple strains of the program in the hacker community, experts say. 

      Another purported function is real-time keystroke-logging, which can record
      and transmit a record of every keystroke of an infected computer. Also, the
      recipient can view the desktop of a targeted computer in real time. 

      It should be noted that PC World Online has no independent confirmation that
      new Back Orifice 2000 program actually lives up to the claims of Cult of the
      Dead Cow. 
      
      
      ZDNet; contributed by D----Y
      
      Back Orifice 2000 not to be feared
      By Drew Ulricksen, ZDNet News
      July 12, 1999 2:41 PM PT


      LAS VEGAS -- Back Orifice 2000 is not
      something to be feared. It is not a virus. It is not
      a Trojan horse. It is a remote administration tool.

      Really. 

                           BO2K -- the Cult of the
                           Dead Cow's (cDc)
                           much anticipated
                           follow-up to Back
                           Orifice -- is quite
                           possibly one of the
                           most full-featured
                           remote admin tools on
                           the market today. 

      Combined with the aid of the new plug-in
      BOPeep, the tool -- which works on Windows 9x
      and NT machines -- enables system
      administrators to disable both the keyboard and
      mouse of the remote machine, and begin
      controlling it from their own PC.

      Sys admins can even fire up a video window of
      the remote PC so they can see what's on the
      monitor -- similar to PC Anywhere or VNC
      functionality. 

      BOTool, a plug-in shortly to be released by
      L0pht Heavy Industries, another hacker group,
      will allow the client to view and edit the file
      system and registry of the remote machine in a
      interface similar to the Windows file manager
      and regedit programs. 

                         Among many other
                         features, BO2K comes
                         with a built-in proxy server
                         and a Web server. The
                         U.S. version comes with
      3DES strong encryption, but the international
      version uses a weaker encryption scheme.

      According to cDc's DilDog (cDc members are
      only identified by their handles), BO2K was
      written from the ground up with security in mind.
      Strong encryption ensures all data and text will
      be transferred securely to prevent someone
      sniffing your password while you're remotely
      administering a PC. 

      BO2K weighs in at only about 115KB in size
      and utilizes only about 2MB of RAM. It is no
      CPU hog, either. Not only that, according to
      DilDog, the file transfer speed in BO2K is faster
      than any remote admin tool against which it was
      benchmarked.

      The price is right
      What do you expect to pay for something like
      this? $40? $60?

      Nope. Try $0. 

      Besides being free, B02K is
      also open source, so if you'd
      like to strip out or add
      functionality, go right ahead,
      just make your code available.
      But if you'd rather not dive into
      source code, there's also the
      option of just writing a plug-in
      to pop in. 

      Adding to the package is
      BO2K's customized setup.
      The original Back Orifice
      installed itself automatically as
      soon as it was run. BO2K
      launches, of all things, a
      Wizard to configure the setup.

      No longer is there a default port and password --
      in BO2K you must assign it a port and
      password, or it won't run.

      That means there won't be a widespread
      epidemic of script kiddies scanning the entire
      net for port 31337, looking for people infected
      with BO2K. 

      Software doesn't kill data ...
      "But it can run hidden, that's evil!" you say? It can
      run hidden, this is true, but this time around it
      can also run visible if you so choose.

      Many other software packages out there have
      the same option, and they even call it a feature.
      Believe it or not, some people even like it. 

      There are dozens of software packages out
      there that, if installed with malicious intent, allow
      an attacker to do just as much damage as
      BO2K could, if used improperly.

      You won't see many of those programs being
      killed by anti-virus software, and it's a shame
      that there's almost a sure bet Back Orifice 2000
      will. 

      If common sense is used, you won't need to
      worry about BO2K or any other software being
      run maliciously on your machine. Just
      remember, software doesn't kill data -- people
      do. 

      Drew Ulricksen is ZDNN's operations
      specialist. He attended DEF CON 7.
     

      -=- 
      
      ZDNET
      
      
      
      
      *WHERE DO I GET IT? *****************************************************************  
      *                                                                                   *
      * On Jul 11th in #bo2k an url was posted with alleged bo2k code, since the file     *
      * names do not match the announced file name sizes nor the source code but for      *
      * the curious here's the url: http://206.98.65.238/cdcbo2k.zip      - Ed            *
      *                                                                                   *
      * Another url with the cd release supposedly virus checked (check it for CIH)       *
      *                                                                                   *  
      * (from #hwa.hax0r.news)                                                            *   
      * <ScrewUp> http://www.hlz.nl/bo2k/leech/  <- i'd trust this one but urge people to *
      * be paranoid and wait for the 'official' release on www.bo2k.com                   *
      *************************************************************************************

      @HWA
      
      
 07.0 CIA Not Breaking Into Banks 
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~
      From HNN http://www.hackernews.com/ 


      contributed by solvant 
      On July 5th, 1999 the Associated Press and Sidney
      Morning Herald Internet edition ran a month old already
      debunked article describing how the CIA will be
      electronically breaking into various banks around the
      world to retrieve Solobadon Milsovics hidden money.
      This claim was originally made by Newsweek magazine
      on May 24th and was later picked up and ran by the
      Reuters News Service. HNN immediately questioned
      these claims. MSNBC also raised questions about the
      original article. By June 7th, William Arkin of the
      Washington Post had gathered enough evidence to
      completely debunk this story. Now, over a month after
      the original false report the Associated Press and
      Sydney Morning Herald blindly rerun the story without
      bothering to verify its accuracy. Did they just want to
      create sensationalism? Did they think people would not
      notice? Lets say this one last time: The CIA does not
      employ 'hackers' to break into foreign banks! 

      NewsWeek- May 24
      http://www.newsweek.com/nw-srv/printed/us/in/in0922_1.htm
      
      HNN Archive for May 25, 1999
      http://www.hackernews.com/arch.html?052599#2
      
      MSNBC- May 28
      http://www.msnbc.com:80/news/274526.asp
      
      Washington Post - June 7
      http://www.washingtonpost.com/wp-srv/national/dotmil/arkin060799.htm
      
      Sidney Morning Herald - July 5
      http://www.smh.com.au/news/9907/05/world/world9.html
      
      Associated Press via ABC - July 5     
      http://abcnews.go.com/sections/world/DailyNews/clintontime990705.html
      
      Sidney Morning Herald;
      
      Monday, July 5, 1999 
       
      BALKANS 
      
      Hackers on stand-by as CIA finds Milosevic
      cash 
      
      The CIA believes it has traced banks in Greece, Cyprus and Russia - all
      traditional allies of Serbia - where President Slobodan Milosevic has salted away
      millions of dollars during his 10 years in power.
      
      United States Government computer hackers have been ordered to break into
      Mr Milosevic's foreign bank accounts and drain his hidden fortune as part of a
      clandestine CIA plan to overthrow the Yugoslav president.
      
      The controversial operation - opposed by some senior political and intelligence
      figures in Washington - is part of a covert six-point package authorised by Mr
      Clinton last week and reported in the Herald in May.
      
      Although details of the White House plan are secret, it is understood that CIA
      agents in the three countries would first visit the banks, set up new accounts and
      see how they operate. Using that information, National Security Agency hackers
      would then find a way round elaborate computer security systems to access
      accounts in the name of Milosevic and his family and siphon off the contents.
      But some intelligence officials fear the move against the Serbian leader's millions
      could backfire on the US by making its computer system a target for freelance
      hackers selling their skills to Washington's enemies.
      
      The other parts of the plan include funnelling cash to anti-Milosevic politicians in
      Serbia, giving money to newspapers and radio stations opposed to the Belgrade
      regime and making contact with Yugoslav military commanders thought to back
      a change in leadership. - The Telegraph, London 
      
      @HWA
      
 08.0 SETI@home gets cracked
      ~~~~~~~~~~~~~~~~~~~~~~
      
       SETI@Home Project Web Page Defaced 


      contributed by Santeri Saarimaa 
      The main web page for the SETI@Home project was
      defaced over the weekend. The main page was replaced
      with a picture of Alf and the word 'Wanted'. 

      HNN Cracked Pages Archive
      http://www.hackernews.com/archive/crackarch.html
      
      ZD Net 
      http://www.zdnet.com/zdnn/filters/bursts/0,3422,2288248,00.html
      

      In case you missed it the SETI@Home project is still
      going strong and has released version 1.05 of their
      software.
      SETI@Home 
      http://setiathome.ssl.berkeley.edu/

      The HNN SETI Team is going strong but we could use
      your help. (I don't care what people say about this
      project the screen saver still rocks.)
      HNN SETI Team 
      http://setiathome.ssl.berkeley.edu/stats/team/team_2251.html
      
      
 09.0 Network Solutions DNS Spoofed 
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


      contributed by evenprime 
      Network Solutions, Inc, which administers domain name
      registrations had its DNS entries spoofed last Friday.
      Visitors to the web sites for Network Solutions where
      redirected to competitors. This is the second time NSI
      has succumbed to such an attack. 

      Wired
      http://www.wired.com/news/news/technology/story/20567.html
      
      C | Net
      http://www.news.com/News/Item/0,4,38721,00.html?st.ne.fd.gif.f
      
      Internet News           
      http://www.internetnews.com/bus-news/article/0,1087,3_155511,00.html
      
      Wired;
      
      Network Solutions Cracked
      by Oscar S. Cisneros 

      1:45 p.m.  2.Jul.99.PDT
      Network Solutions was reeling Friday from an attack on its Web servers that
      redirected users visiting its Web site to other locations. 

      "The FBI and Network Solutions are cooperating in determining the location"
      of the attack, said Network Solutions spokesman Brian O'Shaughnessy. 

      "It was a DNS modify that was sent through the system that was
      accomplished by spoofing." 

      He means that the IP addresses for Network Solutions servers were altered in
      the domain name system servers with a falsified template, so that Web browsers
      requesting the sites were instead sent to the IP address of another site. 

      Network Solutions fixed the IP address Friday morning, but the changes will take
      some time to reach the domain name servers spread across the Net. 

      Until that "emergency zone release" propagates, users visiting three Network
      Solutions sites -- Networksolutions.com, netsol.com, and dotpeople.com -- may be
      redirected to the Web sites of the  Internet Corporation for Assigned Names
      and Numbers and the Internet Council of Registrars (CORE), he said. 

      It is unclear exactly how long the crack has been in effect. 

      "We are aware of the problem and have been looking into it for a while," Scott
      Hollenbech, a Network Solutions staffer, in an email to CORE early Friday morning. 

      O'Shaughnessy said the source of the attack originated at a computer owned
      by SoftAware, an ISP located in the same building as ICANN in Marina del Rey,
      California. The attack was either done through physical or virtual access to one
      of their machines. 

      "We've corrected it," O'Shaughnessy said. "It should take about 24 hours before
      everything's resolved." 

      Jim Rutt, CEO of Network Solutions, said that investigators were working with
      preliminary evidence only and that the perpetrator has covered his tracks well. 

      "It is easy to leave a breadcrumb trail," he said. It is a famous hacker trick" to
      launch an attack behind multiple servers. 

      But Patrick Greenwell, Internet architect for DSL provider Telocity, said the blame
      might lie elsewhere. 

      "NSI could be culpable in that they have not pushed for the implementation of DNS
      Sec, which is a security measure for these types of things," he said. "It
      requires authentication." 

      Greenwell said that his analysis was based only on what little preliminary
      information was available, but that he believed the fault could largely be pinned
      on the Berkeley Internet Name Daemon,or BIND. 

      BIND is an implementation of DNS protocols, which Greenwell said are
      inherently insecure. Because the software operates on the vast majority of DNS
      servers across the Internet, upgrading it would be difficult to do while maintaining
      backward compatibility. 

      While it's unfortunate that this happened, I don't think it would be fair to point the
      finger at NSI," he said. "DNS is an inherently insecure protocol." 

      "This has nothing to do with BIND," O'Shaughnessy said. 

      Domain name addresses can be authenticated through varying levels of
      security, from a simple email method, to a password-protection scheme, to powerful
      PGP encryption. 

      O'Shaughnessy said he could not immediately determine what method of
      security Network Solutions uses to secure its own domain name data. 

      O'Shaughnessy added that the attack was reminiscent of one carried out by
      Eugene Kashpureff, who pleaded guilty in March of 1998 to one count of computer
      fraud for exploiting an NSI security hole. 

      The Internet Council of Registrars, one of five registrars participating in the initial
      test period for domain competition, posted a statement on its Web site
      saying that it "strongly condemns these acts and may take legal action against
      the perpetrators." 

      ICANN also condemned the crack as "an attempt to undermine the stability of the
      domain name system." The group has said it will cooperate with any investigation
      into the matter. 

      The FBI could not be reached for
      comment. 
      
      -=-
      
      C|Net;
      
      http://www.news.com/News/Item/0,4,38721,00.html?st.ne.fd.gif.f
      
     NSI's Web site hacked 
     By Courtney Macavinta
     Staff Writer, CNET News.com
     July 2, 1999, 12:15 a.m. PT 

     update Hackers struck major linchpins in the Internet's address system today, redirecting Network Solutions visitors to
     one of its future ".com" competitors and the new body in charge of managing the Net's technical functions, crippling
     that site too, according to NSI executives.

     The world's dominant domain name registrar, NSI discovered that its various sites were down about 2 a.m. PT today and that they
     were automatically sending surfers to a hopeful registrar, the Internet Council of Registrars (CORE), and the Net's new
     administrator, the nonprofit Internet Corporation for Assigned Names and Numbers.

     NSI's main site still appears to be malfunctioning, although the company said its system has been restored. ICANN's site also
     was inaccessible this morning, possibly due to increased traffic from NSI's visitors.

     ICANN also runs the Net's "L root" server, one of the 13 servers that comprise the worldwide network, but its technical
     administrator said there was no indication so far that ICANN's systems had been hacked too.

     "It was a hack. We're investigating it, and the FBI is involved," NSI spokesman Brian O'Shaughnessy said. "The FBI told us that
                           they are on their way to the ICANN's building in Southern California now to secure the servers
                           because there could have been a hack on their end."

                           Specifically, the FBI is looking into an Internet service provider located in the same Marina Del Ray
                           building as ICANN, SoftAware, which NSI says--based on its initial investigation--appears to be the
                           launching pad for the hack.

                           The Commerce Department and other international governments have anointed ICANN to administer
                           the Net and to trigger competition in domain name registration, which Network Solutions has
                           dominated since 1993 under a U.S. government contract. Both entities are responsible for the Net's
                           most critical function: the domain name system that allows online users to call up Net and
                           e-commerce sites by typing in names ending in ".com," ".org," and ".net."

                           The hack is a sober reminder of the Web's vulnerability, even among companies and government
                           agencies equipped with state-of-the-art security technology. Government entities from the White
                           House to the National Weather Service have come under a rash of computer system attacks in
     recent months.

     In July 1997, a hack redirected NSI visitors to a site called AlterNIC, which aimed to compete with Network Solutions by offering
     alternate domains, such as ".ltd," ".sex," and ".med." AlterNIC's founder, Eugene Kashpureff, who exploited a security hole to
     "hijack" NSI's site, pleaded guilty in March 1998 to one count of computer fraud in the incident.

     Most of the 5 million domain names registered by NSI have been facilitated through its partners, such as Internet access
     providers. But of the approximately 10,000 names registered per day, about 3,000 are registered through NSI's own site. And at
     $119 for a two-year registration, the company could potentially lose thousands of dollars for the time that it was not in operation.

     CORE, one of five initial organizations chosen to compete with NSI directly by tapping into its registration system, alerted site
     visitors about the hack and said it would pursue its perpetrators.

     "These problems seem to be the result of illegal acts by hackers," CORE stated. "CORE strongly condemns these acts and may
     take legal action against the perpetrators."

     Today's hack will no doubt fuel the fire for legislation to improve computer security, such as the House Science Committee's
     Computer Security Enhancement Act, which was introduced yesterday.

      Internet News; 
      
      http://www.internetnews.com/bus-news/article/0,1087,3_155511,00.html
      
      NSI Falls Prey to Hackers 
                                                                                                           July 2, 1999
      By the InternetNews.com Staff 
                                                                                      Business News Archives 


      Web sites operated by Network Solutions Inc. were hit by hackers Friday who redirected visitors to one of the company's competitors. 

      Starting before noon Eastern time, NSI officials discovered hackers were automatically sending its site visitors to the the Internet
      Council of Registrars -- or CORE -- as well as the Internet Corp. for Assigned Names and Numbers. ICANN is the new non-profit
      organization that oversees the Internet's address system. 

      After it discovered the hack, CORE placed a message on its Web site notifying visitors of the hack which also listed the correct IP
      address for Network Solutions' site. CORE also posted a brief statement saying it strongly condemned the moves and is looking into
      legal action. 

      ICANN officials said there had been no indications that the hackers had affected the root server that it administers. One of 13,
      ICANN's root server contains the database that allows domain names to be translated into IP numbers so that traffic can be properly
      routed. 

      NSI released a statement Friday afternoon confirming a hack had occurred and said the FBI had been called into investigate. NSI is
      speculating that SoftAware, an Internet service provider based in the same California building as ICANN, was where the hack
      originated. 

      In April, ICANN named five testbed registers which included CORE, America Online Inc., France Telecom/Oleane, Melbourne IT and
      register.com. They were the first to begin registering domain names and testing the new shared registration system developed to allow
      multiple competitors to handle the process. In addition, 29 companies have been accredited to register domain names once the system's
      test is complete. 

      ICANN takes over the system from NSI which was granted an exclusive government contract to manage the domain system in 1993.
     
      
      
      @HWA
      
 10.0 Bad permissions set on passwords stored by WebTrends software     
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      
      From HNN http://www.hackernews.com/
       

      contributed by Space Rogue 
      Internet Security Systems (ISS) X-Force has discovered
      a security hole in numerous WebTrends products. This
      hole allows access to service account and MAPI user
      names and passwords. WebTrends stores service
      account user name and password in a file called
      WebTrends.INI that allows "Everyone" full access.
      WebTrends recommends that you modify the ACL
      settings to an appropriate level and upgrade to the
      latest version. 

      ISS X-Force
      http://xforce.iss.net/
      
 11.0 Three Blind Men Accused of Computer Tampering in Israel 
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      
      From HNN http://www.hackernews.com/


      contributed by dis-crete 
      Three blind Arab brothers are being held for allegedly
      electronically breaking into the Mossad Intelligence
      Agency and the Shin Bet security service along with
      dozens of other Israeli institutions. They supposedly did
      this without special computer equipment for the blind.
      Apparently, the three blind br