Thank you for joining the HAPPY HACKER email list. Moderator is Carolyn P. Meinel. If you have hacking tips that you wouldn't mind being read by law enforcement types, please send them in! In the meantime, welcome to the flagship ezine of this list. Here's... The inaugural issue of... _______________________________________________________ GUIDE TO (mostly) HARMLESS HACKING Vol. 1 Number 1 Hacking tip of this column: how to finger a user via telnet. _______________________________________________________ Hacking. The word conjures up evil computer geniuses plotting the downfall of civilization while squirreling away billions in electronically stolen funds in an Antigua bank. But I define hacking as taking a playful, adventurous approach to computers. Hackers don't go by the book. We fool around and try odd things, and when we stumble across something entertaining we tell our friends about it. Some of us may be crooks, but more often we are good guys, or at least harmless. Furthermore, hacking is surprisingly easy. I'll give you a chance to prove it to yourself, today! But regardless of why you want to be a hacker, it is definitely a way to have fun, impress your buddies, and get dates. If you are a female hacker you become totally irresistible to all men. Take my word for it!;^D This column can become your gateway into this world. In fact, after reading just this first Guide to (mostly) Harmless Hacking, you will be able to pull off a stunt that will impress the average guy or gal unlucky^H^H^H^H^H^H^H fortunate enough to get collared by you at a party. So what do you need to become a hacker? Before I tell you, however, I am going to subject you to a rant. Have you ever posted a message to a news group or email list devoted to hacking? You said something like "What do I need to become a hacker?" right? Betcha you won't try *that* again! It gives you an education in what "flame" means, right? Yes, some of these 3l1te types like to flame the newbies. They act like they were born clutching a Unix manual in one hand and a TCP/IP specification document in the other and anyone who knows less is scum. ********************* Newbie note: 3l1t3, 31337, etc. all mean "elite." The idea is to take either the word "elite" or "eleet" and substitute numbers for some or all the letters. We also like zs. Hacker d00dz do this sor7 of th1ng l0tz. ******************** Now maybe you were making a sincere call for help. But there is a reason many hackers are quick to flame strangers who ask for help. What we worry about is the kind of guy who says, "I want to become a hacker. But I *don't* want to learn programming and operating systems. Gimme some passwords, d00dz! Yeah, and credit card numbers!!!" Honest, I have seen this sort of post in hacker groups. Post something like this and you are likely to wake up the next morning to discover your email box filled with 3,000 messages from email discussion groups on agricultural irrigation, proctology, collectors of Franklin Mint doo-dads, etc. Etc., etc., etc....arrrgghhhh! The reason we worry about wannabe hackers is that it is possible to break into other people's computers and do serious damage even if you are almost totally ignorant. How can a clueless newbie trash other people's computers? Easy. There are public FTP and Web sites on the Internet that offer canned hacking programs. Thanks to these canned tools, many of the "hackers" you read about getting busted are in fact clueless newbies. This column will teach you how to do real, yet legal and harmless hacking, without resorting to these hacking tools. But I won't teach you how to harm other people's computers. Or even how to break in where you don't belong. ****************************** You can go to jail tip: Even if you do no harm, if you break into a portion of a computer that is not open to the public, you have committed a crime. If you telnet across a state line to break in, you have committed a federal felony. ************************************* I will focus on hacking the Internet. The reason is that each computer on the Internet has some sort of public connections with the rest of the Net. What this means is that if you use the right commands, you can *legally* access these computers. That, of course, is what you already do when you visit a Web site. But I will show you how to access and use Internet host computers in ways that most people didn't know were possible. Furthermore, these are *fun* hacks. In fact, soon you will be learning hacks that shed light on how other people (Not you, right? Promise?) may crack into the non-public parts of hosts. And -- these are hacks that anyone can do. But, there is one thing you really need to get. It will make hacking infinitely easier: A SHELL ACCOUNT!!!! A "shell account" is an Internet account in which your computer becomes a terminal of one of your ISP's host computers. Once you are in the "shell" you can give commands to the Unix operating system just like you were sitting there in front of one of your ISP's hosts. Warning: the tech support person at your ISP may tell you that you have a "shell account" when you really don't. Many ISPs don't really like shell accounts, either. Guess why? If you don't have a shell account, you can't hack! But you can easily tell if it is a real shell account. First, you should use a "terminal emulation program" to log on. You will need a program that allows you to imitate a VT 100 terminal. If you have Windows 3.1 or Windows 95, a VT 100 terminal program is included as one of your accessory program. Any good ISP will allow you to try it out for a few days with a guest account. Get one and then try out a few Unix commands to make sure it is really a shell account. You don't know Unix? If you are serious about understanding hacking, you'll need some good reference books. No, I don't mean the kind with breathless titles like "Secrets of Super hacker." I've bought too many of that kind of book. They are full of hot air and thin on how-to. Serious hackers study books on: a) Unix. I like "The Unix Companion" by Harley Hahn. b) Shells. I like "Learning the Bash Shell" by Cameron Newham and Bill Rosenblatt. A "shell" is the command interface between you and the Unix operating system. c) TCP/IP, which is the set of protocols that make the Internet work. I like "TCP/IP for Dummies" by Marshall Wilensky and Candace Leiden. OK, rant is over. Time to hack! How would you like to start your hacking career with one of the simplest, yet potentially hairy, hacks of the Internet? Here it comes: telnet to a finger port. Have you ever used the finger command before? Finger will sometimes tell you a bunch of stuff about other people on the Internet. Normally you would just enter the command: finger Joe_Schmoe@Fubar.com But instead of Joe Schmoe, you put in the email address of someone you would like to check out. For example, my email address is cmeinel@techbroker.com. So to finger me, give the command: finger cmeinel@techbroker.com Now this command may tell you something, or it may fail with a message such as "access denied." But there is a more elite way to finger people. You can give the command: telnet llama.swcp.com 79 What this command has just done is let you get on a computer with an Internet address of llama.swcp.com through its port 79 -- without giving it a password. But the program that llama and many other Internet hosts are running will usually allow you to give only ONE command before automatically closing the connection. Make that command: cmeinel This will tell you a hacker secret about why port 79 and its finger programs are way more significant than you might think. Or, heck, maybe something else if the friendly neighborhood hacker is still planting insulting messages in my files. Now, for an extra hacking bonus, try telnetting to some other ports. For example: telnet kitsune.swcp.com 13 That will give you the time and date here in New Mexico, and: telnet slug.swcp.com 19 Will show you a good time! OK, I'm signing off for this column. And I promise to tell you more about what the big deal is over telnetting to finger -- but later. Happy hacking! ******************************************************* Want to share some kewl hacker stuph? Tell me I'm terrific? Flame me? For the first two, I'm at cmeinel@techbroker.com. Please direct flames to dev/null@techbroker.com. Happy hacking! _______________________________________________________ Copyright 1996 Carolyn P. Meinel. You may forward the GUIDE TO (mostly) HARMLESS HACKING Ezine as long as you leave this notice at the end. To subscribe, email cmeinel@techbroker.com with message "subscribe hacker " substituting your real email address for Joe Blow's. ***************************************************************