      -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

      =                                                               =

      -                WELCOME TO THE EIGHTH ISSUE OF                 -

      =                                                               =

      -                        -=>PHANTASY<=-                         -

      =                                                               =

      -               A PUBLICATION AND NEWSLETTER OF                 -

      =                                                               =

      -                             THE                               -

      =                        INTERNATIONAL                          =

      -                         INFORMATION                           -

      =                          RETRIEVAL                            =

      -                            GUILD                              -

      =                                                               =

      -        Hacking,Phreaking,Anarchy,Survivalism,Commentary       -

      =                                                               =

      -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-



           Volume Number Three,Issue Number Eight Dated 6/05/92

               Editor: Mercenary@f515.n141.z1.fidonet.org



             Article Submissions: The Mercenary/IIRG

                                  862 Farmington Avenue

                                  Suite 306

                                  Bristol,Ct 06010



           IIRG World Headquarters BBS: Dark Shadows

                                        19.2/9600 Baud HST

                                        24 Hours a Day

                                        1.2 Gigs Online

                                        (203)-628-9660



        Table of Discontents:





          [1] Quick Comment

              By: Mercenary



          [2] Communists Alive and Well in the U.S.

              By: Red Dawn



          [3] TeleFraud: (A Case Example)

              By: Anonymous



          [4] IIRG Members Profiles: Rowdy Roddy Piper



          [5] New World Order Pledge of Dis-Allegiance

              Provided By: Saint Anarchy



          [6] IIRG FREEBIES: New Section Devoted to promotions

                             available to our readers!



          [7] PHANTASY TIDBITS: News and Views of Interest





          [8] FOR THE PEOPLE

              Supplied By: Bulletin Boards Across the Country

              Edited by: Mercenary



                      1. Michelangelo Source Code

                      2. Phil Katz Warning

                      3. Virus Poem





          [9] Listing of PHANTASY Distribution Sites



-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-



    OFFICIAL DISLAIMER...



    All information in PHANTASY is from USER contributed material

    The Publishers and Editors of PHANTASY and THE IIRG disclaim

    any liability from any damages of any type that the reader or

    user of such information contained within this newsletter may encounter

    from the use of said information. All files are brought to you for

    entertainment purposes only! We also assume all information infringes

    no copyrights and hereby disclaim any liability.



    PHANTASY is (C) 1990 by The IIRG

    IIRG and INTERNATIONAL INFORMATION RETRIEVAL GUILD is (C) 1982



-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-



 Section [1]: Quick Comment

              By: Mercenary



        ATTENTION!! All File creators,Publishers,BBS-aholics

                    the Former IIRG WHQ Runestone BBS is gone.

                    Please do not list it in your files.

                    The New WHQ is:





           IIRG World Headquarters BBS: Dark Shadows

                                        19.2/9600 Baud HST

                                        24 Hours a Day

                                        1.2 Gigs Online

                                        (203)-628-9660





-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-



 Section [2]: Communists Alive and Well in the U.S.

              By: Red Dawn



  The Berlin Wall came down, and its about time. But the RED Menace is alive

 and Well folks. The So called Russian Republics (Soviet DisUnion) haven't

 gone anywhere. So why are the piss ant politicians in the U.S. rolling over

 and playing Dead? Money, Yes its that simple Money.

  One world Government means power and power means money and as long as our

 leaders are more concerned about filling thier pockets and not filling

 peoples stomachs, were on our own.

  The Chinese Communists just exploded the largest underground nuclear blast

 ever, the Soviets still have there nukes and the PLP is alive and well here

 in the U.S.

  On a recent jaunt up to MIT, I was approached by a PLP (Progressive Labor

 Party) member. The PLP is the American Communist Party for those who are new

 to this. He asked if I'd like to buy a copy of "Challenge" (The Revolutionary

 Communist Newspaper) I said No, but I'll take this copy for free comrade.

 and walked off with the poor little Reds paper.

  NOTE: Please dont feel bad for the Red, Communism states whats yours is mine

        so I was just teaching him about true Communism control

  Now the PLP is getting smart, they are recruiting Puerto Ricans and other

 third world spanish speakers, as the lead story is "STOP RACIST REPATRIATION

 OF HAITANS" and the paper is now half spanish.

  What better way to boost your cause then appeal to an already unrestful

 group of people.

  Well I say enough, lets show the Communists that we can take America Back

 by unseating mailing them your thoughts.



 I'd Advise this on a Post Card:



  We Love America,and not Karl Marx.... Signed a Concerned American



 Mail to: The Progressive Labor Party

          231 West 29th Street

          Room 502

          New York,NY 10001



 Or Call: (212)-629-0002



-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-



 GIVE YOUR SOUL TO GOD AND PICK UP YOUR GUN, ITS TIME TO DEAL IN LEAD.

 WE ARE THE LEGIONS OF THE DAMNED,THE ARMY OF THE ALREADY DEAD.



                                   Robert J. Matthews



-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-



 Section [3]: TeleFraud: (A Case Example)

              By: Anonymous



  Hacking and Phreaking has long been a game of cat and mouse, between

 Hacker and System Administrator. In a role reversal I'd like to present

 the response of an Undisclosed Insurance Company to hackers penetrating

 thier system by presenting the memo distributed to system operators.



-------------------------------------------------------------------------------

 From the Director of Systems Security to all employees:



  We have experienced telephone fraud (TeleFraud) in which outsiders,

 (I.E. Hackers) penetrated a regional office telephone system and made long

 distance calls that were charged to the company (In one case the cost of

 those calls was about $27,000) A number of steps are being implemented to

 elimanate this exposure) We want to inform you about some of them, and ask

 for your help and cooperation.



 NOTE: This article may contain terminology new to you. A "Definition of Terms"

       is included on the last page to help clarify these terms.





 BACKGROUND:



  The most common form of telefraud involves the use of 800 numbers,credit

  cards, and third party calling. Hackers get these numbers from a number of

  sources, such as:



  A. Advertisements



  B. Eavesdropping (e.g. when you charge your telephone call to another number

     while using a public telephone)



  C. Using old company telephone books and manuals that contain numbers of

     Key System or Private Branch Exchange (PBX) systems, which are the heart

     of our internal telephone system.



  Technically sophisticated hackers dial these numbers, and through computer

 program routines, determine authorization codes.

  Having learned these codes, they post them on computer bulletin boards or

 sell them. Literally within minutes unauthorized calls are passing through

 the system.

  To reduce or eliminate this exposure, our department as well as others are

 working together to protect our telephone systems. Some of these protection

 measures include:



 1. Development and implementation of controls in conjuction with our telephone

    vendors (e.g. AT&T and MCI) to restrict access to certain telephone

    features. Some of these controls include prohibiting the use of Remote

    Access,trunk to trunk,and DISA services.



 2. Making you, as telephone users, aware of this problem and identifying ways

    you can help. This memo is part of this program.



 HOW CAN YOU HELP?:



 Here are some suggestions:



 Telephone Credit Cards:



  1. Don't give your credit card number to anyone

  2. When calling from a payphone, use card readers whenever possible.

  3. Don't read the number loud enough for others to hear, or let others

     observe you entering your number.

  4. Report lost or stolen cards immediately.

  5. Use your body to block the view of someone who may be watching to see the

     access code you are punching into the telephone.



 800 Service:



  1. Don't install an 800 number unless it's absolutely necessary.

  2. Remove the line when it's no longer needed.

  3. Limit 800 service to applications that are answered by people.

  4. Avoid 800 service to Phonemail or Voice Response Units (VRU).



 International/Domestic Toll Calls:



  1. Block country and/or area codes that you don't call.

  2. Limit the use of International Class of Service at the handset level.

  3. Block 900 calls with the local telephone company.



 Dial Data Lines:



  1. Block third party calling with the local telephone company.

  2. Establish VNET range restrictions



 Remote Access:



  1. Disable this feature on the PBX. We have surveyed our PBX vendors

     country-wide to ensure these facilities are not enabled.



 Trunk-to-Trunk:



  1. Disable this feature on the PBX. We have surveyed our PBX vendors

     country-wide to ensure these facilities are not enabled.



 Phonemail:



  1. Change passwords frequently

  2. Deactivate unused mailboxes

  3. Limit the number of "Guest" mailboxes

  4. Don't publish the system access number to anyone who doesn't use

     phonemail.

  5. Lock out the subscriber after three unsuccessful attempts to enter the

     mailbox.

  6. Keep system administrator ID's secret and change them frequently.



 Third Party Calling:



  1. Request the local telephone company to block third party calling on

     dial data,fax,and private lines.

  2. Limit the installation of private lines



 PBX (Private Branch Exchange):



  1. Do not reveal maintenance port passwords to callers without positive ID

  2. Delete unused extensions



 VRU (Voice Response Units):



  1. Do not enable trunk-to-trunk transfer.

  2. Program only a select number of extensions to which callers can be

     transferred (i.e. establish a table of extensions).

  3. Do not program station transfer

  4. Passwords, (e.g. logon ID's customer PIN's) should be carefully protected

     and changed frequently.



 Automated Attendant:



  1. Do not enable trunk-to trunk transfer.

  2. Do not program station transfer

  3. Delete unused extensions

  4. Deactivate software features if not in use.



 Hardcopy Listings:



  1. Properly dispose of old telephone books,manuals,or telephone bills that

     contain sensitive telephone numbers.

  2. Review all telephone charges,looking for patterns and excessive charges.



 Dial Access to Computers:



  1. Secure dial lines to all computer systems.



 Miscellaneous:



  1. Be cautious of unusual situations with your telephone system, such as

     busy signals at odd times.





                          DEFINITION OF TERMS





   PBX



   Private Branch Exchange. Private automatic system that provides for the

   switching of calls internally, and to and from the public telephone

   network.



   Trunk-to-Trunk



   A "trunk" is the telephone line that connects a PBX to the telephone

   company. Therefore a trunk-to-trunk connection ties a PBX system to the

   telephone company.



   DISA



   Stands for Direct Inward System Access. This feature gives an outside

   caller the ability to dial directly into a PBX system, without attendant

   (i.e. operator) intervention, and gain access to the PBX system facilities

   and outgoing circuits. DISA software should be disabled, thus eliminating

   this feature/exposure.



   Voice Mail



   Hardware and software products that can be integrated or peripheral to a

   PBX system, allowing users to send,receive,and redirect voice messages

   through office telephone systems and computers.



   Automated Attendant



   An automated telephone system used to accept incoming calls and direct

   their callers to specific extensions based upon the caller entering touch

   tone numbers. For example, a hacker could call someones Voicemail mailbox

   from the outside and try to break in.



   VRU (Voice Response Unit)



   An interactive system that interfaces between the PBX and host computer

   based upon information provided by the caller (e.g. account number,social

   security number)



   Remote Access



   Allows a caller at a remote location to access PBX features by telephone.

   Individual authorization codes are usually required. Remote access allows

   the caller to potentially access an outside (e.g. long distance) line,

   and is usually accomplished through the use of DISA or automated

   attendant features.



   VNET (Virtual Network)



   A registered MCI service that offers a range of telephone limits and/or

   restrictions (e.g. allows calls only within U.S., does not allow calls to

   Virgin Islands,etc.)



   Key System:



   A small, multi-line internal telephone system similar to a PBX.

   Norstar,Spirit,and Merlin are examples of a key system.







   Remember: All of us are potential victims of telephone fraud. Hackers are

             determined to use our telephone system and not pay for that

             service. Please be as determined to ensure they do not.



-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-



            ONE CRIME IS CONCEALED BY THE COMMISSION OF ANOTHER



                                               Seneca



-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-



 Section [4]: IIRG Members Profiles: Rowdy Roddy Piper



------------------------------------------------------------------------------

                           Rowdy Roddy Piper

------------------------------------------------------------------------------



Handle: Rowdy Roddy Piper

Call him: Piper

Past handles: None

Handle origin: Wrestler Rowdy Roddy Piper of WWF fame

Past Computers: Commodore 64  With ICT Data Chief

                Commodore 128

                Amiga 1000

                286/12



Present Computer: 386/33

                  1300 Megs Storage

                  Courier HST

                  Courier HST Dual Standard





Sysop: Pipers Pit BBS



Background:



   Piper Started his original Commodore oriented BBS in March 1985. The Board

  was originally run off of a C-64 with 2 SFD 1001's. Continually upgrading his

  system Piper switched from his original C-Net configuration to Color 64

  with a C-128 with 1750 Ram expander and 2 ICT Data Chief HFD20's.

   It was at this time that Piper met Mercenary at the now defunct CompuTech

  systems and started attending the original IIRG meetings at the Bar and

  pizza joint next door.

   With the Commodore community rapidly dwindling and the IIRG no longer

  supporting the C64/128, Piper sold his Commodore BBS for a $400.00 profit

  over what he invested in it and Bought a 286/12 and an Amiga 1000 with

  1.5 megs.

   Now, with the his vast majority of users being IBM, Piper has switched

  to a 386/33 Tower with 1300 Megs of storage,2 Nodes (HST and HST D/S.

   But being true to his roots, Piper still supports the Amiga line.





Pipers Favorite Things

----------------------



     Running his BBS

     Music (Extensive CD Collection)

     The one month his phone bill ran under $100.00



Most Memorable Experiences

--------------------------



     Selling his original commodore BBS for $400.00 more than he originally

     purchased the Equipment for, and passing out at the 1989 IIRG Hack

     Bash before the keg was tapped.





People to Mention

-----------------

 Thanks to: Pie Man,

            Mercenary, a downright strange individual

            Anubis, an even stranger individual

            The now defunct CompuTech systems and its owner Redbone



 Fucks to:  Internal Revenue, America's Legal Organized Crime Syndicate

            Credit Bureaus, Go ahead---Make my Limit

            and 95% of all elected officials



-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-



    A NICKNAME IS THE HEAVIEST STONE THE DEVIL CAN THROW AT A MAN



                                                  Anon



-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-



 Section [5]: New World Order Pledge of Dis-Allegiance

              Provided By: Saint Anarchy



   As our brave and trustworthy leaders usher in there new world order,

   I suggest each one of you memorize this Pledge to it.



   We pledge dis-allegiance to the United Nations flag and the confusion,

  the treason,the wars,and the bloodshed for which it stands.

   One World (under Satan), uniting all nations under one Communist-Zionist

  international economic control.

   Promoting (under the guise of benevolence and welfare) Metro Government,

  Regionalization,Urban Renewal,Model Cities,causing distress to young and

  old,totally changing our form of government, and working toward a One

  World Bank (Acclomplished, a One World Government,and a One World Church,

  without God and his Holy Word, the Bible. In his name we reject and defy

  the United Nations Flag and the totalitarianism for which it stands.



-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-



   FREEDOM HATH A THOUSAND CHARMS TO SHOW

                         THAT SLAVES HOWE'ER CONTENDED NEVER KNOW



                                               Cowper



-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-



 Section [6]: IIRG FREEBIES: A new section to Phantasy

              BY: Mercenary



-------------------------------------------------------------------------------

 [1] Security for VMS Systems Handbook

     Available from Digital Equipment Corporation

     Free of Charge

     Call 1-800-332-4636 Extension: SECURE

-------------------------------------------------------------------------------

 [2] Free $15.00 Introductory Usage to CompuServe

     Free Complimentary subscription to CompuServe Magazine

     Compliments of Digital Equipment Corporation

     Call 1-800-524-3388 Ask for Represenative #332

-------------------------------------------------------------------------------

 [3] ARAGO Professional dBASE

     Call 1-800-228-3295

     Ask for Free Demo Disk

-------------------------------------------------------------------------------

 [4] Flow Charting 3

     Call 1-800-525-0082 Extension 1117

     Ask for Free Interactive Demo Disk

-------------------------------------------------------------------------------

 [5] Vermont Views

     Portable User-Interface for Dos,Unix,Posix,VMS...

     Free Demo Kit

     Call 1-800-848-1248

     Mention Offer #303

-------------------------------------------------------------------------------

 [6] National Instruments

     Lab Programs

     Free Demo Disks

     1-800-433-3488

-------------------------------------------------------------------------------

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-



 Section [7]: PHANTASY TIDBITS: News and Views of interest from around the

                                Computer World



-------------------------------------------------------------------------------



                       I GOT EM,I GOT EM, I GOT EM....



 Arizona Law officers are fuming that the U.S. Justice Department is taking

 credit for the first successful prosecution under the Operation Sundevil

 computer crime investigation. They point out that they nabbed and convicted

 two hackers swept up in the nationwide crackdown on computer crime several

 months ago. One of the hackers is still doing time in a halfway house after

 spending six months in "shock incarceration," a boot camp for first time

 offenders.



-------------------------------------------------------------------------------



                         POOR LITTLE BIG BROTHER....



 Difficulties tapping advanced digital telephone networks for criminal

 investigations have inspired the Federal Bureau of Investigation to propose

 legislation requiring carriers to modify their networks to accommodate court

 approved wiretaps. The multimillion dollar cost of re-engineering the

 networks would be borne by rate payers. Civil liberties groups said a built

 in tapping capability might encourage overly broad government surveillance.



-------------------------------------------------------------------------------



              COULD I GET SOME MINT JELLY WITH THAT PLEASE?



 A man charged with stealing computer boards from Digital Equipment Corporation

 between February and October 1990 recently received the severed head of a lamb

 wrapped in towels through the U.S. Mail. The box arrived at the Lexington,

 Mass., home of Edward Desmond Jr. on Feb 28th. Desmond had cooperated with the

 government during part of the 2 1/2 year investigation, which led to the

 indictment of 16 people. A plea agreement with Desmond was reportedly

 rescinded after he was caught commiting other crimes.



-------------------------------------------------------------------------------



              INTERNET ADVISORY BOARD SETS S.N.M.P. SECURITY RULES



 The Simple Network Management Protocol (SNMP) security specifications now

 before the Internet Advisory Board would provide the following features:



 1. A data-encryption standard based specification that encrypts messages

    between the SNMP manager and agent. This is useful for sending down new or

    updated keys that determine what management functions a SNMP station can

    access or that define authorization levels within a station.



 2. Origin Authentication that prevents unauthorized users who have obtained

    an SNMP workstations access code from masquerading as an authentic user.



 3. Replay protection that keeps a user from delaying an SNMP transmission,

    such as a command to take a workstation offline, and sending it at a later

    date.



 4. Message integrity that keeps authorized users from changing the contents

    of a SNMP message.



-------------------------------------------------------------------------------



                  BOOK PUSHER SEEKS TO INFLATE EGO



 Computer Security Expert Winn Schwartau, whose book, Terminal Compromise,

 describes how a terrorist gang could paralyze the U.S. with a computer virus,

 sees a parrallel between his text and real life.

 "When the Michelangelo virus scare began, it was eerie, like somone had lifted

 the events right out of my book," he says. "Viruses are evolving into a

 terrorist's weapon and are certainly a viable means of waging warfare."

 Terminal compromise is published by Pittsburg-Based Inter-Pact press.



 IIRG Note: This Jack Ass will say anything to sell his book, so save the

            $19.95 and go out and get drunk instead. The book is pure

            garbage.



-------------------------------------------------------------------------------



                   JACKASS's and MORE JACKASS's



 The Associated press reports that the theft of a portable PC in Australia was

 solved when the thief sent a fax to the unit's maker, DFM Systems of Des

 Moines,Iowa asking for a power cord,documentation, and software.

 What the crook didn't know was the DFM TraveLite PC was the only such system

 in Australia. The unit was owned by Sydney based ACEL, which the thief had

 burglarized. DFM contacted ACEL's managing director, who then contacted the

 police. A ploice officer later contacted the crook, who had supplied his

 street address on the fax.



-------------------------------------------------------------------------------



                I HEAR YA' KNOCKIN, BUT YA' CAN'T COME IN



 Whozz Calling uses your local phone company's Caller ID service to intercept

 the ID information before you answer your phone. The product sends the

 identification of the caller via standard RS-232 serial wire to your computer

 which looks up the caller name,displays it,stores it,elects not to answer the

 call, or diverts the call to an answering machine.

 A DOS compatible,menu driven TSR program can optionally pop up information

 about the caller,bringing up the callers ID before you answer the phone.



 Price: $79.00 (Requires Caller ID)

 Contact: Zeus Phonstuff

          1000 Holcomb Woods Parkway

          Suite 410-C

          Roswell,GA 30076

          (404)-587-1541

          (404)-587-1609 (FAX)



-------------------------------------------------------------------------------



                TWO AT CORNELL INDICTED IN VIRUS CASE



 Two Cornell University students now have been indicted for felonies in

 connection with the computer virus case that came to light last

 February at the Ithaca, N.Y., university.



 David Blumenthal and Mark Pilgrim are accused of embedding a virus in

 three Apple Macintosh computer games that were sent from Cornell's

 computer center to an archive at Stanford University. Authorities say

 from there, the games were duplicated and wound up in computers across

 the U.S., Japan and Great Britain.



 Blumenthal, 20, and Pilgrim, 19, who, in convicted, face a maximum

 four years in prison, were arrested <h1>Error</h1>
Unable to load requested item for reason: -201
