[ Pobierz całość w formacie PDF ]
.comprospnet@ix.netcom.comalluvial@ix.netcom.comhiwaygo@ix.netcom.comfalcon47@ix.netcom.comiggyboo@ix.netcom.comjoyful3@ix.netcom.comkncd@ix.netcom.commailing1@ix.netcom.comniterain@ix.netcom.commattyjo@ix.netcom.comnoon@ix.netcom.comrmerch@ix.netcom.comrthomas3@ix.netcom.comrvaldes1@ix.netcom.comsia1@ix.netcom.comthy@ix.netcom.comvhs1@ix.netcom.comSorry for the length of the list.SpencerAbuse Investigator___________________________________________________________________NETCOM Online Communication Services Abuse Issues24-hour Support Line: 408-983-5970 abuse@netcom.com************** GUIDE TO (mostly) HARMLESS HACKINGVol.1 Number 5It's vigilante phun day again! How get email spammers kicked off their ISPs._______________________________________________________So, have you been out on Usenet blasting spammers? It's phun, right?But if you have ever done much posting to Usenet news groups, you willnotice that soon after you post, you will often get spam email.This ismostly thanks to Lightning Bolt, a program written by Jeff Slayton to striphuge volumes of email addresses from Usenet posts.Here's one I recently got:Received:from mail.gnn.com (70.los-angeles-3.ca.dial-access.att.net[165.238.38.70]) by mail-e2b-service.gnn.com (8.7.1/8.6.9) with SMTP id BAA14636; Sat, 17 Aug 199601:55:06 -0400 (EDT)Date: Sat, 17 Aug 1996 01:55:06 -0400 (EDT)Message-Id:To:Subject: ForeverFrom: FREE@Heaven.com"FREE" House and lot in "HEAVEN"Reserve yours now, do it today, do not wait.It is FREEjust for the asking.You receive a Personalized Deed and detailed Map to your home in HEAVEN.Send yourname and address along with a one time minimum donation of $1.98 cash, check, or money order tohelp cover s/h costTO: Saint Peter's EstatesP.O.Box 9864Bakersfield,CA 93389-9864This is a gated community and it is "FREE".Total satisfaction for 2 thousand years to date.>From the Gate Keeper.9PS.See you at the Pearly Gates)GOD will Bless you.Now it is a pretty good guess that this spam has a forged header.Toidentify the culprit, we emplo y the same command that we used with Usenet spam:whois heaven.comWe get the answer:Time Warner Cable Broadband Applications (HEAVEN -DOM)2210 W.Olive AvenueBurbank, CA 91506 Domain Name: HEA VEN.COMAdministrative Contact, Technical Contact, Zone Contact, Billing Contact:Melo, Michael (MM428) michael@HEAVEN.COM(818) 295-6671Record last updated on 02-Apr-96.Record created on 17-Jun-93.Domain servers in listed order:CHEX.HEAVEN.COM 206.17.180.2NOC.CERF.NET 192.153.156.22>From this we conclude that this is either genuine (fat chance) or a better forgery than most.So let's try tofinger FREE@heaven.com.First, let's check out the return email address:finger FREE@heaven.comWe get:[heaven.com]finger: heaven.com: Connection timed outThere are several possible reasons for this.One is that the systemsadministrator for heaven.com has disabled the finger port.Another is that heaven.com is inactive.It couldbe on a host computer that is turned off, or maybe just an orphan.*********************Newbie note: You can register domain names without setting them up on acomputer anywhere.You just pay your money and Internic, which registersdomain names, will put it aside for your use.However, if you don't get it hosted by a computer on theInternet within a few weeks, you may loose your registration.*********************We can test these hypotheses with the ping command.This command tells you whether a computer iscurrently hooked up to the Internet and how good its connection is.Now ping, like most kewl hacker tools, can be used for either information or as a means of attack.But I amgoing to make you wait in dire suspense for a later Guide to (mostly) Harmless Hacking to tell you how somepeople use ping.Besides, yes, it would be *illegal* to use ping as a weapon.Because of ping's potential for mayhem, your shell account may have disabled the use of ping for the casualuser.For example, with my ISP I have to go to the right directory to use it.So I give the command:/usr/etc/ping heaven.comThe result is:heaven.com is alive ***********************Technical Tip: On some versions of Unix,giving the command "ping" will start your computer pinging thetarget over and over again without stopping.To get out of the ping command, hold down the control keyand type "c".And be patient, next Guide to (mostly) Harmless Hacking will tell you more about the serioushacking uses of ping.***********************Well, this answer means heaven.com is hooked up to the Internet right now.Does it allow logins? We testthis with:telnet heaven.comThis should get us to a screen that would ask us to give user name andpassword.The result is:Trying 198.182.200.1.telnet: connect: Connection timed outOK, now we know that people can't remotely log in to heaven.com.So it sure looks as if it was an unlikelyplace for the author of this spam to have really sent this email.How about chex.heaven.com? Maybe it is the place where spam originated? I type in:telnet chex.heaven.com 79This is the finger port.I get:Trying 206.17.180.2.telnet: connect: Connection timed outI then try to get a screen that would ask me to login with user name, but once again get "Connection timedout."This suggests strongly that neither heaven.com or chex.heaven.com are being used by people to send email.So this is probably a forged link in the header.Let's look at another link on the header:whois gnn.comThe answer is:America Online (GNN2-DOM)8619 Westwood Center DriveVienna, VA 22182USADomain Name: GNN.COMAdministrative Contact:Colella, Richard (RC1504) colella@AOL.NET703-453-4427Technical Contact, Zone Contact:Runge, Michael (MR1268) runge@AOL.NET 703-453-4420Billing Contact:Lyons, Marty (ML45) marty@AOL.COM703-453-4411Record last updated on 07-May-96.Record created on 22-Jun-93.Domain servers in lis ted order:DNS-01.GNN [ Pobierz całość w formacie PDF ]

  • zanotowane.pl
  • doc.pisz.pl
  • pdf.pisz.pl
  • necian.htw.pl