==Phrack Inc.== Volume Three, Issue 29, File #5 of 12 [-][-] [-][-] [-][-] [-][-] [-][-] [-][-] [-][-] [-] [-] [-] Covert Paths [-] [-] [-] [-] by [-] [-] [-] [-] Cyber Neuron Limited and Synthecide [-] [-] [-] [-] November 1, 1989 [-] [-] [-] [-][-] [-][-] [-][-] [-][-] [-][-] [-][-] [-][-] When cracking a system, it is important for you to use a path to the system that will not lead the authorities to your door step. There are several methods for doing this and all of them will depend on your destination, available time, goal and the phase of the moon. This article deals mostly with cover attacks via a connected network. If attacking via a phone link: o Tap in to your local payphone line and red box or "sprint" the call. o Using a long haul service (like Sprint or MCI) to dial into systems in remote cities. [This should hinder a track by a good order of magnitude.] o Use a midnight packet switching network (eg: PC-Pursuit, Tymnet, et. al.) o All the above. If attacking from a network (eg: the Internet) there are ways of spoofing the packet headers, but this requires superuser privileges on the system you are attacking from and a fair amount of 'C' programming expertise. Therefore, this will not be discussed here in any more detail. Another obvious trick is to use network routers and gateways along with guest accounts to "route" your data path. This will cause the person tracking you to have to go though more red tape and hassle to track you. This gives you more time to cover your tracks. Some useful paths I know of are: accuvax.nwu.edu cory.berkeley.edu violet.berkeley.edu headcrash.berkeley.edu host: violet.berkeley.edu host: headcrash.berkeley.edu account: nobody account: netgate net address:128.32.136.22 net address: 128.32.234.31 host: cory.berkeley.edu host accuvax.nwu.edu account: terminal account: telnet net address: 128.32.134.6 net address: 129.105.49.1 host: lightning.berkeley.edu host: score.stanford.edu port: 8033 account: guest net address: 128.32.234.10 net address: 36.8.0.46 The accounts nobody, netgate, and terminal at Berkeley are accounts that were installed so that people can use the system to rlogin or telnet to an account elsewhere without a local login (or so I am told by the local hackers [Hi Audrey...]). The lightning path/method can be accessed by the command: "telnet lightning.berkeley.edu 8033". I am interested in hearing about other Internet access accounts that are available out there. If you know of any please send them in. Tymnet is also a useful method of gaining access to systems. From Tymnet, you can hook up to just about any computer and use the other methods to go one step further. It's not until you are traced back to the computer you linked to from Tymnet that they can even begin to follow you back. My understanding is that for a systen to find your Tymnet node, they must contact Tymnet personally and ask them to put a trap on their connection. For more infomation concerning Tymnet see the article "Hacking & Tymnet" by Synthecide in Phrack Inc. Newsletter Issue XXX. ********************************** >--------=====END=====--------<