July 24th, 2001, 09:51 PM
Just a quicky. I don't claim to even be close to eliteness, and
in fact have just begun messing with little stuff here and there,
but one cool little thing a new guy at Microsoft had me doing on
a tech support line was make it look as though you actually have
installed some type of Windows file so that you could "Upgrade" to
Win 95. He had me do the following to a clean hard drive after fdisking
it with a Win95 system disk. When at c:\> type the following:
copy con ntldr [enter]
It should say "1 file copied". This is a system file that Win 95
looks for so that you can "upgrade" to Win 95 when in actuality
you don't even have to have dos installed on your system. After you
have done that, reboot your system with the system disk in and install
Windows 95 Upgrade as usual. This note is in response to the article
about Microsoft thinking people are stupid. Try that out and see how
stupid MS really is. Feel free to publish this as you wish.
Ok, this is a pretty cool little fact. Any other help line operators that
want to share tips like this with us, feel free to drop us an email!
i have a very general and prob. very easy question for you. I hope it is appropriate to ask
you this question. I am taking a class where we telnetted to port 25 SMPT
I began fooling around with this and then began to think
are there any legality issues here? I then found a machine
with the 79 finger port open and telnetted to that and promptly
became disconnected then it hit me that this may or may not
be legal...QUESTION: When does fooling around with ports
become illegal? connection? attempt?
(hoping to aviod any misunderstandings)
Well, this is a tricky one. Most governmental and military servers will log ANY attempted login, or connection to any port, whether or not
you actually attempt a login. Some ports, for example, sendmail, finger, etc.., were designed to have public connections made to it. The general rule of thumb is this:
What are your intentions? Are you connecting to a sendmail port to try and verify a user account exists on the system, or to try a buffer overflow? Are you visiting
their website to get information, or to try a phf exploit? If your intentions are on the up and up, and you're using the services as they were intended to be used when
the system administrator set them up, you have nothing to worry about.
Hi. Ok I've been here a few times and I love ur site, thank u for all the information u give out.
Now I've decided that I should start asking questions to someone who can aswer them.
My question deals w/ Error messages, ie: Error 401 "authorization required(or failed)" and
Error 403 "u are not authorized to view this document..." Ok, how do these messages work?
Each full response from a server contains a three-digit status number
that informs the client of what became of its request. These little things are what we refer to as
"HTTP Response Numbers". Below is a list of some of the more common ones:
301: Moved Permanently
302: Moved Temporarily
303: Not Modified
400: Bad Request
404: Not Found
500: Internal Server Error (as a cgi programmer and guru this is the one I see the most, heh)
Hiya! I just downloaded ogre.. and to tell you the truth it's
is one of the most powerful programs I have.. I am truly happy with it
as does a job took me 5-6 programs to do.. In my view AntiOnline is doing an excellent job
of sitting right in the middle of the security issues.. AntiOnline provides both sides of the story.
Thanks AntiOnline for providing a level playing field..
Now, you just know I have to put in at least one
letter like this in each edition of the MailBag =) And no, we didn't pay
him to say that :P
Good God, what a pompous bunch of asses you guys have
raised to semicelebrities. A couple of American teenagers
and some selfimportant Israeli loser, doing things
about a 100,000 people could do. If it mattered.
Back in my days at MIT the most important things about
hacking were to (1) do something that was genuinely
amazingly witty or challenging and (2) show some class/
style at it. Looks like 0 for 2 with these kids.
Geniuses? Don't make me puke. Give 'em spray cans and
they'd be as glamorous as any bunch of immature vandals.
Perhaps I should admire antionline for finding a way
to market itself by enlisting these morons in its cause.
Just be sure that the FTC and FCC don't catch on too quick.
I bet you didn't think this one would ever see the light of day. Heh, I'm sensing some
definate hostility here. First off, let's not judge how much these guys know / don't know until we hear the actual
methods that were used in their attacks. So far, we've heard NOTHING from the FBI as far as the methods
used to hack into governmental servers. The only people we've heard from is one ISP who has told us about
the "statd" method used in the attack of one of their servers. As for "antionline finding a way to market...". Well,
we've been around for four years now, covering things and talking about things that most people don't care about.
We continue to do so. Our goal is to educate the public on computer security issues. If it takes a high profile
case to help us make that happen, so be it. Keep in mind, if you will, that's we're not some multibillion dollar
corporation like Microsoft or something. We're a bunch of college students working in our spare time to help, even
if it is only in our own small way, broaden the public's understanding of technologies, and issues related to it. I see
nothing wrong with that.
i would just like to point out that the analyzer is an 18 and a half year old israeli boy, whose name is ehud tannenbaum,
and lives in HOD HASHARON. i am also an israeli, and i am very proud of him, and also of the fact that he never used his
power to take money or to bash little internet sites (although he sure had the power to) but only went against nazi and pedophile
sites (which i understand completely) and that the pentagon are lucky that the genius who broke into their computer HELPED them,
and didn't care about the information he fell upon (chemical weapons and such) it could have been some guy from the syrian army or
something... what i feel is really unfair, his computer (and his brother's) has been confiscated, together with this whole thing he
invented, and is sitting at the police office at this moment.
anyway, just from an israeli girl who's stuck in belgium, and DAMN proud of ehud!
Well, you're not alone in your feelings about Analyzer. I've talked to several israeli reporters who have
all told me of the sense of patriotism the israeli people have for him. I'm not sure what this "invention" is that you spoke of. As
for his computer? My understanding is that Analyzer was drafted into the army yesterday. I'm sure they'll be providing him
with one of those.
hi, good day!
I read an article regarding your antionline.com in one of
the local newspapers. I'm really interested in your hacking
the pentagon ( latest one..written in the article).
Oh God! I hope this isn't what local papers are printing. Haha. I'll be the
next one with an FBI agent at my door step. Anyways, I think you have things a little confused, go
read our coverage on the Pentagon Hacker, and I think you'll be cleared up =)
What kind of point are the "Enforcers" trying to make? First of all, the
hack websites that DON'T have anything to do with the FEDS. Innocent
bystanders, I would say.
How much exposure are they getting by hacking obscure web sites like
"www.hacketts.com". I mean, how many hits does that site get? (heh). The
only exposure that they are getting is through your web site! (Nice site
you have, by the way. I have enjoyed it for quite some time.)
You would think that these people who are trying to make a "point",
would make their "point" against the people that they have a grudge
against, unless they can't, or are afraid to. I would guess that they
have no balls, and are also using the most basic hacking techniques,
because they know nothing else. Sort of using a "War dialer" for web
sites. If you try the same basic crap enough, you will find an
unprotected site! Everyone knows that...
For example: The IRA gets pissed and bombs meaningful targets. They
stick their neck out to get the job done. They might be considered evil,
but their point gets across. They don't go to Russia and bomb a
restroom, if you know what I mean. Why? They don't have a grudge against
the Russians or restrooms! They have a grudge against the British, thus
they attack British installations, and British people! Right?
If one is going to be a terrorist, which is what these "enforcers" seem
to wish they were, instead of children with alot of time on their hands,
one might want to attack the RIGHT INSTALLATIONS. I don't see any "MIL"
or "GOV" in the addresses of these children's victims. I guess that
would take some balls. One thing about not having balls is that you
don't have to worry about heat coming down on you, no?
Whats really funny about these "retaliatory hacks", is that they cheapen
the image of Analyzer by association. Not that his image is that great,
after all, he got caught. It's not bad enough that the guy is facing
some serious ****, but now he gets associated with gutless wannabe's
that have no real idea how to conduct terrorist operations.
Real hackers are the ones who hack for personal pleasure or money. A hit
well done is its own reward, unless there is cold, hard cash involved.
Real hackers get burned out on hacking long before the Feds come
knocking. Real hackers don't have to run their mouths, spreading their
fr3@ky h@NDles all over the place. Real hackers see stuff that they are
not supposed to see, sometimes taking some for themselves or their
"employer", but NEVER breaking ****, unless of course, they are paid to
do so. Maybe that's why real hackers don't get caught, and can enjoy
the fruits of their labor without the Feds breathing down their necks...
So, just what are the "enforcers" doing? Answer: Wasting their bloody
time, but at least providing some comic relief for those of us who have
a little time for a laugh or two.
I have not once seen these "Enforcers" doing anything about "pedophiles
and child abuse". So whatever!