I don't know about you but my copy of the "Rainbow Series"
(never heard them called "Rainbow Books" but whatever..same
thing) is about 6 inches think and the majority of the books
are about the thickness of a long comic book. The largest
being the Orange Book which is about a 1/4 inch thick.

ps: I may not agree with all of your assumptions/philosophy
but I like the page...keep up the good work.

Tyler Allison

System Security Analyst for Nasa

Yeah, as for me saying the rainbow books or "series" was a 6 foot tall
stack... That was one of my pittyful attempts at sarcasm :-/ But, none the less, they are definately
worth reading. I've read them. Well, parts of a couple of them anyways ;-)

Dear John

I live in the united arab emirates.where there is only 1 isp with a strick proxy server.
becouse of which i cannot go to many sites on the net.could u tell me how a proxy
works and how do i bypass it



Censorship is an evil thing. Take a look at last week's MailBag Kiran, I gave the address
for another public proxy server. If you connect your browser to it, it will be the foreign server requesting the pages,
thus bypassing your country's proxy all together. As far as the country wide proxy is concearned, you'll simply
be connecting to lpwa.com. I have a feeling they may not have that address blocked.

I have just recently become interested in computer security.
I read last week's mailbag which talked about using a proxy
server to hide your IP address. My question is, would it
be possible for a hacker to use a proxy server to hack with
impunity? I mean, how would they ever find out who he/she


No, that type of proxy can be thought of more as a re-directing of pages.
The proxy requests the pages from the webserver, and then sends them along onto the user. When
you're talking about "cracking", you're usually talking about a telnet connection of some type. For that
crackers will often use other compromised servers as "jump points", or set up a datapipe somewhere. Perhaps
use a vulnerable wingate, or dial up to a stolen ISP account through a pbx or something.


I really love your site, but it's not the reason of this message. I would like to know
if burstmedia is a good advertising program, if they pay in time and what is the CPM.



Yeah, I'll give kudos to BurstMedia. They're not an "ad program"
or a "shared level ad agency" where all ads are distributed evenly over a network. They actually
go out and propose your site to big companies, set ad rates for your site, etc.. The have VERY
detailed, live statistics on their site, as well as a nice interface to decide which ads to run on your
site, percentages, all that fun stuff. Yes, they're a very reputable company and you don't have
to worry about getting paid and all of that other BS that goes on with other ad agents. As for
how much you'll make? That depends on your traffic and how much companies are willing to
pay. Supply and demand ;-)

I want to card some internet accounts, but I dont want them to trace me...
What precautions should I take. Where can I get some IP scramblers that work
with windows. Is it safe to card stuff over the internet? (I have windows98)


You'll get caught. Don't even try it. Go out and get a job
and work for things that you want like the rest of us do. Whenever you try to get
something for nothing there are bound to be problems.

In response to the Captian that was so blatantly opposed to Antionline,
I'd just like to thank you both for the service you provide here and for the links that you offer.
As an administrator, it helps me when I get the information from you. I've learned the hard way
and the easy way on security. The link to John the Ripper helped me tighten my own password
file as a couple of my users passwords were weak. I learned about security risks the hard way
when I couldn't get on bugtraq and didn't know about Antionline. The result was that I got rooted.
Since then, I am on bugtraq, and I frequent both AntiOnline, AND CERT's page, and more.
If not for the valuable services you all provide, I likely would have been rooted a few more times.
You can tell your airforce "friend" that he doesn't know what he's talking about. Too many people
benefit from your service for the service to be bad, and the only ones that would take the info you
provide to attack and exploit a system are immature script kiddies (that would attack and exploit
the system whether you report the problems or not). He needs to learn more about computers and
security or just get off the Net and stop talking about things he doesn't understand.
Yes, you may forward my name, this message, and my e-mail address to him, if you desire.

Jason F.

Network Administrator

Macatawa Area Community Network

And the debate over "security through obscurity" continues.....

I just wanted to say thanks, you're heading in the right direction.
Your site is much better than hacked.com was.

Carolyn Meinel

M/B Research -- The Technology Brokers

Thanks Carolyn. I try ;-) The main reason
I published this is to have the opportunity to point you all to a few
of Carolyn's works. She's the "Happy Hacker" ;-) Check out
her site, and her books, etc, etc, at www.happyhacker.org.

I like your site and what you are doing.

Your motives are "pure" and neutral, and you
address a real need in the world of today, and as
we go forward in technology: computer security. As we
rely on technology more and more, should we not increase
our reliance on security and safety tenfold? Your site
communicates that, in my opinion. It also seems that the
intent of hackers out there is not malicious; they have ample
opportunity for destructin but do not take it. It seems that
they are more focused on spreading a message than destruction.
ANYWAY, I like your site and have visited several times.

Thanks for the page.

Michael Blair

Network Associates Inc.

Ok, I hope you people are getting the hint
that if you send me a compliment I'll post your site in the mailbag. rofl.
Seriously though, network associates is a MUST visit. They're truly
hard core security dudes. http://www.nai.com/.

I have been trying to get thru to milw0rm, thru a danish
hacker i know called DNV, from the group Outlaw Dimensions.
I myself am studying for the ways of the Hack/Phreak/Crack,
The reason i want to get thru to milw0rm is that i have a
suspission against the place where that guy Saddam Hussein,
is "rulling". My suspission is that in about a year, he will
trigger the 3rd world war, by releasing an atom bomb against
the US of A.


Ok, that's it. I'm going to have the MailServer bounce
back all mail that we get between the time that X-files starts, and one hour
there after. As for getting in touch with the milw0rm. Well, good luck. They
pretty much broke up and went their seperate ways after they heard that the NSA,
FBI, and all of those other "3 letter organizations" were looking into their hacks (which
was about 2 days after the story broke, heh).