Author: van Hauser / THC I.INTRODUCTION II.MENTAL III.BASICS IV.ADVANCED V.UNDER SUSPECT VI.CAUGHT VII.PROGRAMS VIII.LAST WORDS I. INTRODUCTION Please excuse my poor english - I'm german so it's not my mother language I'm writing in. Anyway if your english is far better than mine, then don't think this text hasn't got anything to offer you. In contrast. Ignore the spelling errors & syntax - the contents of this document is important ... NOTE : This text is splitted into TWO parts. The first one, this, teaches about the background and theory. The second just shows the basics by an easy step-by-step procedure what to type and what to avoid. If you are too lazy to read this whole stuff here (sucker!) then read that one. It's main targets are novice unix hackers. If you think, getting the newest exploits fast is the most important thing you must think about and keep your eyes on - you are wrong. How does the best exploit helps you once the police has seized your computer, all your accounts closed and everything monitored? Not to mention the warrants etc. No, the most important thing is not to get caught. It is the FIRST thing every hacker should learn, because on many occasions, especially if you make your first hacks at a site which is security conscious because of many break-ins, your first hack can be your last one (even if all that lays back a year ago "they" may come up with that!), or you are too lazy to change your habits later in your career. So read through these sections carefully! Even a very skilled hacker can learn a bit or byte here. So this is what you find here: Section I - you are reading me, the introduction Section II - the mental things and how to become paranoid 1. Motivation 2. Why you must become paranoid 3. How to become paranoid 4. Stay paranoid Section III - the basics you should know BEFORE begin hacking 1. Preface 2. Secure Yourself 3. Your own account 4. The logs 5. Don't leave a trace 6. Things you should avoid Section IV - the advanced techniques you should take a notice of 1. Preface 2. Prevent Tracing of any kind 3. Find and manipulate any log files 4. Check the syslog configuration and logfile 5. Check for installed security programs 6. Check the admins 7. How to "correct" checksum checking software 8. User Security Tricks 9. Miscellaneous Section V - what to do once you are under suspect Section VI - the does and dont's when you got caught Section VII - a short listing of the best programs for hiding Section VIII - last words, the common bullshit writers wanna say Read carefully and enlighten yourself. II. MENTAL CONTENTS: 1. Motivation 2. Why you must become paranoid 3. How to become paranoid 4. Stay paranoid 1. MOTIVATION The mental aspect is the key to be successful in anything. It's the power to motivate yourself, fight on if it hurts, being self disciplined, paranoid & realistic, calculate risks correctly and do stuff you don't like but are important even if you'd like to go swimming now. If you can't motivate yourself to program important tools, wait for the crucial time to hit the target, then you'll never get anywhere with your "hacks" A successful and good hacker must meet these mental requirements. It's like doing bodybuilding or a diet - you can learn it if you really try. EVEN THE BEST KNOWLEDGE WON'T HELP YOU UNTIL YOU ARE REALLY CONCERNED TO DO THE PREVENTIONS AND ACTUAL MAKE THEM ! 2. WHY YOU MUST BECOME PARANOID It's right that normally being paranoid is not something which makes your life happier. However if you aren't expecting the worst, anything can hit you and throw you off balance. And you are risking very much with your doings. In your normal life you don't need to worry much about cops, thieves and therelike. But if you are on the other side remember that you make other people a hard life and bring them nightmares plus work - and they want to stop you. Even if you don't feel like committing a crime - you actually do. Hacker- Witchhunting pops up fast and gets everyone who might be involved. It's the sad thing : YOU ARE GUILTY UNTIL PROVEN OTHERWISE ! Once you've got the stigma being a hacker you'll never get it off. Once having an entry in your police record it's very hard to find a job. Especially no software company, even no computer related company will ever hire you, they will be afraid of your skills, and you will see yourself being forced to emmigrate or your life lost. Once you fall down only a few can get up again. Become paranoid! Protect yourself! Remember you have got everything to loose! Never feel silly doing THAT extraordinary action against tracing! Never bother if someone laughs on your paranoid doing! Never be too lazy or tired to modify the logs! A hacker must do his work 100% ! 3. HOW TO BECOME PARANOID If you've read the part above and you think thats true, it's easy - you've got already become paranoid. But it must become a substantial part of your life. If you made it becoming a good hacker always think about whom to tell what, and that you phone calls and emails might be monitored. Always reread the section above. If the above didn't helped you, then think about what happens if you are caught. Would your girlfriend stay at your side? Even if her father speaks a hard word? Do you want to see your parents cry? Thrown from your school/university/job? Don't give this a chance to happen! If even this is not enough to motivate you: KEEP AWAY FROM HACKING! You are a danger to the whole hacking society and your friends ! 4. STAY PARANOID I hope you learned now why it is important to become paranoid. So stay paranoid. One mistake or lazy moment could suffice to ruin your life or career. Always maintain motivation to do it. III. BASICS CONTENTS: 1. Preface 2. Secure Yourself 3. Your own account 4. The logs 5. Don't leave a trace 6. Things you should avoid 1. PREFACE You should know this and practice it before you start your first hack. These are the absolute basics, without them you are in trouble soon. Even an experienced hacker can find a new hint/info in here. 2. SECURE YOURSELF What if a SysAdmin reads your email? What if your phone calls are recorded by the police? What if the police seizes your computer with all your hacking data on it? If you don't receive suspicious email, don't talk about hacking/phreaking on the phone and haven't got sensitive/private files on your harddisk then you don't need to worry. But then again you aren't a hacker. Every hacker or phreaker must keep in touch with others and have got his data saved somewhere. Crypt every data which is sensitive! Online-Harddisk-Crypter are very important and useful: There are good harddisk crypters free available an the internet, which behave fully transparent to your operating systems, i.e. the packages listed below are tested and were found to be a hacker's first-choice: ?If you use MsDos get SFS v1.17 or SecureDrive 1.4b ?If you use Amiga get EnigmaII v1.5 ?If you use Unix get CFS v1.33 File Crypters: You can use any, but it should use one of the well known and secure algorythms. NEVER use a crypting program which can be exported because their effective keylengths are reduced! ?Triple DES ?IDEA ?Blowfish (32 rounds) Encrypt your emails! ?PGP v2.6.x is used most so use it too. Encrypt your phonecalls if you want to discuss important things. ?Nautilus v1.5a is so far the best Encrypt your terminal sessions when connected to a unix system. Someone might be sniffing, or monitoring your phone line. ?SSH is the so far most secure ?DES-Login is fine too Use strong passwords, non-guessable passwords which are not mentioned in any dictionary. They should seem random but good to remember for yourself. If the keylength is allowed to be longer than 10 chars, use that, and choose a sentence from a book, slightly modified. Please crypt phonenumbers of hacker friends twice. And call them from payphones/officephones/etc. only, if you don't encrypt the conversation. The beginner only needs PGP, a filecrypter and an online-hardisk-crypter. If you are really deep into hacking remember to encrypt everything. Make a backup of your data (Zip-Drive, other harddisk, CD, Tape), crypted of course, and store it somewhere which doesn't belong to any computer related guy or family member and doesn't belong to your house. So if a defect, fire or fed raid occures you got a backup of your data. Keep written notices only as long as you really need them. Not longer. Keeping them in an encrypted file or on an encrypted partition is much more secure. Burn the papers once you don't need them anymore. You can also write them down with a crypt algorythm which only you know of, but don't tell others and don't use it too often or it can be easily analyzed and broken. Really hardcore or ultra paranoid hackers should consider too the TEMPEST Project. Cops, spies and hackers could monitor all your doings. A well equipted man could have anything he wants : Electronic pulse emanation can be catched from more than 100 meters away and show your monitor screen to somebody else, a laserpoint to your window to hear private conversations, or identifying hifrequency signals of keyboard clicks ... so possiblities are endless Lowcost prevention can be done by electronic pulse jammers and therelike which become available on the public market, but I don't think this is secure enough to keep anyone dedicated away. 3. YOUR OWN ACCOUNT So let's talk about your own account. This is your real account you got at your school/university/job/provider and is associated with your name. Never forget to fail these ru...
Iskraa