Appendix: The Making of STC
The authors and editors of Stealing the Network: How to Own a Continent (known to the contributors as STC ) created a Yahoo! mailing list called Syngress_STC to develop the story, exchange ideas, and monitor the overall status of the project. This appendix contains excerpts from this mailing list dating back to its creation in December, 2003 up through the final efforts to complete the book in April, 2004. The threads to the list continue beyond this point, but can not be included because the appendix needs to be finalized to make the publication schedule. So, the book you now hold in your hands is the true culmination of all the threads. The Contributors list in the Front Matter to this book details the contributions of each author and technical editor on the Syngress_STC list. Additionally, you will see posts from Christine Kloiber (Acquisitions Editor), and Andrew Williams (Publisher).
From: Blue Boar Date: Wed Dec 3, 2003 3:46pm Subject: Howdy
Who all is here? I d like to make sure everyone has dibs on the topic/technology they want. ”Ryan
From: Joe Grand Date: Wed Dec 3, 2003 4:01pm Subject: Re: Howdy
Ahoy, matey. I m here. Ready for action. ”Joe
From: Russ Rogers Date: Wed Dec 3, 2003 4:39pm Subject: Re: Howdy
I m here as well. ”Russ
From: Paul Craig Date: Wed Dec 3, 2003 7:31pm Subject: RE: Howdy
Im here. Although where is here? and the real question, do i get to come back from here to go there?
From: Christine Kloiber Date: Fri Dec 5, 2003 2:33pm Subject: STC - welcome to the show
Hey Guys,
I guess an official welcome message should go out now that some of you are present and accounted for. To introduce the people who are supposed to be here (though our full complement of masterminds haven t all joined the yahoo group yet), we have some of the veteran STN crew returning: Ryan, Thor, FX, Paul, Dan, and Joe, and new to the group are Jay Beale, Fyodor and Russ Rogers.
While Ryan preps the outline, let s open up the forum for discussion in case anyone has any ideas, suggestions, or manifestos they d like to contribute to the book at this point.
From: Russ Rogers Date: Fri Dec 5, 2003 2:41pm Subject: Re: STC - welcome to the show
For those of you who don t know who I am, I was at one end of the table in Vegas when we all went out to dinner, sitting across from Kevin and next to Joe. I ve been lurking around BH and Defcon for years , so chances are you ve seen me.
Anyway, I m thrilled to be involved in this project. It was worth the newborn I had to give to Andrew in order to be here. :-) ”Russ
From: Joe Grand Date: Fri Dec 5, 2003 8:57pm Subject: Re: STC - welcome to the show
I bet they still use dial-up modems in Africa, right? We should definitely have some old school wardialing and voicemail box hacking.. I d love to write that stuff, since that was a nice hobby of mine.. :) I think I have some nice printouts that could be included in there, too..
It would be nice to hit a few more angles of mobile devices, since that s what I always end up researching .. Tracking people/targets with a trojaned Palm or smartphone, cloning someone s OTP authentication token (SecurID, CryptoCARD, Secure Computing, etc.), weird SMS shit. Maybe something with Bluetooth since that s so up-and-coming (though maybe not in Africa).
What about any non-traditional approaches to stealing that continent? Social engineering? I like the idea of using that Ethopian/Africa spam (the I NEED $2 MILLION one) for covert-channel communications (someone mentioned that when we were toying around with the STC concept over the summertime).
I can t wait to see what Chef Ryan de Boar is cooking up in the kitchen for the outline.. This is going to be one damn cool book. And what will be awesome is when the Korean translation includes a CD with all the tools required to own your favorite country (they did that with STN - scary).. OK, enough rambling. I ve been on an airplane for 6+ hours so this tends to happen. I ll shut up now. ”Joe
From: Paul Craig Date: Sun Dec 7, 2003 3:56pm Subject: RE: STC - welcome to the show
Although I am sure they use dialup modems why not focus on modern technology? Hacking handheld devices would be fun I like that idea, a worm that replicates over Iraq s using Bluetooth; scanning the device for accounts/passwords etc, then emailing its findings once its connected (or docked ).
Maybe hacking a Nigerian spammer stealing all of his contacts, getting as much money as you can from them then setting him up and watching him get busted by the cops. ATM hacking? Card duplication from a compromised bank, or a good example of phishing.
SMS social engineering on chat lines, and simple things thrown in like credit card frauding pizza for dinner. I would just love to see every day technology exploited, abused and used for the greater evil and the greater purpose of stealing the continent. ”Paul.
From: Joe Grand Date: Sun Dec 7, 2003 4:51pm Subject: RE: STC - welcome to the show
The thing is, dial-up modems are still used even in advanced countries and are wide open. Elevator control systems, access control and monitoring, etc. etc. It s a huge gaping hole that we could exploit and serves as a good lesson to those administrating networks (a portion of our readers). It s such a plain and simple approach that I think still needs to be touched on. And, they re mostly overlooked by today s attackers because it isn t a sexy avenue. And that s where I come in. I m not very sexy.
From: Paul Craig Date: Sun Dec 7, 2003 10:45pm Subject: RE: STC - welcome to the show
Why was MacGuiver so popular for so many years? He did things in a sexy manner Why don t people watch/read ˜The Day in the life of a telephone operator ? (well apart from the fact he does not blow shit up), he s not sexy.(and I bet didn t get ? as many girls as MacGuiver).
I say keep it sexy, clean, fresh, something new. Something people can relate to and picture themselves doing, someone people want to be. Use everyday modern technology things people hear about and know about. Btw, brave call on the ˜I m not very sexy
From: tmullenryan Date: Mon Dec 8, 2003 1:26pm Subject: Yo
Yo. I ve signed up. see ya. t
From: tmullenryan Date: Mon Dec 8, 2003 1:31pm Subject: Re: Howdy
<Blue Boar> wrote: Who all is here? I d like to make sure everyone has dibs on the topic/technology they want.
I got dibs on the ATM network!! (as in teller machines)
And no, Ryan, the ryan as part of my username is not you, it is a dancer I met in reno! ”-t
From: Blue Boar Date: Mon Dec 8, 2003 1:51pm Subject: Re: Re: Howdy
<tmullenryan> wrote: And no, Ryan, the ryan as part of my username is not you, it is a dancer I met in reno!
No, that was me. ”Ryan
From: Thor Date: Tue Dec 9, 2003 3:11pm Subject: Outline and Schedule [Editor s note: Thor and tmullenryan are the same person.]
So, what is the timeline here ” do we have a production schedule in place? Do we know when the outline will be complete? Just trying to plan my schedule... ”t
From: Blue Boar Date: Tue Dec 9, 2003 4:43pm Subject: Re: Outline and Schedule
You are the farthest along (AFAIK) with your plot, based on us speaking before. You ve got Automated Teller Machines. I think I will have to collaborate with each author on dialog with the boss to get the final wording, but you can simply put in a filler for the moment.
Christine, one of the original plans was to have everyone do two chapters each, but that was before we had a number of confirmed authors. Is that still the plan? I know I m doing an opening and closer, but what about everyone else? ”Ryan
From: Thor Date: Tue Dec 9, 2003 4:57pm Subject: Re: Outline and Schedule
One of the first things I would like to do is get us all to establish what the general level of technology is... There are pretty wide ranges of technology used throughout the continent in different countries, and I want to make sure one chapter is not talking about cracking an LM hash while another is talking about Quantum Encryption.
I ll be in Singapore next week at Blackhat ” Haroon Meer (Sensepost) will also be there, and he is from South Africa somewhere. I ll see if I can get a good feel for the technology dynamics and report back... ”t
From: Russ Rogers Date: Tue Dec 9, 2003 4:57pm Subject: Re: Outline and Schedule
I ll be in Singapore as well. ”Russ
From: Joe Grand Date: Tue Dec 9, 2003 5:08pm Subject: Re: Outline and Schedule
Also, I assume we ll see an outline of some sort soon? I still don t know what I m writing about? :) ”Joe
From: Blue Boar Date: Tue Dec 9, 2003 5:51pm Subject: Re: Outline and Schedule
Sure, go ahead and point out to everyone how late I am with the outline. I ve been slaving over SOMEONE s Hardware Hacking book. :)
I absolutely want to get wardialing in. I also want to get in taking over a phone switch. Can you do a chapter with those two? ”BB
From: Joe Grand Date: Tue Dec 9, 2003 6:22pm Subject: Re: Outline and Schedule
<Blue Boar> wrote: Sure, go ahead and point out to everyone how late I am with the outline. I ve been slaving over SOMEONE s Hardware Hacking book. :)
Sorry ;)
<Blue Boar> wrote: I absolutely want to get wardialing in. I also want to get in taking over a phone switch. Can you do a chapter with those two?
Absolutely! I haven t owned a phone switch in a while. Can it be a System/75 or something of my choosing?
I ll make the wardialing sexy, like either phreaking across nations to become undetectable or using some wireless device hidden in a phone closet somewhere (or using my BootyCall/TBA tool I wrote for the Palm a while back). Exciting! More later.. ”Joe
From: Russ Rogers Date: Tue Dec 9, 2003 6:34pm Subject: Re: Outline and Schedule
I could cover wifi. ”r
From: Blue Boar Date: Tue Dec 9, 2003 6:44pm Subject: Re: Outline and Schedule
WiFi would be fine. I d like to get a somewhat different angle from the first book if possible. What kind of wifi stuff do you like to do? Interested in discussing hacking up some cantennas and such, to tap into APs that way? ”BB
From: Thor Date: Tue Dec 9, 2003 6:48pm Subject: Re: Outline and Schedule
I can t believe your are spending time on this stuff when your Pole Dancing skills need so much work!! And get some Nair for Pete s sake! T
From: Haroon Meer Date: Wed Dec 10, 2003 3:46am Subject: Re: Outline and Schedule
Hi all..
<Thor> wrote: I ll be in Singapore next week at Blackhat ” Haroon Meer (Sensepost) will also be there
He will not!!! i have it on good authority that he is somewhere in .ch while this whole Singapore business is going on ;> Charl van der Walt (also SensePost) (also on the list) will be there though, and im sure u guys will get together...
<Joe Grand> wrote: I bet they still use dial-up modems in Africa, right? We should definitely have some old school wardialing and voicemail box hacking..
For sure... One of the things that will be interesting as this goes on, is that Africa has both extremes.. You are fully likely to find banks / .gov departments (to a lesser degree) with first world capability/technology/staff sitting pretty close ( geographically ) to an organisation deeply rooted (no pun intended) in the 3rd world... Guess the Boss s strategy can include sometimes just scaring the big guys while the little guys get raped, pillaged & plundered... (or vice versa)
<Joe Grand> wrote: It would be nice to hit a few more angles of mobile devices .
for sure (again).. Mobile is big in Africa, where Fixed line operators have failed to deliver, GSM et al have filled the gaps quickly..
<Joe Grand> wrote: What about any non-traditional approaches to stealing that continent? Social engineering?
For sure.... Social Engineering will rear its head in almost everyones chapters (i guess).. A big contributor here is going to be what i touched on earlier.. cause sometimes u will find 1st world technology, at a 2nd world bank.. but operated by 3rd world staff... (a few well placed calls & and an accent will yield interesting results)
Another angle here (if i understood the plot originally) is that the Boss manages to buy himself backup pretty easily.. through plain old vanilla corruption.. With 50% of South Africa being below the poverty line (www.cia.gov/cia/ publications /factbook/geos/sf.html) (and we really are probably the best of in Africa) and an exchange rate that is often painful, the boss will probably be able to buy his way into facilities with $500 before anyone fires up a notebook.. {again.. this will vary.. and add an interesting spin} (Spending time owning a cell -phone tower? the BOSS probably paid some one to drive a truck into the base-station)(how do ur plans to leave the country work if the airport doesnt?)
The inter-country disparities will be cool too.. knock out the power for 5 minutes in central johannesburg and things start getting hairy.. kill the power in Nigeria and everyone yawns and carries on as usual..
But.. this swings both ways.. kill the computers at johannesburg international.. and the airport will be in chaos.. kill the computer in Malawi s Blantyre airport and they probably wont notice as the man with the piece of paper points u to your plane.. ok... enough rambling.. i have to try to get images of Tim and Ryan together in Reno out of my mind... ”/mh
From: Russ Rogers Date: Wed Dec 10, 2003 8:31am Subject: Re: Outline and Schedule
Sure, that would be cool. Determine the channels being used at the target and create a cantenna and pigtail specifically to connect to the network, hack the keys, and move in. I really don t mind either way. There are multiple topics to hit.
-Russ
From: Christine Kloiber Date: Wed Dec 10, 2003 8:36am Subject: Re: Outline and Schedule
Hey Guys,
[You will each be writing] two chapters, one ˜pre-hack and one ˜post-hack is still the plan right now. It looks like we ll have nine contributors total. And, though I m sure everyone knows everyone else, I d like to officially introduce the SensePost crew to the project: Charl, Haroon, and Roelof. They ll be our technical advisors, and among other things, make sure the hacks are realistic without being too perfect ;-)
From: Thor Date: Wed Dec 10, 2003 10:59am Subject: Re: Re: Outline and Schedule
Two? When did that happen? How are we going to do that exactly? Are you guys thinking along the lines of Hacker s Challenge? ”t
From: Thor Date: Wed Dec 10, 2003 4:45pm Subject: Re: Outline and Schedule
<Roelof Temmingh> wrote: He will not!!! i have it on good authority that he is somewhere in .ch while this whole Singapore business is going on ;>
Ah ha! The Blackhat Spreadsheet lied!! That s cool ” you know, Singapore is cracking down on hacking crimes (even pre-hacking crimes), so it is probably best that a Known Hacker like yourself lay low... :-p
<Roelof Temmingh> wrote: Charl van der Walt (also SensePost) (also on the list) will be there > though, and im sure u guys will get together...
Right on. Singapore Slings and a little Bling Bling... ”t
From: Thor Date: Wed Dec 10, 2003 10:48pm Subject: Re: Re: Outline and Schedule
<Christine Kloiber> wrote: two chapters, one ˜pre-hack and one ˜post-hack is still the plan right now.
Just to elaborate on my earlier question a bit more... I m still trying to get a feel for the flow here- will all of these hack events be happening simultaneously ? If so, how many of us know what other people are doing? Are we all puppets for Mr. Big (we HAVE to change that name !) acting in singularity (as far as we are concerned ) or do we all know that a much bigger event is in play?
Depending on what we want to accomplish, and the overall feel, we may be able to take advantage of some interesting plot opportunities- for instance- I m taking over the ATM machines, causing public havoc (by making some machines spit out money randomly , display porn, warn that the bank is bankrupt, etc., while turning the ATM s against the IBM mainframe transaction server in a DDoS attack, while my character personally makes money in a side-scheme.
Now, if we are all doing different things at the same time, FX s hacks against the financial network might just screw up my attack. Are we going to leverage that type of story line or not? I think that if we do the two chapter pre/post deal, then Ryan is going to have to have little chaplets in place from a first person Mr. Big perspective to let the reader know that the individual hacks have been planned as part of an overall strategy, and that The Plan is going as designed. If we do that, we all have to finish our chapters first, and then let Ryan bind singularity into composite, which may be tricky. Am I making any sense?
From: Andrew Williams Date: Mon Dec 15, 2003 2:13pm Subject: In the house
Hey Guys:
Sorry I ve been quiet on the list. It s taken me a week to figure out how to make the big Spider-Man 2 Ad on Yahoo go away to actually get to the posts ;)
Anyway, I m here. ”Best, Andrew
From: Blue Boar Date: Tue Dec 16, 2003 0:18am Subject: Your Assignment...
Ryan - Opening and closing chapter. I ll be describing our main antagonist (let s call him Bob Knuth for the moment) and his environment. I get to close the book, and probably will write that last chapter last.
Tim - ATM/Bank network job. Tim s character will pull of a hack that causes the ATM machines to spit cash at a predetermined time, while also DDoSing the network for the bank in question. He ll be describing trojaning Windows ATM machines. His character believes that this is about stealing cash. In reality, Knuth wants the network down at a particular time, and wants a scapegoat.
Joe - 1) Wardialing/owning the phone company. Knuth needs a few phone calls tapped here and there, a few lines dead, a few calls redirected, that sort of thing. Joe s character will probably be the one to stumble on the bigger picture by tapping a few extra things. 2) authentication devices/bluetooth? This chapter should include duplicating an authentication hardware device, maybe involving theft, pickpocketing, breaking and entering, or similar. Obviously, victim doesn t know his authentication device has been duped.
Fyodor - Network scanning/penetration via Internet. This will be a somewhat-standard break into a host across the ˜net type of deal, but I expect to see some slick and far- fetched scanning tricks. :) Fyodor s character s job will be to break into a list of hosts given to him by Knuth, and install a set of rootkits. He is to provide a network map and what kinds of network traffic can pass those networks. He should be somewhat puzzled (and perhaps annoyed) by the utilitarian job, where he is to break into just these boxes, install the software, document the access methods , and get out never to return.
FX - ?
Dan - Hey Dan, do you think you could write about proximity card hacks?
Jay - ?
Russ - WiFi hacking. I m especially interested in some clever antennae/repeater arrangements. I.e. Russ character ought to install a small mesh of nodes that allow any WiFi client in a large chunk of the city to access the victim network(s), meaning that it will be difficult to track the point of origination for the actual attack traffic, even if someone is aware that it exists. You can go expensive with Nuth supplying some high-end commerical repeaters and antennaes, or cheap with coffee cans and hacked XBoxs.
Paul - Money laundering/online banking. Paul s character is to set up accounts and identities that are to receive some money in the future. I d like to see a variety of methods for the laundering. I d be ok with more breadth than depth, if you like. Would you object to having your character killed ?
Charl, Haroon, Roelof (Sensepost) - Technical advisors - Hey, you guys interested in a little fictional publicity for your research/spider tool you showed off at Black Hat Vegas?
I need a writer capable of owning huge chunks of ISPs throughout the country. Maybe actually patching Cisco Router images. FX, I m looking at you. :) Acceptable?
I d also like to have some virus/worm authoring. I d like to have some black-bag job stuff in there, too. Casing someone s house, profilign their activities, breaking in, installing a keyboard sniffer (think defeating PGP), stealing files from the actual drive in question, maybe imaging the drive, etc..
And, of course, I need someone to make a big plot point out of the Nigerian scams. Stego would be an excellent reason.
-Tim s guy thinks he is getting cash (and he is). -I d like one of the characters to think the thing is some big joke, and doesn t take it seriously at first. Joe, this might work well with your switch hacker character. -Someone s character needs to be blackmailed into the job. Maybe Knuth arranges for a married guy to have a random affair, and then holds it over his head. -I d like to have someone s character have to be killed. The one that makes the most immediate sense is the money launderer, since he will know where the money is going. Other characters get wind of this.
So, here s what I need from everyone right now:
-Please confirm the scenario I have for you, if it s acceptable. If I ve left anything out, please let me know. For those who don t have an assignment yet, please pick your topic now. - Please let me know your character s name, if at all possible. If you worked on STN, you re welcome to use the same character again if you like. Place this book about a year after STN, i.e. roughly the present. -If you have an approximate plot, let us know (a few sentences is fine.) -In particular, when/if you need dialog from Knuth, either mark it in your work, or let me know, and we ll collaborate to get it done. (Note: everyone will probably think he has a different name, don t assume Knuth .) -Start writing! :)
Some of you will be happy with just being let loose to write, other might want some more structure out of me. I m happy to provide it as needed. Don t worry too much about tying into anything else. I will mostly redo my stuff to accommodate you, and will suggest specific changes to your stuff later if needed.
Finally, I m extremely open to suggestions, and am very likely to incorporate your ideas. I m just here to mostly pick one, and run with it. :) ”Ryan
From: Joe Grand Date: Tue Dec 16, 2003 1:43pm Subject: Re: Your Assignment...
Rad. That s some sexy shit. Comments/questions in line.
<Blue Boar> wrote: Joe - 1) Wardialing/owning the phone company. Knuth needs a few phone calls tapped here and there, a few lines dead, a few calls > redirected, that sort of thing. Joe s character will probably be the one to stumble on the bigger picture by tapping a few extra things. 2) authentication devices/bluetooth?
Would I be writing about both of these topics in the chapters? From what I thought, we d essentially be writing two chapters (that would be ONE big one broken into two like Christine mentioned). With two separate concepts like 1 and 2, that would end up being 4 chapters? Now I m confusing myself . Maybe I m making this more complicated than it is. If I wrote about both, would I still be using the same character?
<Blue Boar> wrote: I d like one of the characters to think the thing is some big joke, and doesn t take it seriously at first. Joe, this might work well > with your switch hacker character.
But the characters don t know about the big thing, right? Just their own parts ?
<Blue Boar> wrote: Please confirm the scenario I have for you, if it s acceptable. If I ve left anything out, please let me know. For those who don t have > an assignment yet, please pick your topic now.
The scenario works for me...
<Blue Boar> wrote: Please let me know your character s name, if at all possible. If you worked on STN, you re welcome to use the same character again if you like. Place this book about a year after STN, i.e. roughly the present.
Will we be writing the chapters all in the 3rd person? (e.g. Joe dialed into the switch and brought down the system) That seems to make sense, since if we all did 1st person (e.g., I dialed into the switch) it would be confusing as hell if someone was reading chapter to chapter. I ll have to think of a name for my dude.
<Blue Boar> wrote: Some of you will be happy with just being let loose to write, other might want some more sturcture out of me. I m happy to provide it as needed.
Does it matter how we start off the story or anything like that? Or will they really be disparate stories until they come together? Or am I starting the chapter with the reader already assuming that I have been assigned by Knuth to control the phone system? I obviously need some more structure before I start writing. ”Joe
From: Blue Boar Date: Tue Dec 16, 2003 2:31pm Subject: Re: Your Assignment...
OK, so I left some stuff out... thanks for catching it. Answers below.
<Joe Grand> wrote: Would I be writing about both of these topics in the chapters
It will necessarily be the same character, which I will explain in a sec. You can use either topic in either chapter, or just pick one (though I need the phone network 0wned, so I guess it would be that..) 2 chapters total. Basically, somewhere in the middle of the book, the big hack or portions of it happen, and one chapter is pre-hack, and the other is post. The post chapter should still contain a technical trick as part of the chapter.
Side note: I m not necessarily convinced that this is the best way to do this. I m worried that for some of us, all the fun will go into the first chapter, and the follow up chapter will be somewhat half-assed. I think it could work better to just have everyone do two separate chapters, and maybe have a few of us help finish the book, tie their characters into the last chapter for the finale. Christine?
<Joe Grand> wrote : But the characters don t know about the big thing, right? Just their own > parts?
I want our switch hacker to stumble onto a couple of the other hackers, and become an impromptu liaison between a couple of them. Perhaps he puts a call register on a couple of lines he suspects that Knuth is using.
<Joe Grand> wrote: Will we be writing the chapters all in the 3rd person? I ll have to think of a name for my dude.
Let me know when you have a name. I m good with people using whatever person they feel comfortable with. We had a mix (though, largely first person, IIRC) in STN, and I don t think there was any confusion. I m going to try to do Knuth in the 3rd person (probably narrative), for effect. I suspect it will work best for most of you to do 1st person/narrative.
<Joe Grand> wrote: Does it matter how we start off the story or anything like that? Or will they really be disparate stories until they come together?
Plan on writing a standalone chapter, though obviously each character has gotten a job from this weird guy... You can minimize that, if you like (well, you in general for those on the list, Joe, your character is a bit more involved than most.) For example, if you want, your character can just state at the beginning somewhere that this guy wants to actually pay me... and finish with ..and I turned over the data, and the cash showed up in my PayPal account . Or, I suspect some of you will want to have some interaction, which is perfectly fine, too.
<Joe Grand> wrote: Or am I starting > the chapter with the reader already assuming that I have been assigned by Knuth to control the phone system?
No, the reader won t know ahead of time that character named Joe is expected to pull of hack X. The characters need to introduce themselves, and make it clear what they are up to. Keep in mind that you re doing a short story; think that a reader may read your chapter, and nothing else. There will obviously be some question about this mysterious Knuth guy, but that s OK. If they are really curious , they can read the backstory .
Another way to put it is that I m not planning to have Knuth spreading his models over a map of Africa, explaining to henchmen each step of the plan and who is going to pull it off. Rather, I m going to have explanations about what kinds of control one will have to have to pull of a heist like this, and get away with it. I may go back later and add his half of conversations in my chapter where appropriate. I will make reference to hacks and characters we don t necessarily ever flesh out in the book.
Think in terms of a narrator saying ...you d have to have complete control over someone s phone calls... be able to listen in, be able to keep their phone from ringing. Followed by a snippet of conversation with Joe , maybe without naming Joe by name. Knuth thinks of these people as dangerous headcount to be used and discarded, and watched carefully . He doesn t care about Joe except for the fact that Joe is the right combination of talent and situation to accomplish his goal. Apologies for not explaining myself better. I m sure I ve still left out things I should be telling you guys, please keep the questions coming. ”Ryan
From: Andrew Williams Date: Tue Dec 16, 2003 4:09pm Subject: Re: Your Assignment...
<Blue Boar> wrote: Side note: I m not necessarily convinced that this is the best way do this
I definitely do NOT want to impose an arbitrary structure (i.e. a pre- and post-hack chapter) if that just doesn t work. The book needs to make sense, and all the chapters need to be interesting with lots of good technical info . If the pre- and post-hack chapters is going to result in half of the chapters being kind of fluff, then we shouldn t do it that way.
<Blue Boar> wrote: We had a mix (though, largely first person, IIRC) in STN, and I don t think there was any confusion.
I think that Joe is right on this point, and we need to do the whole book in the 3d person. The varying voices (like those in my head) worked on STN, because the stories did not tie together at all. On this book, I think we need consistency on 3d person throughout. Is everyone ok with that?
<Blue Boar> wrote: I suspect it will work best for most of you to do 1st person/narrative.
Ryan, I was thinking 1st person as well, before Joe made his point. I do think people reading the chapters start to finish will get confused by multiple first-person authors. ”Best, Andrew
From: Fyodor Date: Tue Dec 16, 2003 5:02pm Subject: Re: Your Assignment...
<Blue Boar> wrote: Please confirm the scenario I have for you, if it s acceptable. If I ve left anything out, please let me know.
Mine sounds great. Thanks for sending all of this out.
<Blue Boar> wrote Please let me know your character s name, if at all possible.
Felix should be fine for now.
<Blue Boar> wrote I will mostly redo my stuff to accommodate you, and will suggest specific changes to your stuff later if needed.
I think it would be very valuable to have a rough high-level summary (maybe a few pages) of the book plot. I can easily make things up as I go, but they aren t likely to tie well into the overall plot. I worry that it you try to join a dozen disjointed chapters into a coherent conclusion it will sound silly and contrived. It is true that we can write generic chapters and then go back and jury-rig certain plot elements later, but other issues aren t easily changed. For example, you say my character takes a list of hosts given to him by Knuth and breaks into them as well as providing a network map and what kinds of network traffic can pass those networks. For this, it is important that I know roughly what types of networks the hosts reside on. The network map and likely vulnerabilities of a bank will vary substantially from a government or (especially) educational institution. Is this list all banks? A mix of banking/government/military? ISPs for traffic sniffing purposes? A list of machines with no obvious connection between them? Presumably another character or the big boss is going to use these compromised machines in some way later, and so the machines rooted needs to match up with those needed later.
I am happy to fill in details, but can t really do so without a higher level understanding of how my character fits into the whole. And I really do feel that my chapters will come out better if written to a purpose rather than being kept so generic that they can be radically repurposed later.
Once people confirm their assignments and such, are you planning to send a rough plot outline so that we understand how our contributions fit in? We may have suggestions for improvement. It is better to make such changes now when they don t involve rewriting chapters. ”Thanks, Fyodor
From: Andrew Williams Date: Wed Dec 17, 2003 2:36pm Subject: Re: STN re-use?
<Joe Grand> wrote: There is some of the cellular phone system stuff from STN I d like to use in STC. Is that OK to do?
I definitely encourage everyone to use/re-use content, characters, etc from STN in their new chapters. In terms of re-using content, this could obviously make the writing easier. But maybe more importantly, I think this is a good sales/marketing hook. As I think everyone who worked on STN knows, that book doesn t just have readers, it has fans. Those are the people who get it. People will think it s cool if we pick up and expand on things from the first book. This will serve to strengthen the grass roots movement for the books. On a similar topic, I know readers also really like the references to real people in the stories. I think these references as well strengthen people s interest in the books. I think by having common characters from book to book interwoven w/ real people, the books will really develop a following.
<Joe Grand> wrote: BTW, my character s name is Don Crotcho, but people call him The Don.
Can t we have people refer to him as The Crotch? ;) ”Best, A
From: Russ Rogers Date: Wed Dec 17, 2003 8:35pm Subject: Re: Your Assignment...
Tim and I were talking about this in Singapore and I was curious about whether it might be useful to use small 1-3 page chap-lets in between the major chapters. This is what they used in The Da Vinci Code to tie the different pieces of the plot together. It might make it easier to control the entire story and also give you a place for damage control . Ya know? ”-Russ
From: Blue Boar Date: Wed Dec 17, 2003 8:59pm Subject: Re: Your Assignment...
I do. Actually, I ve been wondering about that. I don t think I will know for sure until I have two chapter to put something between. Might be a good way to advance the story... ”Ryan
From: Andrew Williams Date: Thu Dec 18, 2003 11:54am Subject: Re: Your Assignment...
I think this is a REALLY GOOD idea. It will definitely help advance/tie the stories together. And, written from Knuth s perspective will also help give him more of the puppet master s role. Not to get into the whole 1st vs. 3d person conversation again, but I think it would make sense to have the chapters written by Knuth in the 1st person. ”A
From: charl van der walt Date: Mon Dec 22, 2003 8:17am Subject: RE: Your Assignment...
Hey All,
<Blue Boar> wrote: Someone s character needs to be blackmailed into the job
Something to bear in mind here is the degree of political violence one sees in Africa. It s not uncommon for one s political opponent to disappear in the middle of the night, and there doesn t have to be anything ˜mysterious about it. Another to be aware of is what we broadly refer to as ˜croney-ism . Basically that families, tribes (especially) and old comrades will stick up for each, probably for their entire lives. Finally, marital fidelity is not necessarily big and its common for a man to have many wives and then a girlfriend or two on the side. So, if you re looking to have someone blackmailed, then an ˜affair is probably not gonna carry much weight. More likely is that a son or a daughter is kidnapped and threatened with death. Or that he himself is threatened with violence. ”Charl
From: Russ Rogers Date: Wed Dec 24, 2003 10:20am Subject: Re: Your Assignment...
<Blue Boar> wrote: And, of course, I need someone to make a big plot point out of the Nigerian scams. Stego would be an excellent reason.
What are you wanting to get at here? It might make sense for Knuth to have some misc hacker create a secure tool similar to Spam Mimic to create these Nigerian emails.
You could also have sensitive information from each hacker sent to you via encrypted stego on ebay. As an example, if Fyodor needs to get you new information, you two have a standard pickup schedule each day where you check a particular auction on ebay. That auction has an image of the item being sold, but unbeknownst to the public, that image changes from 10pm-11pm EST once a day when Knuth can grab the image and remove the encrypted/stego d data he needs. At 11:01pm the image reverts back to the non-stego variety. No one else has a clue. Just an idea. ”-Russ
From: Andrew Williams Date: Wed Dec 24, 2003 0:25pm Subject: couple things
Hey Guys:
Just wanted to follow up/confirm the conversation about everyone writing one chapter instead of two. I think we ll get overall much better chapters this way, and we might actually keep the schedule ;) Also, as some of you know we ve been talking w/ Brian Hatch (author of Hacking Linux Exposed, among many other accomplishments) about joining the STC team. Brian is now officially singed on! ”Best, A
From: Blue Boar Date: Wed Dec 31, 2003 1:31pm Subject: Assignment updates
OK, biggest changes:
You should have been contacted by now regarding how many chapters you are responsible for. For most of you, it s now a single chapter. This was done to address the (very valid) concern that an opener and closer chapter would be very forced. Also, we don t want to put to much work on people who don t have a really easy time with writing, and because we have a couple of new authors, and we ll have enough chapters with them on board.
I ll be writing the first and last chapters, plus an interlude between most, if not all, of your chapters. I.e. a setup, or advancing the story/timeline. I imagine it will be a couple of pages between chapters, or as an intro to each chapter. Syngress will worry about the format.
Knuth will be written first-person, and the rest of you will do third person.
I don t know if there was a formal announcement before, but Roelof has volunteered himself to do at least a short chapter (in addition to technical advising , you re not getting off that easy), and we ve added Brian Hatch of Hacking Linux Exposed fame. Your Subject matter is the same if you have an assignment already. I need to nail down topics for Brian, Jay, and Roelof. FX, are you still around?
I ll put together a permanent outline in the next couple of days, and have it where people can refer to it. I need to pick an order, etc... Several of you have indicated that you need some more structure around what you are writing before you can start. I m planning the new structure will help with that, plus I m hoping to put the majority of the glue work on myself. However, that doesn t totally negate the need, I imagine. I think the real outline will address that. Happy New Year. ”BB
From: Thor Date: Wed Dec 31, 2003 4:24pm Subject: Re: Assignment updates
I m good to go, other than the discussion of one of us getting whacked in the end (don t get excited, Ryan- I mean murdered. ) Since my guy is actually running a side scam to make money thinking the Boss does not know about it, I m probably a good candidate. Where would this take place? In my chapter, or yours? I wouldn t mind writing about my own slow and agonizing death ” in fact, in a sick way, it would be kind of fun. I could make the ear & gasoline scene in Reservoir Dogs look like Charlie Brown s Thanksgiving dinner.
But, what may be even cooler is to have the Boss hire one of the other hacks to kill me via a hack- like have me beat up, and while I m in the hospital, Russ could hop on the wifi and remove the notes about my character being allergic to Morphine resulting in a convulsion-racked, vomit-frothing death. Yummy! Thoughts? ”t
From: Jay Beale Date: Wed Dec 31, 2003 4:39pm Subject: Re: Assignment updates
I like this idea, except that I worry about being alarmist. Then again, it s not like that kind of attack isn t realistic, though rare. ” Jay
From: Joe Grand Date: Wed Dec 31, 2003 4:44pm Subject: Re: Assignment updates
Mmmm.. Ears and gasoline.. ”JOE
From: Blue Boar Date: Wed Dec 31, 2003 4:43pm Subject: Re: Assignment updates
I m not particular about whose character gets it. I certainly think you d do a good job of it, especially if you re into it. It should be done in your chapter, to give it the proper treatment. Your guy would eventually get a hint of what Knuth is really up to, and realize he s being set up. He confronts Knuth, and signs his death warrant . It s a good idea, as long as we don t look like we re copying The Net verbatim. How about Knuth orders a thug to bleed him , and then has his bloodtype changed in the records? I m told that the bloodtype change has actually been attempted before in real life, might be a nice tie in. ”BB
From: Blue Boar Date: Wed Dec 31, 2003 4:47pm Subject: Re: Assignment updates
<Jay Beale> wrote: I worry about being alarmist
Did you ever get a chance to read the first one? If not, Andrew, please get this man a copy.
One of the things that surprised me about the first one is that a majority of the reviews said the book was completely scary. I can t recall if you were around for some of the earliest discussions, but we decided to kinda go with the techno horror and see what happened (along with having a cohesive backstory.) So, Tim s description isn t completely off base. ”BB
From: Thor Date: Wed Dec 31, 2003 5:14pm Subject: Re: Assignment updates
<Blue Boar> wrote: It s a good idea, as long as we don t look like we re copying The Net verbatim.
I didn t know The Net had that content ” I don t think I made it that far through the movie. I have a high tolerance for pain, but The Net was just too much...
I like the blood type thing ” I just thought of a great way to end the chapter, with my guy dying ” something like my guy overhearing the ER doctor saying to the nurse he s lost alot of blood- we need 4 pints of type ˜O before we loose him! ... Thinking, did he say O? half-dead, he manages to whisper B postive to the nurse, who replies That s the sprit sir... don t worry, you re in good hands... I ll take the death!! ”t
From: Joe Grand Date: Wed Dec 31, 2003 5:40pm Subject: Re: Assignment updates
YEAH! That is pure genius! ”Joe
From: Thor Date: Fri Jan 2, 2004 1:47am Subject: Re: Assignment updates
<Elvis> Thank yuh. Thank yuh vury muuch... ;) </Elvis>
Hey Russ, is it OK with you if your character is the one that changes my admission records? I don t think I ll even explain how you do it; I ll let your chapter s content play to the assumption that you just jumped in. Cool wid you? [kinda weird for me to ask permission of you to kill me, eh?] ”t
From: Russ Rogers Date: Fri Jan 2, 2004 9:37pm Subject: Re: Assignment updates
Absolutely, dude. I m there for ya...
From: Thor Date: Fri Jan 2, 2004 2:50am Subject: SNA
Anyone on the list familiar enough with the SNA protocol and associated security issues to where you would consider yourself fluent? Please let met know if so... Off line is fine as well. ”t
From: Blue Boar Date: Thu Jan 22, 2004 2:03pm Subject: Still here
Sorry for being so quiet, I know a couple of you are waiting to hear from me.
I will have the outline done late this evening. I believe I have an agreed topic for everyone except FX. I have character names from a couple of you. If the rest of you happen to have thought up a name, drop me a note, and I ll incorporate it into the outline (the name isn t critical at this point, just a way to refer to characters, it can be added later.) ”Ryan
From: Russ Rogers Date: Thu Jan 22, 2004 2:03pm Subject: RE: Still here
I m using an inner city kid, named Saul to off Tim s character and carry out the wireless hacks. ”-Russ
From: Joe Grand Date: Thu Jan 22, 2004 2:15pm Subject: RE: Still here
I had my whole chapter done, but then my dog ate it. I ll start again. ”Joe
From: Blue Boar Date: Thu Jan 22, 2004 2:15pm Subject: Re: Still here
Bad dog! Seriously? Or are you making fun of how late I am? :) ˜Cause I ve had that happen to an author, his hard drive ate his chapter, and he had to start over. It s sooooo not funny . :) ”Ryan
From: Joe Grand Date: Thu Jan 22, 2004 2:32pm Subject: Re: Still here
No, I was just trying to be funny or something. I didn t start :)
I m so brain dead from finishing the Hardware Hacking book and a ridiculous 25-page technical paper on Secure Hardware (written in 3 days straight) that I couldn t possibly imagine doing any more writing (for a few days). Luckily, fiction writing is much more fun. ”JOE
From: Andrew Williams Date: Thu Jan 22, 2004 4:52pm Subject: Re: Still here
A BIG TIME CONTRATULATIONS to Joe and Ryan for finishing the Hardware Hacking book! It really came out GREAT. We are releasing it next week at Black Hat, and it will be out immediately after BH in all the normal channels. ”A
From: Blue Boar Date: Fri Jan 23, 2004 1:51am Subject: Outline, draft 1
Here s what I have so far, I intend to keep the document updated to reflect changes as they happen. It s not totally done, but helps me pin down which of you I need to have some more discussions with. The ones who have the most filled-out sections are the ones who I ve discussed this with the most so far. You ll recognize bits of email conversations, and that because I tried to collect all the communications for each of you so far, and include the relevant bits and answer outstanding questions.
It s a good exercise, because I realize for several of you, I didn t have a good idea of what your character was doing to advance the story, even when we had a technology chosen . I think that s what you guys were trying to tell me. Again, it s not done, but I have a point to work from now. Please take a look at your section at least, and let me know what I ve got wrong or right.
Paul, I think we re good, I just haven t parsed your stuff into a useful form yet, will have that done tomorrow night.
Dan, FX, Brian: We haven t finalized a character, technology, or plot yet. I m pretty flexible. I tend to suggest things that I think you guys know cold, in order to make the writing less a chore. But no, FX you don t have to do routers again. :)
Jay: I ve got a very brief suggestion in there for a plot for you, let me know what you think.
Everyone else *appears* to be in decent shape, from my point of view. What else would be useful to get you going? My next task (after at least one more round on the outline tomorrow night) is to write my chapter 1, which I think will help inspire people. I think I probably should have done that much earlier in the process. ”Ryan
From: Joe Grand Date: Fri Jan 23, 2004 11:55am Subject: Re: Outline, draft 1
The outline looks sweet. I m psyched to get started on it.
A lot of the phone system info I have is fairly old (COSMOS, Sys/75, 1A, 5ESS, etc.) - how will that affect the story as far as having real technology components ? Obviously, the wardialing parts will still be relevant (and maybe owning some VMBs for fun along the way), but do you think people will be critical saying That s lame - no one uses Crossbar anymore or whatever. Then again, if we re targeting a fictional Africa, it is likely that they would be using older switching equipment anyway. Thoughts? Also, what is the new schedule is for the book? When should we have drafts done? When should the chapters be totally completed, etc.? This will help me (and others, I m sure) plan better.. Rock on, ”Joe
From: Andrew Williams Date: Fri Jan 23, 2004 1:00pm Subject: Schedule
Hey guys:
Good question on the schedule, Joe. I know most of you had initial submission dates on 1/15, and at this point some folks are much further ahead than others. The book is cataloged as an April pub., which I d still like to hit. It would be great if those who have more done to this point could start making deliveries by 2/6. And, for those who have not really been able to get started yet, push out the 1/15 date a month to 2/15. I know that sill might be tight for some of you, so make the final, final, final, final, final date 2/20, which would give you almost a full month from now.
That would give Ryan a jump start on tech editing some of the earlier submissions, and then try to keep pace as chapters com in from 2/6 through 2/20. If we can hit those submission dates, then shoot for Ryan/Christine returning chapters for author revision 2/9 through 2/23. Then, get author revisions back to Syngress by 2/15 through 3/1. Then, spend 3/1- 3/8 making a last round of tech edits/au revs as necessary. As chapters that are farther along are finalized by Ryan/author, we would begin final copy editing, etc. on those. That would give us almost all of March for copy editing, page formatting, etc. to send the book to the printer by the end of March, which would hold an April pub date. Thoughts? ”Best, A
From: Blue Boar Date: Fri Jan 23, 2004 1:06pm Subject: Re: Outline, draft 1
<Joe Grand> wrote: Then again, if we re targeting a fictional Africa, it is likely that they would be using older switching equipment anyway. Thoughts?
Ah, I meant to cover that point in the outline, thanks for catching.
Knuth is originally in the US, and the various hackers are wherever they are, so you will have an opportunity to talk about switches of all types, I think. The lines that Knuth needs cut on 0day will be in Africa. I d like to see you have The Don express some excitement about being able to play with the old school stuff when he gets to those.
Of course, I m making assumptions about what the phone equipment in Africa looks like, and I don t actually know. I m hoping the Sensepost guys will chime in a bit on that.
<Joe Grand> wrote: Also, what is the new schedule is for the book?
Also a great question, that I don t know the answer two. Andrew or Christine? ”Ryan
From: Roelof Temmingh Date: Sat Jan 24, 2004 5:19pm Subject: Telecom in Africa, a question and nailing Knuth
<Blue Boar> wrote: I m hoping the Sensepost guys will chime in a bit on that.
It really depends where in Africa you go. Some countries have state of the art communication systems - sponsored by some US/European company (where they need to make a deal with the government - e.g. telecomms for oil), some have just about nothing, and anything in between. If you want to be precise you need to specify which country. Keep in mind - South Africa is prolly the financial giant of Africa - and because we are based here we could give very precise information on the technology used. I have read the outline .. some questions ( mainly to Ryan/Andrew)... a) How much more stuff do you need from me regarding my chapter? I ll be happy to flesh stuff out some more - just need to know.
b) I had this idea to frame Knuth at the end .. basically goes like this:
1) Don Crotcho (Joe s character) get some pieces of information (e.g. bits and pieces of Knuth s phone number(s)) 2) He also get hold of a few characters 3) After explaining that ppl died - bad shit happened etc, the characters decide to strike back at Knuth 4) Idea is to pull a massive wide-scale world wide hack (read 0day combined with worm, combined with DOS) and cause intentional slip ups that would point to Knuth 5) They piece together Knuth s identify (either hacking NORA - Google for NORA relationships if you didn t see the talk at Vegas 2003 - or by using their own homegrown DB (made up from the databases they ripped off over the years, all put together) 6) Was thinking this final hack can bring together the skills of everyone .. as follows (does not mean more writing - just (ab)use of your character):
Joe - hunting everyone down and bringing them together (as well as creating fake phone records for Knuth)
FX & Fyodor & Jay (0day (or almost 0day) for various OSes - Win/Lin/Mac/Cisco DOS?))
Me - targeting of systems/footprinting (over internet). This is basically the tool we showed at BH Vegas 2003.
Paul - Pinning it on Knuth (e.g fake AV company registered in Knuth s name ??)
Russ - delivery - e.g. it appears to originate from a Wifi node (linked to Knuth somehow)
Dunno what the other guys are writing about but I am sure we ll fit it in somewhere.
Ideas come from www.sensepost.com/misc/bh2003lv.doc (CyberTerrorism talk at BlackHat Vegas) and www.sensepost.com/misc/firstottowa.doc (FIRST paper in Ottowa). If you read these you ll get a good understanding of what I have in mind.
I think the chapter needn t go into all the details - it could kinda leave a lot to the imagination of the reader..a lot can be implied . The bottom line thus is that Knuth gets nailed for creating this killer worm and trying to make money by selling the AV..which of course he never did. When the FBI (or choose a 3 letter agency) starts investigating mr Knuth they find all the other shit he has been keeping himself busy with...except for the records of his interaction with the team (which they wiped). He gets to spend life in jail with Bhubba..:))
Well..its an idea..comments more than welcome. BTW - this does not mean I am putting my hand up to write it.. :)
my 2c - Ryan/Andrew - your call in the end.. ”Roelof
From: Joe Grand Date: Sun Jan 25, 2004 3:54pm Subject: Re: Telecom in Africa, a question and nailing Knuth
That s good to know. So, maybe I can use the more current cellphone system information I have (from STN) for the modernized South Africa section, and then target some not-so-industrialized areas that would use the older landline systems that I could write about. Both systems would be found through wardialing,:)00Joe
From: Roelof Temmingh Date: Sun Jan 25, 2004 5:07pm Subject: Re: Telecom in Africa, a question and nailing Knuth
Joe -
Do you want to go at the service provider level..eg. AT&T, or more at a client s (bank I would think) infrastructure - e.g. their switchboard/PABX? Should we take this off-list?
Roelof.
From: Joe Grand Date: Sun Jan 25, 2004 5:49pm Subject: Re: Telecom in Africa, a question and nailing Knuth
Hmm. I was thinking phone company level, but PBX would also work (in which case we could just do a System/75 or System/85 type thing).
Phone company level seems a little bit sexier, but less useful in the case of someone -learning- something from the chapter (e.g., PBXs are more relevant and more controllable for corporate security people compared to the major phone switches). But, from what I understand, Knuth is giving me names of people/phone numbers I need to target, and I m not necessarily sure they are going to all be within one particular organization. And, there is something WAY cooler about owning an entire switch, not just a measly PBX in some bank. Ryan, any thoughts? ”Joe
From: Andrew Williams Date: Mon Jan 26, 2004 3:09pm Subject: 15 Minutes of fame ;)
Hey Guys:
Wanted to let you all know that Joe, Ryan, and Kevin Mitnick will be doing a book signing this week at Black Hat for Hardware Hacking: Have Fun while Voiding your Warranty. The signing is Thursday night at the reception . It will be similar to the one we did in Vegas last year for STN. The Vegas signing was a lot of fun, so hopefully everyone will stop by. Make sure to tell your friends and help spread the gospel!
Looking forward to seeing those who are going to be in Seattle this week. ”Best, A
From: Christine Kloiber Date: Fri Feb 6, 2004 3:08pm Subject: Feb. 6th - time for chapters to start appearing
Hey Guys,
It s that time. February 6th has arrived, and we re now officially looking for submissions. We know some of you are a little more ahead than others, but now s the time to start finishing up what you have, or start moving on what you don t. A gold star and STC MVP goes out to the first one who hands in their chapter. ”Best, Christine
From: Thor Date: Fri Feb 6, 2004 4:20pm Subject: Re: Feb. 6th - time for chapters to start appearing
I submit! Do I win now? t
From: Christine Kloiber Date: Mon Feb 16, 2004 10:04am Subject: We re ready to read your chapters now
Hey Guys,
Second call for papers. After the first request for chapters, I was sad to hear that half of you had hungry dogs that ate your homework! But, now I m sure you ve all been able to keep your beautiful chapters away from Fido, and they re just waiting to be submitted to the wonderful people at Syngress who are eagerly anticipating them.... ”Best, Christine
From: Thor Date: Mon Feb 16, 2004 10:29pm Subject: Re: We re ready to read your chapters now
Ate it? I *wish* mine only ate it. Seeing as how my dog is a Sony Aibo ERS7 advanced robot dog with built-in wireless, the damn launched a full-blown DoS attack against my wireless network. I couldn t get any work done at all until I renewed its subscription to Naughty Lassie. Now I know why Lassie and Timmy had that special bond. ”t
From: Russ Rogers Date: Mon Feb 16, 2004 10:25pm Subject: RE: We re ready to read your chapters now
You ve been working on that damn response all day, haven t you!?!?! Hahah ”Russ
From: Thor Date: Tue Feb 17, 2004 0:29am Subject: Re: We re ready to read your chapters now
<Tim puckers up for Syngress> Why, uh, No! How could I have been working on that response when I ve been working on my chapter??!!? </Tim puckers up for Syngress>
Oh, and I m not talking to you. You are going to kill me, and that is just rude. ”t
From: Blue Boar Date: Thu Feb 19, 2004 1:04pm Subject: 0-day
Joe asked a good question... what should he down about the timeline? I was thinking April 15, 2004 as 0-day . Any objections, or different ideas? Anyone else hurting for dates to use? ”Ryan
From: Joe Grand Date: Thu Feb 19, 2004 1:19pm Subject: Re: 0-day
Tax day. MMMmmm. That works fine for me. If anyone happens to have any 5ESS switch logs I could add into the chapter for some color , please let me know :) I only have a few.. ”Joe
From: FX Date: Thu Feb 19, 2004 1:16pm Subject: Re: 0-day
What about the 29th of Feb? It s quite nice because of all those systems unable to deal with it ;) ”FX
From: Blue Boar Date: Thu Feb 19, 2004 1:32pm Subject: Re: 0-day
Hmm... that could be nice, too. :) My thought about April 15 was that US authorities would be (somewhat) busy that day. (That s US tax collection deadline day in the US, if you didn t pick up on that.) Any other votes one way or another? ”Ryan
From: Joe Grand Date: Thu Feb 19, 2004 1:41pm Subject: Re: 0-day
It is sort of funny that we get February 29 this year. We might want to take advantage of that. But, it all depends on Knuth s goals. If they are financial, and involve anything in the US, it might be good to do April. Either way, someone make a choice so I can mock up this drawing for the book! :) ”JOE
From: Thor Date: Thu Feb 19, 2004 2:24pm Subject: Re: 0-day
I actually had access to a 5ESS but the Feds shut that down. I always liked the DMS100 better anyway.. easier to remotely configure ISDN D channels to take advantage of those special provisioning options... Of course the 5ESS did handle multiple ISDN channels in T1 s better... but I digress.
From: Thor Date: Thu Feb 19, 2004 2:29pm Subject: Re: 0-day
Only the post office will be busy... Besides, not enough people will have the book by then, and they will be reading in the past. How about September 12th? Most people will automatically think day after 9/1l but we are talking about Africa here ” ya know, Biko and the cops beating him to death and all ... ”t
From: Andrew Williams Date: Thu Feb 19, 2004 2:32pm Subject: RE: 0-day
.....It was business as usual, in police room 619...
From: Blue Boar Date: Thu Feb 19, 2004 2:40pm Subject: Re: 0-day
<Thor> wrote: Only the post office will be busy...
Not entirely true. Civil servants have to file, too. There s a (very minor) suspension of general activity all over. Police are tied up directing traffic in some places.
Keep in mind that it s mostly financial institutions that we re talking about though... my thought was that accountants might have their minds on other things on April 15th.
<Thor> wrote: Besides, not enough people will have > the book by then, and they will be reading in the past.
So you think it would be better if people could look forward to the upcoming date, kinda like people celebrating the date that Skynet was supposed to kick in, HAL was born, etc?
<Thor> wrote: How about September 12th?
Meh. ”Ryan
From: Andrew Williams Date: Thu Feb 19, 2004 2:50pm Subject: RE: 0-day
I d vote to use April 15 as the date. I think the notion of federal authorities being somewhat preoccupied on that date is reasonable. And, it s a date that will resonate w/ a lot of readers. It also makes for a good hook for any media-types who are writing reviews of the book.... April 15, a day that most of us dread blah blah blah ”A
From: Thor Date: Thu Feb 19, 2004 2:56pm Subject: Re: 0-day
ooo! That sounds exciting... Let s do it on April 15th to take advantage of the fact that police are directing traffic and civil servants are under an increased burden even though it is in another country. Meh back atcha! ”t
From: Joe Grand Date: Thu Feb 19, 2004 3:06pm Subject: Re: 0-day
HAHA! Someone pick a damn date! Joe ”PS - Meh.
From: Thor Date: Thu Feb 19, 2004 3:02pm Subject: Re: 0-day
I m confused (not that that is something new...) Does this not take place on another continent? I ve been going under the assumption that my character is actually in South Africa during this time.. What difference does it make having a date with significance only in the US? ”t
From: Russ Rogers Date: Thu Feb 19, 2004 3:00pm Subject: RE: 0-day
I know my character is in South Africa.... In a larger city atmosphere....So shouldn t we use a date that symbolizes a HUGE holiday or event in Africa?
From: Joe Grand Date: Thu Feb 19, 2004 3:10pm Subject: Re: 0-day
I assume you are correct. My character is in Iceland, but is working with phone numbers in Mauritius and Egypt. ”JOE
From: Andrew Williams <andrew@syngress.com> Date: Thu Feb 19, 2004 3:02pm Subject: RE: 0-day
My birthday is July 28...I always kinda liked that date ;) Maybe charl, Roelof, or Haroon could suggest a date that would have some significance in Africa? ”A
From: Russ Rogers Date: Thu Feb 19, 2004 3:07pm Subject: RE: 0-day
Hey, I know... Let s celebrate your birthday by having a HUGE security conference in Las Vegas this year! Hahaha ”-Russ
From: Thor Date: Thu Feb 19, 2004 3:12pm Subject: Re: 0-day
Exactly- hence Sep 12th or something like that. Maybe our South African contributors can suggest something! Since we all have to be finished in 2 days, it might be nice to get some of these little details hammered out. he- I said hammered. t
From: Thor Date: Thu Feb 19, 2004 3:13pm Subject: Re: 0-day
<Andrew Williams> wrote: My birthday is July 28
Ah... A Cancer. That explains alot, you know.
From: Andrew Williams Date: Thu Feb 19, 2004 3:18pm Subject: RE: 0-day
Dude, July 28 makes me a Leo. I thought you d know that stuff cold!
I say we go w/ Sep 12 (I know, I know 5 minutes ago I advocated for April 15, but whaddaya gonna do?). Again, it makes sense. Plus, a good decision today is better than a great decision tomorrow. ”Andrew
From: Russ Rogers Date: Thu Feb 19, 2004 3:18pm Subject: RE: 0-day
<Thor> wrote: Ah... A Cancer. That explains alot, you know.
This coming from a guy who dresses like Captain Morgan? :-P
From: Joe Grand Date: Thu Feb 19, 2004 3:29pm Subject: Re: 0-day
I thought he was dressing like a fortune teller?
From: Joe Grand Date: Thu Feb 19, 2004 3:30pm Subject: Re: 0-day
<Andrew Williams> wrote: I say we go w/ Sep 12
OK. Good. Done. Time to create this handcrafted artifact for the book. If it changes again, I will blame Andrew. :P ”JOE
From: Joe Grand Date: Thu Feb 19, 2004 3:36pm Subject: Re: 0-day
Ryan,
You also mentioned a range of times for the action to go down. Specifically:
The final job is simply disabling a list of lines of varying type on switch in Africa. Just for an exact period of a couple of hours on an exact date, timezone specified very carefully in the instructions. I will list three phone numbers, unless you have something else in mind. What do you propose? ”Joe
From: Andrew Williams Date: Thu Feb 19, 2004 3:29pm Subject: RE: 0-day
<Joe Grand> wrote: If it changes again, I will blame Andrew.
That s ok. I m used to it ;)
From: Blue Boar Date: Thu Feb 19, 2004 4:26pm Subject: Re: 0-day
<Joe Grand> wrote: You also mentioned a range of times for the action to go down. Specifically :
Yup
<Joe Grand> wrote: Just for an exact period of a couple of hours on an exact date, timezone specified very carefully in the instructions.
Yes, the date is September 12th, 2004. You can pick the 3- hour window and timezone. It s not trying in precisely with a paragraph in someone else s chapter, or anything like that.
<Joe Grand> wrote : I will list three phone numbers, unless you have something else in mind. > > What do you propose?
How about 2 phone numbers, and a 56K line ID, or a SPID? (i.e. the kind of leased-line a small bank branch might have.) ”Ryan
From: Andrew Williams Date: Thu Feb 19, 2004 5:47pm Subject: new member of the STC family....
Howdy all:
Well after a rousing day on the STC list, I don t know if you can take any more excitement, but it s time to welcome a new member to the STC family. Kevin Mitnick is joining the list and he will be serving as a technical reviewer on the book. He ll also be contributing his expertise on astrology, fashion, rum, and prostitutes! ”A
From: Russ Rogers Date: Thu Feb 19, 2004 6:07pm Subject: RE: new member of the STC family....
Ahhh, so we now have an expert on hand (about astrology, fashion, rum and prostitutes, that is). :-) Hi Kevin! ”-Russ
From: Joe Grand Date: Thu Feb 19, 2004 6:54pm Subject: Re: 0-day
<Blue Boar> wrote: Yes, the date is September 12th, 2004 .
Oh crap. September 12 is a Sunday. I hope that doesn t ruin your business plans, but most banks are closed on Sunday, last time I checked.
<Blue Boar> wrote: How about 2 phone numbers, and a 56K line ID, or a SPID? (i.e. the kind of leased-line a small bank branch might have.)
Sounds good to me. I assume disabling all those lines will technically be the same, but I ll read the 5E manuals again :) ”Joe
From: Fyodor Date: Thu Feb 19, 2004 8:51pm Subject: Minor concern: Knuth?!
I don t want to sound overly concerned with political correctness, but is it really a good idea to have our criminal mastermind be Bob Knuth ? That sounds disturbingly similar to the famous computer scientist, author, and Stanford professor Don Knuth . Perhaps this is intentional, because Knuth is certainly a genius. But I don t think anyone remotely associates him with criminal or even gray hat activity. The guy spent decades studying fonts, typesetting and writing seminal theoretical CS books that most of us probably keep on our shelves next to Stevens! I cringe whenever I read the name in the outline, just as I would if you had called the mastermind Bill Stallman or Leonard Torvalds .
Knuth may conjure the image of a brilliant but innocent and distinguished older gentleman in the audience, making it hard to associate evil with the main Character. And even disregarding the risk of offending/confusing the audience, there is the risk of offending Don Knuth. If he was to disparage the book on Amazon.Com or in a news article, that would not be good publicity. If you must name the main guy after someone real, I would suggest Darl McBride, except that he has the opposite problem. Everyone knows Darl is evil, but would never believe he is smart :). You could use a famous hacker (Mitnick, Paulsen, Mudge, etc.) but I m not sure that is a good idea either.
Why not just give the mastermind a handle (or more than one)? That would fit in more with traditional (and media) portrayals of hacker culture, and would give us sub-characters something to refer to him as, since we surely won t know his real name. ”Cheers, -F
From: Thor Date: Thu Feb 19, 2004 8:54pm Subject: Re: 0-day
Just to be pedantic, a SPID would not be a leased line, it would be a switched ISDN B channel, right? :-p ”t
From: Blue Date: Thu Feb 19, 2004 9:07pm Subject: Re: 0-day
<Thor> wrote: Just to be pedantic, a SPID would not be a leased line, it would be a switched ISDN B channel, right? :-p
No, it just depends on how you set up your billing. ”Ryan
From: Thor Date: Thu Feb 19, 2004 9:11pm Subject: Re: Minor concern: Knuth?!
Anywhoo, I think it will be obvious that Bob Knuth is not Don Knuth. Besides, I keep Knuth between Petr Beckmann s A History of Pi and Umberto Eco s Foucault s Pendulum with all the rest of my porn. If I don t confuse the two, I m sure our faithful readers won t either. If it becomes an issue, Ryan can always claim that the K is not silent. ”t
From: Blue Boar Date: Thu Feb 19, 2004 9:11pm Subject: Re: Minor concern: Knuth?!
<Fyodor> wrote: That sounds disturbingly similar to the famous computer scientist, author, and Stanford professor Don Knuth . Perhaps this is intentional?
Yes, that s where the name comes from. Fully intentional.
I ve never met Mr. Knuth (the real one... um, the real Don Knuth, let me be specific...), but I hope that should he ever become aware of the book, he ll take it as the tribute intended.
<Fyodor> wrote: Why not just give the mastermind a handle (or more than one)?
That IS a handle, and he will have more than one. I was thinking also perhaps Newman, Mockly, a few others.
It s indented to be reflective of his self image. ”Ryan
From: Joe Grand Date: Thu Feb 19, 2004 9:19pm Subject: Re: Minor concern: Knuth?!
Knuth is a common enough name that I don t think any one particular Mr. or Mrs. Knuth will take offense to it.
www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=knuth&btnG=Google+Search
How do you think I feel? People use Grand all the time, and I didn t give them permission! ”Joe
From: Blue Boar Date: Thu Feb 19, 2004 9:19pm Subject: Re: Minor concern: Knuth?!
You know how many Ryan Russells there are running around out there? Bastards are always taking my logins for various websites . I can t even go to Blackhat/Defcon without running into another one. Lots of fun when trying to check into Caesars or get my badge... ”Ryan
From: Fyodor Date: Thu Feb 19, 2004 9:32pm Subject: Re: Minor concern: Knuth?!
<Joe Grand> wrote: Knuth is a common enough name that I don t think any one particular Mr. or Mrs. Knuth will take offense to it.
9 of those top 10 results are the same famous Don Knuth. The 10th is the homepage of Elizabeth Knuth, who bothers to note on the page that she is No relation to the more famous Knuth . So a lot of Google results doesn t necessarily imply a lot of different people.
But it doesn t really matter to me if you want to play off his name, if everyone else is OK with it. Still (ignoring the risk of offending him), it does seem a little distracting. And the target audience will know immediately who you are referring to. Virtually all movies give the actors/actresses new names exactly because they want to avoid distracting association with the real life identities.
But, to quote Ryan, Meh :). ”Cheers, -F
From: Thor Date: Thu Feb 19, 2004 9:36pm Subject: Re: 0-day
Well, since someone seems to have pooped in your Corn Flakes today, I won t push the Subject. That is, even though a Service Profile ID is specifically for ISDN, which is always a switched service. So, no matter how you have your billing set up, a SPID represents a switched circuit. Not that anyone is paying attention... t
From: Fyodor Date: Thu Feb 19, 2004 9:42pm Subject: Re: Minor concern: Knuth?!
<Blue Boar> wrote: It s intended to be reflective of his self image.
I guess that makes sense. And perhaps one of the hacker characters could mutter to himself how arrogant this crime boss is to compare himself to the real distinguished Knuth. I guess this book does mix a lot of real/fictional details. Still, I think it is worth being a little cautious when using the names or likenesses of real-life people because that can sometimes generate real-life lawsuits or at least real-life ill will. We don t want people to think we are disparaging D. Knuth. But if done in a tasteful manner, perhaps it could be advisable. I ll shut up now and get back to work :). ”Cheers, -F
From: Blue Boar Date: Thu Feb 19, 2004 9:46pm Subject: Re: 0-day
<Thor> wrote: Well, since someone seems to have pooped in your Corn Flakes today, I won t push the Subject.
OK, cool... then, hey wait, what s this below that...
<Thor> wrote: That is, even though a Service Profile ID is specifically for ISDN,
And is used as a line identifier for the line in question in addition to being used for switch configuration and tagging particular requests on the D channel...
<Thor> wrote: which is always a switched service.
Oh... no, sorry. You can order a permanently nailed-up ISDN line if you want, no dialing required. Or, you can use the D channel, or you can simply lease a pair of wire from the phone company and run ISDN over it if you like. Check out iDSL for examples.
<Thor> wrote: So, no matter how you have your billing set up, a SPID represents a switched circuit. Not that anyone > is paying attention...
No, of course not.
(I used to administer a few hundred ISDN lines of varying flavors.) ”Ryan
From: Blue Boar Date: Thu Feb 19, 2004 9:47pm Subject: Re: Minor concern: Knuth?!
<Joe Grand> wrote: I had no idea who Don Knuth was until you mentioned it :)
Hardware hackers... ”Ryan
From: Blue Boar Date: Thu Feb 19, 2004 9:48pm Subject: Re: Minor concern: Knuth?!
<Fyodor> wrote: And perhaps one of the hacker characters could mutter to himself how arrogant this crime boss is to compare himself to the real distinguished Knuth.
Now you re thinking. :)
<Fyodor> wrote: because that can sometimes generate real-life lawsuits or at least real-life ill will.
Not to worry, my contract says that if the book gets sued, I get to pay for Syngress lawyers . Hey wait... ”Ryan
From: Thor Date: Thu Feb 19, 2004 10:09pm Subject: Re: 0-day
<Blue Boar> wrote: Check out iDSL for examples.
iDSL is just ISDN encoding over a subscribed line- the signaling (for the switch) is actually disabled. But having administered all those ISDN lines, you know all about that :-p Leasing a wire pair is a leased line; how you choose to encode data after the fact does not affect the circuit type. A SPID, as you said, does indeed identify provisions- it identifies it *to the switch.* If it is a SPID (a true SPID) then it is used by a switch. As I understand it, iDSL does not use the D channel configuration to transmit the inverse multi-plexed data to bundle the two B channels in to a psudo-128 k connection. It is a 144k connection in a single pipe.
<Blue Boar> wrote: (I used to administer a few hundred ISDN lines of varing flavors.)
I used to steal data over a few hundred ISDN lines of varing flavors ;) ”t
From: Fyodor Date: Thu Feb 19, 2004 10:41pm Subject: 498
For the record, STC will be published on April fools day and be 498 pages long. And you can save $14.98 off the cover price: www.amazon.com/ exec /obidos/tg/detail/-/1931836051/
I love the book industry :). ”Cheers, -F
From: Thor Date: Thu Feb 19, 2004 10:48pm Subject: Re: 498
Is Esophagus (I mean Dan) still on the project? How d HE get creds?
From: Russ Rogers Date: Thu Feb 19, 2004 10:45pm Subject: RE: 0-day
Oh son of a #$&!!... Tim, where is your character? Location please... I need to be in the same area as you are, right? Shit. I ll be surprised if most of the inhabitants of our fair city don t get genital cancer from all the waves being beamed through their bodies without their knowledge. The FCC would croak if they knew. ”-Russ
From: Thor Date: Thu Feb 19, 2004 11:01pm Subject: Re: 0-day
Right now, I am at the Summit Club in Johannesburg, South Africa. The girls here are one of a kind! (Except for for the BenWah twins, that is). Capri works here, and I am watching her dance while I wait on Knuth to transfer my deposit into my account. Where are you?
From: Russ Rogers Date: Thu Feb 19, 2004 10:59pm Subject: RE: 0-day
I m near St James hospital in Johannesburg, South Africa. Examining the wireless coverage. Thanks man. This helps a lot! And who are you calling strange ?! Kettle? Yeah, it s me, Pot. You re black! ”Russ
From: Thor Date: Thu Feb 19, 2004 11:12pm Subject: Re: 0-day
Well, I won t be in the club when the time comes- I ll be at St. James. Sounds like we are good to go, as long as the nurses there still have bra optional dress codes. And there is no need to bring bigotry into this. South Africa has had enough of that without worrying about you bringing color into it!
From: Blue Boar Date: Thu Feb 19, 2004 11:31pm Subject: Re: 0-day
<Thor> wrote: iDSL is just ISDN encoding over a subscribed line
a.... leased line? the signaling (for the > switch) is actually disabled. And yet.. it s ISDN over not a switch circuit. :)
<Thor> wrote: SPID, as you said, does indeed identify provisions- it identifies it *to the switch.* If it is a SPID (a true SPID) then it is used by a switch.
And what would the circuit ID be? Even when not switched? Might it be a SPID?
<Thor> wrote: I used to steal data over a few hundred ISDN lines of varing flavors ;)
Here, I ve got someone that can help you with some of the harder parts:
http://routergod.com/aliciasilverstone/ ”Ryan
From: Thor Date: Thu Feb 19, 2004 11:58pm Subject: Re: 0-day
<Blue Boar> wrote: a.... leased line? :)
OK, now you are scaring me. Who are you, and what have you done with Ryan? I was being consistent with the acronyms. DSL stands for Digital Subscriber Line. An acronym is a series of letters that represent words. I think you see where I am going...
<Blue Boar> wrote: the signaling (for the switch) is actually disabled. And yet.. it s ISDN over not a switch circuit. :)
We were talking about the primary media type, not the encoding.
<Blue Boar> wrote: SPID, as you said, does indeed identify provisions- it identifies it *to the switch.* If it is a SPID (a true SPID) then it is used by a switch. And what would the circuit ID be? Even when not switched? Might it be a SPID?
I m not familiar with the term switched. Can you elaborate on that?
If the media was an iDSL line, the CID would be the, uh, wait for it, the CID. a SPID would be the SPID(s) for the B channels of a SWITCHED ISDN line. Note that the D channel does not have a SPID.
<Blue Boar> wrote: Here, I ve got someone that can help you with some of the harder parts:
At least *my* parts still get hard!
<Blue Boar> wrote: http://routergod.com/aliciasilverstone/
Indeed - even Alicia knows that one enters the SPID(s) after you select THE FARKING SWITCH TYPE! Why would that be? Because the SPID is used by THE FARKING SWITCH!
I don t think I am talking with Ryan any more.. Let me guess, you are really Steve Gibson who has broken into Ryan s house, right?
From: Jay Beale Date: Fri Feb 20, 2004 1:31am Subject: Re: 0-day
<Joe Grand> wrote: Yes, the date is September 12th, 2004.
Any chance we can just move to any other date the Sensepost guys pick? Or just go 4/15 or 14 or 16, reasoning that some of our characters will be in the US and enjoying slightly lower odds of detection by US law enforcement? ” Jay
From: Roelof Temmingh Date: Fri Feb 20, 2004 7:02am Subject: Re: 0-day
14 April is general elections in South Africa this year....:) Elections and ZA...always have the gov on high alert during that time. Perhaps combine 14/15? -
Plus...14 April is a public holiday in ZA ”RT
From: Roelof Temmingh Date: Fri Feb 20, 2004 7:34am Subject: 0-day = 14/4 (?)
OK - after catching up on all the STC mail...I think we should be looking at the night of the 14th/15th. The election (every 4 years) is on the 14th. During the day the government agencies are very much focused on keeping the elections running smooth - last thing on their minds (if ever) is cyber fraud. Also ATM machines are stocked with cash (Tim - your guy pulls a fast one on ATM machines right?) because there are lots of people on the street that day. I worked with the IEC (independent electoral commission) and there s much hecticness during the few days after the elections - when the counting starts...a nice window to cause trouble.
Hope this helps, ”RT
From: Andrew Williams Date: Fri Feb 20, 2004 8:49am Subject: RE: 0-day = 14/4 (?)
See. I told you we should go w/ April 15. Meh ;) ” Andrew
From: Andrew Williams Date: Fri Feb 20, 2004 8:55am Subject: RE: 498
<Fyodor> wrote: And you can save $14.98 off the cover price.
I ll give all of you an extra $1 off the cover price ;)
From: Thor Date: Fri Feb 20, 2004 11:13am Subject: Re: 0-day = 14/4 (?)
Well, that is why I ve been saying 4/14 this whole time! Geeze- I wish you people would get it together! Meh! Meh! Ni! ”t
From: Andrew Williams Date: Fri Feb 20, 2004 11:24am Subject: RE: 0-day = 14/4 (?)
Can we all agree on this? And, as an added perk....Joe can blame me for the date changing again ;) ”A
From: Andrew Williams Date: Fri Feb 20, 2004 0:12pm Subject: RE: 0-day = 14/4 (?)
Is the figure something you can just submit as-is, and we can fix/re-do here? ”A
From: Kevin Mitnick Date: Fri Feb 20, 2004 1:21pm Subject: hi everyone
I just signed into the group, so I just wanted to say hello. Cheers, ”Kevin
From: Russ Rogers Date: Fri Feb 20, 2004 1:17pm Subject: RE: hi everyone
Hey Kevin... Welcome aboard. ”Russ
From: Joe Grand Date: Fri Feb 20, 2004 1:30pm Subject: Re: hi everyone
Hey Kevin.
Man, you joined at just the right time. Missed all of the conversations about sex (by Thor) and a day s worth of blabbing to pick a date. But, there will be more conversations about sex (by Thor) to be sure.
From: Andrew Williams Date: Fri Feb 20, 2004 1:45pm Subject: RE: hi everyone
Welcome, Kevin. Great to have you in the group.
<Joe Grand> wrote: Missed all of the conversations about sex (by Thor) and a day s worth of blabbing to pick a date. But, there will be more conversations about sex (by Thor) to be sure.
Just so there s no confusion....Those were separate conversations about sex and picking a date between Joe and Thor ;) Not that there s anything wrong with that! ”A
From: Kevin Mitnick Date: Fri Feb 20, 2004 1:59pm Subject: RE: hi everyone
Hold on. Let me dial into your switch? ;)
From: Kevin Mitnick Date: Fri Feb 20, 2004 2:03pm Subject: RE: hi everyone
I was just kidding. I don t have any 5ess logs laying around. But I m sure we can find some. ”Kevin
From: Joe Grand Date: Fri Feb 20, 2004 2:18pm Subject: Re: hi everyone
As for the 5ESS, I m in the final few steps of the chapter and my guy is adding a wiretap (through the BLV trick ) and needs to disable some phone lines. The BLV stuff is pretty complex to show screen shots of, so I m just walking the reader through it. To disable a few lines, it would be sweet to have some actual logs - just to be technically correct. But, if not, I can just cop out with some more writing. :) ”Joe
From: Kevin Mitnick Date: Fri Feb 20, 2004 2:30pm Subject: RE: hi everyone
I have a better way to turn off the service via DTMF though another test system.
From: Tom Parker Date: Fri Feb 20, 2004 2:38pm Subject: RE: hi everyone
I guess I should de-lurk also; Hi everyone! :> ”Tom
From: Joe Grand Date: Fri Feb 20, 2004 2:39pm Subject: Re: hi everyone
Hmm. That could work. My guy is in Iceland hacking a switch in Shebin El Kom, Egypt (Egypt does have 5ESS, believe it or not).
He s already in the system, so it would be easier to enter in a few commands to get it done rather than introduce an entirely new system in the last few pages of the book, but either way is fine with me :). ”Joe
From: Andrew Williams Date: Fri Feb 20, 2004 2:42pm Subject: RE: hi everyone
Welcome, Tom! You could probably use some of this good, personal intrigue from the list to spice up the chaplets ;) ”A
From: Christine Kloiber Date: Fri Feb 20, 2004 3:05pm Subject: arrival of chapters
I can t say how much I ve enjoyed the intense intellectual discussions these past two days...from captain morgan coats to 5ESS logs...it s just too good to be true.
Paul has kindly (bravely) volunteered to post his chapter to the site at some point today. He gets a gold star, and right behind him are Joe and Russ as I know those two *upstanding fine gentlemen* will have their chapters done before the weekend is out. You too can be a Syngress overachiever if you submit your chapter soon, or for those average folks who strive for the bare minimum, to be counted as a simple achiever, submit it soon anyway. ”thanks fella s christine
From: Joe Grand Date: Fri Feb 20, 2004 3:16pm Subject: Re: arrival of chapters
But you said Russ and I would get gold stars, too? :( Maybe silver for 2nd place? ”Joe
From: Joe Grand Date: Fri Feb 20, 2004 3:19pm Subject: Re: arrival of chapters
Oh! And when Thor finishes, he gets a Porn Star. ;) ”Joe
From: Thor Date: Fri Feb 20, 2004 3:20pm Subject: Re: arrival of chapters
Been there. Done that.
From: Andrew Williams Date: Fri Feb 20, 2004 3:42pm Subject: RE: arrival of chapters
As the chapters are posted to the list, it would be good if everyone could take a quick read through each, and post any comments/questions to the group. This will also be a good time to bring up any issues about how the other chapters may impact yours.
So once each chapter gets posted, we can kick ideas around on the list. But, just so there s not total chaos surrounding the development of each chapter, Ryan will own communicating any necessary changes, suggestions, etc. from the group back to each author during his tech. edit. The process goes: 1. Each author submits final chapter to Syngress/Christine and posts to the list. 2. Everyone reads the chapter, and posts comments, questions, etc. to the group. 3. Christine reviews the submission making her edits, etc. and then sends to Ryan for TE. 4. Ryan does his TE taking into account any conversations that have taken place on the list about that chapter. 5. Ryan completes his TE and sends chapter to Kevin for his review. 6. Kevin completes his review and forwards chapter to Christine. 7. Christine checks the edits and sends the chapter back to the author for revision. 8. Author revises chapter and submits final version to Christine.
At this step...some chapters may need to go back to Ryan for one last check, and others that maybe didn t really have a lot of edits may be ok to move forward. Sound like a plan? ”A
From: Andrew Williams Date: Fri Feb 20, 2004 3:45pm Subject: FW: arrival of chapters
Sorry.... Forgot one more thing (I know, like 8 things weren t enough!).
Step 4.5....While Ryan is TEing, Ryan and Tom can be adding the chaplets.
As the chapters are posted to the list, it would be good if everyone could take a quick read through each, and post any comments/questions to the group. This will also be a good time to bring up any issues about how the other chapters may impact yours.
So once each chapter gets posted, we can kick ideas around on the list. But, just so there s not total chaos surrounding the development of each chapter, Ryan will own communicating any necessary changes, suggestions, etc. from the group back to each author during his tech. edit. The process goes: 1. Each author submits final chapter to Syngress/Christine and posts to the list. 2. Everyone reads the chapter, and posts comments, questions, etc. to the group. 3. Christine reviews the submission making her edits, etc. and then sends to Ryan for TE. 4. Ryan does his TE taking into account any conversations that have taken place on the list about that chapter. 5. Ryan completes his TE and sends chapter to Kevin for his review. 6. Kevin completes his review and forwards chapter to Christine. 7. Christine checks the edits and sends the chapter back to the author for revision. 8. Author revises chapter and submits final version to Christine.
At this step...some chapters may need to go back to Ryan for one last check, and others that maybe didn t really have a lot of edits may be ok to move forward. Sound like a plan? ”A
From: Joe Grand Date: Fri Feb 20, 2004 4:01pm Subject: Re: arrival of chapters
Holy crap! Now that s what I call an editing process. I don t think posting chapters to Yahoo! is a very good idea. Unless you don t mind other people possibly getting ahold of our manuscripts before we go to press. Call me paranoid , but after all, we ARE in the computer security industry. ”Joe
From: Andrew Williams Date: Fri Feb 20, 2004 4:03pm Subject: RE: arrival of chapters
<Joe Grand> wrote: Everyone prepare for the clusterfuck of a group review!
That s why I m stressing the notion that Ryan is the gate keeper. I think the benefit of everyone seeing each chapter early on in the process is to smoke out and resolve any discrepancies/conflicts/confusion between chapters. Definitely not posting each chapter to have a group grope for the sake of it.
<Joe Grand> wrote: Call me paranoid, but after all, we ARE in the computer security industry.
Just because your paranoid, doesn t mean they re not after you! ”A
From: Andrew Williams Date: Fri Feb 20, 2004 5:14pm Subject: I may be an idiot, but I m no fool!
Ok....just to de-stress everyone a little bit (as my cell phone has been ringing off the hook and my in-box overflowing in response to my post about the review process). Not that I don t like hearing from everybody ;)
Just to clarify...We definitely don t want/expect/need everybody to thoroughly review each chapter and then post comments/criticism/changes/suggestions to the list for Ryan to sort through and then feed back to the authors. The primary purpose of having everyone look at each chapter is to resolve any major plot conflicts as early on as possible. As an example....so everyone sees how/when Tim s character gets killed, so you don t use him later on in the book. That kind of stuff. I know Russ and Tim have been working through the details on this (because Russ is the a-hole who does him in ;)), but I m guessing others who aren t directly involved with it are not as familiar with this plot line, but it may somehow impact what you are doing. ”Best, A
From: Kevin Mitnick Date: Tue Apr 20, 2004 5:47pm Subject: RE: arrival of chapters
Even real paranoids have enemies! ”Kevin
From: Brian Hatch Date: Sat Feb 21, 2004 0:46am Subject: Re: hi everyone
<Joe Grand> wrote: I wonder who else is on this list? ;)
I am, and though I told Syngress already that I won t be able to write for STC (damn but twins take a lot more time than singletons) I still look forward to getting the inside scoop on the plot before it hits the shelves.
Besides, I m the only one on here who admitted he wouldn t make his deadline and took appropriate actions before it was inconvenient for all involved. ;-) ”Brian Hatch
From: Joe Grand Date: Sun Feb 22, 2004 2:36am Subject: For Whom Ma Bell Tolls...
For those who care (OK, just Christine and hopefully Andrew since he came up with the lovely review structure), I have put my chapter up. Enjoy it if you wish. I look forward to any comments, receiving my edits, getting my gold star, etc. Love, ”Joe
From: Russ Rogers Date: Sun Feb 22, 2004 2:47pm Subject: My Chapter
I ve forwarded my chapter to Andrew and Christine with a CC to Ryan and Tim. Where the heck is my gold star? ”Russ
From: Joe Grand Date: Sun Feb 22, 2004 2:58pm Subject: Re: My Chapter
You get the silver star! The gold one is currently sticking to my forehead. ”Joe
From: Andrew Williams Date: Mon Feb 23, 2004 10:55am Subject: FTP: Files To Play with
Hey guys:
We ve got the ftp set up and Christine will be e-mailing everyone user names/pass words. To avoid any version control problems with chapters, please do not use the ftp site for submitting/exchanging live/final documents. This is just the place to post chapters for other in the group to check out. Please send your final chapter submissions to Christine as e-mail attachments, and only work on files that are e-mailed directly to you from Christine. So any chapters on the FTP are just Files To Play with. ”Thanks, Andrew
From: Christine Kloiber Date: Mon Feb 23, 2004 2:20pm Subject: Re: FTP: Files To Play with
Hey Guys,
By now you should all have your user name and passwords for the ftp site. If you care to visit it, you ll notice that chapters have been posted by Joe, Russ, Paul, and Roelof. Want to join this select group? It s easy! Once you have your chapter three- quarters of the way done, post it to the site. - Or, even if you re only half-way through, but are so proud of what you ve done that you want to share.
Keep in mind that final chapter submissions should be made directly to me via my Syngress email (If you send me a chapter, and it s not final, let me know. Final submissions should start coming in ASAP, and for anybody who s still working through questions and murky areas - your time to speak up is quickly expiring...
Thanks - looking forward to seeing what you ve all cooked up. :)
From: Andrew Williams Date: Tue Feb 24, 2004 3:41pm Subject: fictitious names, targets, etc
Hey guys: Please make sure you use fictional names for all targets, companies, banks, etc. Once you ve made up names, Google them just to be sure they don t really exist. One of the chapters had a fictional name that really exists. ”Thanks, A
From: Joe Grand Date: Tue Feb 24, 2004 4:11pm Subject: Re: fictitious names, targets, etc
Don t we want the chapters to be somewhat realistic? Most of the banks and websites I used were real, because it makes the story more believable? What about documents that are referenced in the chapter? Of course, it can all be changed fairly easily, but even Michael Crichton uses real names and places in his books? ”Joe
From: Andrew Williams Date: Tue Feb 24, 2004 4:14pm Subject: RE: fictitious names, targets, etc
I think we need to go fictional. I hear what you are saying w/ the Michael Crichton...but I think it s a little different here because some could make the case that we are providing a roadmap on how to hack real targets. I know we are not, but it s a straw man I d rather not have to deal with. I m also guessing that some of the contributors may be put in a compromising position if we are targeting companies people have worked for. ”Best, A
From: Blue Boar Date: Tue Feb 24, 2004 4:16pm Subject: Re: fictitious names, targets, etc
I don t know if a blanket statement no real names statement is really called for; We pick on Microsoft all the time, for example. And Cisco routers, HP printers, SAP (hey, maybe FX is the problem child... :) ) etc.... I think some judgment is called for if you re showing an actual vulnerability in conjunction with an actual site, and they really *have* that vulnerability (i.e. you just outed them and implicated yourself.)
Joe plans to talk about DMS100 and 5ESS switches, which are real models.
The situation that came up is that we thought we had accidentally made up a hospital name, and it turned out to be a real hospital. (Looks like a false alarm at this point, though.) We re having Tim s character killed there via lax security. There we probably don t want a real hospital name. Libel, and all that. Now, if we point out a vulnerability in some software program that actually has it, then the law is on our side. (I know, won t necessarily keep us from getting sued, but we could theoretically win.) Hospitals are probably jumpy about that sort of thing.
In the last book, I made up a fake vuln in IIS. Microsoft is just used to it, and we assume they won t care. How about we let myself and publisher review the names used, and ask for a change if there is a reason to, and not have everyone start changing everything. Is that OK, Andrew? Do we get any protection because we explicitly say we are fiction? ”Ryan
From: Thor Date: Tue Feb 24, 2004 4:20pm Subject: Re: fictitious names, targets, etc
Well, AFAIAC, there is no way I m going to name the real banking institution, along with the real ATM model s when I am using a real vulnerability and the real API call to root the boxes. Call me paranoid, but it is not worth the possible legal problems. ”t
From: Andrew Williams Date: Tue Feb 24, 2004 4:26pm Subject: RE: fictitious names, targets, etc
<Blue Boar> wrote: How about we let myself and publisher review the names used. Is that OK, Andrew?
Makes perfect sense. And, I definitely agree w/ the reasoning. It s one thing to write about a vuln in Windows 2000 or something (real or not), and it s another to write about a real bank having a vulnerability (again, real or not).
<Blue Boar> wrote: Do we get any protection because we explicitly say we are fiction?
I don t think it would ever get to the point of litigation. But, I certainly don t have the legal budget to find out ;) ”Best, A
From: Blue Boar Date: Tue Feb 24, 2004 4:29pm Subject: Re: fictitious names, targets, etc
<Thor> wrote: Call me paranoid, but it is not worth the possible legal problems.
Yes, I expect everyone to cover their own asses in terms of privileged information, NDAs, pissing off customers, employers , that sort of thing.
Although, wouldn t it be funny if we accidentally re-randomized the institution in question during editing, and ended up putting back the real one. Ahahahaha. ”Ryan
From: Kevin Mitnick Date: Tue Feb 24, 2004 4:33pm Subject: RE: fictitious names, targets, etc
Here is how to disconnect anyone s phone service by using DTMF. This still works today. www.datutoday.tk . This is cool stuff. ”Kevin
From: Haroon Meer Date: Tue Feb 24, 2004 5:02pm Subject: RE: fictitious names, targets, etc
Hi..
Yeah.. and Ryan saying there is a bug in a MS ISAPI filter leads to a code audit (which is prolly not a bad idea anyway) (and customers have already shown that they don t make their decision based on 0day score-count...) A hint of a hole in a banks perimeter sends internal staff chasing their tails forever to ensure that they actually ok..
[thats not even going down the Dont take me to that hospital cause ppl die there cause they use WiFi! road] :> (even if it was just Tims character :p ) I think Ryans on the money.. and discretion/common sense can drive it.. ”MH
From: Kevin Mitnick Date: Tue Feb 24, 2004 4:30pm Subject: RE: fictitious names, targets, etc
That stuff sounds cool to me. The wiretaps are usually done at the telco security department using a dialup to a special box that s connected to the target s line equipment. The password is usually 12345 or 11111. I use to force the box (using SE on a frame tech to pull the jumper out of the box) to drop the connection and dialin myself using the DTMF password.
”Kevin
From: Thor Date: Wed Feb 25, 2004 7:48pm Subject: Info Request
Hey Sensepost dudes (or any SA people)-
What is your currency, what is the most common unit in ATM s, and what is the rough equivalent to US dollars? I m at that point... Thanks. Oh, and what are some of the big banks that spring to mind in JoBurg? I could google, but I d like it right from the hacker s mouth, as they say... ”t
From: charl van der walt Date: Thu Feb 26, 2004 2:03am Subject: Re: Info Request
Hey Thor,
The currency here is the South African Rand , denoted with a simple R , as in R 50,00. The Rand sits at around 6.5 to the US$ at the moment, meaning you ll pay about R 6.50 for a dollar. The currency has strengthened about 30% against the dollar in the last year. A BicMac meal will cost you about R 22 and a local beer about R 6 - R 8 in a bar.
Probably the most common unit drawn from an ATM would be a 20 or a 50. You also get 10s and 100s, but I ve never seen a 200. There are ATMs _everywhere_ (I saw one outside a prison yesterday - for ppl to draw money so they can pay bail ;>) and an interbank switching system called Saswitch that allows you to draw from your account via any ATM. Most banks participate. Interestingly, there are also 3rd-party companies (not banks) that link into saswitch and offer ATM services. These are often located at filling stations . Many of the ATMs are ˜smart and will allow you to do transfers, draw cheques , create and manage beneficiaries, manage investments etc.
The biggest banks here would be: ABSA - The Amalgamated Banks of South Africa FNB - First National Bank SBSA - Standard Bank of South Africa Nedcor - A banking group consisting of many banks, including ˜Nedbank African Bank - More of a ˜micro- lending bank.
Then there are numers ˜high-end institutions - private banks and other investment houses . Many of the big international institutions - ABN Amro, Deutche Bank, Citibank etc are also present. Most of the high-end banks (like Nedcor or Deutche Bank) would be located in a high-class financial district called Sandton, whilst the big banks (ABSA,FNB,Standard) own highrises in the Johannesburg CBD, which is a little rougher. That do? ”./charl
From: Andrew Williams Date: Thu Feb 26, 2004 9:21am Subject: STC meets FOX
Hey Guys:
I ve got an idea I d like to run by all of you....I d like to transcribe the threads from this list as an appendix to the book, as a The Making of STC kind of thing. I think readers would be really interested to see how the plot developed, how ideas were exchanged, ideas that didn t make it into the book, etc. Sort of Project Greenlight meets Survivor . And at the end, we get to vote someone off the list ;) Almost every DVD now has behind the scenes stuff w/ outtakes, etc. People like the reality of the process. I think w/ the Stealing book in particular, readers are interested by the authors, and how the books are written and developed. Anyone who did the signing for STN last year in Vegas saw this first hand. The signing table was packed for 2 hours with people wanting to talk to the authors, ask questions, etc. This is a way to extend that experience out to anyone reading the book. Thoughts? ”-A
From: Joe Grand Date: Thu Feb 26, 2004 0:51pm Subject: Re: STC meets FOX
When are we going to start pushing for a movie deal? I want to play Thor. ”Joe
From: Russ Rogers Date: Thu Feb 26, 2004 0:50pm Subject: RE: STC meets FOX
Yeah, movie deal... I think my part was already selected at the party in Seattle, wasn t it? Hahah
From: Joe Grand Date: Thu Feb 26, 2004 1:07pm Subject: Re: STC meets FOX
I know a guy in Hollywood that is working on some screenplays and another dude that wrote Out Cold and The Perfect Score. So, I wasn t really joking about the movie thing. ”Joe
From: Jay Beale Date: Thu Feb 26, 2004 1:12pm Subject: Re: STC meets FOX
I want to play FX. Speaking of which, what s our pyrotechnics budget for the making-of movie? Let s see, we can pick up Cisco 2500 series routers for $500 a pop, but where do we get the sparklers and firecrackers? ”- Jay
From: Andrew Williams Date: Thu Feb 26, 2004 1:11pm Subject: RE: STC meets FOX
We ll see if we can get Mel Gibson to direct it. He put, what, $30 million of his own money into Passion? He could afford a few bucks for props. Would be interested to see how he d direct Thor s death scene :) ”t
From: Thor Date: Thu Feb 26, 2004 2:28pm Subject: Re: Info Request
Cool - thanks... So, even if a BigMac is R22, the ATM s still dispense 20 s? I would think a 50 would be the mean... If I go on the assumption that these guys will be stocked with 50 s, will that work? It does not really matter with the ATM units that support continuous feed (the ones that spit out bill after bill) but it will with the tray type dispensers that pre-count the bills and present a single stack of bills (to a maximum feed supported by the unit.) to the customer.
Obviously, one would target the auto-feed ATM s so you can just stand there while all the money spits out until the main tray is empty, but I ve got to be realistic. This matters when calculating how many ATM s to circuit, and how long someone will be standing there. The trick of course is to match the physical ATM to it s IP/Hostname on the private network, but I ve got that down :) So, 50 s are OK? (after all that...) ”t
From: Haroon Meer Date: Thu Feb 26, 2004 3:06pm Subject: Re: Info Request
hiya ..
Yeah.. R50 s or even R100 s would be ok..
on an aside..
(i suspect it goes a little far into the guts of the actual ATM-app being used.. but.. it would be interesting if the hax0r managed to convince the machine that its money bins were in reverse order.. (post his hack) so ppl following him would get 3 x R10 (smallest currency) where they expected 3 x R100 ... and some poor sod with his last R10 in his account gets gifted a R100 ...
It will cause additional foncusion.. and thats always good.. [when stealing a continent] ”/mh
From: Thor Date: Thu Feb 26, 2004 3:02pm Subject: Re: Info Request
Normally, the units all have the same denominations- no mixed bills. I ve seen some cases where one bin had 20 s and one had 50 s, but that is not typical anymore. Now, if you have seen something different, then I d like to know that... It is not that the ATM s can t do that, it is more a concern of cost in having a person have to make more trips to the unit itself to make sure a particular tray is filled. The banks typically sub-out the maintenance (to NCR for example) and it costs alot per trip for that type of thing- consequently, they fill the thing with 20 s and let it go for as long as they can. The trays actually have sensors on them to alert control folks that a tray is getting empty. ”t
From: Andrew Williams Date: Thu Feb 26, 2004 3:02pm Subject: RE: STC meets FOX
It sounds like people are ok w/ the idea of using threads from this list. Not everyone has chimed in....does anyone have any objections to this? Here are the safegaurds I think we d need to put in place: 1. Delete everyone s e-mail address. 2. Edit or delete references to real things that people have either used as examples on the list, or have said I did this that and the other thing for Company X, so we can t do it in the book. 3. Remove every other winky reference ;) 4. Anything else? Everyone would obviously get the chance to sign off on their own snippets before we would use them. ”Best, A
From: Thor Date: Thu Feb 26, 2004 3:10pm Subject: Re: STC meets FOX
Yeah, there a couple of topics discussed here that I would rather not see in print... This stuff is funny to us, but I don t know how your average reader will take to it. Consider those emails we got just from the use of fuck in the last book... ”t
From: Haroon Meer Date: Thu Feb 26, 2004 3:36pm Subject: Re: Info Request
Typical here is at least 2 denominations..The sensors are still there.. so staff are alerted when the bills are running low.. (and the ATM software too is aware of it, Sorry.. I cannot give you R30.. Do you want R40? (just about)
As far as i might have been told.. its not outsourced here.. tis still largely run by the bank (unless its a remote atm.. and even then im not sure...)
[ill confirm this with friends at one of the banks and get back to u off-list] ”/MH
From: Andrew Williams Date: Thu Feb 26, 2004 3:15pm Subject: RE: STC meets FOX
Agreed. I say we shoot for PG/PG-13. Definitely not R. I think there are a couple of points where the threads go off topic, and people would find them interesting/funny, but not offensive. But, there are other places where some would find it some combination of: not funny/not interesting/not relevant/borderline offensive. ”Andrew
From: Thor Date: Thu Feb 26, 2004 3:18pm Subject: Re: STC meets FOX
<Joe Grand> wrote: We used fuck in the last book?
Yeah, FX was credited with that one ;) Someone did complain, and included me in the email (for whatever reason) to Andrew. He said it was unprofessional. ”t
From: Thor Date: Thu Feb 26, 2004 3:20pm Subject: Re: Info Request
Thanks- that will be good to know. Just so I can get a feel for the typical usage, what is the typical amount withdrawn? What is the normal daily limit? And I don t mean for you rich hob-knob types living in the lap of luxury, I mean for the normal joe- like me. ”t
From: Haroon Meer Date: Thu Feb 26, 2004 3:52pm Subject: Re: Info Request
daily limit is set by default to R1000. Typical amount withdrawn?.. not a clue.. i know we harp on it.. but .za has an upper-class, a tiny middle-class and a massive lower class.. if u consider 40% unemployment and 50% of the population below the poverty line.. (www.cia.gov/cia/publications/factbook/geos/sf.html) link is prolly worth reading for other info too
Ps. Will see if the banks actually have a typical amount drawn kinda chart somewhere..
From: Andrew Williams Date: Thu Feb 26, 2004 3:33pm Subject: RE: STC meets FOX
<Thor> wrote: Someone did complain, and included me in the email (for whatever reason) to Andrew.
Yeah. I was amazingly impressed w/ Tim s smooth-talking, rational, customer service skills. He turned an angry dude on a mission into a big time fan. All that said, I don t want to completely and totally sanitize everything. We did get a handful of complaints on STN, but I think most readers liked the kind of edgy feel to it. ” ”A
From: Russ Rogers Date: Thu Feb 26, 2004 3:29pm Subject: RE: STC meets FOX
I m good with it.
From: Thor Date: Thu Feb 26, 2004 3:38pm Subject: Re: STC meets FOX
I knew you were a Bette Midler fan!
From: Russ Rogers Date: Thu Feb 26, 2004 3:32pm Subject: RE: STC meets FOX
Oh, stop it, Tim... You re embarrassing me in front of my friends! ;-) ”Russ
From: Roelof Temmingh Date: Thu Feb 26, 2004 3:51pm Subject: Re: Info Request
A point to remember here - I have never in ZA seen a ATM machine that spits out money note by note - they open the despenser - give a wad of money and keep it there until you take it out...in a single push - not in a continuous stream. Limits are user definable - but you need to do that at the branch...cant do that online. Typical limit is 1000-1500 rand a day. As an interesting point aside and off topic - because robbery is so common in ZA the ATMs have hectic protection...most are fitted with a GPS (to determine if they are moved), ink spays - to spray the notes and GSM modems running on batteries that will report if they are moved. I know it sounds unbelievable...but..yeah..that s ZA for you..
Driving away with an ATM used to be common here...:) ”RT
From: FX Date: Thu Feb 26, 2004 3:42pm Subject: Re: STC meets FOX
<Thor> wrote: Yeah, FX was credited with that one ;)
Wait what s coming this time. Andrew, you might want to get a new (bigger) snail mail inbox, now that Knuth knows what SAP is :) ”/FX
From: Andrew Williams Date: Thu Feb 26, 2004 3:46pm Subject: RE: Info Request
<Joe Grand> wrote: Oh damn. I hope he meant Thor .
Joe, what the hell have you been doing for the past 2 weeks? You mean you don t have that ATM hack done yet?!?!?!?! That s it! You re off the book ;)
From: Thor Date: Thu Feb 26, 2004 3:56pm Subject: Re: Info Request
Well, that is good to know- we have both types here, it all depends on the manufacturer. I ll go ahead and cover both, and try not to focus too much on that aspect of things. I ll be talking about embedded XP- that is why it is nice to be able to make up a bank. Many banks are going with a pilot program (such as in China, Canada, the US, etc) where they are trying out ATM s that support more end-user functionality (like buying tickets to shows, getting stock reports , etc.). China already has several thousand, and that was back in 2002 (Good ole NCR again.)
As far as Knuth is concerned, I m making random ATM s from this bank spit out money all over the place, to create general havoc an mayhem. At the same time, the thousand or so ATM s will turn on the IBM transaction mainframe and launch a DDOS to knock it out and to keep all other international transactions from completing. My side line is to have choice people at some random locations to just be at the right place at the right time so that I can profit on my own. (That is what Knuth finds out, and has me killed for as I bring 15 other people in to help collect money which compromises the operation.)
I think I can cover all that without getting too much tied into the tray type. ”t
From: Andrew Williams Date: Thu Feb 26, 2004 5:56 pm Subject: RE: [Syngress_STC] STC meets FOX
I imported the archives from the list into a Word doc. How the heck have we created 359 pages of posts? Wait a second. That s enough for a book! We re done. Woo Hoo!
From: Tom Parker Date: Mon Mar 1, 2004 7:51 pm Subject: Re: [Syngress_STC] STC meets FOX
What s the chaplet(TM) status Ryan? Are there now sufficient contiguous chapter submissions to begin chaplet ing ? ”Tom
From: Christine Kloiber Date: Tue Mar 2, 2004 3:08 pm Subject: who s next?
Hey Gang, Time to call for more chapters. As far as I know, everyone has the plot/storylines they need and should be finishing up ASAP. We have three chps. in, and more should be arriving before the week is out. Time s getting short, so if anyone has any issues they need addressed, let me know. Thanks guys. I can t wait for the appendix, everyone reading the posts will wonder why the cranky Editor demanding chapters was such a grouch spoiling all the fun.... :-/
From: Thor Date: Thu Mar 4, 2004 9:51 pm Subject: Re: [Syngress_STC] Info Request
I was running through my chapter with a buddy last night as a continuity check, and he brought up something that I may need to address: Being from NYC, all(most) the ATM s he has used are in a little locked glass booth that requires you to swipe your card for entry...Is this type of setup standard in ZA? Any estimate on what percentage of ATM s out there are secured like that? ”Thanks!
From: Jay Beale Date: Thu Mar 4, 2004 11:08 pm Subject: Anybody want a supercomputer?
Hey guys, My character ends up with access to the 3rd fastest supercomputer, the G5 cluster at Virginia Tech, which runs Linux. (though we can make it run OS X) Would anybody find this supercomputer massively helpful? ” Jay
From: Thor Date: Thu Mar 4, 2004 11:42 pm Subject: Re: [Syngress_STC] Anybody want a supercomputer? Our only choices are Linux and OS X? Nah... ”t
From: Jay Beale Date: Fri Mar 5, 2004 12:27 am Subject: Re: [Syngress_STC] Anybody want a supercomputer?
Damn, a Linux supercomputer isn t good enough to crack/brute-force anything? What are you going to use, WindowsClusterE? (j/k) Actually, out of curiosity what operating systems are strong either now or back in the day 10 years ago for clusters? ” Jay
From: Brian Hatch Date: Fri Mar 5, 2004 2:23 am Subject: Re: [Syngress_STC] Anybody want a supercomputer?
<Thor> wrote: Our only choices are Linux and OS X? Nah...
Aww, come on - you could always run vmware and install your favorite *BSD. Or hell, if it s a supercomputer, even bochs would probably provide decent performance
From: Brian Hatch Date: Fri Mar 5, 2004 2:24 am Subject: Re: [Syngress_STC] Info Request
<Thor> wrote: Any estimate on what percentage of > ATM s out there are secured like that?
Back when I was in Chicago, that was the case in about 10% of ATMs. Out here in Seattle, I d say it s more like, umm, well, I haven t run into one yet now that I think of it.
Brian Hatch
From: Haroon Meer Date: Fri Mar 5, 2004 3:52 am Subject: Re: [Syngress_STC] Info Request
Hi.. We do have little locked booths (very very very few of them) and even those, do not require a card swipe to enter.. If they do exist, they are normally just a glass door with a little bolt that u fasten once u are inside.. {A point worth noting however.. is that most ATM clusters will have a semi-armed guard (prolly an 80 year old with a baton). If you are standing there for 3 hours draining the ATM.. u might want to consider a low-tech hack ( Here s $20 man... (R120 za rands)} ”okthankubaai..
From: Christine Kloiber Date: Fri Mar 5, 2004 8:34 am Subject: New arrival
Hey Guys, When you have some spare time, visit the ftp site and you ll find Paul s completed chapter ready to be enjoyed by you all. ”Best, Christine
From: Andrew Williams Date: Mon Mar 15, 2004 3:58 pm Subject: ugly mugs :)
Hey Guys: In the front matter of STC, I d like to include small photos of each of you along w/ your bios. I think it would be interesting for readers to have your bio and photo along w/ your character s name. So, they can put a name w/ a face! It will also help movie moguls reading the book to start thinking about casting. So, can everyone submit a photo of themselves when submitting your bio to Christine? ”Thanks, A
From: Joe Grand Date: Mon Mar 15, 2004 4:03 pm Subject: Re: [Syngress_STC] ugly mugs :)
Maybe the shots should be something cool (unlike my lab coat shot in Hardware Hacking). Something to go along with each character? Like, I could have a picture taken poking around a phone can with a lineman s testset or something sneaky like that. Wearing my lab coat. ”Joe
From: Paul Craig Date: Mon Mar 15, 2004 4:37 pm Subject: Re: ugly mugs :)
Will the photo s be in color? I ask because i have bright purple hair, would be a shame if it came out dull and normal
From: Andrew Williams Date: Mon Mar 15, 2004 4:45 pm Subject: RE: [Syngress_STC] Re: ugly mugs :)
Sorry, black and white. You ll have to do something that expresses yourself in gray scale :)
From: Paul Craig Date: Mon Mar 15, 2004 4:50 pm Subject: Re: ugly mugs :)
Geesh, you do something to be creative and everyone wants to copy you You know i had a ˜grass-green 1 ft mohawk before this. You have no idea how many drunk/acid-tripping chicks would come up to me and want to ˜touch my grass. heh heh...
From: Christine Kloiber Date: Thu Mar 18, 2004 8:17 am Subject: Re: ugly mugs :)
Hey Guys, Joe s photo, in all his phone hacking glory , is posted on the ftpSite. Enjoy.
From: FX Date: Mon Mar 22, 2004 3:47 pm Subject: disclosure policy
Hi all, how do we deal with 0day created for/in the chapters of the book? Although it s not world smashing, I guess SAP would like to know that they can getowned yet another way. Any current or former list moderators raising hands? ”Cheers, FX
From: Tom Parker Date: Mon Mar 22, 2004 4:26 pm Subject: Re: [Syngress_STC] disclosure policy
I pondered this point a couple of days ago, in relation to another book im currently working on. Why not let them know a weeks before going to press and embargo the information for a few days after the book hits the shelves. Its not going to be 0day forever and at least this way you can still say it was 0day at time of going to press whilst disclosing it into the public domain in a pseudo-responsible manner. Just my over inflated Britt & pound ;1. ”Tom
From: Andrew Williams Date: Mon Mar 22, 2004 4:45 pm Subject: RE: [Syngress_STC] disclosure policy
Yeah, this seems to be coming up more and more lately. I talked to Litchfield the other day and that Shellcoder s Handbook w/ Dave Aitel, Chris Anley, etc, has 0days in it as well. I don t know if anyone saw this, but a few articles/interviews appeared on that book last week specifically mentioning the 0days and the book went to #2 overall on Amazon and it s not even published yet. I m sure the 0days played a part in it. I ve never seen a computer book that high. STN stalled out at a measly #12 ;) I know that debates/flame wars have raged on mail lists for days, weeks, months, years on this Subject and there is no answer , but I ll ask anyway :) What s the accepted time between informing a vendor and publicly releasing an 0day? ”A
From: Blue Boar Date: Mon Mar 22, 2004 5:19 pm Subject: Re: [Syngress_STC] disclosure policy
Really? I d heard #9. Pretty good either way, for being pre-release. Most people seem OK with 30 days. Well, the vendors often ask for 30 days, and then take longer... I think it would be fair to give them some notice, say 30 days, and tell them the publish date is what it is, and it s published when we go to print. Be interesting to see how they do with a real deadline. :) On the other hand, Dan had a new vuln in the first edition of Hack Proofing Your Network, and we ended up not giving the vendor any notice, mostly because there was a mad dash at the end to get the book finished, and I forgot. I don t think anyone noticed. ”BB
From: FX Date: Tue Mar 23, 2004 4:05 am Subject: Re: [Syngress_STC] disclosure policy
<Blue Boar> wrote: I think it would be fair to give them some notice, say 30 days
Well, for stuff like that, I m comfortable with less than a week. Just to clarify it, they can t fix it. It s the way their product works (details see draft chapter) - so it s not replacing a strcpy with a strncpy :) ”FX
From: Russ Rogers Date: Tue Mar 30, 2004 9:28 am Subject: Editing Progress?
Hey all, I know I turned my chapter in about a month ago but I still havent heard anything back from anyone. Do I need to re-send it to the editors or is there any word on the progress of the editing process? I m just concerned that we re not going to hit our deadlines based on the speed we re moving right now. Thanks! ”Russ
From: Andrew Williams Date: Tue Mar 30, 2004 4:00 pm Subject: RE: [Syngress_STC] Editing Progress?
Wanted to respond to Russ question and give everyone a status up Date:
1. Joe s chapter has been tech edited and revised and is in copy editing/production now. So, that s the most complete chapter.
2. Roelof s chapter came back from tech edit today, so is with author revision.
3. Russ, Paul, and FX s chapters are w/ Ryan for TE. (Ryan: can you give us anupdate on these?) They will then go to Kevin, and author rev.
4. Thor, Jay, and Fyodor are all pretty close to wrapping up their author submissions. If Ryan still has chapters to TE when these come in, it might make sense to have Kevin look at some of these before Ryan.
5. Last but not least :)...I think Dan will probably be the last to submit. The schedule is getting a little tight, so I m hoping we can get the remaining author submissions in and start turning around the edits more quickly. Does that sound right to everybody? ”Best, A
From: Blue Boar Date: Tue Mar 30, 2004 4:09 pm Subject: Re: [Syngress_STC] Editing Progress?
They will all be done by tomorrow morning. ”Ryan
From: Roelof Temmingh Date: Tue Mar 30, 2004 5:01 pm Subject: RE: [Syngress_STC] Editing Progress?
<Andrew Williams> wrote: > The schedule is getting a little tight....start turning around the edits more quickly.
-=CrAcK=- goes the whip! Man, I don t know about these track changes “ seems very MS-ish to me. And all the editors write in different colors “ dunno who is who....suspect Kevin is blue or is he brown and Christne is green??...my chapter now looks like puke in a tumble drier -!Hectical!-..what ever happened to vi..plus - christine is on to me with format and templates and headings and shit..TECH SUPPORT!!! Just kidding ... i just don t dig Word. And track changes. Yeah..and templates...or headers and footers and indexes and track changes..yes I do hate track changes. Hmmm..ok I ll go now. I need to track^H^H^H^H edit my document. ”RT
From: Paul Craig Date: Tue Mar 30, 2004 5:01 pm Subject: Re: Editing Progress?
You really need to relax a little. :)
From: Andrew Williams Date: Tue Mar 30, 2004 5:21 pm Subject: RE: [Syngress_STC] Editing Progress?
I don t know about the others. But, my edits are the ones in plaid ;) ”A
From: Russ Rogers Date: Tue Mar 30, 2004 6:08 pm Subject: RE: [Syngress_STC] Re: Editing Progress?
<delixous_Delphic> wrote: You really need to relax a little. :)
Nah, then he ll have response times like Ryan. :-P
From: Andrew Williams Date: Wed Mar 31, 2004 4:47 pm Subject: [Syngress_STC] Re: ugly mugs :)
Hey Guys: Please don t forget to submit your photos for the front matter. Try to get them in relatively soon, so we are not trying to track them down at the last minute. I m sure we ll have enough other things we re trying to do at the last minute ;) ”Thanks, A
From: Jay Beale Date: Wed Apr 14, 2004 0:30am Subject: Universities high-performance machines are being targeted
I swear that my chapter is entirely fictional and that I didn t somehow know this was coming: http://securecomputing.stanford.edu/alerts/multiple-unix-6apr2004.html ” Jay
From: Andrew Williams Date: Wed Apr 14, 2004 8:52am Subject: RE: Universities high-performance machines are being targeted
Geez, Jay. You are screwing up the market position for this book. Now, no one is going to believe that this book is purely fiction ;)
From: Andrew Williams Date: Wed Apr 14, 2004 9:01am Subject: STN and Art of Deception nominated for award
Congrats to the STN authors, as the book has been nominated for a Books24x7 Reference Excellence Award in the Security category:
http://marketing.books24x7.com/browseabout.asp?item= announcements&view=63
The Art of Deception was nominated as well. So, congrats to Kevin also!
From: Kevin Mitnick Date: Wed Apr 14, 2004 11:34am Subject: RE: Universities high-performance machines are being targeted
Sure you did, jay “K.
From: Joe Grand Date: Wed Apr 14, 2004 1:10pm Subject: Re: STN and Art of Deception nominated for award
When do we get to vote? ;) ”Joe
From: Andrew Williams Date: Wed Apr 14, 2004 1:15pm Subject: RE: STN and Art of Deception nominated for award
<Joe Grand> wrote: When do we get to vote? ;)
Vote early and often! I actually think the winner is selected based exclusively on number of views from their site.
From: Blue Boar Date: Wed Apr 14, 2004 2:58pm Subject: Another Syngress book on Slashdot
http://books.slashdot.org/article.pl?sid=04/04/14/0130252&mode=thread&tid=126&tid=130&tid=172&tid=185&tid=190 [Editor s note: url links to Slashdot review of recently published Ethereal Packet Sniffing, which is in Jay s Open Source Security Series.]
Congrats. ”Ryan
From: Andrew Williams Date: Wed Apr 14, 2004 3:21pm Subject: RE: Another Syngress book on Slashdot
Thanks, Ryan. And, congrats to Jay on this as well! This is the first book in his Open Source Security Series.
From: Andrew Williams Date: Wed Apr 14, 2004 4:37pm Subject: RE: Another Syngress book on Slashdot
All right....who took down slashdot?
www.slashdot.org
The page cannot be displayed
The page you are looking for is currently unavailable. The Web site might be experiencing technical difficulties, or you may need to adjust your browser settings.
From: Joe Grand Date: Wed Apr 14, 2004 6:11pm Subject: Re: Another Syngress book on Slashdot
Did Slashdot get Slashdotted?
From: Andrew Williams Date: Wed Apr 14, 2004 6:16pm Subject: RE: Another Syngress book on Slashdot
It just came back up a few minutes ago...but definitely looks like they got funked up earlier today.
From: Andrew Williams Date: Fri Apr 16, 2004 0:32pm Subject: Sorry, Kevin ;)
http://biz.yahoo.com/prnews/040416/nef010_1.html [Editor s note: url links to announcement that Stealing the Network won the Books 24x7 Award over Kevin s The Art of Deception.
From: Kevin Mitnick Date: Fri Apr 16, 2004 1:21pm Subject: RE: Sorry, Kevin ;)
I guess you can t win them all. Congrats to you guys tho ;-) ”Kevin
From: Andrew Williams Date: Fri Apr 23, 2004 10:19pm Subject: Hardware Hacking and WarDriving
Hardware Hacking up to 199 on Amazon and #3 computer book. Congrats guys! [Editor s note: A review of Hardware Hacking had just been posted to http://books.slashdot.org/books/04/04/23/1427228.shtml?tid=137&tid=159&tid=186] Also, WarDriving book that Russ Tech Edited and Contributed to is up around 600 on Amazon (http://www.amazon.com/exec/obidos/tg/detail/-/1931836035/qid=1083341459/sr=1-1/ref=sr_1_1/002-9154260-2304008?v=glance&s=books) , which is very cool. Congrats to Russ! Best, A
From: Andrew Williams Date: Friday, April 30, 2004 11:59 Subject: RE: [Syngress_STC] Yee-HAH!
Hey Guys: Well....we are almost there. Just a few more days to finish up the last couple of chapters, and it will be a book. ”A
EAN: N/A
Pages: 105