__
                      \ /          |_
                      / \ e n o n  |  o u n d a t i o n 
                                
                                  presents:
                                  
                                  \     /
                      *------  the  \ /  
                                    / \  files  ------*
                                  /     \
                
                           January/1994  Issue: 8 
                 
                ---------------------------------------------    
                |                   The                     |
                |         Xenon Foundation Presents:        |
                |                                           |
                |      The Beginner's Frequently Asked      |
                |                                           |
                |                Questions                  |
                |___________________________________________|

                           Written by:  Erik Turbo


  As always,  we have encouraged  others to engage in the hobby of computer
  'hacking', and as of late,  we felt it would be quite beneficial to those
  interested in the field if we were to produce a Frequently Asked Question
  (FAQ) file,  covering all the  'not-so-stupid'  questions some people are
  afraid to ask.  Since  the Xenon Foundation  has been in  existance since
  March  of 1992,  and are  one of the most  active  groups in New  England 
  we felt it  would be our  responsibilty to  pass the information we  have 
  learned  on  to  others.  Remember,  there are no stupid questions,  just 
  stupid answers.  :-)



Q. What is hacking?

A. It has to be understood,  that when  asking a question  as broad and far
   reaching  as this one,  you  will get different answers from  just about
   anyone you speak with. Our closest definition, and in the simplest terms 
   is: 
   
   Hackers  are closely  knit groups  of individuals  whos main goal is the 
   retrieval  of  information  and  knowledge  from  computer  systems  and 
   networks,  while  striving  to learn as much as possible about operating 
   systems and their function in the process.

Q. What is the Xenon Foundation?

A. The Xenon Foundation is  a group of individuals,  from various  locations
   in the  Northeast,  who's purpose is  to  learn  as much about computers,
   networking,  operating  systems, telephone systems,  and  the like,  from
   the manipulation of security flaws in existing software.  It  was founded
   by  CopyMaster D. in early 1992,  and  has been  under  his leadership of
   Erik Turbo  since  March of that year.  We  are currently one of the most
   active  group  in  the  Northeastern  section  of the country,  primarily
   concentrated in the 508, 617, and 716 area codes.

Q. What does one need to be a hacker?

A. The mark  of a good hacker is  persistance;  the mark of  a great hacker
   is persistance AND intelligence.  In order to be successful as a hacker, 
   one  must  have  a means  of  communication  (ie: a computer, modem  and 
   telephone line),  a means  of finding computers to actually hack, and an 
   extreemly  persistant  will  to strive for the information and knowledge 
   that  is  stored behind the  so-called locked digital  doors of computer 
   systems.  As a  hacker progresses,  he must  also attain  the fluency in 
   several operating systems, the ability to create and/or exploit holes in 
   software,  stronger  endurance  and  patience,  and most important,  the 
   stealthy ability to stay hidden from the administration.

                  
Q. How do I find systems to hack?

A. One  of the most  common and  time-honored  methods  of  finding  actual
   computers,  is to  'War Game'  dial  a  large  segment  of the telephone
   network. Made popular by  the cult  hacker  movie,  "War Games" in 1984, 
   this method  is still used quite  effectively  today.  There are several 
   wargame dialing programs out there on local BBS's, and it is NOT illegal 
   to use such methods. (yet!)  
   
   For  the  networks  such  as Sprintnet, and the Internet, there are much
   quicker  ways  to yield results.   For Sprintnet,  there  is a  software
   package called the  "NUA Attacker,"  which  will  scan  a  wide range of
   Sprintnet  addresses  for  computers.   Prehaps  the easiest network  of
   all to  obtain site names, is the Internet.   You can get computer names 
   and  associated domain-name  style addresses  from books relating to the 
   internet,  e-mail  messages from/to the Internet,  Usenet groups,  or by 
   huge databases actually on the internet,  such as 'rs.internic.net', and 
   'ddn.mil.net'.

Q. What is social engineering?

A. Social  Engineering  is  the intelligent artform (and trust me, it IS an
   artform...) of getting information from people by posing as an authority
   figure.   This  technique  requires   good  lying   skills,  a  complete 
   understanding of the information you are looking for  as well as related
   materials, and an authoratative persona about yourself.  In applications
   such  as hacking,  many  social  engineers have  managed to get computer
   dialup   telephone  numbers,   and  even  passwords,  straight  from the 
   administration.  In practicle applications, one may be able to go as far 
   as posing AS the administrator, while calling up various computer users, 
   and engineering them out of their passwords. 

Q. What are the x.25 networks, and how do I gain access to them?

A. Depending  on your  country,  the x.25  networks  can  be  anything from 
   Datapac to Iberpac to BT Tymnet to Luxpac. In the United States, the two 
   most  popular  x.25 networks  are Sprintnet  and British Telecom Tymnet.
   Regardless  of  which  x.25 networks  your town carries, they all should 
   have a dialup to one of these networks.  The first step that you need to 
   take  is to  identify  your local  dialup port.  You may find your local 
   dialup  port for  Sprintnet  by dialing  1-800-424-9494  (2400 7E1)  and 
   connecting. It will give you a prompt saying 'TERMINAL='.  Type 'D1' for 
   now.  It will give you an AT '@' prompt.  From here, type 'C MAIL'. When 
   it asks for a  Username,  type 'PHONES'.   When it  asks for a password, 
   enter  'PHONES'  again.  Now,  use the  menus to find your local dialup.  
   Hangup,  and then call it back locally. When you call your local dialup, 
   you  will once  again have  to enter your terminal identification at the 
   'TERMINAL='.If you have VT100 emulation, then enter VT100 at the prompt.  
   Type   if you don't want to use a terminal  emulation,  and 'D1' for 
   the default terminal emulation. Once again you'll be presented with a @.  
   This  prompt  lets you know you are connected to the Sprintnet PAD.  PAD 
   stands for Packet Assembler/Disassembler. From here, you may now connect 
   to other machines that allow for a free remote connection. The adressing 
   scheme for Sprintnet is based upon what they call a Network User Address 
   (NUA).  A computer's  NUA is usually the area code (but not always) that 
   the computer is located in, followed by a one to four digit number.

   The easiest way to  find systems to connect to is to look in Phrack #42,
   LOD/H Technical Journal #4, or 2600 Magazine.  You could, of course scan
   yourself, which is not too hard with the "NUA Attacker," a program which 
   is  designed  for a  quick method  of  sequential  scanning  of  certain 
   segments  of  possible addresses on Sprintnet. This program can be found 
   on most up-to-date hacking/phreaking (H/P) BBS's. 
   
   Another network, BT Tymnet,  is run  and  managed by British Telecom. We
   recommend  against  beginners  using this network without authorization, 
   because the level of  security is much higher than that on Sprintnet. It
   has  been said  that British Telecom (BT) has the ability to conduct  an
   intra-network trace of their entire network, in under 5 minutes. You can 
   find your local access Tymnet number by dialing 1-800-462-4213. Type "o" 
   as  your terminal identification, as that will allow a 8N1 connection to 
   be established. 

Q. What is the Internet?
   
A. The  Internet is a high  speed network of computers linked together from
   all  over  the world on x.500 fiber optic cables.  Communications on the
   Internet  can,  and  often times  do,  exceed  57,600  bits  per second.  
   Services allowing  you  to  connect to other computers, send mail to any 
   network  using  the  domain-name format,  and to obtain files from other 
   computers  are  provided  by the Internet.  The  Internet  is the single 
   largest  source  for  information  available,  and  thus,  an attractive 
   network for hackers. 

Q. How do I gain access to the Internet?

A. Several years ago, when the Internet was small (compared to today), and
   connecting only large universities and government computers, it used to
   be almost impossible for an average hacker to gain unauthorized  access
   to a computer on the Internet.  Now,  however, times are changing,  and
   since  the  Internet  has been dubbed by  the media as the 'Information 
   Highway',  thousands of computers  have joined the  'net.  Now,  almost
   every university  is on the Internet,  as well as businesses,  military
   sites, gateways onto the x.25 networks, and even some BBS's. Aside from 
   hacking  an actual  Internet site,  you  may actually get a  legitimate 
   account  with your  local university or other Internet provider.  Fee's 
   are usually under $60 a year,  and  are  sometimes  free from Federally
   funded universities.
   
   Internet  access may also be obtained through the x.25 networks such as
   Sprintnet or  Tymnet.  There  are many computers which are connected to
   the x.25  networks,  as well as the Internet.  It  is  your job to find
   them,  however. :-)  For an  hourly fee,  BIX, Delphi, HoloNET, as well 
   as  a few other  commercial  services,  will allow Internet access from 
   Sprintnet/Tymnet.  These systems  usually have no password restrictions 
   at all,  so  if you  have  a list  of users  on any of  these  systems,
   hacking them out is only a matter of time and persistance.

Q. What are some addresses I may want to try once I have Internet access?

A. Once you have Internet access, you may want to take some time to ensure
   that  you will never  lose the account.  Methods of protecting yourself
   and gaining access  to other accounts  on the system you've hacked, are
   all explained below.  Once  you are  confident that you are fairly well
   hidden and protected,  you  may  want to  gather  information  on other
   computers linked to the Internet. Some of the best sources of addresses
   come from the databases 'rs.internic.net', and 'ddn.mil.net'.  Also, if
   your system has access to GOPHER, you may want to use this in  addition
   to the afore mentioned methods. The one command you need if you wish to 
   traverse the network, is TELNET. There are others, such as RLOGIN, FTP, 
   and  TFTP,  but  TELNET  is the  most  important  for  your  connection 
   purposes. If you  are only familar with this command,  however,  please 
   take some time  and read up on  the subject.  There are many BBS's that 
   have   full  text  conversions  of  many   printed  books  and  manuals 
   concerning the Internet.

                        Miscellaneous Internet sites:
                        ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   
   TELNET irc.demon.co.uk      ----> IRC (Internet Relay Chat) Service. At 
                                     the 'login:' prompt, type 'irc'.
   
   TELNET annex-mines.utah.edu ----> Anonymous TELNET site.  Type 'cli'.
   
   FTP ftp.eff.org             ----> Large Computer Underground archive.
   
   FTP cert.org                ----> (C)omputer (E)mergency (R)esponse 
                                     (T)eam.  This  FTP  service  provides 
                                     warnings to administrators concerning 
                                     the latest  holes that  hacker's have 
                                     uncovered.
   
   FTP netsys.com              ----> Has the back issues as well as 
                                     current issues of Phrack Magazine.
   
   FTP zero.cypher.com         ----> Contains many hacking utilties. It is
                                     operated by the Cult of the Dead Cow, 
                                     a large hacking group. (cDc)
   
   You'll notice,  once you get the hang of it, that there are hundreds of
   beneficial  sites out there,  where you  can get anything from the best
   shareware, to pornography, to lyrics to almost any song in existance. 

Q. How can I obtain access to a computer system?

A. Basically,  persistance and the actual desire you have to get into  the
   computer  are what counts the most.   When hacking a particular system,
   you  should  take  some time  to be familiar  with whom you are dealing 
   with.   Find out who they are,  what they do,  and why they do it.  Try
   and visit  the physical  location of your  target.  Search  though  any
   trash  that you may  find  on-site.  You  should now have a pretty good
   idea  of what  you  are looking for,  and how  to approach getting into 
   their computer system.
                 
                  Five Steps to Hacking a Computer System
                  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    
    1.)  Identify Your Target
    
    2.)  Find out as much as you can about their operating system. If you
         know of  any  possible  default passwords, try them. Knowing the
         operating system inside  and out will  not only help you get in,
         but it will give you the upper-hand once you're in;  helping you
         find the information you are looking for,  quickly, efficiently,
         and without being seen.
    
    3.)  If you have a list of users for that system, run through the  
         list using simple, guessable passwords.
    
    4.)  If they are on a network of some kind,  exploit the insecurities
         of that particular network.  (ie: FINGER, TFTP, and Sendmail  on 
         TCP/IP  networks).  If they are not on a TCP/IP network,  or you
         have come  up empty with all of your attempts, then you may wish
         to do some social engineering.  Remember,  if you fail at social
         engineering  on  your  first  attempt,  you may  have ruined all 
         possibilities of ever getting into that computer.
    
    5.)  If all else fails, you may have to resort to brute force hacking
         the  known accounts.   If you have a list of normal users,  than
         this should be time-consuming, BUT likely to work. If you do not
         know of  any users, than you will have to resort to  hacking the
         actual administration accounts. (ie: 'root' on Unix, 'SYSTEM' on
         VMS).  This is not likely to work, and you will most likely have
         to literally try about  one-hundred thousand dictionary words if
         you hope to gain access.  Remember, if the system administration
         decides  to dis-allow  dictionary words  as passwords,  than you 
         will not get in with this method! 


Q. What is trashing, and how is it beneficial to hacking?

A. Trashing,  also known as  'bin-diving', is one of the most common ways 
   for  hackers  to  gain  information  on  a  particular  target.   Most 
   businesses  tend to have at  least one bin at their physical location,  
   often times containing valuable computer printouts, employee names and 
   telephone numbers,  dialup numbers for their computers,  and sometimes 
   even passwords.  Most smart businesses  and agencies are now shredding 
   most of their valuable trash,  to prevent such information leaking out 
   to the public.

   

Q. What exactly is brute force hacking?

A. Brute force hacking,  or what I like to call 'Front Door Hacking',  is 
   hacking  an  account  over  and  over,  attempting to  gain  access by
   sequentially  entering  in dictionary  words as possible passwords. It 
   has  it's benefits,  and always, it's drawbacks. If the system you are 
   hacking  does  allow dictionary  words  to be used as passwords,  than 
   about  80% of the  users  WILL use  dictionary  words for their access
   passwords.  With  a resonable list of users to go by,  you will almost
   always  be able  to get  into a  system  with  security  such as this.
   However,  there  are some  operating systems in existance (such as VMS 
   and some versions of Ultrix),   which will  keep track of failed login 
   attemps, and report them to the authorized user upon login.  Also, VMS 
   will "freeze" an account, if it the operating system detects a certain 
   number  of failures on that one account.  Another drawback is the time 
   factor.  Even  with an automated  brute force  hacking program it will 
   take  many days  for you to reach your goal.  Brute force hacking also 
   creates  a lot of "noise".  If the administrators pay any attention to 
   their  systems,  they  will  notice  your  attempts,   and  will  take 
   appropriate  action  to  deter  them.  For  best results,  brute force 
   hacking a system is only wise when all other options have failed. 

Q. What are some defaults to common operating systems?
        
A. Accounts and  passwords  that  are shipped  with  the actual operating 
   system  are what  is known as  'defaults'.  These  accounts are set by
   the  company  who writes the software,  and usually have to be changed
   by the administration once they have it completely set up. Often times
   the administrators forget to change these passwords, or in some cases,
   don't  even know they exist.   Below  is a  listing  of  all the known 
   default  accounts and passwords that are shipped with some of the more 
   popular operating systems.
   
   Note: Where a frequency is listed, the criteria is taken from what we
         as a group have come across.  The  frequency  is  based  on how 
         often  the account is  actually present, NOT based on how often
         the account is left at the default password.
         
         The frequencies are as follows:

                           100%      ->  Always
                           70% - 90% ->  High
                           40% - 60% ->  Average
                           20% - 30% ->  Unlikely
                           0%  - 10% ->  Rare

          Digital Equipment Corporation - Virtual Memory System (VMS) 
   ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

   Recognize it by: 
    _______________________________________________________________________
   |                                                                       |
   | Username: ACCOUNT1                                                    |
   | Password:                                                 |
   | User authorization failure.                                           |
   |                                                                       |
   |                                                                       |
   |                                                                       |
   | Username: ACCOUNT2                                                    |
   | Password:                                                 |
   |                                                                       |
   |     Welcome to VAX/VMS V5.5                                           |
   |                                                                       |
   |  Last interactive login on Saturday, 18-DEC-1993 05:00                |
   |  Last non-interactive login on Thursday, 19-JUL-1990 11:27            |
   |                                                                       |
   | $                                                                     |
   |_______________________________________________________________________|
   
   
                  Default and Common Usernames and Passwords
 
    Account          Password                       Access       Frequency
  --------------------------------------------------------------------------
    SYSTEM        SYSTEM, MANAGER or OPERATOR      Complete       Always
    FIELD         FIELD, SERVICE or TEST           Complete       Always
    SUPPORT       SUPPORT or DEC                   Complete       High
    SYSMAINT      SYSLIB or SYSMAINT               Complete       High
    SYSTEST       UETP or SYSTEST                  Complete       High
    SYSTEST_CLIG  CLIG, SYSTEST, or TEST           Complete       Unlikely
    DEFAULT       USER or DEFAULT                  Normal         High
    DECNET        DECNET, NETWORK, or DIGITAL      Normal         High
    OPERATIONS    OPERATIONS                       Normal         High
    USER          USER                             Normal         High
    LIBRARY       LIBRARY or None                  Normal         Rare - High
    GUEST         GUEST or None                    Normal         Unlikely
    DEMO          None                             Normal         Unlikely
   

   
                   Miscellanous Accounts and Passwords:
                   ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
              Account          Password           Frequency
      ---------------------------------------------------------------
     |         VAX               VAX                 Rare            |
     |         VMS               VMS                 Rare            |
     |         DCL               DCL                 Rare            |
     |         DEC               DEC                 Rare            |
     |         TEST              TEST                Unlikely        |
     |         NETNONPRIV        NETNONPRIV          Rare            |
     |         NETPRIV           NETPRIV             Rare            |
     |         ORACLE            ORACLE              Average         |
     |         ALLIN1            ALLIN1              High            |
     |         INGRES            INGRES              High            |
     |         GAMES             GAMES               Average         |
     |         BACKUP            BACKUP              High            |
     |         HOST              HOST                Rare            |
     |         DIGITAL           DIGITAL             Average         |
     |         AUDITLOG          AUDITLOG            Rare            | 
     |         REMOTE            REMOTE              Rare            |
     |         SAS               SAS                 Rare            |
     |         FAULT             FAULT               Rare            |
     |         USERP             USERP               Rare            | 
     |         VISITOR           VISITOR             Rare            |
     |         GEAC              GEAC                Rare            |
     |         VLSI              VLSI                Rare            |
     |         INFO              INFO                Unlikely        |
     |         POSTMASTER        POSTMASTER/MAIL     Average         |
     |         NET               NET                 Rare            |
     |         NETWORK           NETWORK             Average         |
     |         OPERATOR          OPERATOR            High            |
     |         OPER              OPER                High            |
     |         HYTELNET          HYTELNET            Average         |
     |         PLUTO             PLUTO               Unlikely        |
     |         MMPONY            MMPONY              Unlikely        |
     |_______________________________________________________________|
   
   
     Note: On the LIBRARY account, the frequency depends on the actual
           site.   Universities and other educational institutions are
           more than likely to have a LIBRARY account on their system.
   
             
                 Various "Flavors" the UNIX Operating System
                ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   
   Recognize it by:  
    ____________________________________________________________________
   |                                                                    |
   |                                                                    |
   | ULTRIX V4.2A (Rev. 47) (xenon.xf.com)                              |
   |                                                                    |
   | login: account1                                                    |
   | Password:                                              |
   | Login incorrect.                                                   |
   | login: account2                                                    |
   | Password:                                              |
   | Last login: Wed Dec 15 03:01:39 from SI860B                        |
   |                                                                    |
   |    ULTRIX V4.2A (Rev. 47) System #4: Mon Jun 29 16:10:47 EDT 1992  |
   | Thu Dec 16 14:05:05 EST 1993                                       |
   | %                                                                  |
   |____________________________________________________________________|

   
   Note: Unlike VMS,  Unix does not have DEFAULT passwords.  The accounts
         listed below are sometimes left unpassworded, and will  not even
         prompt for a 'Password:' prior to logging you into a Unix shell. 
         If  there  is  a  password  required  on  one  of the  following 
         accounts, than you may have to brute force hack them yourself.

   
                 Default and Common Usernames and Passwords
   
              Account            Access Level       Frequency
            ---------------------------------------------------
               root               superuser           Always
               makefsys           superuser           High
               mountfsys          superuser           High
               umountfsys         superuser           High
               checkfsys          superuser           High
               sysadm             normal              High
               adm                normal              Average
               bin                normal              Rare
               rje                normal              Rare
               lp                 normal              Unlikely
               daemon             normal              Unlikely
               trouble            normal              Unlikely
               nuucp              normal              Unlikely
               uucp               normal              Average
               sync               normal              High
               batch              normal              Unlikely
               admin              normal              Unlikely
               user               normal              Rare
               demo               normal              Unlikely
               test               normal              Rare
               field              normal              Average
               unix               normal              Unlikely
               guest              normal              Average
               pub                normal              Unlikely
               public             normal              Unlikely
               standard           normal              Unlikely
               games              normal              Unlikely
               general            normal              Unlikely
               student            normal              Rare
               help               normal              Rare
               gsa                normal              Unlikely
               tty                normal              Unlikely
               lpadmin            normal              Unlikely
               anonymous          normal              Unlikely
    
   
                         Prime Computer, Inc. PRIMOS
   ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   Recognize it by: 
    ___________________________________________________________________
   |                                                                   |
   | PRIMENET 20.0.0 VOID                                              |
   | login                                                             |
   | User id? account1                                                 |
   | Password?                                             |
   | Invalid user id or password; please try again.                    |
   | login                                                             |
   | User id? account1                                                 |
   | Password?                                             |
   |                                                                   |
   | ACCOUNT1 (user 87) logged in Sunday, 22 Jan 89 16:15:40.          |
   | Welcome to PRIMOS version 21.0.3                                  |
   | Copyright (c) 1988, Prime Computer, Inc.                          |
   | Serial #serial_number (company_name)                              |
   | Last login Wednesday, 18 Jan 89 23:37:48.                         |
   |___________________________________________________________________|
   
   ID Name           Password     Comment                              
   -------------------------------------------------------------
   PRIME             PRIME      
   SYSTEM            SYSTEM       SYS1 Priorities
   PRIMOS            PRIMOS      
   ADMIN             ADMIN        SYS1 Priorities
   RJE               RJE         
   DEMO              DEMO        
   GAMES             GAMES       
   GUEST             GUEST       
   REGIST            REGIST      
   TEST              TEST        
   NETMAN            NETMAN      
   PRIRUN            PRIRUN      
   TOOLS             TOOLS      
   CMDNC0            CMDMNC0  
   TELENET           TELENET      Sprintnet Account
   
                               AT&T System 75's
   ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   Recognize it by:
    ___________________________________________________________________
   |                                                                   |
   | Login: account1                                                   |
   | Password:                                             |
   | LOGIN INCORRECT                                                   |
   | Login: account1                                                   |
   | Password:                                             |
   | Terminal Type (513, 4410, 4425): [513]                            |
   |                                                                   |
   |                      Copyright (c) 1986 - AT&T                    |
   |                                                                   |
   |                 Unpublished & Not for Publication                 |
   |                                                                   |
   |                        All Rights Reserved                        |
   |  enter command:                                                   |
   |___________________________________________________________________|
   
             Account          Password            Description
            -----------------------------------------------------
             enquiry           enquirypw      Read/Write Enabled
             init              initpw         Read/Write Enabled
             browse            looker         Read-Only.
             maint             rwmaint        Read/Write Enabled
             locate            locatepw       Read/Write Enabled
             rcust             rcustpw        Read/Write Enabled
             tech              field          Read/Write Enabled
             cust              custpw         Read/Write Enabled
             inads             inads          Read/Write Enabled
             support           supportpw      Read/Write Enabled
             bcim              bcimpw         Read/Write Enabled

   Note: Depending on the System 75 you have hacked into, the account
         priveleges may be different,  as they are asigned priveleges
         by the administration, NOT by the operating system.

Q. What are some common passwords people use?
   
A. The following is a listing of the passwords used by Robert Morris, Jr., 
   when  he  hacked  hundreds of I nternet computers with the now infamous
   'Robert Morris Worm'  that brought  the Internet  to an almost complete
   stand-still  in  1988.  They  are  considered  to  be  the  most common
   passwords  for  the  most  common users.  In other words,  don't expect
   priveleged or security-smart people to be using these as passwords.
      
      aaa                daniel             jester             rascal
      academia           danny              johnny             really
      ada                dave               joseph             rebecca
      adrian             deb                joshua             remote
      aerobics           debbie             judith             rick
      airplane           deborah            juggle             reagan
      albany             december           julia              robot
      albatross          desperate          kathleen           robotics
      albert             develop            kermit             rolex
      alex               diet               kernel             ronald
      alexander          digital            knight             rosebud
      algebra            discovery          lambda             rosemary
      alias              disney             larry              roses
      alpha              dog                lazarus            ruben
      alphabet           drought            lee                rules
      ama                duncan             leroy              ruth
      amy                easy               lewis              sal
      analog             eatme              light              saxon
      anchor             edges              lisa               scheme
      andy               edwin              louis              scott
      andrea             egghead            lynne              scotty
      animal             eileen             mac                secret
      answer             einstein           macintosh          sensor
      anything           elephant           mack               serenity
      arrow              elizabeth          maggot             sex
      arthur             ellen              magic              shark
      asshole            emerald            malcolm            sharon
      athena             engine             mark               shit
      atmosphere         engineer           markus             shiva
      bacchus            enterprise         marty              shuttle
      badass             enzyme             marvin             simon
      bailey             euclid             master             simple
      banana             evelyn             maurice            singer
      bandit             extension          merlin             single
      banks              fairway            mets               smile
      bass               felicia            michael            smiles
      batman             fender             michelle           smooch
      beauty             fermat             mike               smother
      beaver             finite             minimum            snatch
      beethoven          flower             minsky             snoopy
      beloved            foolproof          mogul              soap
      benz               football           moose              socrates
      beowulf            format             mozart             spit
      berkeley           forsythe           nancy              spring
      berlin             fourier            napoleon           subway
      beta               fred               network            success
      beverly            friend             newton             summer
      bob                frighten           next               super
      brenda             fun                olivia             support
      brian              gabriel            oracle             surfer
      bridget            garfield           orca               suzanne
      broadway           gauss              orwell             tangerine
      bumbling           george             osiris             tape
      cardinal           gertrude           outlaw             target
      carmen             gibson             oxford             taylor
      carolina           ginger             pacific            telephone
      caroline           gnu                painless           temptation
      castle             golf               pam                tiger
      cat                golfer             paper              toggle
      celtics            gorgeous           password           tomato
      change             graham             pat                toyota
      charles            gryphon            patricia           trivial
      charming           guest              penguin            unhappy
      charon             guitar             pete               unicorn
      chester            hacker             peter              unknown
      cigar              harmony            philip             urchin
      classic            harold             phoenix            utility
      coffee             harvey             pierre             vicky
      coke               heinlein           pizza              virginia
      collins            hello              plover             warren
      comrade            help               polynomial         water
      computer           herbert            praise             weenie
      condo              honey              prelude            whatnot
      condom             horse              prince             whitney
      cookie             imperial           protect            will
      cooper             include            pumpkin            william
      create             ingres             puppet             willie
      creation           innocuous          rabbit             winston
      creator            irishman           rachmaninoff       wizard
      cretin             isis               rainbow            wombat
      daemon             japan              raindrop           yosemite
      dancer             jessica            random             zap

   In addition to these, some of the more popular passwords are first name,
   last name,  middle name,  licence plate number, middle initial,  popular
   music groups and members, and sometimes even the same as their username.
   The  key is to use common sense  when guessing passwords.  Know who your
   hacking,  and in your best judgement  use only the  passwords  you think
   you'll  have a  chance with.  For instance, on newer versions of the VMS
   software,  passwords  can  be no  shorter  than 6 characters. And,  more
   ominous,  many Unix  and VMS systems now employ a  'non dictionary word'
   password protection.

Q. What are the easiest systems for a beginning hacker to hack?

A. The  easiest  systems for  hackers to  hack,  of course, are those with
   weak security. Default passwords, priveleged accounts left unpassworded
   or easy to guess  passwords,  are all marks  of an insecure system, and 
   are  best  for  beginners.  Computers  found  by  wargame  dialing will 
   usually produce a rather large quantity of insecure systems.

Q. How can I meet other hackers?

A. Information exchange has always  been one of the more important aspects
   of the  Computer Underground,  therefor information is constantly being
   exchanged on underground BBS's, through the IRC Service on the Internet
   in  digital  and  print  magazines  such  as  Phrack and 2600, and even 
   through the public USENET conferences.


Q. How can one safely hack?

A. Although there is no sure-fire method of maintaining your freedom while
   hacking,  there  are  several preventive measures that should be  taken 
   prior  to your actual hack.  First,  it  is  always wise to have all of 
   the data  pertaining  to  any  hacking  activity encrypted on some form
   of  off-line storage device.  If it is necessary that the data be  kept
   on  your computer  for reference purposes, than keep it encrypted  when
   not  in use.  In  addition  to  encryption,  do  not  keep  any papers, 
   printouts  or  ANY hard coded evidence what-so-ever in the vicinity  of 
   your computer's location. If the Secret Service were to raid your house 
   they will grab  just about  anything that  so much as looks suspicious. 
   Next,  do not post any  information  about  your current  hack  on  ANY 
   type of BBS.  There are a number  of informants, traders,  and  Federal  
   Agents  that are currently on many hacker BBS's, posed as hackers.  And 
   last,  if  you  are  caught,  do  not  volunteer any information to the  
   authorities,  unless  you have  consulted  with your lawyer first,  and 
   he/she  is present at the time.

   To prevent yourself from being caught, always  try and protect  yourself
   with  at least one  outdial.  These outdials  are located in many places
   on Sprintnet/Tymnet  and on the Internet.  They  are modems connected to
   the telephone network,  that  you can use to hide  your actual location.
   Although it is not impossible  for them to still  find you, it will take
   a  lot  more  time  and  energy.  To give  you a  clue on how beneficial 
   an outdial is, take into consideration that a trace has to be authorized
   by a  court order from the state.  This takes several weeks itself,  and
   a convincing case.  If  you have three outdial modems, each in different
   states, they MUST get court  orders from each state in order to continue
   the  backwards  trace  to your origin.  This may take several months  or
   longer,  depending on such factors as,  financial funds of your target's
   computer,  desire  of the administration to actually apprehend you,  and
   the type of telephone system you are on.  (older  telephone systems take
   much  more  effort  to conduct  a positive trace ID).  If you are lucky,
   the  remote system will feel the costs and time  do not justify what you
   are gaining  from their  computers, and will just revamp the security of
   their computers.

Q. Where can one find outdials?

A. Outdials  reside on a  number of different networks.  Many corporations
   have  actual  outdial  modems as  one of their services.  Some of these
   are  passworded;  most are not.  Some allow for local calls only;  some
   have  no restrictions  what-so-ever.  There are known outdial modems on
   Sprintnet, Tymnet, and the Internet.
    
   Private Branch Exchange  (PBX) systems also may be hacked  and modified
   to allow for an outbound extension.  For more information on  PBX's and
   the software that controls them,  read about  them on  popular  hacking
   and phreaking BBS's.

Q. What are the penalties of hacking?

A. In 1993, there were several laws passed in the state of Massachusetts
   that make hacking a Federal Crime.  The penalty is 11 to 13 months of
   imprisonment,  with  an additional $250,000 fine,  as well as 3 years
   probation.  It  is the maliscious hackers that destroy and alter data
   for fun/profit that have caused insane penalties such as these.

Q. And finally, is hacking unethical?

A. A question so seldom asked, yet the answer is almost always assumed. 
   There  are ways to be ethical in hacking, and there are ways  to be 
   unethical.  The  Xenon Foundation has always employed a great sense
   of respect and admiration for those who have the ability to operate
   large computer systems,  therefor we never intentionally destroy or
   harm  any aspect of a computer's operating functions.   Let this be
   known however,  that there are hackers out there who's main purpose
   behind  what they do is profit,  and/or destruction of data.  It is
   not  fair to class these individuals with other hackers,  since the
   goal is  completely and utterly different.   They are criminals, we
   are explorers.  

Note: Those who meddle with viruses,  destructive trojan horse programs,
      and  those who's  day is made  when  they type  'FORMAT C:' at the
      local Radio Shack are NOT hackers... they are  just plain ignorant
      and stupid.



Final Comments --
~~~~~~~~~~~~~~~~~

This FAQ file is in no way expected to answer all of the questions and
beginning  hacker may  have about the digital networks around him, nor 
does  it  imply  that  the  Xenon Foundation  has mastered  all of the 
digital technology represented in this file.  With every answer, there 
is another question... and so it goes.  This is provided as a basis of 
understanding  some of the  more basic aspects  of what to expect when 
dealing with hacking.  This file does NOT  condone system destruction, 
or hacking for profits and/or personal gain!

Thanks to:     The true hacking community and it's supporters

Wake up:       People who think they are "Elite" 

Providers:     Women of all ages  
               Karl Kunz of Pony Express, for UUCP Internet Mail
               Jolt Cola Inc., for Jolt Cola, the hacker's elixier
               SmithKline Beecham Corp., for Vivarin caffeine pills
               Philip Morris Inc., for Marlboro Cigarettes

Board plug:    Black ICE Consortium (bic.ponyx.com) [508]/998-2400

Internet Mail: xenon@bic.ponyx.com
               erikt@bic.ponyx.com