|
---------------------------------------------------------------------------
A-17. What is this system?
AIX
~~~
IBM AIX Version 3 for RISC System/6000
(C) Copyrights by IBM and by others 1982, 1990.
login:
[You will know an AIX system because it is the only Unix system that]
[clears the screen and issues a login prompt near the bottom of the]
[screen]
AS/400
~~~~~~
UserID?
Password?
Once in, type GO MAIN
CDC Cyber
~~~~~~~~~
WELCOME TO THE NOS SOFTWARE SYSTEM.
COPYRIGHT CONTROL DATA 1978, 1987.
88/02/16. 02.36.53. N265100
CSUS CYBER 170-730. NOS 2.5.2-678/3.
FAMILY:
You would normally just hit return at the family prompt. Next prompt is:
USER NAME:
CISCO Router
~~~~~~~~~~~~
FIRST BANK OF TNO
95-866 TNO VirtualBank
REMOTE Router - TN043R1
Console Port
SN - 00000866
TN043R1>
DECserver
~~~~~~~~~
DECserver 700-08 Communications Server V1.1 (BL44G-11A) - LAT V5.1
DPS502-DS700
(c) Copyright 1992, Digital Equipment Corporation - All Rights Reserved
Please type HELP if you need assistance
Enter username> TNO
Local>
Hewlett Packard MPE-XL
~~~~~~~~~~~~~~~~~~~~~~
MPE XL:
EXPECTED A :HELLO COMMAND. (CIERR 6057)
MPE XL:
EXPECTED [SESSION NAME,] USER.ACCT [,GROUP] (CIERR 1424)
MPE XL:
GTN
~~~
WELCOME TO CITIBANK. PLEASE SIGN ON.
XXXXXXXX
@
PASSWORD =
@
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
PLEASE ENTER YOUR ID:-1->
PLEASE ENTER YOUR PASSWORD:-2->
CITICORP (CITY NAME). KEY GHELP FOR HELP.
XXX.XXX
PLEASE SELECT SERVICE REQUIRED.-3->
Lantronix Terminal Server
~~~~~~~~~~~~~~~~~~~~~~~~~
Lantronix ETS16 Version V3.1/1(940623)
Type HELP at the 'Local_15> ' prompt for assistance.
Login password>
Meridian Mail (Northern Telecom Phone/Voice Mail System)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
MMM MMMERIDIAN
MMMMM MMMMM
MMMMMM MMMMMM
MMM MMMMM MMM MMMMM MMMMM
MMM MMM MMM MMMMMM MMMMMM
MMM MMM MMM MMM MMM MMM
MMM MMM MMM MMMMM MMM
MMM MMM MMM MMM MMM
MMM MMM MMM MMM
MMM MMM MMM MMM
MMM MMM MMM MMM
MMM MMM MMM MMM
MMM MMM MMM MMM
Copyright (c) Northern Telecom, 1991
Novell ONLAN
~~~~~~~~~~~~
<Control-A aka smiley face>N
[To access the systems it is best to own a copy of ONLAN/PC]
PC-Anywhere
~~~~~~~~~~~
<Control-A aka smiley face>P
[To access the systems it is best to own a copy of PCAnywhere Remote]
PRIMOS
~~~~~~
PRIMENET 19.2.7F PPOA1
<any text>
ER!
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
CONNECT
Primenet V 2.3 (system)
LOGIN (you)
User id? (system)
SAPB5 (you)
Password? (system)
DROWSAP (you)
OK, (system)
ROLM CBX II
~~~~~~~~~~~
ROLM CBXII RELEASE 9004.2.34 RB295 9000D IBMHO27568
BIND DATE: 7/APR/93
COPYRIGHT 1980, 1993 ROLM COMPANY. ALL RIGHTS RESERVED.
ROLM IS A REGISTERED TRADEMARK AND CBX IS A TRADEMARK OF ROLM COMPANY.
YOU HAVE ENTERED CPU 1
12:38:47 ON WEDNESDAY 2/15/1995
USERNAME: op
PASSWORD:
INVALID USERNAME-PASSWORD PAIR
ROLM-OSL
~~~~~~~~
MARAUDER10292 01/09/85(^G) 1 03/10/87 00:29:47
RELEASE 8003
OSL, PLEASE.
?
ROLM PhoneMail
~~~~~~~~~~~~~~
ROLM PhoneMail 9252 9254 Microcode Version 4.2
Copyright (C) ROLM Systems 1991
All Rights Reserved.
PM Login>
PM Password>
ÿÿÿ
System75
~~~~~~~~
Login: root
INCORRECT LOGIN
Login: browse
Password:
Software Version: G3s.b16.2.2
Terminal Type (513, 4410, 4425): [513]
Tops-10
~~~~~~~
NIH Timesharing
NIH Tri-SMP 7.02-FF 16:30:04 TTY11
system 1378/1381/1453 Connected to Node Happy(40) Line # 12
Please LOGIN
.
VM/370
~~~~~~
VM/370
!
VM/ESA
~~~~~~
VM/ESA ONLINE
TBVM2 VM/ESA Rel 1.1 PUT 9200
Fill in your USERID and PASSWORD and press ENTER
(Your password will not appear when you type it)
USERID ===>
PASSWORD ===>
COMMAND ===>
Xylogics Annex Communications Server
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Annex Command Line Interpreter * Copyright 1991 Xylogics, Inc.
Checking authorization, Please wait... -
Annex username: TNO - Optional security check
Annex password: - Not always present
Permission granted
annex:
---------------------------------------------------------------------------
A-18. What are the default accounts for XXX?
AIX
~~~
guest guest
AS/400
~~~~~~
qsecofr qsecofr /* master security officer */
qsysopr qsysopr /* system operator */
qpgmr qpgmr /* default programmer */
also
ibm password
ibm 2222
ibm service
qsecofr 1111111
qsecofr 2222222
qserv qserv
qsvr qsvr
secofr secofr
qsrv ibmce1
DECserver
~~~~~~~~~
ACCESS
SYSTEM
Dynix (The library software, not the UnixOS)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
(Type 'later' to exit to the login prompt)
setup <no password>
library <no password>
circ <Social Security Number>
Hewlett Packard MPE-XL
~~~~~~~~~~~~~~~~~~~~~~
HELLO MANAGER.SYS
HELLO MGR.SYS
HELLO FIELD.SUPPORT HPUNSUP or SUPPORT or HP
HELLO OP.OPERATOR
MGR CAROLIAN
MGR CCC
MGR CNAS
MGR CONV
MGR COGNOS
OPERATOR COGNOS
MANAGER COGNOS
OPERATOR DISC
MGR HPDESK
MGR HPWORD
FIELD HPWORD
MGR HPOFFICE
SPOOLMAN HPOFFICE
ADVMAIL HPOFFICE
MAIL HPOFFICE
WP HPOFFICE
MANAGER HPOFFICE
MGR HPONLY
FIELD HPP187
MGR HPP187
MGR HPP189
MGR HPP196
MGR INTX3
MGR ITF3000
MANAGER ITF3000
MAIL MAIL
MGR NETBASE
MGR REGO
MGR RJE
MGR ROBELLE
MANAGER SECURITY
MGR SECURITY
FIELD SERVICE
MANAGER SYS
MGR SYS
PCUSER SYS
RSBCMON SYS
OPERATOR SYS
OPERATOR SYSTEM
FIELD SUPPORT
OPERATOR SUPPORT
MANAGER TCH
MAIL TELESUP
MANAGER TELESUP
MGR TELESUP
SYS TELESUP
MGE VESOFT
MGE VESOFT
MGR WORD
MGR XLSERVER
Common jobs are Pub, Sys, Data
Common passwords are HPOnly, TeleSup, HP, MPE, Manager, MGR, Remote
Major BBS
~~~~~~~~~
Sysop Sysop
Mitel PBX
~~~~~~~~~
SYSTEM
NeXTSTEP
~~~~~~~~
root NeXT
signa signa
me me or <null>
Nomadic Computing Environment (NCE) on the Tadpole Technologies SPARCBook3
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
fax <no password>
PICK O/S
~~~~~~~~
DSA # Desquetop System Administrator
DS
DESQUETOP
PHANTOM
PRIMOS
~~~~~~
PRIME PRIME
SYSTEM SYSTEM
PRIMOS PRIMOS
ADMIN ADMIN
RJE RJE
DEMO DEMO
GAMES GAMES
GUEST GUEST
REGIST REGIST
TEST TEST
NETMAN NETMAN
PRIRUN PRIRUN
TOOLS TOOLS
CMDNC0 CMDMNC0
Prolog
~~~~~~
PBX PBX
NETWORK NETWORK
NETOP <null>
Radio Shack Screen Savers
~~~~~~~~~~~~~~~~~~~~~~~~~
RS<STORE_ID_NUMBER>
Rolm
~~~~
CBX Defaults
op op
op operator
su super
admin pwp
eng engineer
PhoneMail Defaults
sysadmin sysadmin
tech tech
poll tech
RSX
~~~
SYSTEM/SYSTEM (Username SYSTEM, Password SYSTEM)
1,1/system (Directory [1,1] Password SYSTEM)
BATCH/BATCH
SYSTEM/MANAGER
USER/USER
Default accounts for Micro/RSX:
MICRO/RSX
Alternately you can hit <CTRL-Z> when the boot sequence asks you for the
date and create an account using:
RUN ACNT
or RUN $ACNT
(Numbers below 10 {oct} are privileged)
Reboot and wait for the date/time question. Type ^C and at the MCR prompt,
type "abo at." You must include the . dot!
If this works, type "acs lb0:/blks=1000" to get some swap space so the
new step won't wedge.
type " run $acnt" and change the password of any account with a group
number of 7 or less.
You may find that the ^C does not work. Try ^Z and ESC as well.
Also try all 3 as terminators to valid and invalid times.
If none of the above work, use the halt switch to halt the system,
just after a invalid date-time. Look for a user mode PSW 1[4-7]xxxx.
then deposit 177777 into R6, cross your fingers, write protect the drive
and continue the system. This will hopefully result in indirect blowing
up... And hopefully the system has not been fully secured.
SGI Irix
~~~~~~~~
4DGifts <no password>
guest <no password>
demos <no password>
lp <no password>
nuucp <no password>
tour <no password>
tutor <no password>
System 75
~~~~~~~~~
bcim bcimpw
bciim bciimpw
bcms bcmspw, bcms
bcnas bcnspw
blue bluepw
browse looker, browsepw
craft crftpw, craftpw, crack
cust custpw
enquiry enquirypw
field support
inads indspw, inadspw, inads
init initpw
kraft kraftpw
locate locatepw
maint maintpw, rwmaint
nms nmspw
rcust rcustpw
support supportpw
tech field
Taco Bell
~~~~~~~~~
rgm rollout
tacobell <null>
Verifone Junior 2.05
~~~~~~~~~~~~~~~~~~~~
Default password: 166816
VMS
~~~
field service
systest utep
XON / XON Junior
~~~~~~~~~~~~~~~~
Default password: 166831
---------------------------------------------------------------------------
A-19. What is a trojan/worm/virus/logic bomb?
This FAQ answer was written by Theora:
Trojan:
Remember the Trojan Horse? Bad guys hid inside it until they could
get into the city to do their evil deed. A trojan computer program is
similar. It is a program which does an unauthorized function, hidden
inside an authorized program. It does something other than what it
claims to do, usually something malicious (although not necessarily!),
and it is intended by the author to do whatever it does. If it's not
intentional, its called a 'bug' or, in some cases, a feature :) Some
virus scanning programs detect some trojans. Some virus scanning
programs don't detect any trojans. No virus scanners detect all
trojans.
Virus:
A virus is an independent program which reproduces itself. It may
attach to other programs, it may create copies of itself (as in
companion viruses). It may damage or corrupt data, change data, or
degrade the performance of your system by utilizing resources such as
memory or disk space. Some virus scanners detect some viruses. No
virus scanners detect all viruses. No virus scanner can protect
against "any and all viruses, known and unknown, now and forevermore".
Worm:
Made famous by Robert Morris, Jr., worms are programs which reproduce
by copying themselves over and over, system to system, using up
resources and sometimes slowing down the systems. They are self
contained and use the networks to spread, in much the same way viruses
use files to spread. Some people say the solution to viruses and
worms is to just not have any files or networks. They are probably
correct. We would include computers.
Logic Bomb:
Code which will trigger a particular form of 'attack' when a
designated condition is met. For instance, a logic bomb could delete
all files on Dec. 5th. Unlike a virus, a logic bomb does not make
copies of itself.
---------------------------------------------------------------------------
A-20. How can I protect myself from viruses and such?
This FAQ answer was written by Theora:
The most common viruses are boot sector infectors. You can help protect
yourself against those by write protecting all disks which you do not
need write access to. Definitely keep a set of write protected floppy
system disks. If you get a virus, it will make things much simpler.
And, they are good for coasters. Only kidding.
Scan all incoming files with a recent copy of a good virus scanner.
Among the best are F-Prot, Dr. Solomon's Anti-virus Toolkit, and
Thunderbyte Anti-Virus. AVP is also a good program. Using more than
one scanner could be helpful. You may get those one or two viruses that
the other guy happened to miss this month.
New viruses come out at the rate of about 8 per day now. NO scanner can
keep up with them all, but the four mentioned here do the best job of
keeping current. Any _good_ scanner will detect the majority of common
viruses. No virus scanner will detect all viruses.
Right now there are about 5600 known viruses. New ones are written all
the time. If you use a scanner for virus detection, you need to make
sure you get frequent updates. If you rely on behavior blockers, you
should know that such programs can be bypassed easily by a technique
known as tunnelling.
You may want to use integrity checkers as well as scanners. Keep in
mind that while these can supply added protection, they are not
foolproof.
You may want to use a particular kind of scanner, called resident
scanners. Those are programs which stay resident in the computer memory
and constantly monitor program execution (and sometimes even access to
the files containing programs). If you try to execute a program, the
resident scanner receives control and scans it first for known viruses.
Only if no such viruses are found, the program is allowed to execute.
Most virus scanners will not protect you against many kinds of trojans,
any sort of logic bombs, or worms. Theoretically, they _could_ protect
you against logic bombs and/or worms, by addition of scanning strings;
however, this is rarely done.
The best, actually only way, to protect yourself is to know what you
have on your system and make sure what you have there is authorized by
you. Make frequent backups of all important files. Keep your DOS
system files write protected. Write protect all disks that you do not
need to write to. If you do get a virus, don't panic. Call the support
department of the company who supplies your anti-virus product if you
aren't sure of what you are doing. If the company you got your
anti-virus software from does not have a good technical support
department, change companies.
The best way to make sure viruses are not spread is not to spread them.
Some people do this intentionally. We discourage this. Viruses aren't
cool.
---------------------------------------------------------------------------
A-21. Where can I get more information about viruses?
This FAQ answer was written by Theora:
Assembly language programming books illustrate the (boring) aspect of
replication and have for a long time. The most exciting/interesting
thing about viruses is all the controversy around them. Free speech,
legality, and cute payloads are a lot more interesting than "find first,
find next" calls. You can get information about the technical aspects
of viruses, as well as help if you should happen to get a virus, from
the virus-l FAQ, posted on comp. virus every so often. You can also pick
up on the various debates there. There are alt.virus type newsgroups,
but the level of technical expertise is minimal, and so far at least
there has not been a lot of real "help" for people who want to get -rid-
of a virus.
There are a lot of virus experts. To become one, just call yourself
one. Only Kidding. Understanding viruses involves understanding
programming, operating systems, and their interaction. Understanding
all of the 'Cult of Virus' business requires a lot of discernment. There
are a number of good papers available on viruses, and the Cult of Virus;
you can get information on them from just about anyone listed in the
virus-l FAQ. The FTP site ftp.informatik.uni-hamburg.de is a pretty
reliable site for programs and text.
---------------------------------------------------------------------------
A-22. What is Cryptoxxxxxxx?
This FAQ answer is excerpted from: Computer Security Basics
by Deborah Russell
and G.T. Gengemi Sr.
A message is called either plaintext or cleartext. The process of
disguising a message in such a way as to hide its substance is called
encryption. An encrypted message is called ciphertext. The process
of turning ciphertext back into plaintext is called decryption.
The art and science of keeping messages secure is called cryptography,
and it is practiced by cryptographers. Cryptanalysts are
practitioners of cryptanalysis, the art and science of breaking
ciphertext, i.e. seeing through the disguise. The branch of
mathematics embodying both cryptography and cryptanalysis is called
cryptology, and it's practitioners are called cryptologists.
---------------------------------------------------------------------------
A-23. What is PGP?
This FAQ answer is excerpted from: PGP(tm) User's Guide
Volume I: Essential Topics
by Philip Zimmermann
PGP(tm) uses public-key encryption to protect E-mail and data files.
Communicate securely with people you've never met, with no secure
channels needed for prior exchange of keys. PGP is well featured and
fast, with sophisticated key management, digital signatures, data
compression, and good ergonomic design.
Pretty Good(tm) Privacy (PGP), from Phil's Pretty Good Software, is a
high security cryptographic software application for MS-DOS, Unix,
VAX/VMS, and other computers. PGP allows people to exchange files or
messages with privacy, authentication, and convenience. Privacy means
that only those intended to receive a message can read it.
Authentication means that messages that appear to be from a particular
person can only have originated from that person. Convenience means
that privacy and authentication are provided without the hassles of
managing keys associated with conventional cryptographic software. No
secure channels are needed to exchange keys between users, which makes
PGP much easier to use. This is because PGP is based on a powerful
new technology called "public key" cryptography.
PGP combines the convenience of the Rivest-Shamir-Adleman (RSA)
public key cryptosystem with the speed of conventional cryptography,
message digests for digital signatures, data compression before
encryption, good ergonomic design, and sophisticated key management.
And PGP performs the public-key functions faster than most other
software implementations. PGP is public key cryptography for the
masses.
---------------------------------------------------------------------------
A-24. What is Tempest?
Tempest stands for Transient Electromagnetic Pulse Surveillance
Technology.
Computers and other electronic equipment release interference to their
surrounding environment. You may observe this by placing two video
monitors close together. The pictures will behave erratically until you
space them apart.
What is important for an observer is the emission of digital pulses (1s
and 0s) as these are used in computers. The channel for this radiation
is in two arrangements, radiated emissions and conducted emissions.
Radiated emissions are assembled when components in electrical devices
form to act as antennas. Conducted emissions are formed when radiation
is conducted along cables and wires.
Although most of the time these emissions are simply annoyances, they
can sometimes be very helpful. Suppose we wanted to see what project a
target was working on. We could sit in a van outside her office and use
sensitive electronic equipment to attempt to pick up and decipher the
radiated emissions from her video monitor. These emissions normally
exist at around 55-245 Mhz and can be picked up as far as one kilometer
away.
A monitoring device can distinguish between different sources emitting
radiation because the sources emanating the radiation are made up of
dissimilar elements and so this coupled with other factors varies the
emitted frequency. For example different electronic components in VDUs,
different manufacturing processes involved in reproducing the VDUs,
different line syncs, etc... By synchronizing our raster with the
targets raster we can passively draw the observed screen in real-time.
This technology can be acquired by anyone, not just government agencies.
The target could shield the emissions from her equipment or use
equipment that does not generate strong emissions. However, Tempest
equipment is not legal for civilian use in the United States.
Tempest is the US Government program for evaluation and endorsement of
electronic equipment that is safe from eavesdropping. Tempest
certification refers to the equipment having passed a testing phase and
agreeing to emanations rules specified in the government document NACSIM
5100A (Classified). This document sets forth the emanation levels that
the US Government believes equipment can give off without compromising
the information it is processing.
---------------------------------------------------------------------------
A-25. How do I defeat Copy Protection?
There are two common methods of defeating copy protection. The first
is to use a program that removes copy protection. Popular programs
that do this are CopyIIPC from Central Point Software and CopyWrite
from Quaid Software. The second method involves patching the copy
protected program. For popular software, you may be able to locate a
ready made patch. You can them apply the patch using any hex editor,
such as debug or the Peter Norton's DiskEdit. If you cannot, you must
patch the software yourself.
Writing a patch requires a debugger or a disassembler. It also requires
some knowledge of assembly language. Load the protected program under
the debugger and watch for it to check the protection mechanism. When
it does, change that portion of the code. The code can be changed from
JE (Jump on Equal) or JNE (Jump On Not Equal) to JMP (Jump
Unconditionally). Or the code may simply be replaced with NOP (No
Operation) instructions.
---------------------------------------------------------------------------
A-26. What are some available debuggers and disassemblers?
Debuggers
~~~~~~~~~
Soft-Ice ($439)
Soft-Ice for Windows ($329)
Soft-Ice for Windows95 ($329)
Soft-Ice for WindowsNT ($329)
Nu-Mega Technologies, Inc.
9 Townsend West
Nashua, NH 03063
http://www.numega.com
ftp://ftp.numega.com
(603)889-2386
(800)468-6342
D86 - Eric Isaacson's ShareWare debugger
ftp://ftp.cdrom.com/pub/simtelnet/msdos/asmutl/d86v402.zip
BrandX full-screen debugger
ftp://ftp.cdrom.com/pub/simtelnet/msdos/asmutl/bxd26.zip
Disassemblers
~~~~~~~~~~~~~
Sourcer ($95)
V Communications, Inc.
4320 Stevens Creek Boulevard
Suite 120
San Jose, CA 95129
(408)296-4224
(408)296-4441 Fax
http://www.v-com.com/showcase.html#sourcer
E-mail: sales@v-com.com
IDA (Interactive Disassembler)
ftp://ftp.kiae.su/.1/msdos/language/asm/dis/ida304.zip
SECTION A CONTINUED |
