phrack/phrack8/6.txt

130 lines
7.9 KiB
Plaintext

==Phrack Inc.==
Volume One, Issue Eight, Phile #6 of 9
COMPUSERVE INFO
---------------
Compiled and
Related by:
Morgoth and Lotus
-----------------
Since its rather humble beginnings in Dublin, Ohio some years ago,
Compuserve, or CIS, as it will be referred to in this article, has grown to
become the largest entertainment/public user oriented system in the country.
This file is divided into two parts. The first is how to get your own CIS ID
number, and make it last a relatively long time. This part may seem like old
hat to some of you out there. The second part is information on what to do
once you are on the system...tricks and tips to keep you out of trouble, or
cause trouble.
A Compuserve identification number is divided into two parts; a project
number and a programmer number. An example would be 70007,1460. This ID is
what you will be known by at all times on the system. When you log on, you
will also be prompted for a password, in addition to your user ID. The
password is divided into two words, kept apart by a separator (-,:,.,etc). The
password may be any two words the user desires, including garbage, which makes
gaining an ID by hacking the password almost, if not totally, impossible.
The most popular, and about the only way left, of gaining an ID is by buying
what the system calls a snapak. These are the little goodies you see in the
store in the introductory packets. With this, you can gain access to most, but
not all of the system.
The first ID, or the "intro" ID will last about a week, at which time,
Compuserve automatically changes the password, and sends the new one to you via
the US Postal service. This is a key point to the ID scam. You MUST have
valid Credit Card information to be able to continue using the ID. I have
heard of intro IDs going bad in a matter of 2 or 3 days due to having non-valid
credit card info. So you need to set up a location to which your second
password can be mailed. This second password should last about a month,
depending on how much credit the CC holder has on his card.
When applying credit to a Visa or Mastercard, Compuserve will submit the
charges about once a week. If you run up about $500 in connect charges, and
the credit card cannot hold it, the ID will go bad. This is the most common
way for an account to run out.
Your first password has some limits. Due to hackers using snapaks,
Compuserve has installed a system which prohibits IDs without the second
password from entering any type of game online. This ranges from the
ever-popular MegaWars, to YGI, all the way down to Casino. This is one reason
why the second password is so important.
If more than one person will be using the account, which is usually the case,
there are also some limits to be observed. The same ID can no longer enter the
CB simulator more than once. If it is tried, the message "exceeding job limit"
will occur, and you will be taken back to the prior menu. The same ID can go
into a SIG at the same time, but both people cannot enter COnference mode while
on the SIG. The best way to talk to another user who is on the same ID is to
go into any forum, say CBMART, and have one of them enter COnference mode.
There, the two users can use the /SEN command to relay messages between the SIG
and COnference. This is kind of complicated, but it is the only way. Also,
anytime the message "exceeding job limit" goes to your screen, the people at
CIS put a small "red mark" by your name. If it occurs too frequently, they
look into the situation to find out if more than one person may be using the
same ID.
Special IDs -- Ok, now that you are on Compuserve, what should you look out
for? As mentioned before, the user ID is divided into [project
number,programmer number] format. The Programmer number is of no importance,
but the Project number is. Some of the ones you should be aware of while
online are:
70000,xxxx Compuserve Security
70003,xxxx Compuserve Employee
70004,xxxx Same as above
70005,xxxx Radio Shack demo account
70006,xxxx Customer service, or "Wizard" number (see below)
70007,xxxx Complimentary account
76703,xxxx SIG SysOp, or Forum Info Provider
While on CB, look out for the 70000 IDs, and especially the 70006, or
"wizard" numbers. The Wizard ids have some very special functions. The main
one is called autogag, or /GAG. This allows the bearer of this ID to banish
any user from the system, in a way. What it actually does is to keep the
/GAGged person out of everyone's view. They will not show up on the /ust list,
and anything they type will not show up on anybody else's screen. Kind of like
a mute button on a television. The Chief of CIS security is Dan Pisker, and on
CB he uses the handles "Dan'l", or "Ghost", with a 70000 id.
Monitoring -- This is a very popular subject with the users of Compuserve,
but when broken down, it is quite simple. CIS is capable of monitoring
ANYTHING that is said on the system. This doesn't mean that they do, however.
For /TALK to be monitored in a Forum or on CB, CIS must first have a court
order...it is supposedly as illegal as tapping a phone line. This has been
done before to catch some major hackers on the system. /SEN in a SIG is not
supposedly monitorable....the status on it is the same as on /TALK. /SCR mode
on CB or on a SIG is definitely monitorable, especially if the the /SCR key is
typed on open channel. Keep /SCR conversations to a minimum. As far as
anything else goes, anything said on open channel is quite definitely seen by
SOMEBODY in the big chair up in Ohio. It would not surprise me at all if they
hire people to go through CB Transcripts every day to look for that kind of
thing. Also, when you are in COnference mode in a SIG, always check the
/STAtus of the channel. If /STA EVER returns that there are more people on the
channel you are on than the /USERS function does, then you can rest assured
that the channel is being monitored.
Nodes -- When you log on through CIS, you are going through a node. The node
takes the form of 3 letters, designating the site of the computer through which
you are connecting through Compuserve. An example would be "NYJ" (New York
City). There are some special nodes you should know about, though.
Tymnet - Anybody logging on through Tymnet will be assigned one of these
nodes - QAI, QAJ, QAK, QAC, QAM, QAN, QAO, QCA, QCB, QCC, QCE, QCF, QCH. This
cannot identify where you are calling from, just that you are logging in
through the Tymnet network.
Telenet - QBA, QBC, QBD, QBG, QBF, QEN, QEI, QEP.
Also, another special node would be DB- (DBA, DBB, DBC, etc), which means
that the user is logging on from Compuserve's Headquarters in Dublin.
The way to tell what node somebody is in is by typing /UST on either CO mode
on a SIG, or CB...the result is like this....
Job User Id Ch. Node Handle
--- ---------- --- ---- ------
1) 12 70003,1295 17 CSG Red Leather
2) 133 70006,1293 1s BAF Surf's Up!
3) 69 76703,1211 Tlk BOO JOE CUFFS
4) 22 70000,1959 30* DBA Pig
Now, you can tell something specific about each of these four people based on
the info given above. Red is in Columbus, Ohio, and is on Channel 17. She is
also a Compuserve Employee. Surf is in Bakersfield, California, and is a
Customer service personnel. He is also using /SCRamble. Joe is in Talk, is a
sysop on a SIG, and is in Boston, Massachusetts. This is the format for Talk
on CB. Pig is on talk in a SIG, and is a security personnel from Dublin, Ohio.
The format for showing if somebody is in /Talk is different on a SIG than in
regular CB. Also, the /SEN command is not implemented on CB.
Have fun with this...hope it helps. Distribute the file however you want,
but make sure the credits stay at the bottom.
(c) 1986 Morgoth/Lotus