¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬ ::ÆÆÆ[www.blackhat.cx]ÆÆÆÆÆÆÆÆÆÆÆÆÆÆÆÆÆÆÆÆÆÆÆÆÆÆÆÆÆÆÆÆÆÆÆÆÆÆÆÆÆÆÆÆÆÆÆÆÆÆÆÆÆÆÆÆÆÆÆÆÆÆ:: ____________ --)-----------|____________| ,' ,' -)------======== ,' ____ ,' `. `. ,' ,'__ ,' `. `. ,' ,' `. `._,'_______,'________________[ vol.1 <=> issue#1 ] __________.____ _____ _________ ____ __.__________.___ _______ ___________ \______ \ | / _ \ \_ ___ \| |/ _______ /| |\ \ \_ _____/ | | _/ | / /_\ \/ \ \/| < / / | |/ | \ | __)_ | | \ |___/ | \___| | \__/ /__| | \_| \ |______ ________ ____|__ /\______ _____|__ __________\___\____|_______________/ \/ \/ \/ \/ \/ @logicfive.net .-"" |=========================== ______________ |--------------------------------- "-...l_______________________ | |' || |_]__ | [`-.|__________ll_| |----- www.blackhat.cx -------- ,' ,' `. `. | (c) The BlackHat Project | ,' ,' `. ____`. ------------------------------- -)---------======== `. `.____`. __ . . / /\ `.________`. _ / / \ --)-------------|___________| ,-- / /\/ / \ -, | ,/ / \/ / |----> the table of contents ,---| \ \ / |---------------------------------------------------------------, | `-- \ \ / -----' " Laws are like sausages, | `\`*_' it is better not to see them being made. " - Otto von Bismark | \__________________________________________________________________________' | |:0x01 - Welcome...................................................................lkm | > Introduction..............................................................rza | > About BlackHat............................................................lkm |:0x02 - News..................................................................lkm&rza | > WRITERS...............................................................lkm&rza |:0x03 - Why?......................................................................rza |:0x04 - What is wrong with security industry (brief)?.............................rza |:0x05 - Why not to DDoS?..........................................................rza |:0x06 - What is Script kiddie ?...................................................lkm |:0x07 - Help the Telco business and DDoS!.................................A.Nonymouse | `-------------------------------------------------------------------------------------' ::###############################################################[www.blackhat.cx]###:: #:0x01 Welcome :> Introduction. Blackhat Community has always been more or less underground. That is just normal if you think the nature of the scene. Misunderstood and mysterious group of people is often judged in world-wide media. Blackhat Magazine or E-zine is trying to bring the community near to common people and it tries to break the common stereotypes made of "hackers". Every blackhat is not evil, they just dont want to live in this many ways cruel society. For them cyberspace and coding is the way to make the difference. Dont judge understand. :> About Blackzine. COMING SOON!!!:))) #:0x02 News. :> WRITERS The blackhat magazine is still looking for people who are willing to contribute articles about almost anything related to subject. Contact either lkm or rza. #:0x03 Why? I started to write for boredom. And then i got idea to make a ezine. I had support from lkm and few mates and so I thought that this idea could work. I apologize for typos and loadda mistakes in this first issue. hAvE pHuN:) #:0x04 What is wrong with security industry? Terms: Blackhat = "hacker" (term that media uses) Whitehat = good, good boy! Greyhat = a blend of lil` bit of both. Whitehat has always been the favorite of the media. Everybody loves the ones who protect your intrests but you just dont understand who really does the work. Security business would be no business without the so called "bad boys". Is it so evil to exploit the faults of professionals? Why arent they responsible for writing bad code which can be exploited? Security industry gives you an impression that they do everything for security and they are the hardworking people who does everything for any effort. They are not, sad but true. Microsoft is a good example of the rotten and paradoxal security industry. It makes propably millions with update packs, second editions and so on..And all those you need for their mistakes. Kinda odd to my point of view. So is there any idea to make invulnerable software? That is the main issue within whitehats, because making it would make them unemployed. Security managers always talk about "long-term investments", "going down now but soon coming up" and so on. They got no real value in their companies but they need investments from stock market. Thats why you see people in suits smiling in TV even if their companies would be going down and fast. You dont need to believe them. you dont need to invest your money to wasteless industry. Blackhats are the dying community of ethically equipped programmers and developers. They dont ask money for their work and they make it to show the common errors in programs. In their own way they help the sec industry which most them prolly hate. It is just unfair that security consult gets fat money for just talking about other peoples work. Blackhats dont enforce kiddies to "gcc exploit.c -o exploit; ./exploit", they just give the tools for it, which isnt yet illegal as far as i know. Blackhat lives for better and faster code. Blackhat drinks pepsi or coca-cola(both trademarks:). Blackhat is ready to give his life for opensource. Im not trying to make blackhats like gods here. Im just trying give another point of view to this everlasting judging of blackhats. You gotta remember that many of the security industry people are ex-blackhats, and they have done things that they dont want to be exposed. Blackhat ezine will continue untill it gets shutdown for speaking the truth (LOL?) #:0x05 Why not to DDoS? I was too tired to describe all terms used. If you dont understand what is DDoS it is prolly useless to read this article. Why to DDoS? The most common reason for DDoS I`ve met is the eternal "war" in IRC. Mirkwargoups war over channels and the most common method is to ping timeout all ops, split a ircserver and gain ops. Then you can close the chan and think youre "eleet". You might ask why the @ before ones nick is so important, but for "cReWz" it is the sign of power and makes one think that he is some way skilled. Then you can close the chan and think youre"eleet". There is also packetmonkeys who are unable to have "intelligent" conversationand DDoS is a good way to silence the opposite point of view. Ethically and morally it is very judged but in the age of 13 you rarely can show any signs of maturity or moral developement. Why is it so wrong to DDoS? It is hard to judge ones own choices but the main issue is the harm one causes to normal non-related users. There are many IRCserver which have quit the free service cause of the amount of DDoS they had. It is not easy to do the best you can and just watch when some 13 yrs old kiddo ruins your work. There is propably only one sector which benefits from packeting. Security industry. Im not saying they cause it but they get a lot of money for defending larger and smaller servers. So when you .mack you support the worst enemy of the free software and that way youre a part of ruining the blackhat community. Also free shell-providers often limit the IRC access for the fear of packets. In free service ping timeouts would be too heavy on the expences on bandwith and so on. How to avoid DDoS? Often packeting comes from your own behavior. If you dont get too cocky or takeover channel you dont get packets. Sounds too simple but its partly true. Of course there is also people who do it for the "joy" and overhelming feeling of power or the ones who just hate good services like www.google.com(*dont bring it down*). #:0x06 What is Script kiddie ? 1) The lowest form of cracker , script kiddies do mischief with scripts and programs written by others, often without understanding the exploit they are using. Used of people with limited technical expertise using easy-to-operate, pre-configured, and automated tools to conduct disruptive activities against networked systems. Since most of these tools are fairly well known by the security community, the adverse impact of such actions is usually minimal. 2) People who cannot program, but who create tacky HTML pages by copying JavaScript routines from other tacky HTML pages. More generally, a script kiddie writes (or more likely cuts and pastes) code without either having or desiring to have a mental model of what the code does, someone who thinks of code as magical incantations and asks only "what do I need to type to make this happen?" #:0x07 Help the Telco business and DDoS! As you probably have heard allot of Telco's -the real backbone ISP's- are getting bankrupt. This comes because there is more bandwidth capacity then really needed. Because of this fact, companies are having big competition with each other, just to sell their bandwidth and get some of the investment back. In the last year not allot of bandwidth was consumed, this because major League of DDoS stopped, or where forced to stop by governments all over the world. The problem of DDoSsen is a political one not a technical one. With proper configuration of infrastructure and their components DDoS can be exterminated. The only problem is, that THE WHOLE WORLD that is connected should do it. Companies that sell equipment that could be connected to public Infrastructure should be punished if their products are abused, or could be abused. If you buy a car or some brand, and all those cars don't have good Working break, causing allot of injury, then -certainly in the USA- the Company would get Sued and often must pay allot of money. With companies that sell equipment to get on the digital highway this Isn't the case. Companies such as -but not only- Microsoft, Cisco etc.. sell their Product with no or poorly configured OS by default. Almost every product they sell can be abused if it is installed right from the box. Some UNIX claim to be save, such as Openbsd, but if you check the inetd.conf, then you can conclude that ANY UNIX box would be save if u Used that inetd.conf. There is not any service enabled, and that should be configured as Default on ANY product. People should be forced to read the fucking manual before they can start Using insecure configuration online. In that case the software/hardware company shouldn't be liable any more, but the people who connected the insecure configuration online. At this moment, backbone ISP's (Telco business) is making money out of TRANSIT -not peering- traffic. The more people DDoS the more unused bandwidth is used, the more money they make. Allot of people don't know how the glasfibre/coper (SDH/SoNet) network are financed, and how they make money out of it. It is real simple. Client <----> ISP A <---> ISP B <---> ISP C <---> The clients want to send/receive data to ISP C. First of all the border router of his ISP (ISP-A) has a BGP routing table, and knows how to get this shit cheap to ISP C If there is a peering point (some physical -or virtual- place where routers of ISP's are placed) they can have make an agreement on peering. This means that traffic in or/and out the 2 domains, is send directly. The route is establish through the peering point, which is cheap, because they only rent some staging space for their Access router, a UTP or fibre slot in the peering CORE router Through the peering CORE router they can set up any peering with any one who also has a access router on the peering point. The route will always be through that place, and cannot be forced to go through another ISP, unless you change the BGP table. In this case your traffic should go easily from ISP-A to ISP-C without the USE of ISP-B. ISP-B doesn't make any money out of you. If there isn't a peering agreement, then the traffic is called TRANSIT. This means that traffic is going to follow a route which has to be paid for. ISP-A could be a customer of ISP-B or have a peering agreement with them. ISP-C could also be a customer or have peering agreement. (of is a Customer of another customer or peering agreement holder with ISP-B) In this case ISP-B is getting PAID to get traffic through. -when you do several trace route to different destinations, and you see ALLOT different of hops (not the first few!), it's probably transit Traffic, the first hops are the ones of you own ISP and somewhere there Peering point with their top-level ISP- The only ISP's with cable with connect cities -city rings-, provinces, Countries and continents are Telecom companies. (Worldcom is a big one) Those companies often DO NOT PEER with others. It just costs them money. They only will peer if they benefit from it big time. They also will be buying major content providers or big Webhosting Companies, so that ALLOT of bandwidth is going to be consumed over their Infrastructure. They even would host big sites -CNN, movie/mp3 sites etc..- For free. (If they wanted too, and are having a clue) Because every byte send from those BIG sites, and which leave their Infrastructure is PAID for. The more the bandwidth the more they get paid. This is why DDoS isn't that bad from their perspective. It is useless, and retarded to do DDoSS. But packeteers/DDoS-retards are helping the economy this way. Unless ISP's get a clue and understand -managers don't understand the Story as described here- that bandwidth cost money, until then the only big supporters of DDoS are Backbone ISP's -Telco's- which have problem In the market that there is more bandwidth then needed. Backbone ISPs -Telco's - can do allot in detecting and eliminating DDoS Attacks. The only reason they do not do something about it is because of the fact They make money out of it. If a Backbone ISP -Telco- is originator of the attack or suffering from an attack inside their infrastructure then they take immediately Countermeasures, because this cost them money. But detecting and defeating attack that occur outside of their infrastructure only costs money, and that will not be paid by a customer nor by the attacker. Besides this, they also wouldn't be selling the used bandwidth caused by the attack. So their costs is (monitoring/detecting/defeating attack) + (not used/sold bandwidth) + interest on their investments (those unused or barely used fibres cost money! So is DDoS bad? From certain point of view it is not. When all DDossing would stop today, allot of Backbone-ISP (Telco's) would get in trouble. And then allot of bandwith that was used consumed by DDoSSing, will come free, and the bandwith market will fall. Causing bankruptcy, unemployment and more importent lesser backbone-ISP which will make internet more expensive. We as consumer of the internet will pay more for the same service, or even lesser bandwidth. Unemployment of backbone-ISP personal is also a real concern. If they get bored and annoyed because they can't good paying jobs, they might become a threat for the internet. So if you judge about ddossing (or anything else), think about the consequents. The whole world is one big network, and everything is keeping something in balance. ------------------------------------------------------------------------------------:: gr33tZ: blackhat@IRCnet !!, aurecom , ack- , moogz , bajkero , henray , #darknet@EFnet izik, I-Busy and all the bitches i forgott :) !! + feedback: office@blackhat.cx + !! ::###############################################################[www.blackhat.cx###:: Brought to you by :::::::. ::: :::. .,-::::: ::: . :: .: :::. :::::::::::: ;;;'';;' ;;; ;;`;; ,;;;'````' ;;; .;;,. ,;; ;;, ;;`;; ;;;;;;;;'''' [[[__[[\. [[[ ,[[ '[[, [[[ [[[[[/' ,[[[,,,[[[ ,[[ '[[, [[ $$""""Y$$ $$' c$$$cc$$$c $$$ _$$$$, "$$$"""$$$ c$$$cc$$$c $$ _88o,,od8Po88oo,.__ 888 888,`88bo,__,o, "888"88o, 888 "88o 888 888, 88, ""YUMMMP" """"YUMMM YMM ""` "YUMMMMMP" MMM "MMP" MMM YMM YMM ""` MMM #BlackHat@IRCnet <-> www.BlackHat.cx ¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬