Notes from Steal This Computer Book 3

Notes from Steal This Computer Book, Wallace Wang, 3^rd edition

In many ways, this book provides an outline for basic literacy for Internet users.  Reading this at the same time I read The Cuckoo’s Egg was interesting – in the story, Stoll questions why no one is being told about all the flaws, and holes, and pitfalls on the Internet.  Here, Wang explicitly describes what-hackers-do and what you need to do to protect yourself….or it gives a recipe book to follow.

Table of Contents (from B&N)

Pt. 1 Information Overload (Lies, Damn Lies, and Statistics) 

1 Finding what you Need: The Magic of Search Engines 
2 Alternative Sources of News and Information 
3 Censoring Information (We Know what’s Best for you) 
4 Hacktivism: Online Activism 
5 Pledging Allegiance: Hatred as Patriotism 
6 Where the Hackers arePt. 2 Dangerous Threats on the Internet 
7 Viruses and Worms 
8 Trojan Horses: Beware of Geeks Bearing Gifts 
9 Con Games on the Internet 
10 Online Stalkers 

Pt. 3 Breaking and Entering Computers 
11 Probing a Target 
12 Sneaking into a Computer 
13 Digging in 

Pt. 4 Protecting Yourself 
14 Computing on a Shoestring 
15 Protecting your Data and your Privacy 
16 Waging War on Spam 
17 Web Bugs, Adware, Pop-Ups, and Spyware 

Pt. 5 Protecting your Computer 
18 Firewalls, Intrusion-Detection Systems, and Honeypots 
19 Computer Forensics: Recovering and Deleting Data 
20 Protecting your Computer 

Appendices
A.    Software 
B.    A Hacker’s Gallery of Rogue Tools 
C.   A Bit of History: Phone Phreaking and Other Phun 
D.   Glossary 

 Index

The dedication “This book is dedicated to truth, justice, honesty, and the American Way-which are too often mutually exclusive ideas.”

P31 accessing banned websites by email using a webmail server, for example, http://www.www4mail.org/

P39 Banned books online, Project Gutenberg

P43 In case you have information that your government doesn’t want anyone to see, http://cryptome.org; online activism cypherpunks

P58 Anti-Christian  websites

P61 “Idealism is what precedes experience; cynicism is what follows” David T. Wolf

P62 Sites:

Hacker sites

• http://www.attrition.org
• http://www.blackcode.com
• http://www.cipherwar.com
• http://www.cultdeadcow.com
• http://www.hackcanada.com
• http://www.hackers.com
• http://www.hideaway.net
• http://www.insecure.org
• http://neworder.box.sk
• http://www.sys-security.com
• http://www.undergroundnews.com
• http://www.wiretapped.net

Security sites

• http://www.atstake.com
• http://www.antionline.com
• http://www.infosyssec.net
• http://www.securityfocus.com
• http://www.securitynewsportal.com
• http://www.securitysearch.net

Hacker zines

• http://www.2600.com
• http://sun.soci.niu.edu/~cudigest
• http://sun.soci.niu.edu/~crypt
• http://www.phrack.com
• http://www.privateline.com

Hacker search engines

• http://astalavista.box.sk
• http://www.cyberarmy.com
• http://www.secureroot.com/
• http://www.startplaza.nu
• http://www.elitetoplist.com
• http://underground.sub-list.com

P114 Other piece of Information Literacy:

• how to avoid online auction frauds
• Fallacy of internet malls
• Urban legends

P130 Suggestions for dealing with online stalking, for example: “send them exactly one message asking them to stop. A firm short message…if harassment continues, do not reply….the minute you stop responding in any way they’ll get bored and look for easier prey?

P136 Probing a target, war-dialing, e.g. wdial200; port scanning, e.g NetScantools, Nessus, iNettools, Saint, Sara, Satan, Nmap

P148,9 social engineering discussed [mind trail to Mitnick’s book], keystroke loggers, keyghost, hardware keylogger, keycatcher, keylogger.org.

P174 refurbished computers, www.Amazon.com, www.astak.com, www.shopping.hp.com , www.dell.com/factoryoutlet , www.gateway.com , www.opportunitydistribute.com , www.overstock.com , www.pcfactoryoutlet.com , www.pcnomad.com , www.pcretro.com ,http://www.tigerdirect.com, www.usedcomputer.com ; auctions: www.auctions.cnet.com , www.ebay.com  www.dellauction.com , www.compusaauctions.com , www.ubid.com ; recycled computers, www.comp-recycle.com , www.repc.com , www.recommit.co.uk , www.used-pcs.com ; build it, www.pcguide.com, www.storagereview.com , www.tomshardware.com , www.anandtech.com

P182 XPKeyGen program claims it can create valid codes for windows xp

P184 To crack Windows software you need:

• Disassembled to see source codes – IDA pro, www.datarescue.com/idabase;
• Debugger to see how a program runs and where it asks for a registration number – MULTI http://www.ghs.com/products/MULTI_debugger.html
• Hex editor to modify the executable – ultraedit www.ultraedit.com or hex workshop www.hexworkshop.com
• A windows registry viewer to modify reg entries – registry crawler www.4developers.com/regc or registry toolkit www.funduc.com/registry_toolkit.htm
• Visit www.astalavista.com or www.cyberarmy.com for programs and tutorials

Crackproof your software, Pavol Cerven

P191 encryption, www.pgp.com; cryptogram newsletter www.counterpane.com/crypto-gram.html; magic folders www.pc-magic.com

P193 steganography camera/shy http://hacktivismo.com/projects; cryptography A-Z, www.ssh.fi/tech/crypto

P200 anonymous browsing www.idzap.com, www.anonymizer.com, www.rewebber.com, http://anonbrowse.cjb.net; www.research.att.com/projects.crowds

P201 remailers http://anonymous.to

P203 Private Idaho, www.itech.net.au/pi

P220 ascii code equivalents for characters, www.asciitable.com

P246 www.visualware.com to see IP locations on a world map. It’s not a webapp though.

P249 A quote from US patent 4666425 “This invention involves a device, referred to herein as a “cabinet,” which provides physical and biochemical support for an animal’s head which has been “discorporated” (i.e., severed from its body).”  Wow.

Computer forensics tools:

P250 File Undeleting utilites Norton Utilities www.symantec.com; Active@Undelete www.active-undelete.com; Restorer2000 www.bitmart.net; Undelete www.execsoft.com

P255 Browser cache viewer www.webknacks.com , www.moleculesoft.com

P256 Hex editors, Hex Workshop, www.bpsoft.com, Ultraedit www.idmcomp.com; VEDIT, www.vedit.com

P258 Free forensics tools www.antionline.com, www.forensics-intl.com/download.html

P260 “…So how can you protect your computer from their prying eyes?  Basically, you can’t….experiment with some of the free or commercial forensics tools to recover data on your computer, or see what you can find on other people’s computers.  Try secretly examining a coworker’s computer.  You might learn how to better protect your own data.”

Website http://www.nostarch.com/frameset.php?startat=stcb3

The appendices have a lot of good links and information, and I was hoping this would be sitting on the website.  But no.