These messages were captured from Telenet PC-Pursuit NET-EXCHANGE BBS... ------------------------------------------------------------------------ Msg # 6028 Dated 02-27-88 21:48:34 From: MICHAEL MURRAY To: ALL Re: LOOKS LIKE A HACKER I've encountered a certain situation twice in the past week that leaves me with a few questions. Upon connecting to my Telenet indial node, in between attempts to connect to either a Telenet service or outdial modem, I've gotten the following message: CONNECTION FROM 301 18A The first time this happened, whoever was on the other end began typing several obscenities. Tonight when this happened, the person attempted to generate a false "@" prompt. Whoever was doing this was trying to lure me into typing in my PCP acct and password. Sure enough, when I fed the prompt a made-up acct, hit return...I got back what I know was a misleading prompt. I don't think my acct/pw got to him/her, but it scares me that someone can make such a connection. I called up the Telenet service number to report this, but all I was told is that nothing can be done except to change the password, at MY expense. Anybody else have this happen to them? Mike ------------------------------------------------------------------------ Msg # 6057 Dated 02-28-88 09:47:49 From: IMA HACKER- To: ALL Re: IMPORTANT The *PCP HACKERS* are working to show PCP what we think of their awful service and policies. We have been STEALING PCP IDs and PWs and using them. We can HACK into TELENET and connect to your indial modem without you even knowing it. Then we watch you hammer at a distant modem with those dialing scripts and it fills our screen with your pw and id. You don't see your pw but *WE DO* and we have hundreds of PCP IDs and PWs. Your TELENET *CONTRACT* makes YOU responsible for all charges to your ID, and PCP just sent out bills from back in September! We want more outdial modems and less BUSY. We want responsive Customer Service. We want a realistic CONTRACT, 300 and 2400 baud. SCREW PCP until then!!! ------------------------------------------------------------------------ Msg # 6062 Dated 02-28-88 12:59:42 From: TONY WADDELL To: IMA HACKER- Re: (R)IMPORTANT I don't know if message #6057 is for real or not ( I find some of the claims hard to believe ), but perhaps PC-Pursuit should make it just a little easier for users to change their passwords. I understand it's quite a nose bleed to get one changed. ------------------------------------------------------------------------ Msg # 6072 Dated 02-27-88 15:45:04 From: LEE RIMAR To: TOM WADDELL Re: PASSWORD CHANGES TW> I don't know if message #6057 is for real or not (I find some of TW> the claims hard to believe) . . . (regarding a message on "hacking" PC-Pursuit) . I just called Customer Service and expressed concern about it. Unfortunately, they say it's entirely possible. And that they're working on the problem. . TW> Perhaps PC-Pursuit should make it just a little easier for users TW> to change their passwords. I understand it's quite a nose bleed TW> to get one changed. . That was not my experience. I changed mine last Monday. Took less than 10 minutes on the phone (the 1-800-TELENET number), and the new id/password was in effect immediately. .LDR ------------------------------------------------------------------------ Msg # 6073 Dated 02-27-88 15:46:13 From: LEE RIMAR To: IMA HACKER Re: YOUR INTENTIONS You claim your aim is to get better customer service from Telenet, more modems, et al. Has it ever occured to you that your "screw the system" attitude may be causing more trouble than it solves? Screwing up Telenet's ability to provide service seems unlikely to result in better service. That's always struck me as an argument against violent revolts; from socialist to anarchist. Patterned after my comment above: Blowing up a rich man's house does not put a roof over a poor man's head. See you in the Issues area if you care to debate it. .LDR ------------------------------------------------------------------------ Msg # 6074 Dated 02-27-88 16:04:02 From: JAMES NORTH To: ALL Re: ID PASSWORD SNACTCHING If password pirates are able to steal PC Pursuit ids and passwords,then it is possible for them to steal the ids and passwords of business users that use the Telenet network. Such stolen ids and passwords would enable such pirates to make illegal international data calls at someone else's expense. THE ENTIRE TELENET PACKET SWITCHING NETWORK MAY BE IN DANGER! If this is true, hopefully there is someway that Telenet can correct this security problem. We could see the termination of the PC Pursuit service because of this! ------------------------------------------------------------------------ Msg # 6076 Dated 02-27-88 16:21:29 From: BOB FREED To: TONY WADDELL Re: (R)IMPORTANT Re: 6057, 6062 It's for real. I've gotten a new user id and two new passwords in the past two weeks because of this situation. It's not true that these jokers can intercept your session completely undetected, though. If you see a message such as "CONNECTION FROM xxx yyy", disconnect immediately or contact customer service on a second line. ------------------------------------------------------------------------ Msg # 6077 Dated 02-27-88 16:28:08 From: BOB FREED To: IMA HACKER- Re: (R)IMPORTANT Re: 6057 As I see it, the only thing you're accomplishing is to destroy this system completely. I'm sure we won't see any of the things you mentioned (more outdial modems, less BUSY, responsive service, better contract, 300 and 2400 bps) any sooner if Telenet has to spend considerable time and effort plugging leaks in their security. In fact, we may never see them at all. Here's hoping they catch you soon....