Page 072


Undergound. Go to Table of Contents.

   networks were billed. Some systems on the network took reverse-charge

   connections--like a 1-800 number--and some, including Altos, didn't.

   To get to Altos you needed a company's NUI (Network User Identifier),

   which was like a calling card number for the X.25 network, used to

   bill your time on-line. Or you had to have access to a system like

   Minerva which automatically accepted billing for all the connections

   made.

  

   X.25 networks are different in various ways from the Internet, which

   developed later. X.25 networks use different communication protocols

   and, unlike the Internet at the user-level, they only use addresses

   containing numbers not letters. Each packet of information travelling

   over a data network needs to be encased in a particular type of

   envelope. A `letter' sent across the X.25 network needs an X.25

   `stamped' envelope, not an Internet `stamped' envelope.

  

   The X.25 networks were controlled by a few very large players,

   companies such as Telenet and Tymnet, while the modern Internet is, by

   contrast, a fragmented collection of many small and medium-sized

   sites.

  

   Altos unified the international hacking world as nothing else had

   done. In sharing information about their own countries' computers and

   networks, hackers helped each other venture further and further

   abroad. The Australians had gained quite a reputation on Altos. They

   knew their stuff. More importantly, they possessed DEFCON, a program

   which mapped out uncharted networks and scanned for accounts on

   systems within them. Force wrote DEFCON based on a simple automatic

   scanning program provided by his friend and mentor, Craig Bowen

   (Thunderbird1).

  

   Like the telephone system, the X.25 networks had a large number of

   `phone numbers', called network user addresses (NUAs). Most were not

   valid. They simply hadn't been assigned to anyone yet. To break into

   computers on the network, you had to find them first, which meant

   either hearing about a particular system from a fellow hacker or

   scanning. Scanning--typing in one possible address after another--was

   worse than looking for a needle in a haystack. 02624-589004-0004. Then

   increasing the last digit by one on each attempt. 0005. 0006. 0007.

   Until you hit a machine at the other end.

  

   Back in 1987 or early 1988, Force had logged into Pacific Island for a

   talk with Craig Bowen. Force bemoaned the tediousness of hand

   scanning.

  

   `Well, why the hell are you doing it manually?' Bowen responded. `You

   should just use my program.' He then gave Force the source code for

   his simple automated scanning program, along with instructions.

  

   Force went through the program and decided it would serve as a good

   launchpad for bigger things, but it had a major limitation. The

   program could only handle one connection at a time, which meant it

   could only scan one branch of a network at a time.

  

   Less than three months later, Force had rewritten Bowen's program into

   the far more powerful DEFCON, which became the jewel in the crown of

   the Australian hackers' reputation. With DEFCON, a hacker could

   automatically scan fifteen or twenty network addresses simultaneously.

   He could command the computer to map out pieces of the Belgian,

   British and Greek X.25 communications networks, looking for computers