Hacking ARPANET



****************************************

        Hacking ARPANET -- Part I

                  by

              The SOURCE

                  of

       -=>*The Listening Post*<=-

              408-923-7575


***************************************

INTRODUCTION
------------

ARPANET (Advanced Research Projects Agency NETwork) was funded by the Department
of Defense (DOD) in 1969 as an experiment in sharing the resources of many
different types of computers.  Earlier DOD systems (AUTODIN,for example), relied
on linking computers that were the same make, using the same operating systems.
Work on ARPANET was performed under contract by many organizations, including
educational institutions, and today it is universities who are the primary
network users.

     Once logged onto ARPANET a user may conference with, or use the program
resources and available data files of any other computer that is on the system.
Hundreds of computers are available over ARPANET including computers at non-
university research centers like Rand Corporation, SRI and other military-
industrial think tanks.

     Until late 1983 and early 1984, military computers were also a major
ARPANET resource.  With the threat from young computer "hackers", however, the
military computers have moved to their own ARPANET-like network called MILNET.
The two networks are now part of what is known as the "DDN" or Defense Data
Network.  ARPANET nodes may be used to dial-up MILNET nodes as long as the
caller can enter the proper authorization code and password once connected to
the MILNET node.  MILNET users can, likewise, use ARPANET resources.

     ARPANET is also used as a resource for students as well as computer
scientists and engineering specialists.  Because of the variety of users, the
system tends to be very talkative about itself and very helpful.  Periodically,
however, certain ARPANET nodes decrease the amount of help that they provide
online.

     Despite the fact that dozens of different types of computers are interfaced
in ARPANET, it is a simple system to use because all nodes (called TIP's), use
fundamentally the same operating systems on either DEC (Digital Equipment
Corporation) models 20 or 10 mainframes.  The operating system is called the
"EXEC" and is called the TOPS-20 Monitor (on the DEC 20).

     Access numbers for local ARPANET nodes can be found from users of certain
bulletin boards, by calling the system manager, or by asking someone who attends
a major university.

GETTING ON
----------

     Once connected to the system, hit <CR> once for 300 baud or twice if you
are using 1200 baud.  The EXEC then recognizes you and displays a welcome
message as below:

WELCOME TO ARPANET
**FOR OFFICIAL USE ONLY**
Call the NIC at 1-800-235-3155 for TAC user problems.
Type @n for news.
SU TAC 110 #:13

     At this point there are only two commands that the Exec will recognize:
@N for news, and @O for onto the host sysem.  Start by checking out the news.
The node you have reached may be willing to be very helpful and informative.

NEWS FROM THE EXECUTIVE
-----------------------

     A sample executive session follows below:

@N  <user entry>
TCP Trying...Open
SRI-NIC, TOPS-20 Monitor 5.3(5731)-1
*  For TACNEWS, enter:  tacnews<RETURN>
*  To find the host administrator for host xy-z, enter:  whois xy-z<RETURN>
*  Report system problems to Action@SRI-NIC or call (415) 859-5921
There are 7+12 jobs with load average  1.13

@TACNEWS  <exec provides @ prompt, user replies "tacnews">

SRI-NIC TACnews 1.3(15)-2 on Sunday, 23-Sep-84 11:13pm-PDT
Send bugs or comments to TACNEWS@SRI-NIC.ARPA
  1. Announcements (updated 14-Sep-84)
* 2. Dial-Ups (MILNET TAC telephone numbers, updated 17-Sep-84)
* 3. Login (Help with TAC login, updated 24-Aug-84)
  4. Newsletters (DDN News, updated 24-Jan-84)
  5. Bulletins (DDN Management bulletins, updated 17-Sep-84)
Type a menu number ('HELP<CR>' for more info): HELP

The NetNews program lets you access sets of news files at the DDN Network
Information Center (NIC).  So far, you have entered the program and seen a menu
of available sets and documents.  Documents are marked in the menu with a '*'
in the first column.  To view a doument, or browse through a set, type its menu
number followed by carriage return, <CR>.  If you choose a set, you will then be
shown a summary of the most recent issues, and by typing its menu number may
read the item.  Type 'TOP<CR>' at any time to get back to the first menu.

useful commands are:
        ?               To see a list of commands
        ^O (control-o)  To stop the typeout of an issue
        HELP            To get more information
        TOP             To return to the beginning menu
        QUIT            To exit

Terminate all commands, except '?', with a carriage return, <CR>.

<monitor then returns to the menu and we type QUIT so we can learn what else is
available to someone who has not logged in.>

Killed Job 34, User TACNEWS, Account QUERY, TTY 110, at 23-Sep-84 23:15:47
 Used 0:00:01 in 0:01:53
Host closing connection
Closed

GETTING HELP
------------

<Each function is treated as an unique job.  The HELP command is part of the
QUERY program.  A log report is made when the user QUITs.  The user must then
begin all over again with the @N prompt, read the herald again, and then proceed
to other options when the system responds with its own @ prompt.  We skip these
redundancies in this example.>

@HELP  <user enters HELP>
To see a list of your options for commands or arguments, try typing question
mark.  Typing "?" to the "@" prompt gives you a list of the commands the Exec
understands.  Typing "?" after one of these commands tells you what you can type
next.  For example,
        @HELP ?
will show you a list of some of the more important topics for which Help is
available.  The question mark invokes a help message without affecting what
you've typed so far; you can go on typing the command just as if you hadn't
typed "?".  Also, the question mark is read immediately; you don't have to type
RETURN.

If you make a mistake while typing a command, use BACKSPACE to delete the last
character you typed.  Ctrl/W will delete your last Word, and Ctrl/U will delete
your entire command line, allowing you to start again.  If you feel hopelessly
lost, typing Ctrl/C twice will return you to the Exec "@".

     @HELP ? RETURN for general help
        or * to see all topics
        or the name of an EXEC command
        or one of the following:
ATTACH     BLANK     BREAK     DAYTIME     ECHO
FINGER     HELP     INFORMATION     KK     LOGIN
LOGOUT     NIC     SET     SYSTAT     TACNEWS
TERMINAL     UNATTACH     WHOIS

<above is a list of the help files available at this particular session.  At
other times either more or fewer files are available.>

****************************************

      Hacking ARPAnet -- Part II

                 by

             The SOURCE

                  of

       -=>*The Listening Post*<=-

              408-923-7575

***************************************

LEARNING WHO's WHO
------------------

     As mentioned earlier, ARPANET can be made to disclose a great deal of
information before you have logged on or even hacked a password.  Among the most
useful commands are those that tell you who else is on the system and what the
status of the system is.  These files give you information that will help your
future hacking activities.  In this section we discuss commands that disclose
data about users that are available from the EXEC level.

@HELP WHOIS  <user entry>

NICNAME (alias WHOIS) is a utility for cross-net access of the NIC user
registration database.  NICNAME has been chosen as the global name for the
program, although many sites will choose to use the more familiar WHOIS name for
the program.

For the convenience of sites without user programs to interact with the NICNAME
server, WHOIS may be run on the SRI-NIC machine via Telnet service without
logging in.  The documentation below is slightly inaccurate in this case,
since there is no need to reach further through the net to access the database,
as the user program and the database are both on SRI-NIC.

The initial procedure is a one-reach, one-response query, which allows users at
any Internet site to obtain information about an organization or individual by
providing either a name or an IDENT.  The protocol used is a TCP protocol.  A
server program running at SRI-NIC takes the user's request, accesses the NIC
database and sends back the reply.

The reply can be in one of three forms:
     1)  Record for individual or organization found, information (including
         name, ident, organization, mailing address and network address) is
         returned to user.
     2)  Given name matches more than one record.  A short entry is returned for
         each matching record and the ueer is told to re-query the system using
         the ident to match any one iddividual or organization shown.
     3)  No record matched.  If an ident was given, this response means that the
         ident is free for use by an individual or organization, and can be
         obtained for such by contacting NIC.

     Examples of use follow.  For clarity, the user's typeing appears in
uppercase:

I.  Request for help information.

@WHOIS
Ident: ?
; Accessing NICNAME server at SRI-NIC...
    Please enter a name or a handle ("ident"), such as "Smith" or "SRI-NIC".
Starting with a period forces a name-only search; starting with exclamation
point forces handle-only.  Examples:
      Smith           [looks for name or handle SMITH]      !SRI-NIC        [looks for handle SRI-NIC only]      .Smith, John    [looks for name JOHN SMITH only]    Adding "..." to the argument will match anything from that point, e.g.
"ZU..." will match ZUL, ZUM, etc.
    To search for all the authorized users of a host, use:
      %HOST
    To search for mailboxes, use one of these forms:
      Smith@          [looks for mailboxes with username SMITH]      @Host           [looks for mailboxes on HOST]      Smith@Host      [Looks for mailboxes with username SMITH on HOST]    To have the ENTIRE membership list of a group or organization, if you are
asking about a group or org, shown with the record, use an asterisk character
"*" directly preceding the given argument.  [CAUTION: If there are a lot of
members this will take a long time!]    You may of course use exclamation point and asterisk, or a period and
asterisk together.

II.  Search by name only.

@WHOIS .GRAY
; Accessing NICNAME server at SRI-NIC...

There are 9 matching entries.

Gray, Beth (BG10)    BGRAY@UDEL-RELAY   (202) 274-9446 (AV) 284-9446
Gray, Bobby R. (BRG)    BRGray@RADC-MULTICS   (315) 330-4846 (AV) 587-4846
Gray, Bruce (BG17)    DRSEL-TCS-MCF@OFFICE-7   (201) 544-3671 (AV) 995-3671
Gray, Charles W. (CWG1)    CWGray@RADC-MULTICS   (315) 330-2116 (AV) 587-2116
Gray, Gilbert R. (GRG2)    gray@NEMS   (202) 227-1270 (AV) 287-1270
Gray, Neil (NG1)    GRAY@SUMEX-AIM   (415) 497-1712
Gray, Purnell (PG5)    DRSTS-DS@OFFICE-1   (314) 263-3397 (AV) 693-3397
Gray, Randy K. (RKG)    DRSEL-CP-RA@OFFICE-7   (201) 544-4733
Gray, Richard M. (RMG)    WESTDIV@USC-ISI   (707) 646-3514

To single out any one of these, repeat the command, using "IDENT" or "!IDENT"
instead of "NAME" (e.g., "vw" or "!vw" instead of "white").

III.  Search by name or ident specifying an ident.

@WHOIS VW
Accessing NICNAME server at SRI-NIC...

White, Victor A. (VW)                               VIC@SRI-KL
   SRI International
   Network Information Center
   Telecommunications Sciences Center
   333 Ravenswood Avenue
   Menlo Park, California 94025
   Phone: (415) 859-5303

Send additions or changes to NIC@SRI-NIC

IV. Search by name or handle specifying a name with an ellipsis.

@WHOIS STEPH...

Squires, Stephen L. (STEPH)   SQUIRES@USC-ISI  (202) 694-5917
Stephany, Michael (MS30)  USARCCO@STL-HOST1  (620) 538-8285 (AV) 879-8285 (FTS)
 769-8285
Stephen-Smith, Kay (SS2)   STEPHENSMITH@SRI-KL  (01) 681-1751
Stephens, Donald L. (DLS2)   LAOFTHOOD@STL-HOST1  (AV) 737-6608 or 737-3103
Stephens, Eugene F. (EFS1)   LAOFTPOLK@STL-HOST1  (AV) 863-4876 or 863-4888
Stephens, Nadine Y. (NYS)   DSDC-SGY@GUNTER-ADAM  (205) 279-4901

V. Search for mailboxes.

@WHOIS MIKE@

Muuss, Michael John (MJM2)   MIKE@BRL   (301) 278-6678 or 278-6239 (FTS) 939-66
78 or 939-6239
Wahrman, Mike (MW19)   mike@CCA-UNIX    (703) 522-1717
Liveright, Mike (ML1)   MIKE@KESTREL    (415) 494-2233
Wahrman, Michael L. (MLW)   mike@RAND-UNIX  (213) 393-0411
Stonebraker, Michael R. (MRS)   mike@UCB-VAX  (415) 642-5799 or 642-3068

@WHOIS GPARK@DDN1

Parker, Glynn (GP)            gpark@DDN1
   Defense Communications Agency
   Code B627
   Washington, D.C. 20305
   Phone: (703) 285-5133
   MILNET TAC user

@WHOIS @MIT-ML

Ressler, Andrew L. (ALR)   ALR@MIT-ML   (617) 253-3504
Kuipers, Benjamin (BK2)   BEN@MIT-ML    (617) 628-5000 ext 6650
Davies, Byron (BD5)  BYRON@MIT-ML       (617) 253-3507
.
.   (items omitted here for brevity)
<the job autologs itself out and the monitor is ready for the next command>


FINGER YOURSELF?
----------------

Let's try the command:

@FINGER
 User    Personal name       Job Subsys Idle TTY Console location
 ???                          34 FINGER     .106 Internet: SU-TAC#13
DOMAIN   Domain Server        28 DSV    *:** 102 Job 0, OPERATOR, SYSJOB
FEINLER  Jake Feinler         31 :BASE        30 EJ200 Jake Feinler x6287
HENRY    Henry Chen           41 EXEC       .    Detached
KLH      Ken Harrenstien      26 EMACS     1  17 TSC MICOM 30 [P235]X-MAN    Jeff Thompson        27 EXEC     12.  3 EK205 Operator Fishbowl x4664
                              35 EMACS        14 TSC MICOM 30 [P232]
@HELP SYSTAT
The SYSTAT command lists information about jobs logged into the system in order
of job number, along with the date and time, how long the system has been up,
the number of jobs logged in, and load average information.

If the user is logged in from another host, the name of that host is given under
the Foreign host heading.

For example:
@systat
 Tue 14-Aug-84 15:29:38  Up 45:40:40
 20+13 Jobs   Load av   1.70   1.33   1.43
 Job  Line Program  User              Foreign host
  13   102  DSV     DOMAIN
  14    40  EXEC    NAN
  15    16  VOID    KLH
  16   DET  EXEC    HENRY
  17   106  FTPSRT  ANONYMOUS         (SRI-KL)
  18    54  TYPE    OLE
  19     3  EXEC    SAPPHO
  20*   51  SYSTAT  STACIA
  22    11  EXEC    SAPPHO
  25    60  MM      OLE
There are a number of arguments which can be given to the SYSTAT command.  These
can be listed by typing SYSTAT ?.  These arguments include:
 .    All    Charge    Class     Controlling
Directory     Header    In-Class     Limit     Line
 Lpt     No     Program     State     System
 Time     What     Where     Who
  or user name
  or directory name
  or Decimal job umber
  or ","
  or confirm with carriage return

combinations of arguments may be given:

@sys stacia all header

Tue 14-Aug-84 15:35:12  Up 45:46:14
20+13 Jobs   Load av   3.37   2.67   2.02

Job  CJB Line Program State  Time     Limit    User, <Directory>  Foreign host
  20*       51  SYSTAT  RUN   0:09:35           STACIA, PS:<HELP>

@sys stacia all no directory
 Tue 14-Aug-84 15:35:44  Up 45:46:46
 20+13 Jobs   Load av   3.09   2.67   2.04

 Job  CJB Line Program State  Time     Limit    User              Foreign host
  20*       51  SYSTAT  RUN   0:09:37           STACIA

The first listed all SYSTAT information about user STACIA.  The second listed
all of the information given before, without listing the connected directory.

WHAT's AVAILABLE ON THE DDN
---------------------------

@NIC  <enter NIC after @ prompt>
TOP   <enter TOP to start at beginning of file>

NIC/Query is a database system containing information about the Defense Data
Network (DDN), including MILNET and ARPANET.  Each list of topics is presented
to the user as a numbered menu of selections.

- To see more detail on any of the topics below, type its corresponding number
followed by a carriage return, <CR>.

- To leave NIC/Query, type 'quit<CR>'.

- For more help and additional commands, type 'help<CR>'.

   1. INTERNET PROTOCOLS -- Describes Internet protocols
   2. PROGRAMS -- Describes programs available on DDN hosts
   3. PERSONNEL -- Directory of DDN users
   4. HOSTS -- Describes DDN hosts
   5. RFCS -- Requests For Comments technical notes
   6. IENS -- Internet Experiment Notes
   7. NIC DOCUMENTS -- Documents available from the NIC

_ for back, ^ for up, + for top, or menu # (1-7): QUIT  <let's return to this
menu later>

LOGING OUT
-----------

You haven't really loged in yet, and a quick way of loging out is to enter a
"C" at the prompt or to simply unplug your phone.  However, ARPANET's own files
can be revealing:

@HELP KK

The LOGOUT command logs you off of the system and expunges all deleted files in
your directory.  Synonyms for LOGOUT include K and KK.

You may also log out another job logged in on your account by specifying the
job number after the LOGOUT command.  In this case a message describing the job
to be logged out is printed, and a confirming RETURN is required.

If your job hangs, you might wish to log in at another terminal and then LOGOUT
the other job, as described in the last paragraph.  First find the other job
number, as follows:
        @systat jsmith
          27*   54  SYSTAT  JSMITH
          32   112  BASIC   JSMITH
The * indicates the job number of the job issuing the SYSTAT command.  You will
want to use the other job number -- 32 in this case:
        @logout 32
         JSMITH, TTY112, BASIC
        [Confirm]and you confirm by pressing the RETURN key.

MORE HELP
---------

@HELP ATTACH
ATTACH allows you to move a job to a different terminal or to return it to a
terminal from detached status.

To ATTACH, say
    @attach USERNAME
    Password:
At the Password prompt, type in your password (which will not be echoed to the
screen) and your job will be attached.

If you have more than one job logged on to the system, you will need to supply
a job number after your username.  Finger yourself to find out this information.
If you are attaching a job which is already attached to another terminal, you
will be asked to confirm with carriage return before the Password prompt.

(In Part III of Hacking ARPANET by The Source, some of the best information
ARPANET will tell any "anonymous guest" once you leave the Exec.)
Cracking ARPANET by The Source, some of the best information.
***************************************

      Hacking ARPANET -- Part III

                  by

              The Source


***************************************

     ARPANET can't be faulted for the
amount of information it is willing to
disclose to anyone who knows the number
of a dial-up and knows enough to type in
"@N" and then follow directions.  But
the EXEC is, after all, limited to
managing inter-computer phone calls.
Even more interesting material is
available once you get onto what is
known as one of the network's "server"
computers.

OPENING THE DOOR
----------------

     Once you have reached the Exec on a
TIP, getting the door to a server
machine to open to you is no problem.
At the "@" prompt type "O" for open
followed by a space and then by two
numbers separated by a comma.  The
numbers represent the address of a
computer system.  The first number may
be from 0 to 3, and the second number
may range from 0 to 15:

     @O 0,11
     <the Exec responds:>
     TCP Trying...SU-AI WAITS 9.17/H
Assembled 06/17/84
     .Open

The ".Open" shows that you're in.  There
is a great deal you can do at this
level, and you don't even have a
password yet -- as far as the system
knows, you're still "anonymous guest"!
Most server systems operate under the
UNIX operating system, so any good
manual on UNIX should tell you more than
you need to know.  But now that we've
reached Stanford University's Artificial
Intelligence Lab (having been switched
there by SRI, formerly Stanford Research
Institute), let's take a look at what's
available.  First, list the HELP files:

.HELP
Job 3    SU-AI WAITS 9.17/H  Assembled
06/17/84
Type HELP followed by any of the
following, then carriage return:
ACCESS  COMPIL  EDITOR  HOSTS
MICROS  PPK     SORT    UNDELE
ACCOUN  COPY    EDKEY   HOWBIG
MIDAS   PPSAV   SOS     UNPROT
ACRONY  CPRINT  EFTP    IIIPOX
MLISP   PRESS   SOUP    VERIFY
ADA     CRDIR   EKL     ILISP
MLISP2  PRINT   SPASM   WEAVE
ADAEDT  CRE     EMACLS  IMPRIN
MONCOM  PRLISP  SPINDL  WEB
AL      CREF    ESC     INTERN
MOORE   PROLOG  SPOOL   WHEN
ALIAS   CRYPT   ESCAPE  JARGON
MUSIC   PROTEC  SRCCHK  WHERE
ARKTEX  CSD     ET      KILL
NCOMPL  PROVE   SRCCOM  WHO
ARM     D       ETEACH  KJOB
NET     PRUNE   STICKY  WHOLIN
ARPA    DART    ETV     KRL
NETDOC  PTYJOB  SUTIP   WHOPHN
ARPANE  DDFONT  EVENT   L
NETWRK  PUMPKI  SYMBOL  WL
ASSIGN  DDKEY   EXT     LATER
NEWIO   PUPTIM  SYSTEM  XGP
ATSIGN  DDQ     FAIL    LATEX
NEWS    RCV     TALK    XGPSYG
ATTACH  DED     FASBOL  LAWS
NOEKEY  REMIND  TANGLE  XGPSYN
BAIL    DFTP    FCOPY   LEDIT
NOTEBK  RENAME  TECO    XGPTYP
BATCH   DIAL    FELT    LIFE
NSL     RESOLV  TELNET  XIP
BBOARD  DIALNE  FILES   LIFXGP
OPTION  RESTOR  TEMPER  XPART
BIBOP   DIR     FIND    LINGO
P       RETRY   TERMINK10
PAM     SAIL    TEX78   YUMYUM
BMP     DISPLA  FONT    LISP
PASCAL  SAVE    TEX82   Z80
BOISE   DM      FORWAR  LIST
PASSWO  SCHEME  TFM     ZERO
BOOK    DMKEY   FRAID   LOADAV
PC      SCIP    TIP     370
BOYER   DO      FTP     LOGIN
PCP     SCRIBE  TTY     6500
CANCEL  DOC     GEOMED  LOGOUT
PHONE   SD      TTYCMD  6800
CANON   DOVER   GRIPE   MACLIS
PHONES  SEND    TTYESC  8080
CC      DRAW    GRUMP   MACLSP
PIX     SERVIC  TTYSET
CHARGE  DRD     GUEST   MAIL
PK      SIMPLE  TVFONT
CHRMAC  DSKSIZ  H19KEY  MAP
PLAN    SLAC    TYPE
CKMAIL  DTN     HELP    MAXTEX
POLL    SLR1    TYPREL
COLIST  E       HELPER  METAFO
PONY    SNAIL   UDPUFD
COMBIN  ECL     HOST    MF
POX     SNOBOL  UFD
Type "HELP HELPER" for one-line
descriptions of most of the HELP
messages.

MORE HELP
---------

     If you'd like, try "HELP HELPER"
for yourself.  Meanwhile more detailed
listings of some help files follow.
 .....
 .HELP GUEST
There is no general guest account on
this system.  There are some commands
that can be given without an account, as
listed below.  If you need to know more
about any of these, type "HELP
<topic><carriage return>".  For
information on special control
characters and commands, type "HELP
TTY".
 WHO, FINGER, WHERE, WHEN provide
information about people and jobs
currently running.
 MAIL, SEND, GRIPE permit you to send
messages and converse with people on the
system.  (You can use SEND to ask
someone who is logged in to form a
two-way link with you.)
 DIR lists the files in specified
directories.
 TYPE lets you type out the contents of
text files.
 FIND searches text files and prints
those paragraphs that contain specified
keywords.
If you need to do more than the above
programs permit, say "HELP LOGIN".

 .HELP NETDOC
Job 5    SU-AI WAITS 9.17/H  Assembled
06/17/84
(Much network information is available
from the Network Information Center at
SRI-NIC.  Please consult the network
liaison, Martin Frost (ME), for more
information about the network or the
resources available to you at the NIC.)
A large library of source and
documentation files about the network,
NOT including the host table, live on
the [S,NET] directory.  Even more
hardcopy documentation is available in
the bookshelf in ME's office for the
general SAIL community (please ask ME
before borrowing anything).  The host
table files can be found on [HST,NET].
The NETWRK library of network
subroutines can be found in
NETWRK.FAI[S,NET] and NETWRK.MID[S,NET].
     Some interesting files are:
HOSTS.TXT[HST,NET]      The source of
the host table
SUAI.TXT[S,NET]         Our write-up in
the Arpanet Resource Handbook.
     Most of the network user-level
documentation is contained in the
Monitor Command Manual, which can be
found online by giving the monitor
command READ MONCOM<cr>.  Large online
directories of network documetation
exist at SRI-NIC as <NETINFO> and MIT-DMS
as NETDOC;.
     Type HELP NETWRK for information on
programming for the network.
Kjob

 ...HELP HOST
Job 5    SU-AI WAITS 9.17/H  Assembled
06/17/84
The HOST command is used to look up
information in the host table about a
particular host name or host number.
This information includes the official
name of the host if the name is a
nickname, all host numbers known for
that host, whether the host is a user or
a server, the host machine and the host
operating system.
     To use HOST, type HOST followed the
host name (or any abbreviation) you want
to look for, or the host number, and
return.  The program will print all
hosts (and nicknames) which match the
input specification.  A null
specification will type out the entire
host table, but only if you are logged
in.  For example:
        .HOST MIT-MC
(describe MIT-MC)
        .HOST CMU
(describe all CMU sites)
        .HOST 36.40.0.194
(describe Internet host 36.40.0.194)
        .HOST 50#302
(describe SU Ethernet host 50#302)
        .HOST                   (print
out the host table)
Note that even non-unique abbreviations
are accepted.  For example "SU" will
print out ALL of the Stanford University
hosts.  This is different from TELNET,
etc., which only accept abbreviations
which are unique to a single host.
Kjob

(In Hacking ARPANET Part IV we'll report
on some more important help files.)
 example "SU" will print out ALL of the
Stanford University hosts.  This is
different from TELNET, etc., which only
accept abbreviations which are unique to
a single host.

*************************************


       Hacking Arpanet -- Part V

                by

             The Source


**************************************

PEEKING AND SPYING
------------------

    This article discusses the commands that "anonymous guest" can use to learn
what other people are doing on the system.

 .HELP PK
The PK program can be used to PeeK at the input and output buffers of any
terminal, and the line editor buffer of a display.  To run PK, give the monitor
command "R PK".  PK will ask for a terminal line number, and will display that
terminal's buffers plus the who line of the job, if any, using that terminal.
PK can also display the contents of some of the internal system variables
associated with the terminal (see + and - commands below; the default is not to
display this system data).
If the selected terminal is hidden (by ESC H), PK will so notify you.  You may
choose to override the hiding, but if so, the selected terminal is notified that
you are spying on it.
If you are using a SAIL display, the selected terminal's buffers will be
displayed on your screen about once per second, like a WHO display.
If you are using a non-display, the PK information will be typed once.
While PK is running on a display, you can give it any of the commands in the
table below to have it display different information (in the table, <cr> means
carriage return).  Whenever PK exits on a DD or III, the last buffer display
will remain on your screen until you reset your display by BREAK P or by running
another program.

<line number><cr>  Display buffers of the given terminal line.
+<line number><cr> Display given terminal line and enable data display.
-<line number><cr> Display given terminal line and disable data display.
<linefeed>   Display buffers of the next higher numbered terminal.
<altmode>   Display buffers of the next lower numbered terminal.
^B^C<digit>   Update the display NOW and every <digit> seconds (1:9).
^B^C0   Update the display NOW, then only once for each command.
+<cr>   Enable display of system internal data at top of screen.
-<cr>   Disable display of system internal data at top of screen.
<cr>   Stop the displaying and exit to the monitor.
<monitor cmd>   Exit and execute the given monitor command.

 .HELP PPK
PPK allows you to peek at the screen of someone at a display terminal (a
DataDisc, III or Datamedia).  Say "R PPK", and give it the line number of the
terminal you want to observe.  (For DataDiscs, this is NOT the number reported
by FINGER; it's the number following the PPN in the person's wholine, and can be
found with the WHERE command.)
If you are on a display yourself and have your wholine turned on, PPK changes
your wholine to be that of the job at which you're peeking.  (Your original
wholine selection is restored when you exit.)
Once you have selected a lial "observe page printer" mode. (Do NOT follow the
E or N with a carriage return, or PPK will exit!)  Typing another line number
followed by a carriage return gets you another victim.  A raw carriage return
causes the program to exit.
If the selected terminal is hidden (by ESC H), PPK will so notify you. You may
choose to override the hiding, but if so, the selected terminal is notified
that you are spying on it.
The display is updated about once every two seconds.  You can force an
immediate update by typing ALTMODE.  You can also set the rate by typing
control-meta-digit, where 1-9 = 1-9 secs and 0 causes the display never to be
updated (except when you type ALTMODE).

 .HELP POLL
POLL accepts an audio channel number and lists those terminals which are
listening to it, and the PPN, if someone is logged in at that terminal.  An
argument of * will list all nonzero audio channels.
r poll
CHANNEL=10
TV-46: TTY53 JOB 41 [1,BH]TV-47: TTY64
TV-51: TTY52 JOB 46 [1,CR]TV-63: TTY33 JOB 7 [SF,SF]
 .HELP TALK
The command to communicate with another user is called TALK.  It makes
everything that either one of you types appear on both terminals.  (Note: If
you want to know about the TALK program on the Altos, READ DMCHAT, which
describes both Alto DMCHAT and Alto TALK. The writeup below is for the TALK
command on SAIL, which is completely different from Alto TALK.)  The argument
to TALK is either the programmer name of the person you want to talk to, the
device name of the terminal you want to talk to, or an ARPAnet address.  For
example:
 TALK MRC
 TALK TTY34
 TALK RMS@AI  (% is legal as a host name delimiter also).
The command may fail for any of the following reasons:
user not logged in (use MAIL)
user logged in more than once (use a terminal instead of a user spec)
user gagged or (for ARPAnet TALK) refusing links (use MAIL)
the ARPAnet site is unreachable or does not support network linking
When you are in a (local) talk ring, what you type goes only to the terminals
in the ring, not to the monitor or a user program.  To leave the talk ring,
type [CALL] (control-C from non-displays).
TALKing to local users does not run a program; hence the core image is
preserved.
TALKing to network users runs a program.  To leave network talk, type
<CONTROL><META>[LF] (control-Z from monitor. It is considered antisocial to
use the TALK command to establish communication with strangers. A better way is
the SEND command, which will send a message to a user but does not interfere
with his work.  For this reason, the TALK command requires that you be logged
in.  If you don't have an account, you can use SEND to request the user TALK
to you.  Type "HELP SEND" for more info.

 .HELP WHEN
Typing WHEN prints out your most recent logout time, and the directory which
did the logging out.  The fact that you are currently logged in does not affect
this information. As with FINGER, system crashes are not considered to be
"loggig out".  Also, if your directory was deleted when you logged out, it will
not be included by WHEN.  The WHEN command also takes optional arguments.  If
only a single argument is given, it may be typed as:
 WHEN FOO
If more than one argument is used, separate them by semicolons, not commas.  The
various argument forms are:
 . Report only on current directory.
 * Give latest logouts for all of your directories.
       PRG Give latest logout from among PRG's directories.
      *,PRG Give logouts for all of PRG's directories.
      PRJ,* Give logouts for all directories with project PRJ.
     PRJ,PRG Give latest logout for the single directory [PRJ,PRG].
       *,* Give logout for every directory (not recommended).
Note that brackets are not included in any of the options.  If you are aliased,
the . and * options will use the aliased ppn.  For example:
 WHEN DON;*;S,SYS;ME
would tell you when DON last logged out (and from which of his directories),
list all directories for you (or for whomever you're aliased to) with logout
times, give the latest logout for [S,SYS], and finally tell you when ME last
logged out.
If one or more of the directories being listed happens to be logged in at the
moment, a note will be  printed to that effect.  If you have asked for the
latest from among all of someone's directories (including your own, which is
the default), then you will be told if that user is logged in on ANY of his
directories.  (In the other cases, such as "*,PRG" or "PRJ,PRG" or "." options,
you are told  only if the specific directory is logged in.)
Note that, even if you are not interested in the logout information, you can
use WHEN *,FOO to get a list of all of FOO's directories.      The other
command for doing this is DIR [*,FOO]/Q/F.   It turns out that WHEN is
significantly faster and uses fewer disk ops.  WHEN is also much faster than
FINGER for finding out logout times or for finding out whether a specific person
is currently logged in (though WHERE)

an
FINGER for finding out logout times or for finding out whether a specific person
is currently logged in (though WHERE)