[ News ] [ Paper Feed ] [ Issues ] [ Authors ] [ Archives ] [ Contact ]

..[ Phrack Magazine ]..
.:: A Hacker's Guide to the Internet ::.

Issues: [ 1 ] [ 2 ] [ 3 ] [ 4 ] [ 5 ] [ 6 ] [ 7 ] [ 8 ] [ 9 ] [ 10 ] [ 11 ] [ 12 ] [ 13 ] [ 14 ] [ 15 ] [ 16 ] [ 17 ] [ 18 ] [ 19 ] [ 20 ] [ 21 ] [ 22 ] [ 23 ] [ 24 ] [ 25 ] [ 26 ] [ 27 ] [ 28 ] [ 29 ] [ 30 ] [ 31 ] [ 32 ] [ 33 ] [ 34 ] [ 35 ] [ 36 ] [ 37 ] [ 38 ] [ 39 ] [ 40 ] [ 41 ] [ 42 ] [ 43 ] [ 44 ] [ 45 ] [ 46 ] [ 47 ] [ 48 ] [ 49 ] [ 50 ] [ 51 ] [ 52 ] [ 53 ] [ 54 ] [ 55 ] [ 56 ] [ 57 ] [ 58 ] [ 59 ] [ 60 ] [ 61 ] [ 62 ] [ 63 ] [ 64 ] [ 65 ] [ 66 ] [ 67 ] [ 68 ] [ 69 ] [ 70 ]
Current issue : #33 | Release date : 1991-09-15 | Editor : Dispater
Introduction to Phrack 33Dispater & Knight Lightning
Phrack Profile of Shooting SharkCrimson Death & Shooting Shark
A Hacker's Guide to the InternetThe Gatsby
FEDIX On-Line Information ServiceFedix Upix
LATA Referance ListInfinite Loop
International Toll Free Code ListThe Trunk Terminator
Phreaking in GermanyNinja Master
TCP/IP: A Tutorial Part 1 of 2The Not
A REAL Functioning RED BOX SchematicJ.R. "Bob" Dobbs
Phrack World News Special Edition IV (CyberView 91)Bruce Sterling
PWN/Part01Crimson Death
Title : A Hacker's Guide to the Internet
Author : The Gatsby
                                ==Phrack Inc.==

                Volume Three, Issue Thirty-Three, File 3 of 13


                       A Hacker's Guide to the Internet

                                 By The Gatsby

                      Version 2.00 / AXiS / July 7, 1991

1   Index
            Part:     Title:
            ~~~~      ~~~~~
             1        Index
             2        Introduction
             3        Glossary, Acronyms, and Abbreviations
             4        What is the Internet?
             5        Where You Can Access The Internet
             6        TAC
             7        Basic Commands
               a           TELNET command
               b           ftp ANONYMOUS to a Remote Site
               c           Basic How to tftp the Files
               d           Basic Fingering
             8        Networks
             9        Internet Protocols
            10        Host Names and Addresses

2   Introduction
     The original release of this informative file was in an IRG newsletter,
but it had some errors that I wanted to correct.  I have also added more
technical information.

     This file is intended for the newcomer to Internet and people (like
me) who are not enrolled at a university with Internet access.  It covers the
basic commands, the use of Internet, and some tips for hacking through
Internet. There is no MAGICAL way to hacking a UNIX system.  If you have any
questions, I can be reached on a number of boards.

- The Crypt       -            - 619/457+1836 -     - Call today -
- Land of Karrus  -            - 215/948+2132 -
- Insanity Lane   -            - 619/591+4974 -
- Apocalypse NOW  -            - 2o6/838+6435 -  <*> AXiS World HQ <*>

  Mail me on the Internet:  gats@ryptyde.cts.com

                                The Gatsby

*** Special Thanks go to Haywire (a/k/a Insanity: SysOp of Insanity Lane),
    Doctor Dissector, and all the members of AXiS.

3   Glossary, Acronyms, and Abbreviations
ACSE     -  Association Control Service Element, this is used with ISO to help
            manage associations.
ARP      -  Address Resolution Protocol, this is used to translate IP protocol
            to Ethernet Address.
ARPA     -  Defense Advanced Research Project Agency
ARPANET  -  Defense Advanced Research Project Agency or ARPA.  This is an
            experimental PSN which is still a sub network in the Internet.
CCITT    -  International Telegraph and Telephone Consultative Committee is a
            international committee that sets standard.  I wish they would set
            a standard for the way they present their name!
CERT     -  Computer Emergency Response Team, they are responsible for
            coordinating many security incident response efforts.  They have
            real nice reports on "holes" in various UNIX strands, which you
            should get because they are very informative.
CMIP     -  Common Management Information Protocol, this is a new HIGH level
CLNP     -  Connection Less Network Protocol is OSI equivalent to Internet IP
DARPA    -  Defence Advanced Research Project Agency.  See ARPANET
DDN      -  Defence Data Network
driver   -  a program (or software) that communicates with the network itself,
            examples are TELNET, FTP, RLOGON, etc.
ftp      -  File Transfer Protocol, this is used to copy files from one host
            to another.
FQDN     -  Fully Qualified Domain Name, the complete hostname that reflects
            the domains of which the host is a part.
Gateway  -  Computer that interconnects networks.
Host     -  Computer that is connected to a PSN.
Hostname -  Name that officially identifies each computer attached
Internet -  The specific IP-base internetwork.
IP       -  Internet Protocol which is the standard that allows dissimilar
            host to connect.
ICMP     -  Internet Control Message Protocol is used for error messages for
            the TCP/IP.
LAN      -  Local Area Network
MAN      -  Metropolitan Area Network
MILNET   -  DDN unclassified operational military network.
NCP      -  Network Control Protocol, the official network protocol from 1970
            until 1982.
NIC      -  DDN Network Information Center
NUA      -  Network User Address
OSI      -  Open System Interconnection.  An international standardization
            program facilitate to communications among computers of different
            makes and models.
Protocol -  The rules for communication between hosts, controlling the
            information by making it orderly.
PSN      -  Packet Switched Network
RFC      -  Request For Comments, is technical files about Internet protocols
            one can access these from anonymous ftp at NIC.DDN.MIL.
ROSE     -  Remote Operations Service Element, this is a protocol that is used
            along with OSI applications.
TAC      -  Terminal Access Controller; a computer that allow direct access to
TCP      -  Transmission Control Protocol
TELNET   -  Protocol for opening a transparent connection to a distant host.
tftp     -  Trivial File Transfer Protocol, one way to transfer data from one
            host to another.
UDP      -  User Datagram _Protocol
Unix     -  This is copyrighted by AT&T, but I use it to cover all the
            look-alike Unix systems, which you will run into more often.
UUCP     -  Unix-to-Unix Copy Program, this protocol allows UNIX file
            transfers.  This uses phone lines using its own protocol, X.25 and
            TCP/IP.  This protocol also exist for VMS and MS-DOS.
uucp     -  uucp when in lower case refers to the UNIX command uucp.  For
            more information on uucp read files by The Mentor in the Legion of
            Doom Technical Journals.
WAN      -  Wide Area Network
X.25     -  CCITTs standard protocol that rules the interconnection of two

     In this file I have used several special charters to signify certain
things. Here is the key;

*  - Buffed from UNIX itself.  You will find this on the left side of the
     margin.  This is normally "how to do" or just "examples" of what to do
     when using Internet.

#  - This means these are commands, or something that must be typed in.

4   What is the Internet?
     To understand the Internet you must first know what it is.  The Internet
is a group of various networks, ARPANET (an experimental WAN) was the first.
ARPANET started in 1969, this experimental PSN used Network Control Protocol
(NCP).  NCP was the official protocol from 1970 until 1982 of the Internet (at
this time also known as DARPA Internet or ARPA Internet).  In the early 80's
DARPA developed the Transmission Control Protocol/Internet Protocol which is
the official protocol today, but much more on this later.  Due to this fact,
in 1983 ARPANet split into two networks, MILNET and ARPANET (both are still
part of the DDN).

    The expansion of Local Area Networks (LAN) and Wide Area Networks (WAN)
helped make the Internet connecting 2,000+ networks strong.  The networks
include NSFNET, MILNET, NSN, ESnet and CSNET.  Though the largest part of the
Internet is in the United States, the Internet still connects the TCP/IP
networks in Europe, Japan, Australia, Canada, and Mexico.

5   Where You Can Access Internet
     Internet is most likely to be found on Local Area Networks or LANs and
Wide Area networks or WANs.  LANs are defined as networks permitting the
interconnection and intercommunication of a group of computers, primarily for
the sharing of resources such as data storage device and printers.  LANs cover
a short distance (less than a mile) and are almost always within a single
building complex.  WANs are networks which have been designed to carry data
calls over long distances (many hundreds of miles).  You can also access
Internet through TymNet or Telenet via gateway.  You'll have to find your own
NUAs though.

6   TAC
     TAC (terminal access controller) is another way to access Internet.  This
is just dial-up terminal to a terminal access controller.  You will need to
get a password and an account.  TAC has direct access to MILNET.  One example
of a TAC dialup is (800)368-2217, but there are several out there to be found.
In fact, CERT has a report circulating about people attempting to find these
dialups through social engineering.

     If you want the TAC manual you can write a letter to:

       Defense Communications Agency
       Attn: Code BIAR
       Washington, DC 2o3o5-2ooo

Be sure to write that you want the TAC User Guide, 310-p70-74.

     In order to logon, you will need a TAC Access Card.  You would probably
get it from the DDN NIC.  Here is a sample logon:

Use Control-Q for help...

* PVC-TAC 111: 01               \ TAC uses to this to identify itself
* @ #o               \ Use ``O'' for open and the internet
*                                / address which yea want to call.
* Access Code: #10kgb0124
* Login OK
* TCP trying...Open

7   Basic Commands
a:  Basic TELNET Commands

      Situation:  You have an account on a UNIX system that is a host on
Internet.  Now you can access the entire world!  Once the UNIX system you
should see a prompt, which can look like a '$' or '%' (it also depends on what
shell you are in and the type of Unix system).  At the prompt you can do all
the normal UNIX commands, but when on a Internet host you can type 'telnet'
which will bring you to the 'telnet' prompt.

* $ #telnet
* ^   ^
  |   |
  |  the command that will bring you to the telnet prompt
  a normal UNIX prompt

     You should get this:

* telnet>
     At this prompt you will have a whole different set of commands which are
as follows (This comes from UCSD, so it may vary from place to place).

* telnet> #help
* close           close current connection
* display         display operating parameters
* open            connect to a site
* quit            exit telnet
* send            transmit special character
* set             set operating parameters
* status          print status information
* toggle          toggle operating parameters
* ?               to see what you are looking at now

close      - this command is used to 'close' a connection, when multitasking
             or jumping between systems.

display    - this set the display setting, commands for this are as follow.

             ^E    echo.
             ^]    escape.
             ^H    erase.
             ^O    flushoutput.
             ^C    interrupt.
             ^U    kill.
             ^\    quit.
             ^D    eof.

open       - type 'open [host]' to connect to a system

* $ #telnet ucsd.edu

* telnet> #open

quit   - to get out of telnet and back to UNIX
send   - send files
set    - set
echo   - character to toggle local echoing on/off
escape - character to escape back to telnet command mode

     The following need 'localchars' to be toggled:

erase         -  character to cause an Erase Character
flushoutput   -  character to cause an Abort Output
interrupt     -  character to cause an Interrupt Process
kill          -  character to cause an Erase Line
quit          -  character to cause a Break
eof           -  character to cause an EOF
?             -  display help information

b:   ftp ANONYMOUS to a remote site

     ftp or file transfer protocol is used to copy files from a remote host to
the one that you are on.  You can copy anything.  Security has really clamped
down on the passwd file, but it will still work here and there (always worth a

     This could be useful when you see a Internet CuD (Computer Underground
Digest) site that accepts a anonymous ftps, and you want to read the CuDs, but
do not feel like wasting your time on boards downloading them.  The best way
to start out is to ftp a directory to see what you are getting.

     Example:  The CuD archive site has an Internet address of
and my account name is "gats".

* $ #ftp
* ^  ^
  |  |
  | ftp command
 UNIX prompt

* ftp> #open
* Connected to
* 220 FTP Server (sometimes the date, etc)
* Name ( #anonymous
*            ^         ^        ^
             |         |        |
             |         |       This is where you type 'anonymous' unless
             |         |     you have a account on
             |         |
             |        This is the name of my account or [from]
            This is the Internet address or [to]
* Password: #gats
*            ^
            For this just type your username or anything you feel like typing
            in at that time.  It doesn't matter.

* % ftp
* Connected to
* ftp> #ls
*       ^
       You are connected now, thus you can ls it.

     Just move around like you would in a normal unix system.  Most of the
commands still apply on this connection. Here is a example of me getting a
copy of the Electronic Frontier Foundation's Effector (issue 1.04) from
Internet address

* % #ftp
* ftp> #open
* Trying
* 220 chsun1 FTP server (SunOS 4.1) ready.
* Name ( anonymous
* 331 Guest login ok, send ident as password.
* Password: #gatsby
* 230 Guest login ok, access restrictions apply.
* ftp> #ls
* 200 PORT command successful.
* 150 ASCII data connection for /bin/ls (,4781) * (0 bytes).
* .hushlogin
* bin
* dev
* etc
* pub
* usr
* 226 ASCII Transfer complete.
* 37 bytes received in 0.038 seconds (0.96 Kbytes/s)
* ftp>

    |  This is where you can try to 'cd' the "etc" dir or just 'get'
    |  /etc/passwd, but grabbing the passwd file this way is a dieing art.

* ftp> #cd pub
* 200 PORT command successful.
* ftp> #ls
* ceremony
* cud
* dos
* eff
* incoming
* united
* unix
* vax
* 226 ASCII Transfer cmplete.
* 62 bytes received in 1.1 seconds (0.054 Kbytes/s)
* ftp> #cd eff
* 250 CWD command successful.
* ftp> #ls
* 200 PORT command successful.
* 150 ASCII data connection for /bin/ls (,4805) (0 bytes).
* Index
* eff.brief
* eff.info
* eff.paper
* eff1.00
* eff1.01
* eff1.02
* eff1.03
* eff1.04
* eff1.05
* realtime.1
* 226 ASCII Transfer complete.
* 105 bytes received in 1.8 seconds (0.057 Kbytes/s)
* ftp> #get
* (remote-file) #eff1.04
* (local-file) #eff1.04
* 200 PORT command successful.
* 150 Opening ASCII mode data connection for eff1.04 (909 bytes).
* 226 Transfer complete.
* local: eff1.04 remote: eff1.04
* 931 bytes received in 2.2 seconds (0.42 Kbytes/s)
* ftp> #close
* Bye...
* ftp> #quit
* %

     To read the file you can just 'get' the file and buffer it.  If the files
are just too long, you can 'xmodem' it off the host you are on.  Just type
'xmodem' and that will make it much faster to get the files.  Here is the set
up (as found on ocf.berkeley.edu).

   If you want to:                                         type:

send a text file from an apple computer to the ME       xmodem ra <filename>
send a text file from a non-apple home computer         xmodem rt <filename>
send a non-text file from a home computer               xmodem rb <filename>
send a text file to an apple computer from the ME       xmodem sa <filename>
send a text file to a non-apple home computer           xmodem st <filename>
send a non-text file to a home computer                 xmodem sb <filename>

xmodem will then display:

* XMODEM Version 3.6 -- UNIX-Microcomputer Remote File Transfer Facility
* File filename Ready to (SEND/BATCH RECEIVE) in (binary/text/apple) mode
* Estimated File Size (file size)
* Estimated transmission time (time)
* Send several Control-X characters to cancel

Hints- File transfer can be an iffy endeavor; one thing that can help is to
       tell the annex box not to use flow control.  Before you do rlogin, type

 stty oflow none
 stty iflow none

at the annex prompt.  This works best coming through 2-6092.

    Some special commands used during ftp session are cdup (same as cd ..) and
dir (gives a detailed listing of the files).

c:   How to tftp the Files

     tftp (Trivial File Transfer Protocol, the command is NOT in caps, because
UNIX is case sensitive) is a command used to transfer files from host to host.
This command is used sometimes like ftp, in that you can move around using
UNIX commands.  I will not go into this part of the command, but I will go
into the basic format, and structure to get files you want. Moreover, I will
be covering how to flip the /etc/passwd out of remote sites.
     There is a little trick that has been around a while.  It helps you to
"flip" the /etc/passwd file out of different sites, which gets you the passwd
file without out breaking into the system.  Then just run Brute Hacker (the
latest version) on the thing and you save time and energy.  This 'hole' (not
referring to the method of obtaining Unix superuser status) may can be found
on SunOS 3.X, but has been fixed in 4.0.  It has sometimes appeared in
System V, BSD and a few others.

     The only problem with this 'hole' is that the system manager will often
realize what you are doing.  The problem occurs when attempts to tftp the
/etc/passwd is happen too many times.  You may see this (or something like
this) when you logon on to your account.  This was buffered off of
plague.berkeley.edu.  I guess they knew what I was doing.

* DomainOS Release 10.3 (bsd4.3) Apollo DN3500 (host name):
*         This account has been deactivated due to use in system cracking
* activities (specifically attempting to tftp /etc/passwd files from remote
* sites) and for having been used or broken in to from <where the calls are
* from>.  If the legitimate owner of the account wishes it reactivated,
* please mail to the staff for more information.
* - Staff

     The tftp is used in this format:

 tftp -<command> <any name> <Internet Address>  /etc/passwd  <netascii>

Command      -g   is to get the file, this will copy the file onto
                  your 'home' directory, thus you can do anything with
                  the file.

Any Name     If your going to copy it to your 'home' directory, it needs a

Internet     This is the address that you want to snag the passwd file from.
 Address     There are hundreds of thousands of them.

/ETC/PASSWD  THIS IS THE FILE THAT YOU WANT.  You do not want John Smith's
             even though it would be trivial to retreive it.

netascii     This how you want the file to be transferred.

&            Welcome to the power of UNIX, it is multitasking, this little
             symbol place at the end will allow you to do other things (such
             as grab the passwd file from the UNIX that you are on).

     Here is the set up:  We want to get the passwd file from
sunshine.ucsd.edu.  The file in your 'home' directory is going to be named

* $ #tftp -g asunshine sunshine.ucsd.edu /etc/passwd &

d  Basic Fingering

     Fingering is a real good way to get an account on remote sites.  Typing
'who' or just 'finger <account name> <CR>' you can have names to "finger".
This will give you all kinds information on the person's account.  Here is a
example of how to do it:

* % #who
* joeo                 ttyp0       Jun 10 21:50   (bmdlib.csm.edu)
* gatsby               ttyp1       Jun 10 22:25   (foobar.plague.mil)
* ddc                  crp00       Jun 10 11:57   (aogpat.cs.pitt.edu)
* liliya               display     Jun 10 19:40

                 /and fingering what you see

* % #finger bbc
* Login name: ddc                     In real life: David Douglas Cornwall
* Office: David C. Co
* Directory: //aogpat/users_local/bdc     Shell: /bin/csh
* On since Jun 10 11:57:46 on crp00 from aogpat   Phone 555-1212
* 52 minutes Idle Time
* Plan:  I like to eat apples and bananas.
* %

     Now you could just call (or Telnet to) 'aogpat.cs.pit.edu' and try to
hack out an account.  Try the last name as the password, the first name, the
middle name, and try them all backwards.  The chances are real good that you
WILL get in because people are stupid.

     If there are no users online for you to type "who" you can just type
"last" and all of the users who logged on will come rolling out.  Now "finger"
them.  The only problem with using the "last" command is aborting it.

     You can also try telephoning individual users and tell them you are the
system manager (i.e. social engineer them).  However, I have not always seen
phone numbers in everyone's ".plan" file (the file you see when you finger the

8  Other Networks
AARNet -      Australian Academic and Research Network.  This network supports
              research for various Australian Universities.  This network
              supports TCP/IP, DECnet, and OSI (CLNS).

ARPANET -     We've already discussed this network.

BITNET -      Because It's Time NETwork (BITNET) is a worldwide network that
              connects many colleges and universities.  This network uses many
              different protocols, but it dose use the TCP/IP.

CREN CSNET -  Corporation for Research and Educational Network (CREN) or
              Computer + Science research NETwork (CSNET).  This network links
              scientists at sites all over the world.  CSNET providing access

              to the Internet, CREN to BITNET.  CREN is the name more often
              used today.

CSUNET -      California State University Network (CSUNET).  This network
              connects the California State University campuses and other
              universities in California.  This network is based on the CCITT
              X.25 protocol, and also uses TCP/IP, SNA/DSLC, DECnet, and

The Cypress Net - This network started as a experimental network.  The use of
                  this network today is as a connection to the TCP/IP Internet
                  as a cheap price.

DRI -        Defense Research Internet is a WAN that is used as a platform
             from which to work from.  This network has all kind of services,
             such as multicast service, real-time conference and more.  This
             network uses the TCP/IP (also see RFC 907-A for more information
             on this network).

ESnet -      This is the new network operated by the Department of Energy's
             Office of Energy Research (DoE OER).  This net is the backbone
             for all DoE OER programs.  This network replaced the High Energy
             Physics DECnet (HEPnet) and also the Magnetic Fusion Energy
             network (MFEnet).  The protocols offered are IP/TCP and also
             DECnet service.

JANET -      JANET is a Joint Academic NETwork based in the UK, connected to
             the Internet.  JANET is a PSN (information has pass through a
             PAD) using the protocol X.25 though it does support the TCP/IP.
             This network also connects PSS (Packet Switched Service is a PSN
             that is owned and operated by British telecom).

JUNET -      Japan's university message system using UUCP, the Internet as its
             backbone, and X.25 (see RFC 877).  This network is also a part of
             USENET (this is the network news).

Los Nettos - Los Nettos is a high speed MAN in the Los Angeles area.  This
             network uses the IP/TCP.

MILNET -     When ARPANET split, the DDN was created and MILNET (MILitary
             NETwork) is also a part of the network.  MILNET is unclassified,
             but there are three other classified networks that make up the

NORDUNet -   This net is the backbone to the networks in the Nordic Countries,
             Denmark (DENet), Finland (FUNET), Iceland (SURIS), Norway
             (UNINETT), and Sweden (SUNET).  NORDUnet supports TCP/IP, DECNet,
             and X.25.

NSN -        NASA Science Network (NSN).  This network is used by NASA to send
             and relay information.  The protocols used are TCP/IP.  NSN has a
             sister network called Space Physics Analysis Network (SPAN) for

ONet -       Ontario Network is a TCP/IP network used for research.

NSFNet -     National Science Foundation Network, this network is in the
             IP/TCP family, but in any case it uses UDP (User Diagram
             Protocol) and not TCP.  NSFnet is the network for the US
             scientific and engineering research community.  Listed below are
             all the NSFNet Sub-networks:

       BARRNet -     Bay Area Regional Research Network is located in the San
                     Francisco area.  This network uses TCP/IP.

       CERFnet -     California Education and Research Federation Network is
                     a research based network supporting Southern California
                     Universities communication services.  This network uses

       CICNet -      Committee on Institutional Cooperation.  This network
                     services the BIG 10, and University of Chicago.  This
                     network uses TCP/IP.

       JvNCnet -     John von Neumann National Supercomputer Center.  This
                     network uses TCP/IP.

       Merit -       Merit connects Michigan's academic and research
                     computers. This network supports TCP/IP, X.25 and
                     Ethernet for LANs.

       MIDnet -      MIDnet connects 18 universities and research centers in
                     the midwest United States.  The support protocols are
                     TELNET, FTP and SMTP.

       MRNet -       Minnesota Regional Network, this network services
                     Minnesota.  The network protocols are TCP/IP.

       NEARnet -     New England Academic and Research Network, connects
                     various research/educational institutions.  You
                     can get more information about this net by mailing

       NCSAnet -     The National Center for Supercomputing Applications
                     supports the whole IP family (TCP, UDP, ICMP, etc).

       NWNet -       North West Network provides service to the Northwestern
                     United States and Alaska.  This network supports IP and

       NYSERNet -    New York Service Network is a autonomous nonprofit
                     network.  This network supports the TCP/IP.

       OARnet -      Ohio Academic Resources Network gives access to the
                     Ohio Supercomputer Center.  This network supports TCP/IP.

       PREPnet -     Pennsylvania Research and Economic Partnership is a
                     network operated and managed by Bell of Pennsylvania.  It
                     supports TCP/IP.

       PSCNET -      Pittsburgh Supercomputer Center serving Pennsylvania,
                     Maryland, and Ohio.  It supports TCP/IP, and DECnet.

       SDSCnet -     San Diego Super Computer Center is a network whose goal
                     is to support research in the field of science.  The
                     Internet address is 'y1.ucsc.edu' or call Bob at
                     (619)534-5060 and ask for a account on his Cray.

       Sesquinet -   Sesquinet is a network based in Texas.  It supports

       SURAnet -     Southeastern Universities Research Association Network
                     is a network that connects institutions in the Southeast
                     United States.

       THEnet -      Texas Higher Education Network is a network that is run
                     by Texas A&M University.  This network connects to hosts
                     in Mexico.

       USAN/NCAR -   University SAtellite Network (USAN)/National Center for
                     Atmospheric Research is a network for information

       Westnet -     Westnet connects the western part of the United States,
                     but not including California.  The network is supported
                     by Colorado State University.

USENET -     USENET is the network news (the message base for the Internet).
             This message base is quite large with over 400 different topics
             and connecting to 17 different countries.

9  Internet Protocols
     TCP/IP is a general term relating to the whole family of Internet
protocols.  The protocols in this family are IP, TCP, UDP, ICMP, ROSE, ACSE,
CMIP, ISO, ARP and Ethernet for LANs.  If if you want more information, get
the RFCs.

      TCP/IP protocol is a "layered" set of protocols.  In this diagram taken
from RFC 1180 you will see how the protocol is layered when connection is

Figure is of a Basic TCP/IP Network Node:

         |      Network    Application     |
         |                                 |
         | ... \  |  /  ..  \  |  /    ... |
         |     -------      -------        |
         |     | TCP |      | UDP |        |
         |     -------      -------        |
         |           \       /             |          % Key %
         |  -------   ---------            |          ~~~~~~~
         |  | ARP |   |  IP   |            |   UDP  User Diagram Protocol
         |  -------   ------*--            |   TCP  Transfer Control Protocol
         |     \            |              |   IP   Internet Protocol
         |      \           |              |   ENET Ethernet
         |       -------------             |   ARP  Address Resolution
         |       |    ENET   |             |                  Protocol
         |       -------@-----             |   O    Transceiver
         |              |                  |   @    Ethernet Address
         -------------- | ------------------   *    IP address
  Ethernet Cable

TCP/IP:  If connection is made is between the IP module and the TCP module the
         packets are called a TCP datagram.  TCP is responsible for making
         sure that the commands get through the other end.  It keeps track of
         what is sent, and retransmits anything that does not go through.  The
         IP provides the basic service of getting TCP datagram from place to
         place.  It may seem like the TCP is doing all the work, this is true
         in small networks, but when connection is made to a remote host on
         the Internet (passing through several networks) this is a complex
         job. Say I am connected from a server at UCSD to LSU (SURAnet) the
         data grams have to pass through a NSFnet backbone.  The IP has to
         keep track of all the data when the switch is made at the NSFnet
         backbone from the TCP to the UDP.  The only NSFnet backbone that
         connects LSU is the University of Maryland, which has different
         circuit sets.  The cable (trunk)/circuit types are the T1 (a basic
         24-channel 1.544 Md/s pulse code modulation used in the US) to a
         56 Kbps.  Keeping track of all the data from the switch from T1 to
         56Kbs and TCP to UDP is not all it has to deal with.  Datagrams on
         their way to the NSFnet backbone (at the University of Maryland) may
         take many different paths from the UCSD server.

         All the TCP does is break up the data into datagrams (manageable
         chunks), and keeps track of the datagrams.  The TCP keeps track of
         the datagrams by placing a header at the front of each datagram.  The
         header contains 160 (20 octets) pieces of information about the
         datagram.  Some of this information is the FQDN (Fully Qualified
         Domain Name).  The datagrams are numbers in octets (a group of eight
         binary digits, say there are 500 octets of data, the numbering of the
         datagrams would be 0, next datagram 500, next datagram 1000, 1500

UDP/IP:  UDP is one of the two main protocols of the IP.  In other words the
         UDP works the same as TCP, it places a header on the data you send,
         and passes it over to the IP for transportation throughout the
         Internet.  The difference is that it offers service to the user's
         network application.  It does not maintain an end-to-end connection,
         it just pushes the datagrams out.

ICMP:  ICMP is used for relaying error messages.  For example you might try to
       connect to a system and get a message back saying "Host unreachable",
       this is ICMP in action.  This protocol is universal within the
       Internet, because of its nature.  This protocol does not use port
       numbers in it's headers, since it talks to the network software itself.

Ethernet:  Most of the networks use Ethernet.  Ethernet is just a party line.
           When packets are sent out on the Ethernet, every host on the
           Ethernet sees them.  To make sure the packets get to the right
           place, the Ethernet designers wanted to make sure that each address
           is different.  For this reason 48 bits are allocated for the
           Ethernet address, and a built in Ethernet address on the Ethernet

           The Ethernet packets have a 14-octet header, this includes address
           "to" and "from."  The Ethernet is not too secure, it is possible to
           have the packets go to two places, thus someone can see just what
           you are doing.  You need to take note that the Ethernet is not
           connected to the Internet.  A host on both the Ethernet and on the
           Internet has to have both an Ethernet connection and an Internet

ARP:  ARP translates the IP address into an Ethernet address.  A conversion
      table is used (the table is called ARP Table) to convert the addresses.
      Therefore, you would never even know if you were connected to the
      Ethernet because you would be connecting to the IP address.

      The following is a real sketchy description of a few Internet protocols,
      but if you would like to get more information you can access it via
      anonymous ftp from several hosts.  Here is a list of RFCs that deal with
      the topic of protocols.

      |     RFC:      |       Description:                     |
      |               |                                        |
      |   rfc1011     |  Official Protocols of the Internet    |
      |   rfc1009     |  NSFnet gateway specifications         |
      |   rfc1001/2   |  netBIOS: networking for PC's          |
      |   rfc894      |  IP on Ethernet                        |
      |   rfc854/5    |  telnet - protocols for remote logins  |
      |   rfc793      |  TCP                                   |
      |   rfc792      |  ICMP                                  |
      |   rfc791      |  IP                                    |
      |   rfc768      |  UDP                                   |
      |               |                                        |

10  Host Name and Address
     Internet addresses are long and difficult hard to remember (i.e., so we use host names.  All hosts registered on the Internet
must have names that reflect them domains under which they are registered.
Such names are called Fully Qualified Domain Names (FQDNs).  Lets dissect a
name and see the domains:

   ^      ^      ^
   |      |      |
   |      |      |____  "edu" shows that this host is sponsored by an
   |      |             education related organization.  This is a top-level
   |      |             domain.
   |      |
   |      |___________  "berkeley" is the second-level domain.  This shows
   |                    that it is an organization within University of
   |                    Calironia at  Berkeley.
   |__________________  "lilac" is the third-level domain.  This indicates the
                        local host name is 'lilac'.

     Common Top-Level Domains

     COM  -  commercial enterprise
     EDU  -  educational institutions
     GOV  -  nonmilitary government agencies
     MIL  -  military (non-classified)
     NET  -  networking entities
     ORG  -  nonprofit intuitions

     A network address is the numerical address of a host, gateway, or TAC.
The addresses are made up of four decimal numbered slots, which are separated
by a period.

     There are three classes that are used most, these are Class A, Class B,
and Class C.

   Class A  -  from '0'    to  '127'
   Class B  -  from '128'  to  '191'
   Class C  -  from '192'  to  '223'

Class A  -  Is for MILNET net hosts.  The first part of the address has the
            network number.  The second is for the physical PSN port number.
            The third is for the logical port number, since it is on MILNET,
            it is a MILNET host.  The fourth part is for which PSN it is on.
            On  '29' is the network it is on.  '34' means it is on
            port '34'.  '9' is the PSN number.

Class B  -  This is for the Internet hosts, the first two "clumps" are for the
            network portion.  The second two are for the local port.

               \_/   \_/
                |     |_____ Local portion of the address
                |___________ Potation address.

Class C  -  The first three "clumps" are the network portion and the last one
            is the local port.

               \_|_/  |_____ Local Portation Address
                 |__________ Network Portation Address
[ News ] [ Paper Feed ] [ Issues ] [ Authors ] [ Archives ] [ Contact ]
© Copyleft 1985-2021, Phrack Magazine.