A Basic UNIX Overview

A Basic UNIX Overview

Asriel


UNIX FOR DOS ADDICTED WaReZ PuPPieZ AND THEIR PETS


Introduction
------------

One of the most common operating systems in existance is Unix. Unix
exists in many different flavors, from Berkeley BSD to AT&T System V
to SunOs. Basic working knowledge of Unix is almost essential to a
hacker, as it is the system a hacker is most likely to come across.
If you intend to use the internet at all, or to do any serious
exploration of Telenet, the ability to navigate through Unix is a
necessity. (Unix is also the single most interesting system in
existance: it's just fun to fuck with).

Unix Logins
-----------

Most Unix logins look essentially the same. A general Unix login
prompt looks something like this:

connected to five.finger.com
login:

That first line is the system identifier. Although it's not at all
essential to what you are doing, it's good to know what system you are
attempting to log on to.
The second line is what typically identifies the system you are on as
Unix. Almost all Unix systems greet a user with the same prompt:
login:.
Well, there's not much to do in Unix from the outside, and Unix
systems are typically fairly secure at this point. You may be able to
obtain a list of users, or current users, by logging in as 'who', but
other than that there are few functions available here.
Unless you are on the internet, or have accounts specifically for the
specific machine you are on, the only way on to the system is to try
the default passwords. What are the default passwords?
Unix systems come installed with certain passwords automatically. In
addition, some accounts must exist on a system. One such account is
'root'. This user is the divine Kami of the Unix system... in short,
an all access pass. Unfortunately, few systems allow root logins
remotely, and even fewer leave 'root' unpassworded. Nevertheless, it's
always worth a shot... try this:

connected to ren.stimpy.net
login: root
password: root
invalid login
login:

well, nice try anyways... other possible passwords for root include
'sysadmin', 'sys', 'admin'... you get the idea. You may also want to
try these passwords with a single digit appended (added, idiot) to
them... meaning the password 'root' could be 'root1' or 'root2'.
An interesting tip about passwords in general... many people that use
passwords under 8 characters tend to add a digit or a non-alphanumeric
character to the password. This is done in order to hinder guessing,
and to stop password breakers (more on this later). In this case, you
may want to try adding a space before root... or even an ascii 255 to
the end.
Fortunately, there is more than one default password in a unix
system... a quick list:

sys sys
bin bin
daemon daemon
rje rje
setup setup
uucp uucp/nuucp/anonymous
nuucp uucp/nuucp/anonymous
mountfsys mountfsys

In the System
-------------

Ok, at this point, I'm going to assume you've gotten past the login...
as painful as that may sound. Although Unix may be secure from the
outside, without effort from the system administrators, the inside of
the system is not.
First off, you'll likely by asked for a terminal. vt100 serves your
purposes sufficently, and it's typically the default, so hit enter.
Now, hopefully, you have a prompt. There are many different types of
unix prompts, some of which contain current directory information,
some of which are just a single character. Just don't panic when my
examples don't look exactly like what you've got on your screen.
The first thing you *need* to do on the system is establish your tty
paramters. As eldritch and arcane sounding as this term may seem, it's
actually quite simple... you need to tell the system what keys are
going to do what.
The command to set these parameters is 'stty'. Watch:

squinkyB ] stty erase ^h
squinkyB ]

There... that wasn't so bad, was it? Well, it's also pretty
meaningless to you, unless you have the ascii table memorized and are
pretty good at on-the-spot deduction.
The tty erase parameters determines which key is to be used as a
backspace. At times, this may already be set when you log in, or it
may be set to a suitable alternate (such as delete). Most of the time
the system will tell you when you log on if this is so. In this case,
we've entered ^h in order to make the backspace key, appropriately
enough, backspace.
Another extremely important parameter is 'intr'. The 'intr' paramter
tells the Unix system what you intend to use as a break character...
you should have this set to ^c.

Getting Around
--------------

A good thing to remember about Unix is that it's alot like DOS. Files
are laid out in directories just as in DOS... in fact, the only
immediate difference in the directory structures is that Unix uses a
forward slash ("/", moron!) instead of a backwards one.
Also, the basic Unix directory navigation command is identical to DOS.
In order to change directories, you use the command 'chdir', or 'cd'.
A quick example:

1 /usr1/astoria ] cd ..
2 /usr ]

Wala. That simple. Quick notes:

? cd / will take you to root.
? cd /*pathname* will take you to *pathname*
? cd home will take you to your home directory.

You can make and delete your own directories with the mkdir/rmdir
commands. Simply put, mkdir makes a subdirectory off of the current
directory, and rmdir removes a subdirectory from the current
subdirectory. Good to know if you plan to do a lot of file transfers.
An important note about Unix directories, files, and concepts:
Unix is a case-sensitive operating system. Thus, the files

? Spleen
? spleen
? SPLEEN
? SpLeEn

are all different. This rule applies to directories and command line
paramters, as well as most other Unix ideas.
Another nice thing to know about Unix: Unix files are not subject to
the normal DOS 8 character limit. Thus, you can have vast filenames,
such as "this_file_ate_my_biscuit".

Some other important commands
-----------------------------

First and foremost, you should know cp. cp is the basic Unix
equivalent of the DOS COPY command. The command line for cp is
identical to that of COPY.
Next on the scale of cosmic import is cat. cat is the Unix equivalent
of the DOS TYPE command, and once again, for simple file displaying,
the command line is identical.
Variations on the theme:
pg: displayes a file page by page. Type "pg x filename", where x is a
number of lines to display before pausing and filename is the
file you wish to display.
more: displays a file screen by screen.
Stupid pet trick:
You can use your cat to copy files, simply by using the directional
operators. To copy a file from here to there using cat, simply type:

% cat here
this is the file here
% cat there
this is the file there
% cat here > there
% cat there
this is the file here

The operator ">" simply takes the output from the cat command and
places is in the location specified after it.
Another vital command to know is 'rm'. rm deletes a file from the
system, in the same way DEL would on a DOS system. Not to much else to
say.
Critical in your navigation of a Unix system is the ls command. ls is
DOS DIR on heroin. Simply type ls and you get a nice, neat list of
files in the directory.
DIR on controlled substances:
There are a few command line parameters that you should know...
foremost is l. ls -l gets you a list of files, and valuable
information about each file, including permissions (more on that
later), size, and linked files.
Another useful command for long file lists is C. ls -C gets you a
list of files in multiple columns, much the same as DIR /W would
merit a double column report of all existing files. A quick reminder:
ls -C is NOT the same as ls -c. Unix = case sensitive.
Another good command to know, mv will move a file from directory to
directory. For those of you without DOS 6.0 , mv simply copies a
file to another directory and deletes the original.
quick tip for files on the lam:
if you want to rename a file (to protect the innocent), you need to
mv a file to a different file name. A quick demo:

# ls
myfile
# cat myfile
this is my file
# mv myfile my_other_file
# ls
my_other_file
# cat my_other_file
this is my file

Another vastly important command is 'man'. In fact, man is probably
one of the most important commands extant for a beginning user... it
calls up the system's help files. To use man, simply type in 'man
command', where command is a Unix command you seek to gain
enlightenment regarding. It's a great way to gain an understanding of
Unix commandline parameters.
If you are interested in seeing who's been on of late, or just want a
few names to try to hack, type 'who'. You get a quick list of users
that have accessed the system lately. If you need to know
who you are at this point, type 'whoami'.
If you want to change your identity on the system, type 'su name'
where name is an account on the system. It'll ask you for the account
password, then, *presto*... instant transmogrification.
A Caveat for smart alec hackers:
Unix typically logs usage of the su command. While su may seem like a
great opportunity to try to hack out passwords manually without
worrying about the system hanging up after 3 attempts, it's typically
not a good idea to do this, as it may alert the administrators to
your presence.
*Numero Uno on the list of commands NEVER to use on a Unix system:
The 'passwd' command changes your password on a Unix system. Seems
innocous enough, eh? Uh-uh. If your account is active, and there's a
very strong chance that it either is or will be, there is no better
way to lose the account than to change the password, only to have the
legitimate user alert the sysadmins when he/she can't gain access to
his/her normal account (well, there are better ways... you could
simply mail the sysadmin and tell him you are trying to hack his
grandmother's life support machine through your account).
I've seen this single, quick command turn a extremely lax system
into an ironclad security compound in less than a day.
DONT-FUCK-WITH-IT.
*Numero Dos on that same list:
The 'mail' command reads and sends mail. So what? Well, unless your
account is stable (and it isn't unless you either paid for it or
killed the original owner in such a way that his body cannot claw it's
way out of it's grave to it's keyboard), the user is more likely than
not going to know if you read his mail. In addition, if you send mail
out of the system (type 'mail', and a username/address; type in your
message and end it with a ^d on it's own line), the response from your
message will likewise alert the user to your presence.

System Spelunking
-----------------

The first place you want to check out in the wild uncharted directory
tree of your friendly neighborhood Unix system is the "/etc"
directory. What's in it? The single most intensely important file on
the system (besides a world writable root owned SUID file... but don't
worry about that)... the passwd file.
What is in the passwd file?

? a list of all accounts on the system
? a list of the passwords for these accounts
? a list of access levels for these accounts
? a list of the home directories for these accounts
? a list of information pertaining to these accounts.

Why the hell the Unix designers decided this file should be world
readable is beyond me. Be content to know that your standard everyday
run-of-the-mill-lacking-in-certified-cosmic-power 'cat' command WILL
display this file. As will pg and more. However, because most users
don't have write permissions (more on that later) to the /etc
directory, 'cat' is pretty much the only applicable command here.
However, if you need to copy the file to your own directory (for
whatever reason), just cat it there with the directional operator (>).
The catch:
Well, there are two catches here. First off, regardless of system
security, if the passwords are in the file, they are encrypted. You
can't decrypt them. Although you can get a list of accounts without
passwords this way (just look for accounts with no entry in the
password field), and a list of accounts that can't be logged onto
remotely/at all (NO LOGIN), you can't get much else. Sucks, don't it?
Notice I said 'if' the passwords are there.

Some horrible, paranoid, draconian system administrators mutilate
their passwd files in such a way that (*gasp*) the passwords don't
show up. All you get is one cold, icy X staring at you from the bowels
of Unix Shell Siberia, mocking you as you pull your hair out in
frustration (sorry, but this is a sore spot with me). The kidnapped
passwords reside in the shadow file in the /etc directory, available
with your standard everyday run-of-the-mill-but-distinct-in-the-fact-
that-only-root-level-accounts-can-use-it-to-this-extent 'cat' command.
Well, if the passwords are encrypted, what good are they?
By themselves, nothing. A account with a Unix encrypted password will
get you no further than an account with no listed password at all. You
can't even deduce the amount of characters in the password if it's
encrypted. So what's the use?
The Unix method of encrypting files is available to the public. It is
also, to most mortals, irreversable. Essentially, this means you can
encrypt a string of characters, but not decrypt it. Even the unix
system itself doesn't decrypt the password when you log on...
When you log on, the Unix system takes whatever you enter at the
password prompt, encrypts it, and matches it to the entry in the
passwd file. Thus, the Unix system never decrypts the password... it
only compares it to a different encrypted string.
While this may not sound too particularly useful at first, it is.
There are programs that have been written to do the same thing on a
personal computer... you supply it a list of passwords and a list of
words to attempt to use as passwords (called dictionaries), and it
spends the night encrypting dictionaries and matching them to password
entries. By running a dictionary through a passwd file, on a typical
system, you can usually get 10-20 accounts. Good personal computer
examples of this program idea include Killer Cracker (the industry
standard, so to speak) and CrackerJack (faster than Killer Cracker).
Quick tips for CrackerJunkies with leech access at an H/P BBS:
A standard dictionary will not uncover passwords protected with an
appended digit or non-alphanumeric character. In order to get around
this, you need only grab a program that processes the dictionary file
to add that digit to each entry in the dictionary... although this
takes longer, and you'll need to do it multiple times, you can
typically get 10 more accounts just by adding a 1 to every entry.
Files and directories in Unix are characterized further by their
permissions. Permissions are a standard system of who gets access to a
specific function of that file or directory. Standard permissions
include read, write, and execute. You can get a list of permissions by
typing 'ls -l'. The first field in the listing contains the
permissions, grouped as follows:

owner group world
--------------------
rwx rwx rwx

(Not drawn to scale... in fact, it doesn't look anything like that).
Essentially, as long as the letter is there, you have access to that
facet of the file. If the letter is not there, you'll see a dash...
meaning you don't have access to that function. An example:

rwxr-x--x

In this case, the owner of the file can Read the file, Write to the
file, and eXecute the file; members of his group (a bunch of linked
accounts) can Read the file, CANNOT Write to the file, and can eXecute
the file; and the rest of the user population CANNOT Read or Write to
the file, but CAN eXecute the file.

rwx---rwx

is a WORLD-READABLE, WORLD-WRITABLE, WORLD-EXECUTABLE file. This
simply means that anyone can read, write, or execute the file.

Another permission sometimes set to a file is the SUID bit. An SUID
file contains a smallcase s in the user executable section of the
permissions list...

rws--x--x

When you execute an SUID file, your user ID becomes that of the owner
of the file. While this may not look to important at first, by now you
should know that no really important super elite hacker concept does.
Take a look at this:

rwsr-x--x

Synopsis? It's a world executable SUID file. In essence, anyone can
execute the file, and in doing so, become the owner of the file for
the duration of the time that file is operating. However, this doesn't
get you much, because you typically can't do anything while the
programis running. More likely than not, it's calculating how many
pencils it needs to order for school tomorrow or some other such
drivel.
The real power of the SUID file comes into play in this situation:

rwsrwxrwx

You won't see a lot of these, but when you do, look out. What you have
here is a world writable SUID file... and a world writable program can
be any program on the system you have read access to. Like, say,
/bin/sh... the Unix shell...
Quick command line example... 'diablo' is a root owned, world writable
SUID file. I'm going to ignore the rest of the output of the ls
command.

#ls -l
rwsrwxrwx... ...diablo
#cat /bin/sh > diablo
#diablo
$

Oh, just so you know, the $ prompt denotes root access.
Good deal, huh? In general, if you have right privs to an SUID file,
copy it to your own directory and cat /bin/sh into it. You now have an
instant gateway to the account of the owner of that file.
If you want to find files that you can do this with, try this out:

#find / -user root -perm -4000 -exec /bin/ls -al {} ";"

This will give you a list of all root owned SUID files. If you want
more info on the 'find' command, just 'man find'.

Well, I'm overdo for an appointment on the IRC in #warez... so I'll
cut off here. I hope I've been of assistance to you.

----------------------------------------------------------------------------
A C T U A L A R T I C L E E N D S H E R E . . .

Please feel free to save an extra 1k of file space and invoke the DOS
EDIT CUT command at the dotted line. Do not remove the rest of this
article on penalty of law.

S00P3R GR00P-3SQU3 GR33TZ / +HANX

Greets go out to Nowhere Man, INC, THG, UNT, SaD, SoD, PTA, SOB
Thanks to... ________________________
your ad here

Current DWE Akshul M3mbre Boards:

Nitro Burnin' Funny Cars WHQ/DWEnet HOST (312)582-1115
The Prodigal Sun CHQ/MECCA (312)238-3585
Dark Waters HQ/Infosite (312)667-0222
PyroTechnics II Infosite (708)991-9403

DWE M3/\/\B3R LiST

President and Dictator for Life: Xanax
Head Courier/Warez Cracker: Asriel
Head Fisherman/Trout Expert: Changeling
Head Person That Gets Asriel Free CDs: Monk
Head Person That Gets DWE Members Free WaReZ: Pyro
Head Person That Knows More Than Asriel (Honorary Title): LVX
Head Person That Actually Wrote for DWE without Coercion: Cosmos
Head Know-It-All Stoner that runs 386bsd: Goldstein

Want to write for DWE? Neither do we. But if the spirit moves you,
write up an article about anything we haven't discussed already, and
post it somewhere in DWEnet or at any of the member boards, or call
any of the members voice and dictate it to them, or submit it to them
school newspaper of any of the members, or tack it on a bulletin board
in the Third Coast Cafe in Century Mall, and chances are it'll be
released as a s00per c00l DWE article.

W H A T F O L L O W S M U S T N O T B E D E L E T E D
---------------------------------------------------------------------------
(c) 2003 Hackers-Network
Asriel(tm) appears courtesy of Hasbro, Inc.

16x Dvd+-rw Dl Dvd Writer Comparison Guide

16x Dvd+-rw Dl Dvd Writer Comparison Guide

Source:
CODE
http://www.extrememhz.com/dlcomp-p1.shtml


Since the introduction of double layer DVD writers, the interest has been quite overwhelming and is why we keep bringing you reviews of these highly popular drives. The anticipation has now turned into down right obsession and it has become a key component in any current or new system build, thanks to the declining prices and continued media hype. Manufacturers are quite aware of the fascination and is why they have each been releasing their own products which excel in at least one area of the testing methodology used in most reviews. This has led to some confusion as to which drive is best suited for the individuals needs. Today, we compare four 16x double layer drives and highlight both the strong and weak points in order to give you a better idea of which drive is best suited for you.


In this comparison guide, we will be looking at four of the top 16x drives to hit the market, the Pioneer DVR-108, NEC ND3500A, Lite-On SOHW-1633s and the new LG GSA-4160B. We will cover everything from design and features to performance and price. Let's begin with a quick look at each of these drives.


As far as the front bezel design goes, the LG-GSA4160B is by far the most attractive drive of the bunch. However, for those who are looking for a headphone jack, the Lite-On drive is the only DL writer offering a headphone jack, as well as volume control. The Pioneer and NEC drives, in my opinion, are the ugliest drives, with a very plain look that just wants to make you hide the drive period. Although we only obtained the 4160B in black, all these drives are offered with both white and black bezels. If you opt for the more expensive Pioneer "XL" model, it has the most impressive looks of any drive in the market. However, this will come at a very hefty price tag, considering they contain different firmware as well that offer a few extra features.

So, we have determined which is the sexiest-looking drive, but what about performance? I've done some extensive testing on each model to determine which is indeed the most impressive of the bunch. But before we show you performance results, let's briefly look at the features and what they have to offer.

Features



Each one of these drives has there disappointments when it comes to features. Let's compare each to see what they really offer.



DVD Writing



DVD+R DVD-R DVD+RW DVD-RW
LG GSA-4160B 16x 8x 4x 4x
Lite-On SOHW-1633s 16x 8x 4x 4x
NEC ND-3500A 16x 16x 4x 4x
Pioneer DVR-108 16x 16x 4x 4x



While all these drives are indeed 16x models, only two will write to both formats at this speed. The LG GSA-4160B and the Lite-On SOHW-1633s only support 8x DVD-R writing. So if you are one who only prefers this format, the NEC or Pioneer would be the best choice. All of these drives support writing to DVD re-writable media at 4x.



DVD+R9 Double Layer Writing



Write Speed
LG GSA-4160B 2.4x
Lite-On SOHW-1633s 2.4x
NEC ND-3500A 4x
Pioneer DVR-108 4x



The major disappointment with both the LG and the Lite-On 16x drives is the lack of 4x double layer writing support. Pioneer and NEC seem to be the only manufacturers to jump in and release second generation double layer drives supporting much faster 4x writing. In fact, the jump from 2.4x to 4x is quite substantial as we will show you a bit later in this comparison.



DVD-RAM Support



Supported Read Write
LG GSA-4160B YES 5x 5x
Lite-On SOHW-1633s NO NO NO
NEC ND-3500A NO NO NO
Pioneer DVR-108 YES 2x NO



Now this is where both the LG GSA-4120B and GSA-4160B shine above the rest. In fact, it is what has made these drives the most popular DVD writers on the market. Unlike the rest in the roundup, it is a triple format burner, offering full support for DVD-RAM media. The other drives do not support it, with the exception of the Pioneer DVR-108 which supports reading of DVD-RAM discs at 2x. I personally don't see the point in offering only read capabilities, but it's at least one extra feature added to distinguish it from the rest. Fast 5x support of the LG GSA-4160 will actually be tested a bit later in this article.



CDR Writing



CDR CDRW
LG GSA-4160B 40x 24x
Lite-On SOHW-1633s 48x 24x
NEC ND-3500A 48x 24x
Pioneer DVR-108 32x 24x



The fastest CDR writers of the bunch are the Lite-On SOHW-1633s and the NEC ND-3500A. With their support for 48x writing, they make a great all-in-one drive for many users. The only drive lacking in this lineup is the Pioneer DVR-108. Why they opted for only 32x writing is still quite puzzling and is actually why I have found that many are choosing the NEC over the Pioneer. The LG GSA-4160B should not be left out of consideration though. We will show you later that the difference in write times between 40x and 48x is not much to brag about.



Bitsetting Support



One feature I've found that is most important for many users is bitsetting support. Let's compare these drives and see what they offer.



DVD+R/RW Support DVD+R DL Support
LG GSA-4160B NO NO
Lite-On SOHW-1633s YES NO
NEC ND-3500A NO YES
Pioneer DVR-108 NO YES



The LG GSA-4160B does not offer bitsetting support out of the box. However, it is very likely that you will be able to obtain support through an excellent third-party tool called DVDInfo Pro. Right now, they only support the GSA-4120B, but I'm confident with the author that support for this drive will be likely. LG firmware is very hard to hack, however some select few have been able to do so. Using Lite-On's booktype utility, you can change the booktype of DVD+R/RW media, however, the firmware does not automatically change booktype of DVD+R DL discs to DVD-ROM like the NEC and Pioneer models do.



Additional Features



As far as other features go, all these drives have a 2MB buffer but offer some sort of buffer under-run protection, which all work exceptionally well. This is especially useful if you will be burning discs at 16x, which I personally don't recommend just yet. As our individual tests of these drives revealed, burning at this speed is quite unstable, with the exception of the Lite-On SOHW-1633s.