The Surveillance List Forum FAQ

In this pseudo FAQ you will find links to sites of common interest
The information contained on these links
will give you a working knowledge...
of the topics discussed on the Surveillance List Forum ...
Make sure to checkout the "How-To's" at the bottom of this page!

This page is constantly updated... stop back often and reload your browser
If you know of a link that belongs here... let us know...


CONTENTS

ELECTRONIC SURVEILLANCE & ESPIONAGE - GENERAL INFO
Big Brother
Foreign Economic Collection and Industrial Espionage
Surveillance Methods and Technology
$pying for Uncle Sam
10 Top Spy Busting Secrets
National CounterIntelligence Center
The Use of Spies by SunTzu
National Security Agency Employee Handbook

MICROPHONES AND HARDWIRING
Types of Microphones
Microphones - How they work
Audio Signals
Wire & Connectors
More Microphones - How they Work...

RADIO TRANSMITTER BUGS
What is a Wireless Microphone?
Commonly Used Bugging Devices


EXOTIC LISTENING DEVICES
Parabolic Microphones
How to Build a Laser Eavesdropping Device

AUDIO RECORDING DEVICES
Digital Recorders
Making your own Digital Recording
Pro Recording FAQ

RECEIVERS, SCANNERS & INTERCEPTORS
State Scanning Laws
Scanning Reference
Radio Direction Finding Links
Links to Scanning Related Pages
Mobile Scanner & Radar Detector Laws

THE PHONE COMPANY
The Telecom Digest FAQ
Telephone Technology Page

TELEPHONE INTERCEPTION
The Wiretap Page

PREMISES MONITORING THRU THE TELEPHONE
The Infinity Transmitter

CELLULAR PHONE INTERCEPTION
Digital Mobile Phone FAQ
RadioPhone
Wireless Resources

PAGER, FAX AND DATA INTERCEPTS
Pager Frequencies

VIDEO SURVEILLANCE
SpyCams on the Net
CCTV Video Lenses
Guide to CCTV

NIGHT VISION
How they Work
Night Vision FAQ

VEHICLE/PARCEL TRACKING
GPS - An Overview
NavNet - DataBase

SURVEILLANCE PHOTOGRAPHY
Minox Home Page
Minox Labs
PhotoSource
Guide to Better Pictures
PhotoForum's FAQ

COMPUTER HACKING/CRACKING
The Alt.2600 FAQ
Web Site Hacking FAQ
Misc Hacking Utilities


TEMPEST
TEMPEST Monitoring in the Real World
TEMPEST Monitoring - How it's Done
Rise of the TEMPEST
Electronic Eavesdropping Machines for Christmas?
The Moller Paper on TEMPEST
Seline Paper on TEMPEST
EMP & TEMPEST Protection for Facilities
The ORIGINAL Wim Van Eck Paper on TEMPEST
Reception of Electromagnetic Radiation from RS232 Cables
Complete TEMPEST Solutions
TEMPEST in a Teapot

INFORMATION TRACKING


DETECTIVE DATABASES
120+ Online Investigative Databases

LOCKPICKING
Lockpicking Resources
Unofficial Teach Yourself Guide to Lockpicking
Lockpicking for You


AUDIO/VIDEO TAPE ENHANCEMENT/AUTHENTICATION/IDENTIFICATION
Voice Print Identification

SURVEILLANCE VEHICLES
Do it Yourself!

SOFTWARE OF INTEREST
PGP - Pretty Good Privacy
PGP Phone
Nautilus Secure Phone Software
WinTone 2.0
RM100 Radio Page Transmission Decoder
Shredder95
ICQ Internet Pager
POCSAG Pager Decoder
Scanner Recorder
ScanCat
FaxTrace for Windows
Misc Security Programs
Misc Sound & Audio Programs
Telecommunications Programs & Utilities
Integrator CCTV
Facial Composite Software
KeyLog
BCWipe for Windows 95/Windows NT 4.0 .
Password Cracking Programs
Mr. Burns
Sam Spade
SATAN
Directory Snoop
Electronics WorkBench
Expert Witness
Garbage Can
Dart Pro


SURVEILLANCE AND OTHER APPLICABLE LAWS
The United States Code
Federal Eavesdropping Laws
Surrepticious Recording Laws
Economic Espionage/Proprietary Information Act of 1995
Economic Security Act of 1996
More Surrepticious Recording
Uniform Trade Secrets Act
Industrial Espionage Act of 1996
Mobile Scanner & Radar Detector Laws

TRAINING
The Digital Detective Workshop

SOURCES
Dan Gibson Parabolic Microphone
Telinga Parabolic Microphone


"How To" Tricks of the Trade
Compiled from the Surveillance List Forum

Table of Contents

How to MODIFY a Recorder for Long Play/Record
How to Outfit a Surveillance VAN
How to MANIPULATE a briefcase combo lock...
How to build a benchtop TEMPEST Interceptor...
How to DECODE telephone numbers off a tape recording...
How to CRACK a two digit answering machine...
How to CRACK a three digit answering machine...
How to DECODE a pager message......
How to PROTECT data on your hard drive...
How to get secret internet ACCESS from someone else's telephone...
How to TRACE someones real identity with a message ID tag...
How to COOL the rear of a surveillance van...
How to POWER a surveillance van...
How to CONSTRUCT a self-detructing tape...
How to Build a Laser Eavesdropping Device

***Notice: This data is published for information purposes only.***

HOW TO MODIFY A RECORDER FOR LONG PLAY/RECORD

If you want to do it cheaply there are a variety of ways but since you seem to be asking for the "bargain basement variety" I'll start there.

1) Go to K-Mart and buy the cheap GE $24 recorder.

2) Open it up and take the motor out.

3) Take a flat-blade screwdriver and pop the bottom off the motor. (you'll break the circuit board in the process, but thats ok)

4) Remove the circuit board and get rid of it.

5) You'll now see two metal contacts. As I recall the one closest to where the wires go in is B+. Try it and if the motor turns the wrong way reverse them. Take two pieces of hook-up wire and push one down in the hole next to each contact to hold them in place, and then place a drop of solder on each one to firmly affix it.

6) Place the motor back in.

7) Now you will need to build a simple circuit to operate the motor. You'll need a couple of diodes to place in series (1N4007 / ECG125), a resistor (50 ohm.2 watt), and a pc board. If you have trouble finding a 2 watt resistor just put 4 1/2 watt 220 ohms in parallel. Hook it up like this:

B+----WMW----[ |]----[ |]----Ground,
|
|__________B+ to motor

This will give you a stable voltage to control the motor, & with the pc board out it will allow it.

If you want to double the amount of time it'll run, take the plastic pulley off of the motor shaft and cut it in half. then place it back on the shaft with the belt running between the two halfs. You'll want to super glue them in just the right spot so you still get good belt friction, or it'll jump.

Now for problem control. No two diodes are EXACTLY the same. If you want to make matched sets of recorders, you'll need to be able to calibrate them. To do this, pick one to be the "master recorder" you'll clone the others to match it.

First place a potentiometer in line going to the + lead on the motor. This will allow you to speed up and slow down the motor. Now record a tone on the master recorder such as 1000Hz. Play the tape on the recorder to be cloned and use a frequency counter on the speaker lead with the sound. Tune the pot until it reads 1000Hz. Now it's calibrated.

This system should cost you about $30 total to build. Hope this helps. Call or send me an e-mail if you have any questions.

by Trace Carpenter

Return to Top

HOW TO OUTFIT A SUVEILLANCE VAN

The classic surveillance would contain most of these basic components... you can buy one of these babies for about $35-40K or make one yourself for less than half that price...

If you're going to attempt to do it yourself, layout everything first and make sure it fits. Make sure you have enough juice to power up everything for approx 24 hours...

Polyurethane insulation filled floors, ceiling and walls.

Commercial grade carpeting on floor, walls and ceiling.

Custom captains chairs.

White and red (darkroom lights) interior lighting controlled from source and console.

Cellular telephone installation.

Custom rack mounting of your communications and video equipment.

Heavy duty power system. Ideally 2-3 RV deep cycle batteries 300 amp hour each

Battery isolators and chargers to be attached to main vehicle battery.

Rear compartment engine starting.

Rear engine gauge for volts, oil and temperature.

Bulkhead separating front and rear compartments.

Front to rear reversible, variable speed ventilation system.

Rear bulkhead, disguised as storage racks.

12VDC refrigerator. (keeps the soda pop cold) ;-)

Manual periscope.

Electronic Videoscope.

Time and date generators.

Power invertor with 110V AC pure sine wave outlets.

Master power switching for front and rear batteries.

Rear engine kill switch (disallows starting from front).

Individual circuit breakers for each circuit.

Outside air exchanger (variable speed).

Storage compartments and counter top layout.

4 microphone audio security system (One in each wheelwell).

LP gas detector.

Propane heating system.

ABC fire extinguisher.

Roof top mounted pipe rack for the concealment of antennas.

Front/rear intercom system.

Vehicle alarm system with remote pager and panic switches (wireless).

Ice air conditioner package (if dry ice is used make sure the compartment is WELL vented to outside).

Gauges for the monitoring of power consumption, battery status and 110V AC systems.

Variety of B&W & color cameras, night scope, video switchers, audio & video recorders, commo equipment,etc.

And MOST IMPORTANT... a "surveillance relief device" - aka - portable chemical toilet ;-) with a few rolls of TP... with a GOOD exhaust fan...

The list is endless and really depends on the types of surveillance you'll do...you can install just about anything in a normal size van but the most important thing is to keep everything at arms length when you're sitting at the rear console...

by SpyKing

Return to Top

HOW TO MANIPULATE A BRIEFCASE COMBO LOCK

Each combo is really a disk with a notch in it. When all the notches on the disk are in line with the position of the latch botton...the latch presses fully to the direction of the combo's and the lock opens. ok..now we know how it works.

Here's how to manipulate it: Press the latch botton reasonably hard in the direction of the combo's. The dial closest to the latch button is hereby #1. Start with dial one on zero. Press firmly...and spin dial 2 randomly. No pressure on dial 2? Great...dial ONE goes to the next number. Still no pressure on number 2? Go to next number on dial 1. Keep this up till you feel resistance on dial 2. When you feel resistance..this means that the pin on the latch botton is Now going THROUGH the notch in the first dial...and you got that one solved. Do this again for dial 2. When that is solved...just try each of the 10 numbers for dial 3 and POP...its open.

Now....when it's open, press the latch botton to the direction of the dials...and spin the heck out of all the dials....This will change the combo's and someone is about to have a real bad day.

Note: The more pressure you put on the latch botton....the easier it it to feel resistance. Use a lighter....cause your thumb will hurt. This is a quick process and should take no longer than 30 seconds. If you have any problems with any dials on the ZERO....go the other way.

by BadCoffee

Return to Top

HOW TO BUILD A BENCHTOP TEMPEST INTERCEPTOR

The is very little public knowledge about TEMPEST. Most infomation, including how to safeguard against monitoring, has been classified by the government. You can view an article I wrote on TEMPEST at: http://www.thecodex.com/c_tempest.html and another at: http://www.thecodex.com/rise.html

In order to protect computers and CRT's from electromagnetic emission monitoring (interception, recontruction and viewing) it is necessary to use shielding. This shielding is available in several forms but that is another article...

Once the shielding is installed, how do you test it for leakage? It is necessary to see if you can monitor the device yourself. Since TEMPEST monitoring equipment is normally very expensive and hard to come by, here is a simple way to construct a "simple" monitoring device that will help you detemine if your computer can be "snooped" on by outside sources... this device was designed for "defensive" purposes and should NOT be used offensively... it does not have the distance capability of my DataScan device but it WILL work as a laboratory benchtop demo device...

Like Van Eck and Moller, I have deliberately flawed the article for the technically challenged... After all, we don't want everyone to have one of these, do we?

TEMPEST Interceptor - Follow my instructions...

You need to learn something about electronics to make this happen. The first lesson will be to construct a sync generator to drive the computer monitor without any signal or video.

To start this you must take your spectrum analyzer, turn off every appliance in the area. Put the analyzer near the computer monitor, turn on the monitor but NOT the computer. Start searching around 15Khz. You should get a strong signal somewhere between 14Khz & 17Khz. Log that frequency. Next try looking around 30Hz to 60Hz. Which is stronger 30 or 60? Log that.

Next we're gonna build a "computer sync generator" (video gear will not work). Most technician's who have tried to build a TEMPEST interceptor have been trying to use "off-the-shelf" products. Don't believe what you read or hear, they won't work. You've got to build a computer sync generator.

It isn't really so hard to do. Get yourself a copy of the "CMOS Cookbook". It's around. In there it shows how to build a 555 timer. It is a small and simple circut. Maybe 5 components. The 555 has in it all the clock and electronics to make a timer from 1Hz to 10Mhz. Follow the instructions and make a variable timer (it is really simple). Make the first one run at the exact f requency of the monitor, say 16 Khz. Next make a seperate one at the second frequency say 30 Hz. Then tie them together with a .o1 Mfd cap. The output should drive your monitor (generator is done).

Two minor things I forgot to mention. The output of the 555 is about 5 to 12 volts. You will need to attenuate it to about .3 volts. Several resistors will do.

The other thing is that you need a negative pulse out of the 555. The normal output of a 555 is a square wave. n and off . You must vary the duty cycle to create a square wave which is most of the time on and the sync duration off.

You now need a seperate dedicated computer monitor. Open the input plug and find the shielded cable inside. Attach the output of your circut to the center-conductor and the battery minus from your circut to the shield. You have a solid black screen on the monitor. Turn up the brightness. There should be no rolling and weaving. If so... adjust the pot in YOUR CIRCUIT not the monitor, to stop it.

Next step. Collect the signal you hear and see on your anaylzer/receiver. Take the output of your reciever tuned to those frequencies. Connect the output through a .01 mfd cap to the output of the sync generator and "viola" you should start to see the monitors radiated signal on your monitor. Shielding your viewing monitor from the recieving monitor and small adjustments in your generator frequency should do it. In fact no adjustments should still do it.

The antenna that you use is critical. Make sure you use the right one... ;-)

by SpyKing

Return to Top

HOW TO DECODE TELEPHONE NUMBERS OFF A TAPE RECORDING

It's pretty simple. You can pay a lot of money for a digital decoder or you can simply use your pager... Yep, that's right... your pager/beeper...

You don't need to buy fancy equipment sold by the "Spy Shops"... or other nefarious organizations... All you need to do is take the tape recording of the telephone number you want to decode (hopefully it's a decent recording) and fast forward to the beginning of the recorded number BEFORE the number starts playing...

Dial your pager number and when you hear the three beep prompt place the mouthpiece of the phone next to the speaker on the tape recorder and press play. The recorded number is sent to the pager company and is automatically decoded the same as if you punched it in on your telephone dialpad.

In a few minutes when you pager goes off you will see the target number displayed and you will have saved yourself some money. Several PI's charge as much as $50.00 USD to decode a single number...

by SpyKing

Return to Top

HOW TO CRACK A TWO DIGIT ANSWERING MACHINE

To crack an answering machine use a pocket speed dialer from radio shack. They have two models. Only one has a speed dial frequency. You plug in a 101 digit code in sequence.

011223344556677889913579024680369258147159370494838272616051739506284085529630 074197531864209876543210 . plug this into the dialer using the three priority buttons plus another bank. as soon as you here the machine click on for the greeting...go. Long winded messages are best 'cause you have more time torun the numbers.

You can get the program from the machine's voice (?) to give you the menu. Be careful of two things! Caller ID and the damnable call return. You know, where you hit a button to call back the last call a person gets. That can oops ya. Use a pay phone. be careful running a op on someone who is paranoid. They love cid and call return.

You are also busting a law of some kind doing this. One more tidbit. remember Bernard Spindels rule ( he was a great wire man of the sixties, invented the harmonica bug ) Never eavesdrop on someone you know and or love. They wll not always say something kind about you, no matter how much they love you.

Yes, the above does bust an answering machine, yes, Bernard, rest his soul, was right. MC

by : CChrist373

Return to Top

HOW TO CRACK A THREE DIGIT ANSWERING MACHINE

Answering machines are nothing special. We are using answering machines with a daily routine even without reading their operating manual. That's why we know mostly nothing about a few special features which are build into an answering machine to make our living more comfortable.

One of this features is the remote access to the answering machine for checking who called and left a message, or for changing the answering text. This remote access is been done with a tone dialer and a two or three digit access number. That makes it easy for a stranger to hack the access number within minutes, gain access to the answering machine and listen to the recorded messages. And it is no big secret in the Phreaker scene that the default factory access code for most of the answering machines is 147 or 741. There is also a digit sequence for three digit access codes available which fits 99% of the needs. The digit sequence is as followed:

900 102 030 405 060 708 091 121 314 151 617 181 922 324 252 627 282 933 435 363 738 394 454 647 484 955 657 585 966 768 697 787 988 99

This sequence was made by a tiny little Turbo Pascal program and both were published over computer networks.

For certain reasons it happens very rare that a Phreakers tries to hack an answering machine. First, it costs him money to hack the answering machine because normally no private person owns a toll free number and second, in 99% there are no big secrets to find on an answering machine. The average message on a answering machine is "Hey, here is ... please call me back". So it's a waste of time for the Phreaker spending money for nothing.

Another build in feature of a modern answering machine is a monitoring option.

This monitoring option is normally protected by a two or three digit code and allows a caller to listen to the room in which the answering machine is installed. This is a very usefull option for parents which are away from home and wants to listen what the children are doing (sleeping mode or party time mode) and it is a very usefull option for a curious Phreaker to invade the privacy of people. The problem becomes even bigger when the answering machine is installed in the office of a small/big company. In that case it is possible for the Phreaker to get vital and/or confidental informations about the company and their future plans.

The only method to prevent the misuse of these options and features is to buy an answering machine without these options and features.

by Howard Fuhs

Return to Top

HOW TO DECODE A PAGER MESSAGE

You will need a scanner and a PC with interface.

I have uploaded the software to Simtel.Net:

http://www.simtel.net/pub/simtelnet/msdos/commprog/pocdec1.zip ftp://ftp.simtel.net/pub/simtelnet/msdos/commprog/pocdec1.zip 20824 bytes

pocdec1.zip POCSAG Decoder v1.00: Multiple bps decoding

POCSAG Decoder v1.00 is a decoder which allows 512, 1200 and 2400 bps POCSAG decoding. It can log RIC's and a little sender is included.

Freeware. Uploaded by the author.

by Bernard Galasso

Return to Top

HOW TO PROTECT DATA ON YOUR HARD DRIVE

Protecting computer data

There are several ways to protect the data on your hard drive. If you think that applying a strong magnet to the computer case or the drive is going to help you, think again. A single monopolar pulse will still leave hysteresis traces on the disk. You may get all sorts of read errors and the operating system may not be able to read the drive, but low level magnetic remnants of the data are still present. Anyone skilled in extracting low level signals from high level noise will be able to reproduce the data.

There are several programs (Norton Utilities "wipeinfo" for example) which are quite effective in wiping disks. They all use the same procedure, that is, write all "0"s followed by all "1"s - a process repeated at least three times. Then each location is overwritten with a single character, usually F6 (hex). The only drawback of this procedure is that it takes a considerable amount of time. If you're in a hurry, a .38 hollowpoint through the drive may be your best bet.

A more practical approach is to use removable storage media such as those manufactured by Iomega and Syquest. These are fast enough to act effectively as normal hard drives. The cartridge can be sequestered in any way your imagination can calculate. The removable cartridge could also be easily destroyed if necessary. Keep your programs and operating system on your main hard drive but keep all your sensitive data on the removable cartridge. This isn't 100% safe since your programs may place some of the data in temporary locations on your hard drive while they are being processed. You would still have to go through the wipe procedure but you could limit it to unused space, which would be considerably faster. I'm assuming that everyone in this group knows that deleting or erasing a file does not eliminate it. Delete and erase only release the file's allocated space and directory entry. Until that space is overwritten several times, the data is recoverable.

by Arny Buckman

Return to Top

HOW TO GET SECRET INTERNET ACCESS FROM SOMEONE ELSE'S TELEPHONE

If I wanted to secretly access the internet from someone else's home telephone without their knowledge, I would simply assemble the following items:

1) an accoustic coupler ~ got mine at a thrift shop for $5. still in the box
2) portable (household) telephone handset with a fully charged battery
3) any computer with a modem ~ laptop works best for soon-to-be- obvious reasons

First, at your house, unplug the base of the portable telephone. Now check the handset for a dialtone. If you have a dialtone, you are getting it from a neighbor's portable phone base, compliments of the neighbors telephone service. Using the accoustic coupler, connect the handset to the modem on your computer, then dial up your favorite ISP. If you don't have a dialtone on the handset, no problem; gather your toys, and travel to the nearest high density, residential area, then drive around with the handset. Every few 100 feet, check it for a dialtone. As soon as you have a dialtone, stop and connect the coupler to the handset and modem, then dial up your ISP.

If you don't want to use your OWN name and ISP... On AOL, you can log on as "guest" with no password. If you had someone else's password on any service, you could log on as that person. If you don't have access to someone else's internet acount, you can always be yourself, just logging on from a new phone. This works best in the middle of the day (if it is a "working class" area) or in the middle of the night -- you don't want some putz picking up their home phone and spoiling your fun. (you can prevent that; e-mail for more details) Some sneaky PI's I know, use the telephone handset for on-the-fly "pretext" calls..... ; )

by DSmith9899

Return to Top

HOW TO TRACE SOMEONES REAL IDENTITY WITH A MESSAGE ID TAG

From every email header, I can get the sender's IP address and their SMTP(mail) server. with this information in hand, I can find out who sent the email, where they live, their phone number, etc..., and all with just a little bit of effort, knowledge, basic UNIX shell commands, and maybe a touch of social engineering. The example below demonstrates just how easily I can get all of this info. This is an actual search I made a while back.

--------------------begin document----------------------

We'll assume that you want to find someone to -for instance get their real name. With that and the local library you can get their phone # and address, with that information you can get a birth certificate, social security #, driver's License #, credit report, etc... AMAZING ISN'T IT!!!

For the purposes of this document we'll use some information from a hack job done recently. Including the uniformative information.

This is the asshole I was looking for:

gambit = gambit@sfsu.edu

First step was to peg the IP addresses of the server with the Name Server function....

Translated Name: sfsu.edu IP Address: 130.212.10.162 IP Address: 115.102.115.117 IP Address: 46.101.100.117 IP Address: 0.41.0.5 IP Address: 198.41.0.6

A PING to see which IP responded.. that would also be the one you telnet to if you don't specify the IP address!! It may not let you in but the others might... Try them all

Pinging sfsu.edu [130.212.10.162] with 48 data bytes

Reply from 130.212.10.162: 48 bytes in 331 msec. TTL: 241 Reply from 130.212.10.162: 48 bytes in 326 msec. TTL: 241 Reply from 130.212.10.162: 48 bytes in 320 msec. TTL: 241 Reply from 130.212.10.162: 48 bytes in 321 msec. TTL: 241 No data received.

PING Statistics for sfsu.edu 5 packets transmitted, 4 packets received, 20% packet loss round-trip (ms) min/avg/max = 320/324/331

Sending 48 data bytes to sfsu.edu [130.212.10.162]

Now we run a TRACEROUTE... This will help us visualize and see the geographic location (In this case SanFrancisco)

1:Received echo from ? [204.214.228.129] in 200 msec. 2:Received echo from in-gw-e0/LIT.intellinet.com [204.182.227.1] in 209 msec. 3:Received echo from sl-fw-11-S2/5-T1.sprintlink.net [144.228.131.49] in 229 msec. 4:Received echo from sl-fw-5-F1/0.sprintlink.net [144.228.30.5] in 490 msec. 5:Received echo from sl-kc-2-H2/0-T3.sprintlink.net [144.228.10.77] in 268 msec. 6:Received echo from sl-chi-15-H2/0-T3.sprintlink.net [144.228.10.69] in 295 msec. 7:Received echo from sl-chi-6-F0/0.sprintlink.net [144.228.50.6] in 277 msec. 8:Received echo from sl-chi-nap-H1/0-T3.sprintlink.net [144.228.56.10] in 275 msec. 9:Received echo from aads-F.mci.net [198.32.130.227] in 284 msec. 10:Received echo from core3-hssi1-0.WillowSprings.mci.net [204.70.1.197] in 271 msec. 11:Received echo from core1.Bloomington.mci.net [204.70.4.161] in 298 msec. 12:Received echo from border1-fddi-0.Bloomington.mci.net [204.70.2.130] in 312 msec. 13:Received echo from csunet-losnettos.Bloomington.mci.net [204.70.48.6] in 306 msec. 14:Received echo from SanFrancisco-ATM-GW.CSU.NET [204.102.243.144] in 323 msec. 15:Received 48 bytes from sfsu.edu [130.212.10.162] in 318 msec.

TraceRoute Statistics for sfsu.edu 15 packets transmitted, 15 packets received, 0% packet loss round-trip (ms) min/avg/max = 200/290/490

You guessed it - Time for a WHOIS - BUT use the ds.internic.net sever not the rs..... it will search everywhere.

He wasn't there though - There are some names and addresses and phone #'s of sysadmin listed (HOME #'s)

The ds.internic.net whois server is being queried: -------------------- Gaon, Brian D. (BDG6) bgaon@SFSUVAX1.SFSU.EDU San Francisco State University 1600 Holloway Avenue San Francisco, CA 94132 (415) 338-2876

Record last updated on 02-Jul-91.

The rs.internic.net whois server is being queried:

Baum, Amy (AB374) greenbd@SFSU.EDU 510.757.3333 Gonzalez, Aurelio (AG344) aurelio@SFSU.EDU 415-276-0532 MacDonald, C.j (CM1455) cjm@SFSU.EDU 415-752-9305 Naumann, Jon (JL311) jnaumann@sfsu.edu (415) 338-1584 Riddle, Stephen (SR1056) sriddle@SFSU.EDU 415-752-8512 Schmidt, Heidi (HS30) heidis@SFSU.EDU 415-338-6175 Strickler, Don (DS2362) dons@SFSU.EDU 415-338-3046 Tse, Jack (JT124) jack@SFSU.EDU 415-338-2627

The nic.ddn.mil whois server is being queried:

No match for mailbox "@SFSU.EDU".

This time I whois'd GAMBIT instead of the server (he might not have an account there - it might be a spoof....

Fried, Matt (MF236) gambit@MONADNOCK.KEENE.EDU (603)358-8028 Gambit Automated Design Inc. (NET-NET-GAMBIT) NET-GAMBIT 204.30.212.0 Gambit Automated Design Inc. (GAMBIT-DOM) GAMBIT.COM Gambit BBS (GAMBITBBS-DOM) GAMBITBBS.COM Gambit Communications, Inc. (GAMBITCOMM-DOM) GAMBITCOMM.COM Gambit Media (GUAGENTI-DOM) GUAGENTI.COM Gambit New Orleans Weekly (GAMBIT-NO-DOM) GAMBIT-NO.COM Gambit Systems (GAMBITSYS-DOM) GAMBITSYS.COM Nelson, Philip (PN218) gambit@VARMM.COM 318-322-8222 Ritter, Russell (RR1116) gambit@CDSNET.NET 541.883.2028 ext.35

The nic.ddn.mil whois server is being queried:

whois: connect: Connection refused

There were a couple... to be sure Telnet into the mail server (port 19 or 25) like so :

vrfy gambit@sfsu.edu

250 ALONZO SAMPSON San Francisco State University

Got the BASTARD.. A call to Directory Assistance and you can get the university operator's #. They'll give you the phone # and mailing address....

University Operator - 415-338-1111

This was a simple search that included more steps than usual for the sake of completeness. It also implied that you could view complete headers with your news and mail programs and decipher them.

--------------end document--------------------------

for the complete version of this document, you can visit my website and go to this URL: http://www4.ncsu.edu/~jkwilli2/main/locate.html

for access to all of the tools that i used for this case, you can visit my website at http://152.7.11.38/~tattooman/ and follow the links to the UNIX Tools Gateway and the Internet Tools Gateway. you will also find information on how to decipher email headers, etc...

If you want to track someone down without having to visit my website and use the tools I provide, then you can download Netscan32 from http://www.tucows.com/ and also get a winsock type PPP connection (if you don't already have one).

Hasta Amigos,

Ken

//-----------------| TATTOOMAN |-----------------\\

Return to Top

HOW TO COOL THE REAR OF A SURVEILLANCE VAN

Here's what we did to cool the back of a van on a small budget. Get a large coleman cooler and put several feet of soft copper tubing in a coil in the cooler. Get a 12 volt pump motor and hook it up to the copper coil.You can use hose clamps and clear plastic tubing because there will be very little pressure. The clear tube also lets you see if the fluid is circulating. Also at the auto parts store or a radiator shop you can pick up a small heat exchanger like that used for automatic transmission coolers, and an after market electric radiator fan. Get a heat exchanger at least as big as the radiator fan. Connect the copper coil to the pump, and then to the heat exchanger creating a closed loop system. Fill the copper tube with some fluid, (like radiator fluid 50/50 with water) and fill the coleman cooler with ice and you have a cooling system. The fluid gets cooled by the ice in the coleman cooler and is circulated by the pump through the radiator coil and the electric radiator fan blows across the coils, cooling the back of the van. I would not use dry ice because it put out co2 and if the van is not well vented it could displace the oxygen and kill you. I have seen adds for some small refrigerators for motor homes that plug into the cigarette lighter and you at may be able to replace the coleman cooler and ice and put the copper coils in the refrigerator.

by walstb

Return to Top

HOW TO POWER A SURVEILLANCE VAN

One suggestion I have for powering surveillance or commo vans is to use a separate 12 v battery for the comms/surveillance/AC. This way, if you discharge the battery, you can still start the van (from the van's original battery) and drive away (or recharge the auxiliary battery). I think that the fracas accompanying a tow-truck "jump" would be counterproductive as far as surveillance .

You can use one or more (paralleled) matched vehicle batteries although a large, deep-cycle marine or RV battery is preferable. These are lead-acid wet batteries (sealed or not) so I would suggest putting them in plastic (RV- marine) battery containers and mounting the containers. The battery containers should be vented and not in the passenger or surveillance area. Lead-acid batts can give off explosive/posionous gas. RV and van auxiliary batteries sometimes can mounted in the engine compartment, near the main (engine) battery, or else in vented compartments on the sides or underneath the vehicle.

Figure out the total amperage of the comm, lighting, AC and surveillance equipment you'll be using and find a battery with enough amp-hours to run all of that equipment for a decent amount of hours with some time left over. Radios and some other equipment have a changing current draw, so figure the maximum current for these (the transmitting current at full power for a radio).

Isolating the batteries: You'll need to isolate the auxiliary (surveillance) battery from the vehicle electrical system, while still being able to charge it from the vehicle's alternator.

How this is *supposed* to work is that while the engine is running, both main and aux batteries are being charged by the alternator. Shut off the engine and the batteries are isolated from each other so that running down the aux battery will not discharge the main battery.

There are two ways to do this; solid-state or a good old-fashioned 100-amp solenoid normally relay. I prefer the relay because when solid-state "isolators" fail, there is a chance of running down both batteries. The large terminals of the solenoid connect the aux battery to the main battery when the engine is running. The small (-) terminal connects to chassis ground and the small (+) terminal connects to an "ignition" source.

Wiring and fuses: #10 wire between the batteries and solenoid should be sufficient. This wire carries charging current for the most part. Use breakers or fuses at each end.

The auxiliary battery should have a main fuse or breaker going to a bus or terminal block, and the block should be equipped with breakers or fuses rated appropriately for each piece of surveillance and other equipment. You may want to use #8 or #10 wire for high-current equipment.

The battery negative (-) should be grounded to chassis with a #12 jumper, but each piece of equipment should have its own negative battery connection, not a chassis return to ground. This is more reliable in today's plastic CPU- controlled cars.

Secure cables and wires with "tie-wraps", cable ties or clamps. Make sure cables and wires won't flex, rub and wear through with vibration in the van.

You can customize or get as fancy as you like, adding amp or voltmeters, special electrical outlets, switch panels, main switches and so on. Smaller vans may require a beefier alternator to charge the original battery and the auxiliary. It might be possible to order a new van with a larger alternator.

Safety tip: Monoxide detectors and fire extinguishers are a good idea.

by jcoote

Return to Top

HOW TO CONSTRUCT A SELF DESTRUCTING TAPE

>Anyone have a source for self destructing VCR (VHS) or cassette tapes.
>Something that will self destroy after playing and will not damage the machine?

A few ideas were offered involving magnetic erasure of the tapes, which were pretty well shown to be unpracticable; involving, as it did, more than could be comfortably included within the videocassette housing.

I was recently re-thinking this problem and thought of _physically_ destroying the tape as it played. Since the idea is having a one-time-play video tape, if the action of playing the tape actually destroyed the tape, the requirements of the original query would be met. Keeping in mind, of course, that the cassette should pass casual examination before playing and appear to be "un-gimmacked".

The solution that occurred to me recently, both low-tech and easy to implement, effectively does this. Simply put, one just cuts the tape to ribbons as it plays.

To implement this, after recording the bit, the tape is re-wound to the beginning, the casing is opened and "flat spring" mounted cutters are inserted within the housing. The cutters need be no more than the points of Exacto blades, epoxied to the end of a flat-leaf spring (a rake prong worked well for this in my prototype). They rest against the center of the take-up reel, pointed in the direction of rotation during "PLAY" of the cassette. The shape of the flat spring is such that it comes down the side of the cassette that has the other tape spool, across the back of the casing and elbows (with tension) back into the take-up spool, resting against the center of it.

The result of playing the tape is having it sliced into ribbons, with numerous "slivers" being cut out from them as the cutters track back and forth within the take-up spool (angling the cutters may increase this). The tape plays normally until an attempt is made to re-wind it, which results in further damage to the tape (though the playback machine is not harmed by the resulting rats' nest).

Recovery of the original recording would be well beyond the means of most, since I know of no existing techniques to recover the original recording after the tape has been length-slit, especially with cut out slivers, though I admit there may be such.

My apologies for such a late reply to the original query. Not only did this possible solution not readily occur to me, but I was pleased enough with what did finally surface to decide to share it with everyone for their comments.

by 5-i's

Return to Top


Back to Home Page

© Copyright 1996-1999 SpyKing- All Rights Reserved-All Wrongs Revenged