The Hacker Crackdown Part 45

The SSC/MAC will track the status of reported troubles and escalate as appropriate. The SSC/MAC will close out customer/company reports with the initiating contact.

Groups with specific maintenance responsibilities, defined above, will investigate "chronic" troubles upon request from the SSC/MAC and the ongoing maintenance subcommittee.

All "out of service" E911 troubles are priority one type reports.

One link down to a PSAP is considered a priority one trouble and should be handled as if the PSAP was isolated.

The PSAP will report troubles with the ANI controller, ALI controller or set equipment to the SSC/MAC.

NO ANI: Where the PSAP reports NO ANI (digital display screen is blank) ask if this condition exists on all screens and on all calls. It is important to differentiate between blank screens and screens displaying 911-00XX, or all zeroes.

When the PSAP reports all screens on all calls, ask if there is any voice contact with callers. If there is no voice contact the trouble should be referred to the SCC immediately since 911 calls are not getting through which may require alternate routing of calls to another PSAP.

When the PSAP reports this condition on all screens but not all calls and has voice contact with callers, the report should be referred to SSIM/I&M for dispatch.

The SSC/MAC should verify with the SCC that ANI is pulsing before dispatching SSIM.

When the PSAP reports this condition on one screen for all calls (others work fine) the trouble should be referred to SSIM/I&M for dispatch, because the trouble is isolated to one piece of equipment at the customer premise.

An ANI failure (i.e. all zeroes) indicates that the ANI has not been received by the PSAP from the tandem office or was lost by the PSAP ANI controller. The PSAP may receive "02" alarms which can be caused by the ANI controller logging more than three all zero failures on the same trunk. The PSAP has been instructed to report this condition to the SSC/MAC since it could indicate an equipment trouble at the PSAP which might be affecting all subscribers calling into the PSAP. When all zeroes are being received on all calls or "02" alarms continue, a tester should a.n.a.lyze the condition to determine the appropriate action to be taken. The tester must perform cooperative testing with the SCC when there appears to be a problem on the Tandem-PSAP trunks before requesting dispatch.

When an occasional all zero condition is reported, the SSC/MAC should dispatch SSIM/I&M to routine equipment on a "chronic" troublesweep.

The PSAPs are instructed to report incidental ANI failures to the BOC on a PSAP inquiry trouble ticket (paper) that is sent to the Customer Services E911 group and forwarded to E911 center when required. This usually involves only a particular telephone number and is not a condition that would require a report to the SSC/MAC. Multiple ANI failures which our from the same end office (XX denotes end office), indicate a hard trouble condition may exist in the end office or end office tandem trunks. The PSAP will report this type of condition to the SSC/MAC and the SSC/MAC should refer the report to the SCC responsible for the tandem office. NOTE: XX is the ESCO (Emergency Service Number) a.s.sociated with the incoming 911 trunks into the tandem. It is important that the C/MAC tell the SCC what is displayed at the PSAP (i.e. 911-0011) which indicates to the SCC which end office is in trouble.

Note: It is essential that the PSAP fill out inquiry form on every ANI failure.

The PSAP will report a trouble any time an address is not received on an address display (screen blank) E911 call.

(If a record is not in the 911 data base or an ANI failure is encountered, the screen will provide a display noticing such condition). The SSC/MAC should verify with the PSAP whether the NO ALI condition is on one screen or all screens.

When the condition is on one screen (other screens receive ALI information) the SSC/MAC will request SSIM/I&M to dispatch.

If no screens are receiving ALI information, there is usually a circuit trouble between the PSAP and the Host computer.

The SSC/MAC should test the trouble and refer for restoral.

Note: If the SSC/MAC receives calls from multiple PSAP's, all of which are receiving NO ALI, there is a problem with the Node or Node to Host circuits or the Host computer itself. Before referring the trouble the SSC/MAC should call the MMOC to inquire if the Node or Host is in trouble.

Alarm conditions on the ANI controller digital display at the PSAP are to be reported by the PSAP's. These alarms can indicate various trouble conditions so the SSC/MAC should ask the PSAP if any portion of the E911 system is not functioning properly.

The SSC/MAC should verify with the PSAP attendant that the equipment's primary function is answering E911 calls.

If it is, the SSC/MAC should request a dispatch SSIM/I&M.

If the equipment is not primarily used for E911, then the SSC/MAC should advise PSAP to contact their CPE vendor.

Note: These troubles can be quite confusing when the PSAP has vendor equipment mixed in with equipment that the BOC maintains. The Marketing representative should provide the SSC/MAC information concerning any unusual or exception items where the PSAP should contact their vendor. This information should be included in the PSAP profile sheets.

ANI or ALI controller down: When the host computer sees the PSAP equipment down and it does not come back up, the MMOC will report the trouble to the SSC/MAC; the equipment is down at the PSAP, a dispatch will be required.

PSAP link (circuit) down: The MMOC will provide the SSC/MAC with the circuit ID that the Host computer indicates in trouble. Although each PSAP has two circuits, when either circuit is down the condition must be treated as an emergency since failure of the second circuit will cause the PSAP to be isolated.

Any problems that the MMOC identifies from the Node location to the Host computer will be handled directly with the appropriate MMOC(s)/CCNC.

Note: The customer will call only when a problem is apparent to the PSAP. When only one circuit is down to the PSAP, the customer may not be aware there is a trouble, even though there is one link down, notification should appear on the PSAP screen.

Troubles called into the SSC/MAC from the MMOC or other company employee should not be closed out by calling the PSAP since it may result in the customer responding that they do not have a trouble.

These reports can only be closed out by receiving information that the trouble was fixed and by checking with the company employee that reported the trouble.

The MMOC personnel will be able to verify that the trouble has cleared by reviewing a printout from the host.

When the CRSAB receives a subscriber complaint (i.e., cannot dial 911) the RSA should obtain as much information as possible while the customer is on the line.

For example, what happened when the subscriber dialed 911?

The report is automatically directed to the IMC for subscriber line testing.

When no line trouble is found, the IMC will refer the trouble condition to the SSC/MAC. The SSC/MAC will contact Customer Services E911 Group and verify that the subscriber should be able to call 911 and obtain the ESN.

The SSC/MAC will verify the ESN via 2SCCS. When both verifications match, the SSC/MAC will refer the report to the SCC responsible for the 911 tandem office for investigation and resolution. The MAC is responsible for tracking the trouble and informing the IMC when it is resolved.

For more information, please refer to E911 Glossary of Terms.

End of Phrack File _____________________________________

The reader is forgiven if he or she was entirely unable to read this doc.u.ment. John Perry Barlow had a great deal of fun at its expense, in "Crime and Puzzlement:" "Bureaucrat-ese of surpa.s.sing opacity. . . .

To read the whole thing straight through without entering coma requires either a machine or a human who has too much practice thinking like one.

Anyone who can understand it fully and fluidly had altered his consciousness beyond the ability to ever again read Blake, Whitman, or Tolstoy. . . .

the doc.u.ment contains little of interest to anyone who is not a student of advanced organizational sclerosis."

With the Doc.u.ment itself to hand, however, exactly as it was published (in its six-page edited form) in Phrack, the reader may be able to verify a few statements of fact about its nature. First, there is no software, no computer code, in the Doc.u.ment. It is not computer-programming language like FORTRAN or C++, it is English; all the sentences have nouns and verbs and punctuation. It does not explain how to break into the E911 system.

It does not suggest ways to destroy or damage the E911 system.

There are no access codes in the Doc.u.ment. There are no computer pa.s.swords.

It does not explain how to steal long distance service. It does not explain how to break in to telco switching stations. There is nothing in it about using a personal computer or a modem for any purpose at all, good or bad.

Close study will reveal that this doc.u.ment is not about machinery.

The E911 Doc.u.ment is about ADMINISTRATION. It describes how one creates and administers certain units of telco bureaucracy: Special Service Centers and Major Account Centers (SSC/MAC).

It describes how these centers should distribute responsibility for the E911 service, to other units of telco bureaucracy, in a chain of command, a formal hierarchy. It describes who answers customer complaints, who screens calls, who reports equipment failures, who answers those reports, who handles maintenance, who chairs subcommittees, who gives orders, who follows orders, WHO tells WHOM what to do.

The Doc.u.ment is not a "roadmap" to computers.

The Doc.u.ment is a roadmap to PEOPLE.

As an aid to breaking into computer systems, the Doc.u.ment is USELESS.

As an aid to hara.s.sing and deceiving telco people, however, the Doc.u.ment might prove handy (especially with its Glossary, which I have not included).

An intense and protracted study of this Doc.u.ment and its Glossary, combined with many other such doc.u.ments, might teach one to speak like a telco employee. And telco people live by SPEECH--they live by phone communication. If you can mimic their language over the phone, you can "social-engineer" them. If you can con telco people, you can wreak havoc among them. You can force them to no longer trust one another; you can break the telephonic ties that bind their community; you can make them paranoid. And people will fight harder to defend their community than they will fight to defend their individual selves.

This was the genuine, gut-level threat posed by Phrack magazine.

The real struggle was over the control of telco language, the control of telco knowledge. It was a struggle to defend the social "membrane of differentiation" that forms the walls of the telco community's ivory tower --the special jargon that allows telco professionals to recognize one another, and to exclude charlatans, thieves, and upstarts. And the prosecution brought out this fact.

They repeatedly made reference to the threat posed to telco professionals by hackers using "social engineering."

However, Craig Neidorf was not on trial for learning to speak like a professional telecommunications expert. Craig Neidorf was on trial for access device fraud and transportation of stolen property.

He was on trial for stealing a doc.u.ment that was purportedly highly sensitive and purportedly worth tens of thousands of dollars.

John Nagle read the E911 Doc.u.ment. He drew his own conclusions.

And he presented Zenner and his defense team with an overflowing box of similar material, drawn mostly from Stanford University's engineering libraries. During the trial, the defense team--Zenner, half-a-dozen other attorneys, Nagle, Neidorf, and computer-security expert Dorothy Denning, all pored over the E911 Doc.u.ment line-by-line.