This file is an addendum to "A Novice's Guide To Hacking" written by "TheMentor".  The word "hacking" is here used the way the non-hacking publicthinks it is used, to mean breaking into somebody else's computer.  Itspurpose is to expand and clarify the information about the TOPS-20 operatingsystem, which runs on DECsystem-20 mainframes.  The Mentor basically lumpedthis system in with TOPS-10 and didn't note important differences between thetwo.  I will here reproduce in full what The Mentor had to say about TOPS-10and about VMS, which are the parent and the offspring of TOPS-20.VMS-       The VAX computer is made by Digital Equipment Corporation (DEC),           and runs the VMS (Virtual Memory System) operating system.           VMS is characterized by the 'Username:' prompt.  It will not tell           you if you've entered a valid username or not, and will disconnect           you after three bad login attempts.  It also keeps track of all           failed login attempts and informs the owner of the account next time           s/he logs in how many bad login attempts were made on the account.           It is one of the most secure operating systems around from the           outside, but once you're in there are many things that you can do           to circumvent system security.  The VAX also has the best set of           help files in the world.  Just type HELP and read to your heart's           content.           Common Accounts/Defaults:  [username: password [[,password]] ]           SYSTEM:     OPERATOR or MANAGER or SYSTEM or SYSLIB           OPERATOR:   OPERATOR           SYSTEST:    UETP           SYSMAINT:   SYSMAINT or SERVICE or DIGITAL           FIELD:      FIELD or SERVICE           GUEST:      GUEST or unpassworded           DEMO:       DEMO  or unpassworded           DECNET:     DECNETDEC-10-    An earlier line of DEC computer equipment, running the TOPS-10           operating system.  These machines are recognized by their           '.' prompt.  The DEC-10/20 series are remarkably hacker-friendly,           allowing you to enter several important commands without ever           logging into the system.  Accounts are in the format [xxx,yyy] where           xxx and yyy are integers.  You can get a listing of the accounts and           the process names of everyone on the system before logging in with           the command .systat (for SYstem STATus).  If you seen an account           that reads [234,1001]   BOB JONES, it might be wise to try BOB or           JONES or both for a password on this account.  To login, you type           .login xxx,yyy  and then type the password when prompted for it.           The system will allow you unlimited tries at an account, and does           not keep records of bad login attempts.  It will also inform you           if the UIC you're trying (UIC = User Identification Code, 1,2 for           example) is bad.           Common Accounts/Defaults:           1,2:        SYSLIB or OPERATOR or MANAGER           2,7:        MAINTAIN           5,30:       GAMES**** note:  I'm remembering this stuff from several years ago, and in somecases my memory may be foggy or stuff may be outdated.TOPS-20, once you are inside, resembles VMS much more than it resembles  TOPS-10, as far as I know (I'm not really familiar with VMS).  From theoutside, it's more like TOPS-10, except that the prompt is a @ instead of aperiod.  You can enter many commands without logging in, including SYSTAT andprobably FINGER.  (Sometimes you can even use the mail program withoutlogging in.)  It is very helpful.  Not only does the command HELP lead tolots of useful information, but anywhere in typing a command you can press ?and it will tell you what the format of the command expects.  For instance,if you type ? by itself, it will tell you all the words that a command canbegin with.  If you type S?, it will tell you all the commands that startwith the letter S.  If you type SYSTAT ?, it will tell you the optionsavailable on the systat command.  You can use this at any point in anycommand.  Furthermore, if there is only one possibility (you have typed aunique abbreviation), you can press Escape and it will finish the word foryou.  I'm not sure, but I think TOPS-20 was the system that first introducedfilename completion as well --turning a uniquely abbreviated filename into acomplete name when you press escape, beeping if the abbreviation is notunique.  With command keywords you can leave the abbreviation un-expanded,with filenames you have to expand it (or type it all in) for it to work.Use the "Login" command to log in, followed by a username.  It will promptfor a password.  Note that a password can be something like 39 characterslong, as can the username itself.  TOPS-20 does NOT use numbers like 317,043for user IDs.  (Note that these numbers in TOPS-10 are octal, not decimal.) Furthermore, the password can contain spaces.  So, if somebody wants to makehis password difficult to guess, he can easily do so.(But sometimes they might get overconfident.  I remember a story fromStanford...  Someone asked the large cheese if he would let him know what theoperator password was, and he said "The operator password is currentlyunavailable."  So the guy tried "currently unavailable" as a password, andgot in.  (Which reminds me of the time they got a real bug in the systemthere...  a head crash caused by an ant on the disk platter.))In general, TOPS-20 does not limit the number of login attempts, nor does itkeep a record of bad tries.  However, it is not difficult for the localmanagement to add such measures, or others such as a delay of several secondsafter each attempt.  And unlike Unix, it is difficult to evade these evenonce you're in.  Without heavy in-depth knowledge, you can't test a username-password combination except through a system call, which will enforce delaysand limited failures and such against password-trying programs.So, TOPS-20 is easy to defend against the "database hack", in which you trymany different common passwords with many different usernames.  (Unix ismuch more vulnerable to this.)  But any particular system, especially a laxone like a college machine (DEC is always popular in academia), might havelittle defense here.  But you might not know how much defense until too late.Do try the GUEST username.But TOPS-20 can be very vulnerable to trojan horses.  See, there's this thingcalled the Wheel bit.  A username that has the Wheel property can do anythingthe system operator can do, such as ignore file protection masks, edit thedisks at the track/sector level, change any area of memory...  On Unix, onlyone user, the superuser, can read and write protected files.  On TOPS-20, anyuser can do these things from any terminal, if the Wheel attribute is set inhis user data.  Some campus computers tend to accumulate excess trusted userswith wheel bits, and have to periodically prune away the unnecessary ones.The thing is that a wheel can do these things without knowing that he hasdone them.  Normally the privileged commands are deactivated.  But a programrun by a wheel can activate the privileges, do anything it wants, cover itstracks, and deactivate them without the user ever being the wiser.  So if youcan get any wheel user to run any program you wrote, such as a game or smallutility...  there's no limit to what you can do.  In particular, you cancreate a new username, and make it a wheel.  Or you can simply ask the systemoutright for someone's password, if I'm not mistaken.  (All this requiresaccess to TOPS-20 programming manuals, but some of the necessary materialshould be available on line.)  You cannot actually conceal this creation, asfar as I know...  but maybe with sophisticated enough knowledge you couldmake it not immediately apparent...  Anyway, once you get that far in, you canprobably keep one step ahead of them for a while...  If they erase your newaccounts, you can use the passwords to old ones...  They can change all ofthe wheel passwords, but a lot of the regular users won't change for sometime...  You could even lock the operators out of their own system bychanging all their passwords for them, if you were crazy enough, perhapsforcing them to shut the machine down to regain control of it.  They mighteven have to restore stuff from tape backup.Even if you don't wedge your way into secret stuff, a TOPS-20 system can befun to explore.  It's much more novice-friendly than most systems, and muchmore hacker-friendly as well.  I think the ascendency of Unix as the least-common-denominator OS that everybody can agree on is a definite loss,compared to TOPS-20.