Exclusive to PCN - extracts from The Hacker's Handbook, by Hugo Cornwall, published this week. Revealed in two parts are the secrets and knowhow of the experts of computer communications

You will find few products on the market labelled 'for hackers'; you must select those items that appear to have 'legitimate' but interesting functions and see if they can be bent to the hacker's purposes.

Almost any popular micro will do; hacking does not call upon enormous reserves of computer power. Nearly everything you hack will come to you in alphanumeric form, not graphics. The computer you already have will almost certainly have the essential qualities. However the very cheapest micros, like the ZX81, while usable, require much more work on the part of the operator/hacker, and give him far less in the way of instant facilities.

Most professional data services assume the user is vieweing on an 80 column screen; ideally the hacker's computer should be capable of doing that as well, otherwise the display will be full of awkward line breaks. Terminal emulator software (see below) can sometimes provide a 'fix'.

One of two disk drives are pretty helpful, because you will want to be able to save the results of your network adventures as quickly and efficiently as possible. Most terminal emulators use the computer's free memory (i.e. all that is not required to support the Operating System and the emulator software itself) as store for the received data, but once the buffer is full, you will begin to lose the earlier items. You can, of course, try to save to cassette, but normally that is a slow and tedious process.

An alternative storage method is to save to a printer, printing the received data stream not only to the computer screen, but also on a dot matrix printer. However, most of the more popular (and cheaper) printers do not work sufficiently fast. You may find you lose characters at the beginning of each line. Moreover, if you print everything in real time, you'll include all your mistakes, false starts, etc, and in the process use masses of paper. So, if you can save to disk regularly, you can review each hack afterwards at your leisure and, using a screen editor or word processor, save or print out only those items of real interest.

The computer must have a serial port, either called that or marked RS232C (or its slight variant RS423), or V24, which is the official designator of RS232C used outside the US, though not often seen on micros.

The very cheapest micros, such as the ZX81, Spectrum, or Vic 20, do not have RS232C ports, though add-on boards are available. Some of the older personal computers, like the Apple or the Pet, were also originally sold without serial ports, though standard boards are now available.

Some RS232C implementations on micro or add-on boards are there simply to support printers with serial interfaces, but they can often be modified to talk into modems. The critical two lines are those serving pins 2 and 3.

• A computer serving a modem needs a cable in which Pin 2 on the computer is linked to Pin 2 on the modem.
• A computer serving a printer, etc, needs a cable in which Pin 3 on the computer is linked to Pin 2 on the printer and Pin 3 on the printer is linked to Pin 2 on the computer
• If two computers are linked together directly, without a modem, then Pin 2 on computer A must be linked to Pin 3 on computer B and Pin 3 on computer B linked to Pin 2 on computer A

One difficulty that frequently arises with newer or portable computers is that some manufacturers have abandoned the traditional 25-way D-connector, largely on the grounds of bulk, cost and redundancy. Some European computer and peripheral companies favour connectors based on the DIN series (invented in Germany), while others use D-connectors with fewer pin outs. There is no standardisation. Even if you see two physically similar connectors on two devices, regard them with suspicion. In each case, you must determine the equivalents of: characters leaving computer (Pin 2); characters arriving at computer (Pin 3); and signal ground (Pin 7).

You can usually set the speed of the port from the computer's Operating System and/or from Basic. There is no standard way of doing this; you must check your handbook and manuals. Most RS232C ports canhangle the following speeds: 75, 110, 300, 600, 1200, 2400, 4800, 9600 and sometimes 50 and 19200 baud as well. These speeds are selectable in hardware by appropriate wiring of a chip called a baud-rate generator. Many modern computers let you select speed in hardware by means of a DIL switch.

The higher speeds are used either for driving printers or for direct computer-to-computer or computer-to-peripheral connections. The normal maximum speed for transmitting along phone lines is 1200 baud.

We all need a quest in life. Sometimes I think mine is to search for the perfect software package to make micros talk to the outside world. As in all quests, the goal is occasionally approached but never reached, if only because the process of the quest causes one to redefine what one is looking for.

These items of software are sometimes called communications packages, or asynchronous comms packages, and sometimes terminal emulators, on the grounds that the software can make the micro appear to be a variety of different computer terminals.

Until recently, most on-line computer services assumed that they were being examined through dumb terminals - simply a keyboard and a screen, with no attendant processing or storage power (except perhaps a printer).

With the arrival of PCs all this is slowly changing, so that the remote computer has to do no more than provide relatively raw data and all the formatting and on-screen presentation is done by the user's own computer. Terminal emulator software is a sort of half-way house between dumb terminals and personal computers with considerable local processing power.

Many slight variants on the dumb computer terminal exist - hence the availability of terminal emulators to provide, in one software package, a way of mimicking all the popular types.

Basic software to get a computer to talk through its RS232C port, and to take in data sent to it, is trivial. What the hacker needs is software that will make the computer assume a number of different personalities upon command, store data as it is collected, and print it out.

Two philosophies of presenting such software to the user exist: first, one which gives the naive user a simple menu which says, in effect, 'press a key to connect to database' and then performs everything smoothly, without distracting menus. Such programs need an install procedure, which requires some knowledge, but most ordinary users ever see this. As a hacker you will want the precise opposite.

The second approach to terminal emulator software allows you to reconfigure your computer as you do - there is plenty of on-screen help in the form of menus allowing you to turn on and off local echo, set parity bits, show non-visible control codes and so on.

In a typical hack, you may have only vague information about the target computer, and much of the fun is seeing how quickly you can work out what the remote computer wants to 'see' - and how to make your machine respond.

Given the number of popular computers on the market, and the number of terminal emulators for each one, it is difficult to make a series of specific recommendations. What follows therefore, is a list of the sort of facilities you should look for:

On-line help. You must be able to change the software characteristics while on-line and be able to call up help menus instantly.

Text buffer. The received data should be capable of going into the computer's free memory automatically so that you can view it later off-line.

Half-full duplex (echo on/off). Most remote services use an echoing protocol: when the user sends a character to the host computer, the host immediately sends back the same character to the user's computer, by way of confirmation.

Data format/parity setting. In a typical asynchronous protocol, each character is surrounded by bits to show when it stats, when it ends, and to signify whether a checksum performed on its binary equivalent comes out even or odd. The character itself is described, typically, in seven bits and the other bits, state, stop and parity, bringing the number up to ten.

However, this is merely one very common form, and many systems use subtle variants - the ideal terminal emulator software will let you try out these variants while you are still on line. See Table 1 for typical variant.

Show control characters. This software switch displays characters not normally part of the text that is meant to be read.

Macros. This is the US term, now rapidly being adopted in the UK, for the pre-formatting of a log-on procedure, passwords, etc.

Auto-dial. Some modems contains programmable auto-diallers so that frequently-called services can be dialled from a single keyboard command.

Format screen. Most professional on-line and time-share services assume an 80 column screen. The format screen option in terminal emulators may allow you to change the regular text display on your micro.

File protocols. When computers are sending large files to each other, a further layer of protocol, beyond that defining individual letters, is necessary.

EOB/ACK. The sending computer divides its file into blocks (of any convenient length); after each block is sent, an EOB (End of Block) character is sent. The user's computer must then respond with an ACK (Acknowledge) character.

File Transmission. All terminal emulators assume you will want to send, as well as receive, text files. Thus, in addition to the protocol settings already mentioned, there may be additional ones for that purpose.

Specific terminal emulation. Some software has preformatted sets of characteristics to mimic popular commercial dumb terminals.

Baudot Characters. The Baudot code, or International Telegraphic Code No 2, is the 5-bit code used in telex and telegraphy.

Viewdata Emulation. This gives you the full, or almost full, graphics and text characters of UK standard viewdata.

Modem is a contraction of modulator-demodulator. A modem taking instructions from a computer (pin 2 on RS232C) converts the binary 0s and 1s into specific single tones, according to which standard is being used. In RS232C/V24, binary 0 (ON) appears as positive volts and binary 1 (OFF) appears as negative volts.

The tones are then fed, either acoustically via the telephone mouthpiece into the telephone line, or electrically, by generating the electrical equivalent direct onto the line. This is the modulating process.

In the demodulating stage, the equipment sits on the phone line, listening for occurrences of preselected tones (again according to whichever 'standard' is in operation) and, when it hears one, delivers a binary 0 or binary 1 in the form of positive or negative voltage pulses into pin 3 of the computer's serial port.

This explanation holds true for modems operating at up to 1200 baud; above this speed, the modem must be able to originate tones, and detect them accordingly to *phase* as well. But since higher-speed working is unusual in dial-up ports - the hacker's special interest - we can leave this matter to one side.

The modem is a relatively simple bit of kit: on the transmit side it consists of a series of oscillators acting as tone generators, and on receive has a series of narrow band-pass filters.

Designers of modems must ensure that unwanted tones do not leak into the telephone line (exchanges and amplifiers used by telephone companies are sometimes remotely controlled by the injection of specific tones) and also that, on the receive side, only the distinct tones used for communications are 'interpreted' into binary 0s or 1s.

The other engineering requirements are that unwanted electrical currents do not wander down the telephone cable (to the possible risk of phone company employees) or back into the user's computer.

Until relatively recently, the only UK source of low-speed modems was British Telecom. The situation is much easier now, but de-regulation of 'telephone line attachments', which include modems, is still so recent that the ordinary customer can easily become confused. Moreover, modems offering exactly the same service can vary in price by over 300 per cent.

At 300 baud, you have the option of using direct-connect modems which are hard-wired into the telephone line, an easy enough exercise, or using an acoustic coupler in which you place the telephone hand-set.

Acoustic couplers are inherently prone to interference from room noise, but are useful for quick lash-ups and portable operation. Many acoustic couplers operate only in originate mode, not in answer.

At higher speeds acoustic coupling is not recommended, though a 75/1200 acoustic coupler produced in association with the Prestel Micronet service is not too bad, and is now exchanged on the second-hand market very cheaply indeed.

I prefer modems that have proper status lights - power on, line seized, transmit and receive indicators. Hackers need to know what is going on.

Table 2 shows all but two of the types of service you are likely to come across; V-designators are the worldwide 'official' names given by the CCITT; Bell-designators are the US names.

The two exceptions are: V22, 1200 baud full duplex, two wire; Bell 212A, the US equivalent. These services use phase modulation as well as tone.

British Telecom markets the UK services under the name of Datel.

BT's methods of connecting modems to the line are either to hard-wire the junction box (the two outer-wires are the ones you usually need) - a 4-ring plug and associated socket (type 95A) for most modems, a 5-ring plug and associated socket (type 96A) for Prestel applications (note that the fifth ring isn't used) - and, for all new equipment, a modular jack called type 600.

Building a modem is now largely a question of adding a few peripheral components, some switches and indicator lights, and a box. In deciding which 'world standard' modem to purchase, hackers should consider the following features.

Status Lights. You need to be able to see what is happening on the line.

Hardware/software Switching. Cheaper versions merely give you a switch on the front enabling you to change speeds, originate or answer mode and CCITT or Bell tones. Most expensive ones feature firmware which allows your computer to send specially formatted instructions to change speed under program control. However, to make full use of this facility, you may need to write (or modify) your terminal emulator.

Auto-dial. A pulse dialler and associated firmware are included in some more expensive models. You should ascertain whether the auto-dialler operates on the telephone system you intend to hook the modem up to. You will of course need software in your micro to address the firmware in the modem, and the software has to be part of your terminal emulator, otherwise you gain nothing in convenience.

D25 Connector. This is the official 'approved' RS232C/V24 physical connection - useful from the point of view of easy hook-up.

Next Week: Targets for Hackers