War dialing

Last updated

War dialing or wardialing, a.k.a. "janning"[ citation needed ], is a technique to automatically scan a list of telephone numbers, usually dialing every number in a local area code to search for modems, computers, bulletin board systems (computer servers) and fax machines. Hackers use the resulting lists for various purposes: hobbyists for exploration, and crackers – malicious hackers who specialize in breaching computer security – for guessing user accounts (by capturing voicemail greetings), or locating modems that might provide an entry-point into computer or other electronic systems. It may also be used by security personnel, for example, to detect unauthorized devices, such as modems or faxes, on a company's telephone network.

Telephone telecommunications device

A telephone, or phone, is a telecommunications device that permits two or more users to conduct a conversation when they are too far apart to be heard directly. A telephone converts sound, typically and most efficiently the human voice, into electronic signals that are transmitted via cables and other communication channels to another telephone which reproduces the sound to the receiving user.

A Bulletin Board System or BBS is a computer server running software that allows users to connect to the system using a terminal program. Once logged in, the user can perform functions such as uploading and downloading software and data, reading news and bulletins, and exchanging messages with other users through public message boards and sometimes via direct chatting. In the early 1980s, message networks such as FidoNet sprung up to provide services such as NetMail, which is similar to email.

Contents

Process

A single wardialing call would involve calling an unknown number, and waiting for one or two rings, since answering computers usually pick up on the first ring. If the phone rings twice, the modem hangs up and tries the next number. If a modem or fax machine answers, the wardialer program makes a note of the number. If a human or answering machine answers, the wardialer program hangs up. Depending on the time of day, wardialing 10,000 numbers in a given area code might annoy dozens or hundreds of people, some who attempt and fail to answer a phone in two rings, and some who succeed, only to hear the wardialing modem's carrier tone and hang up. The repeated incoming calls are especially annoying to businesses that have many consecutively numbered lines in the exchange, such as used with a Centrex telephone system.

Centrex

Centrex is a portmanteau of central exchange, a kind of telephone exchange. It provides functions similar to a PBX, but is provisioned with equipment owned by, and located at, the telephone company premises.

Some newer wardialing software, such as WarVOX, does not require a modem to conduct wardialing. [1] Rather, such programs can use VOIP connections, which can speed up the number of calls that a wardialer can make. Sandstorm Enterprises has a patent U.S. Patent 6,490,349 on a multi-line war dialer. ("System and Method for Scan-Dialing Telephone Numbers and Classifying Equipment Connected to Telephone Lines Associated therewith.") The patented technology is implemented in Sandstorm's PhoneSweep war dialer.

WarVOX is a free, open-source VOIP-based war dialing tool for exploring, classifying, and auditing phone systems. WarVOX processes audio from each call by using signal processing techniques and without the need of modems. WarVOX uses VoIP providers over the Internet instead of modems used by other war dialers. It compares the pauses between words to identify numbers using particular voicemail systems.

Sandstorm Enterprises is a computer security software vendor founded in 1998 by Simson Garfinkel, James van Bokkelen, Gene Spafford, Dan Geer. In January 2010, it was purchased by NIKSUN, Inc.

Popularity

The popular name for this technique originated in the 1983 film WarGames . [2] In the film, the protagonist programmed his computer to dial every telephone number in Sunnyvale, California to find other computer systems. Prior to the movie's release, this technique was known as "hammer dialing" or "demon dialing",[ citation needed ] but the film introduced the method to many, such as the members of The 414s. [3] By 1985 at least one company advertised a "War Games Autodialer" for Commodore computers. [4] Such programs became common on bulletin board systems of the time, with file names often truncated to wardial.exe and the like due to length restrictions of 8 characters on such systems. Eventually, the etymology of the name fell behind as "war dialing" gained its own currency within computing culture. [2]

<i>WarGames</i> 1983 movie directed by John Badham

WarGames is a 1983 American Cold War science fiction film written by Lawrence Lasker and Walter F. Parkes and directed by John Badham. The film stars Matthew Broderick, Dabney Coleman, John Wood, and Ally Sheedy. The film follows David Lightman (Broderick), a young hacker who unwittingly accesses WOPR, a United States military supercomputer originally programmed to predict possible outcomes of nuclear war. Lightman gets WOPR to run a nuclear war simulation, believing it to be a computer game. The computer, now tied into the nuclear weapons control system and unable to tell the difference between simulation and reality, attempts to start World War III.

Sunnyvale, California City in California, United States

Sunnyvale is a city located in Santa Clara County, California. As of the 2010 United States Census, the population was 140,095.

In the computer hacking scene of the 1980s, demon dialing was a technique by which a computer was used to repeatedly dial a number in an attempt to gain access immediately after another user had hung up. The expansion of accessible internet service provider connectivity since that time has rendered the practice more or less obsolete.

The popularity of wardialing in 1980s and 1990s prompted some states to enact legislation prohibiting the use of a device to dial telephone numbers without the intent of communicating with a person.

Variants

A more recent phenomenon is wardriving, the searching for wireless networks (Wi-Fi) from a moving vehicle. Wardriving was named after wardialing, since both techniques involve actively scanning to find computer networks. The aim of wardriving is to collect information about wireless access points (not to be confused with piggybacking).

Wardriving act of searching for Wi-Fi wireless networks by a person in a moving vehicle, using a portable computer, smartphone or personal digital assistant (PDA)

Wardriving is the act of searching for Wi-Fi wireless networks by a person usually in a moving vehicle, using a laptop or smartphone. Software for wardriving is freely available on the Internet.

Wireless network any network at least partly not connected by physical cables of any kind

A wireless network is a computer network that uses wireless data connections between network nodes.

Wi-Fi wireless local area network technology based on IEEEs 802.11 standards

Wi-Fi is a family of radio technologies that is commonly used for the wireless local area networking (WLAN) of devices which is based around the IEEE 802.11 family of standards. Wi‑Fi is a trademark of the Wi-Fi Alliance, which restricts the use of the term Wi-Fi Certified to products that successfully complete interoperability certification testing. Wi-Fi uses multiple parts of the IEEE 802 protocol family and is designed to seemlessly interwork with its wired sister protocol Ethernet.

Similar to war dialing is a port scan under TCP/IP, which "dials" every TCP port of every IP address to find out what services are available. Unlike wardialing, however, a port scan will generally not disturb a human being when it tries an IP address, regardless of whether there is a computer responding on that address or not. Related to wardriving is warchalking, the practice of drawing chalk symbols in public places to advertise the availability of wireless networks.

The Transmission Control Protocol (TCP) is one of the main protocols of the Internet protocol suite. It originated in the initial network implementation in which it complemented the Internet Protocol (IP). Therefore, the entire suite is commonly referred to as TCP/IP. TCP provides reliable, ordered, and error-checked delivery of a stream of octets (bytes) between applications running on hosts communicating via an IP network. Major internet applications such as the World Wide Web, email, remote administration, and file transfer rely on TCP. Applications that do not require reliable data stream service may use the User Datagram Protocol (UDP), which provides a connectionless datagram service that emphasizes reduced latency over reliability.

An Internet Protocol address is a numerical label assigned to each device connected to a computer network that uses the Internet Protocol for communication. An IP address serves two principal functions: host or network interface identification and location addressing.

Warchalking

Warchalking is the drawing of symbols in public places to advertise an open Wi-Fi network. Inspired by hobo symbols, the warchalking marks were conceived by a group of friends in June 2002 and publicised by Matt Jones who designed the set of icons and produced a downloadable document containing them. Within days of Jones publishing a blog entry about warchalking, articles appeared in dozens of publications and stories appeared on several major television news programs around the world.

The term is also used today by analogy for various sorts of exhaustive brute force attack against an authentication mechanism, such as a password. While a dictionary attack might involve trying each word in a dictionary as the password, "wardialing the password" would involve trying every possible password. Password protection systems are usually designed to make this impractical, by making the process slow and/or locking out an account for minutes or hours after some low number of wrong password entries.

See also

Related Research Articles

Voice over Internet Protocol (VoIP), also called IP telephony, is a methodology and group of technologies for the delivery of voice communications and multimedia sessions over Internet Protocol (IP) networks, such as the Internet. The terms Internet telephony, broadband telephony, and broadband phone service specifically refer to the provisioning of communications services over the public Internet, rather than via the public switched telephone network (PSTN).

Phreaking is a slang term coined to describe the activity of a culture of people who study, experiment with, or explore telecommunication systems, such as equipment and systems connected to public telephone networks. The term phreak is a sensational spelling of the word freak with the ph- from phone, and may also refer to the use of various audio frequencies to manipulate a phone system. Phreak, phreaker, or phone phreak are names used for and by individuals who participate in phreaking.

9-1-1 emergency telephone number for the North American Numbering Plan (NANP)

9-1-1, also written 911, is an emergency telephone number for the North American Numbering Plan (NANP), one of eight N11 codes. Like other emergency numbers around the world, this number is intended for use in emergency circumstances only, and using it for any other purpose is a crime in certain jurisdictions.

A dialer or dialler is an electronic device that is connected to a telephone line to monitor the dialed numbers and alter them to seamlessly provide services that otherwise require lengthy National or International access codes to be dialed. A dialer automatically inserts and modifies the numbers depending on the time of day, country or area code dialed, allowing the user to subscribe to the service providers who offer the best rates. For example, a dialer could be programmed to use one service provider for international calls and another for cellular calls. This process is known as prefix insertion or least cost routing. A line powered dialer does not need any external power but instead takes the power it needs from the telephone line.

Telephone call

A telephone call is a connection over a telephone network between the called party and the calling party.

Call forwarding, or call diversion, is a telephony feature of some telephone switching systems which redirects a telephone call to another destination, which may be, for example, a mobile or another telephone number where the desired called party is available. Call forwarding was invented by Ernest J. Bonanno. In North America, the forwarded line usually rings once to remind the customer using call forwarding that the call is being redirected. More consistently, the forwarded line indicates its condition by stutter dial tone. Call forwarding typically can redirect incoming calls to any other domestic telephone number, but the owner of the forwarded line must pay any toll charges for forwarded calls. Call forwarding is often enabled by dialing *72 followed by the telephone number to which calls should be forwarded. Once someone answers, call forwarding is in effect. If no one answers or the line is busy, the dialing sequence must be repeated to effect call forwarding. Call forwarding is disabled by dialing *73. This feature requires a subscription from the telephone company. Also available in some areas is Remote Access to call forwarding, which permit the control over call forwarding from telephones other than the subscriber's telephone. VOIP and cable telephone systems also often allow call forwarding to be set up and directed via their web portals.

Phone fraud, or more generally communications fraud, is the use of telecommunications products or services with the intention of illegally acquiring money from, or failing to pay, a telecommunication company or its customers.

A network access server (NAS) is a single point of access to a remote resource.

ToneLoc was a popular war dialing computer program for MS-DOS written in the early to mid-1990s by two programmers known by the pseudonyms Minor Threat and Mucho Maas. The name ToneLoc was short for "Tone Locator" and was a word play on the name of the rap artist known as Tone Lōc.

DSL modem Type of computer network modem; network equipment

A digital subscriber line (DSL) modem is a device used to connect a computer or router to a telephone line which provides the digital subscriber line service for connectivity to the Internet, which is often called DSL broadband.

Cracking a wireless network is defeating the security of a wireless local-area network. A commonly used wireless LAN is a Wi-Fi network. Wireless LANs have inherent security weaknesses from which wired networks are exempt.

Warzapping is the act of searching for remote disable features in electronics or computing devices, generally while in motion, using a portable computer or PDA.

Modem Device that modulates an analog carrier signal to encode digital information

A modem is a hardware device that converts data between transmission media so that it can be transmitted from computer to computer. The goal is to produce a signal that can be transmitted easily and decoded to reproduce the original digital data. Modems can be used with any means of transmitting analog signals from light-emitting diodes to radio. A common type of modem is one that turns the digital data of a computer into modulated electrical signal for transmission over telephone lines and demodulated by another modem at the receiver side to recover the digital data.

WiFi-Where is a tool that facilitates detecting wireless LANs using the 802.11b, 802.11a and 802.11g WLAN standards. Versions exist for the operating systems iOS and Palm OS. Originally created in June 2004 for the Palm OS by Jonathan Hays of Hazelware Software, the IP for WiFi-Where was licensed to 3Jacks Software in 2009. An iPhone version of the application was released in January 2010, but was pulled from the App Store by Apple in March 2010. As of 2010, it is available in the Jailbroken Cydia store.

H. D. Moore American businessman

H D Moore is network security expert, open source programmer, and hacker. He is the developer of the Metasploit Framework, a penetration testing software suite, and the founder of the Metasploit Project.

An automatic dialer is an electronic device or software that automatically dials telephone numbers. Once the call has been answered, the autodialer either plays a recorded message or connects the call to a live person.

References

  1. Next Generation 'War-Dialing' Tool On Tap
  2. 1 2 Patrick S. Ryan (Summer 2004). "War, Peace, or Stalemate: Wargames, Wardialing, Wardriving, and the Emerging Market for Hacker Ethics". Social Science Research Network. SSRN   585867 .Missing or empty |url= (help); |access-date= requires |url= (help)
  3. Vollmann, Michael T (director) (2015-03-10). The 414s: The Original Teenage Hackers. CNN.
  4. "MegaSoft Limited". Compute!'s Gazette (advertisement). January 1985. p. 167. Retrieved 2017-12-06.