|“||[r]ecursive dialing of phone numbers from a modem-enabled PC in an attempt to locate other unadvertised modems resulting in unauthorized access into a computing or Process Control System domain.||”|
Users often bypass a site's network security schemes by allowing their computers to receive incoming telephone calls. The user enables a modem upon leaving work and then is able to dial in from home and use the corporate network.
Attackers use war dialing programs to locate computers allowing incoming calls. Since users set up these computers themselves, they are often insecure and provide attackers a back door into the network. System administrators should regularly use war dialers to discover these back doors. Both commercial and free war dialers are readily available.
How it works Edit
Wardialing involves using the computer's modem to call a range of telephone numbers, seeking out and saving the numbers that answer with the telltale "handshake tones" used by computer modems or fax machines. Wardialing programs use the computer to automate the process. The program will accept, as parameters, the first and last numbers for a range of telephone numbers, dial all numbers within that range, and record those that answer in a database or log file.
Those numbers that are logged indicate potential entry points to computer or telecommunications systems. Some of these programs can distinguish between modem, fax, or Private Branch Exchange (PBX) tones, and log each one accordingly. If a modem is detected, they can capture certain details of the system to which that modem is attached. Some wardialers can then further assess the security of the system by attempting an array of login attempts. Those systems determined as vulnerable in this manner can then be prioritized as viable targets.
- ↑ Defense Department Cyber Efforts: DOD Faces Challenges In Its Cyber Activities, at 15.
- ↑ Recommended Practice: Improving Industrial Control Systems Cybersecurity with Defense-In-Depth Strategies, at ix.
- "How it works" section: Assessing Technology, Methods, and Information for Committing and Combating Cyber Crime, at 23.