Definitions[edit | edit source]

War dialing refers to "using a simple programs that dial consecutive phone numbers looking for a modem.[1]

Wardialing is

[r]ecursive dialing of phone numbers from a modem-enabled PC in an attempt to locate other unadvertised modems resulting in unauthorized access into a computing or Process Control System domain.[2]

Overview[edit | edit source]

Users often bypass a site's network security schemes by allowing their computers to receive incoming telephone calls. The user enables a modem upon leaving work and then is able to dial in from home and use the corporate network.

Attackers use war dialing programs to locate computers allowing incoming calls. Since users set up these computers themselves, they are often insecure and provide attackers a back door into the network. System administrators should regularly use war dialers to discover these back doors. Both commercial and free war dialers are readily available.

War dialers provide reports on numbers with modems, and some dialers have the capacity to attempt limited automatic attacks when a modem is discovered.

How it works[edit | edit source]

Wardialing involves using the computer's modem to call a range of telephone numbers, seeking out and saving the numbers that answer with the telltale "handshake tones" used by computer modems or fax machines. Wardialing programs use the computer to automate the process. The program will accept, as parameters, the first and last numbers for a range of telephone numbers, dial all numbers within that range, and record those that answer in a database or log file.

Those numbers that are logged indicate potential entry points to computer or telecommunications systems. Some of these programs can distinguish between modem, fax, or Private Branch Exchange (PBX) tones, and log each one accordingly. If a modem is detected, they can capture certain details of the system to which that modem is attached. Some wardialers can then further assess the security of the system by attempting an array of login attempts. Those systems determined as vulnerable in this manner can then be prioritized as viable targets.

References[edit | edit source]

Source[edit | edit source]

See also[edit | edit source]

Community content is available under CC-BY-SA unless otherwise noted.