War dialing
Encyclopedia
War dialing or wardialing is a technique of using a modem
to automatically scan a list of telephone
numbers, usually dialing every number in a local area code to search for computers, Bulletin board system
s and fax machines. Hackers use the resulting lists for various purposes, hobbyists for exploration, and crackers
- malicious hackers who specialize in computer security - for password guessing.
A single wardialing call would involve calling an unknown number, and waiting for one or two rings, since answering computers usually pick up on the first ring. If the phone rings twice, the modem hangs up and tries the next number. If a modem or fax machine answers, the wardialer program makes a note of the number. If a human or answering machine answers, the wardialer program hangs up. Depending on the time of day, wardialing 10,000 numbers in a given area code might annoy dozens or hundreds of people, some who attempt and fail to answer a phone in two rings, and some who succeed, only to hear the wardialing modem's carrier tone and hang up. The repeated incoming calls are especially annoying to businesses that have many consecutively numbered lines in the exchange, such as used with a Centrex
telephone system.
The popularity of wardialing in 1980s and 1990s prompted some states to enact legislation prohibiting the use of a device to dial telephone numbers without the intent of communicating with a person.
The popular name for this technique originated in the 1983 film WarGames
. In the film, the protagonist programmed his computer to dial every telephone number in Sunnyvale, California
to find other computer systems. Prior to the movie's release, this technique was known as "hammer dialing" or "demon dialing
". 'WarGames Dialer' programs became common on bulletin board systems of the time, with file names often truncated to wardial.exe and the like due to length restrictions of 8 characters on such systems. Eventually, the etymology of the name fell behind as "war dialing" gained its own currency within computing culture.
A more recent phenomenon is wardriving
, the searching for wireless network
s (Wi-Fi
) from a moving vehicle. Wardriving was named after wardialing, since both techniques involve brute-force searches to find computer networks. The aim of wardriving is to collect information about wireless access point
s (not to be confused with piggybacking
).
Similar to war dialing is a port scan under TCP/IP, which "dials" every TCP
port
of every IP address
to find out what services are available. Unlike wardialing, however, a port scan will generally not disturb a human being when it tries an IP address, regardless of whether there is a computer responding on that address or not. Related to wardriving is warchalking
, the practice of drawing chalk symbols in public places to advertise the availability of wireless networks.
The term is also used today by analogy for various sorts of exhaustive brute force attack
against an authentication mechanism, such as a password. While a dictionary attack
might involve trying each word in a dictionary as the password, "wardialing the password" would involve trying every possible password. Password protection systems are usually designed to make this impractical, by making the process slow and/or locking out an account for minutes or hours after some low number of wrong password entries.
Modem
A modem is a device that modulates an analog carrier signal to encode digital information, and also demodulates such a carrier signal to decode the transmitted information. The goal is to produce a signal that can be transmitted easily and decoded to reproduce the original digital data...
to automatically scan a list of telephone
Telephone
The telephone , colloquially referred to as a phone, is a telecommunications device that transmits and receives sounds, usually the human voice. Telephones are a point-to-point communication system whose most basic function is to allow two people separated by large distances to talk to each other...
numbers, usually dialing every number in a local area code to search for computers, Bulletin board system
Bulletin board system
A Bulletin Board System, or BBS, is a computer system running software that allows users to connect and log in to the system using a terminal program. Once logged in, a user can perform functions such as uploading and downloading software and data, reading news and bulletins, and exchanging...
s and fax machines. Hackers use the resulting lists for various purposes, hobbyists for exploration, and crackers
Hacker (computer security)
In computer security and everyday language, a hacker is someone who breaks into computers and computer networks. Hackers may be motivated by a multitude of reasons, including profit, protest, or because of the challenge...
- malicious hackers who specialize in computer security - for password guessing.
A single wardialing call would involve calling an unknown number, and waiting for one or two rings, since answering computers usually pick up on the first ring. If the phone rings twice, the modem hangs up and tries the next number. If a modem or fax machine answers, the wardialer program makes a note of the number. If a human or answering machine answers, the wardialer program hangs up. Depending on the time of day, wardialing 10,000 numbers in a given area code might annoy dozens or hundreds of people, some who attempt and fail to answer a phone in two rings, and some who succeed, only to hear the wardialing modem's carrier tone and hang up. The repeated incoming calls are especially annoying to businesses that have many consecutively numbered lines in the exchange, such as used with a Centrex
Centrex
Centrex is a portmanteau of central exchange, a kind of telephone exchange.In the United Kingdom, British Telecom markets this service as FeatureLine .-Use of Centrex:...
telephone system.
The popularity of wardialing in 1980s and 1990s prompted some states to enact legislation prohibiting the use of a device to dial telephone numbers without the intent of communicating with a person.
The popular name for this technique originated in the 1983 film WarGames
WarGames
WarGames is a 1983 American Cold War suspense/science-fiction film written by Lawrence Lasker and Walter F. Parkes and directed by John Badham. The film stars Matthew Broderick and Ally Sheedy....
. In the film, the protagonist programmed his computer to dial every telephone number in Sunnyvale, California
Sunnyvale, California
Sunnyvale is a city in Santa Clara County, California, United States. It is one of the major cities that make up the Silicon Valley located in the San Francisco Bay Area...
to find other computer systems. Prior to the movie's release, this technique was known as "hammer dialing" or "demon dialing
Demon dialing
In the computer hacking scene of the 1980s, demon dialing was a technique by which a computer is used to repeatedly dial a number in an attempt to gain access immediately after another user had hung up...
". 'WarGames Dialer' programs became common on bulletin board systems of the time, with file names often truncated to wardial.exe and the like due to length restrictions of 8 characters on such systems. Eventually, the etymology of the name fell behind as "war dialing" gained its own currency within computing culture.
A more recent phenomenon is wardriving
Wardriving
Wardriving is the act of searching for Wi-Fi wireless networks by a person in a moving vehicle, using a portable computer, smartphone or PDA....
, the searching for wireless network
Wireless network
Wireless network refers to any type of computer network that is not connected by cables of any kind. It is a method by which homes, telecommunications networks and enterprise installations avoid the costly process of introducing cables into a building, or as a connection between various equipment...
s (Wi-Fi
Wi-Fi
Wi-Fi or Wifi, is a mechanism for wirelessly connecting electronic devices. A device enabled with Wi-Fi, such as a personal computer, video game console, smartphone, or digital audio player, can connect to the Internet via a wireless network access point. An access point has a range of about 20...
) from a moving vehicle. Wardriving was named after wardialing, since both techniques involve brute-force searches to find computer networks. The aim of wardriving is to collect information about wireless access point
Wireless access point
In computer networking, a wireless access point is a device that allows wireless devices to connect to a wired network using Wi-Fi, Bluetooth or related standards...
s (not to be confused with piggybacking
Piggybacking (internet access)
Piggybacking on Internet access is the practice of establishing a wireless Internet connection by using another subscriber's wireless Internet access service without the subscriber's explicit permission or knowledge. It is a legally and ethically controversial practice, with laws that vary by...
).
Similar to war dialing is a port scan under TCP/IP, which "dials" every TCP
Transmission Control Protocol
The Transmission Control Protocol is one of the core protocols of the Internet Protocol Suite. TCP is one of the two original components of the suite, complementing the Internet Protocol , and therefore the entire suite is commonly referred to as TCP/IP...
port
TCP and UDP port
In computer networking, a port is an application-specific or process-specific software construct serving as a communications endpoint in a computer's host operating system. A port is associated with an IP address of the host, as well as the type of protocol used for communication...
of every IP address
IP address
An Internet Protocol address is a numerical label assigned to each device participating in a computer network that uses the Internet Protocol for communication. An IP address serves two principal functions: host or network interface identification and location addressing...
to find out what services are available. Unlike wardialing, however, a port scan will generally not disturb a human being when it tries an IP address, regardless of whether there is a computer responding on that address or not. Related to wardriving is warchalking
Warchalking
Warchalking is the drawing of symbols in public places to advertise an open Wi-Fi wireless network.Inspired by hobo symbols, the warchalking marks were conceived by a group of friends in June 2002 and publicised by Matt Jones who designed the set of icons and produced a downloadable document...
, the practice of drawing chalk symbols in public places to advertise the availability of wireless networks.
The term is also used today by analogy for various sorts of exhaustive brute force attack
Brute force attack
In cryptography, a brute-force attack, or exhaustive key search, is a strategy that can, in theory, be used against any encrypted data. Such an attack might be utilized when it is not possible to take advantage of other weaknesses in an encryption system that would make the task easier...
against an authentication mechanism, such as a password. While a dictionary attack
Dictionary attack
In cryptanalysis and computer security, a dictionary attack is a technique for defeating a cipher or authentication mechanism by trying to determine its decryption key or passphrase by searching likely possibilities.-Technique:...
might involve trying each word in a dictionary as the password, "wardialing the password" would involve trying every possible password. Password protection systems are usually designed to make this impractical, by making the process slow and/or locking out an account for minutes or hours after some low number of wrong password entries.
Patent
- Sandstorm EnterprisesSandstorm EnterprisesSandstorm Enterprises is a computer security software vendor founded in 1998 by Simson Garfinkel, James van Bokkelen, and Dan Geer. In January 2010, it was purchased by Niksun Enterprises.Sandstorm is located in the greater Boston Area...
has a patent on the multi-line war dialer. ("System and Method for Scan-Dialing Telephone Numbers and Classifying Equipment Connected to Telephone Lines Associated therewith.") The patented technology is implemented in Sandstorm's PhoneSweep war dialer. This patent would most likely not stand up to a court challenge, as multiple examples of prior artPrior artPrior art , in most systems of patent law, constitutes all information that has been made available to the public in any form before a given date that might be relevant to a patent's claims of originality...
exist in the public domain.
See also
- Autodialer
- Demon dialingDemon dialingIn the computer hacking scene of the 1980s, demon dialing was a technique by which a computer is used to repeatedly dial a number in an attempt to gain access immediately after another user had hung up...
- TonelocToneLocToneLoc was a popular war dialing computer program for MS-DOS written in the early to mid-1990s by two programmers known by the pseudonyms Minor Threat and Mucho Maas. The name ToneLoc was short for "Tone Locator" and was a word play on the name of the rap artist known as Tone Lōc...
, a war dialer for DOSDOSDOS, short for "Disk Operating System", is an acronym for several closely related operating systems that dominated the IBM PC compatible market between 1981 and 1995, or until about 2000 if one includes the partially DOS-based Microsoft Windows versions 95, 98, and Millennium Edition.Related...
. - WardrivingWardrivingWardriving is the act of searching for Wi-Fi wireless networks by a person in a moving vehicle, using a portable computer, smartphone or PDA....
- WarflyingWarflyingWarflying or warstorming is an activity consisting of using an airplane and a Wi-Fi-equipped computer, such as a laptop or a PDA, to detect Wi-Fi wireless networks...
- WarVOXWarVOXWarVOX is a free, open-source VOIP-based war dialing tool for exploring, classifying, and auditing phone systems. WarVOX processes audio from each call without using modems, using signal processing techniques. WarVOX uses VoIP providers over the Internet instead of modems used by other war dialers...
, a war dialer using VOIP providers. - VishingVishingVishing is the criminal practice of using social engineering over the telephone system, most often using features facilitated by Voice over IP , to gain access to private personal and financial information from the public for the purpose of financial reward. The term is a combination of "voice" and...
External links
- 8bitundeground Forums, Forum site dedicated to collecting 8/16-bit wardialers and other related software.
- 47 C.F.R. § 64.1200(a)(7) The 2005 revision of the TCPA appears to make wardialing a federal crime in the United States.