Demon Dialing/War Dialing

Security

War dialing is the practice of autodialing a large range of phone numbers to find computer modems. It involves using a software program to call all of the phone numbers within an area code to see which ones are set up to accept incoming connections. Demon dialing is a synonym for war dialing, though it has also been used to describe making repeated calls to a single modem in a brute-force attempt to guess its password.

As the number of computers with modems increased, computer hackers began to try to discover and connect to them. For some, hacking became a hobby of sorts. It presented a challenge that was exciting and intellectually stimulating. For crackers, or criminal hackers, it was a way to steal data or commit other malicious acts. Regardless of the hackers' motives, they all needed some way to find the phone numbers of computers with modems.

One such way was war dialing. Hackers wrote software that would use a computer's modem to dial every phone number in a given area code. The software ran through each number, dialing and then hanging up after two rings. Most modems were set up to pick up after one ring, so if a number rang twice it most likely did not have a modem. The war-dialing software recorded which numbers had modems so that hackers could try to connect to them later.

“Demon dialing” originally meant making repeated calls to a single modem in a brute-force attempt to guess its password. The practice was named for the Demon Dialer, a telephone dialer once sold by Zoom Telephonics. This device could automatically redial a busy phone number until the call went through. Over time, demon dialing became a synonym for war dialing.

There have been many changes in technology that make the old methods of war dialing obsolete. The number of computers still connecting to the Internet via dial-up modems decreased sharply after broadband Internet access and wireless networking became mainstream in the mid-2000s. However, war dialing itself is still practiced; it simply requires different techniques. For example, the open-source software WarVOX is a war-dialing tool that connects via voice over IP (VoIP) systems instead of landline telephones. It uses signal-processing techniques to probe and analyze telephone systems. Some information technology (IT) security personnel use VoIP-based war dialers to find unauthorized modems and faxes on their organization's computer networks.

Another modern technique similar to war dialing is called port scanning. Computers connect to the Internet using different ports, which are like virtual connection points. Some ports are traditionally used for certain connections, such as printers or web browsing. Other ports are left open for whichever application needs to create a connection. When a computer has been secured, ports not in use are kept closed to prevent unauthorized connections. Port scanners bombard computers with connection attempts on many different ports at once, then report vulnerable port numbers back to the hacker. To protect against port scanning, many companies now use intrusion-detection systems that can identify when a port scan is underway. This security measure has in turn motivated hackers to develop port-scanning methods that can gather information without openly trying to connect to each port.

Some hackers target wireless networks instead of wired ones. One technique for doing so is wardriving, in which hackers drive around a neighborhood with a laptop running Wi-Fi scanning software. The software identifies wireless networks as it passes through them and collects information about the type of security each wireless access point is using. Hackers can then sort through this information to find vulnerable networks. A hacker may exploit the network to gain free wireless Internet access or to disguise their online identity.

—Scott Zimmer, JD