Section 10.7 Cracking with a Laptop and a Pay Phone

Previous page
Table of content
Next page
   

10.7 Cracking with a Laptop and a Pay Phone

Some ISPs use Caller-ID to log the phone number of every subscriber who dials in to connect, as an aid in catching crackers and spammers. In the U.S., you can block Caller-ID with the appropriate touch-tone keystrokes. Toll-free 800 numbers use automatic number identification (ANI) to see the caller's number and it cannot be blocked.

Crackers know this so the careful ones, who are most dangerous, will be at a pay phone with a laptop and modem. This pay phone will be in an isolated area where nobody will notice that someone has been there with a laptop, possibly for hours. The location may afford a view of the area so that the cracker can spot police in time to get away, in the unlikely event the phone call is actually traced.

She will be dialed into some company that allows dial-in access to its employees or customers and either is very casual about who it lets in or has been cracked already. Many of the best crackers are also phone phreaks and even if one is dialed into your system from the same city, the call probably is routed through several foreign countries on one or two other continents. This cracker then will telnet into one compromised system, and from that one telnet into another compromised system, and so on.

There could be a long string of compromised accounts on systems where the SysAdmins are unaware even that they have been compromised. These systems might be spread over several continents. Present law in the U.S. (and certainly some other countries) requires a separate search warrant for each hop. There are proposals to change this.

Tracing connections across international boundaries requires the involvement of Interpol or Military Intelligence, and some of the countries involved might have chilly relations. Working informally through the SysAdmins might be more efficient but at some point you might reach one who is too busy with other things. (This might be why her system got compromised in the first place.)

This cracker will never be caught unless his ego gets the better of him and he boasts to too many people.


   
Top

Previous page
Table of content
Next page
Real World Linux Security Prentice Hall Ptr Open Source Technology Series
Real World Linux Security Prentice Hall Ptr Open Source Technology Series
ISBN: N/A
EAN: N/A
Year: 2002
Pages: 260
BUY ON AMAZON
Java I/O
Qshell for iSeries
Developing Tablet PC Applications (Charles River Media Programming)
AutoCAD 2005 and AutoCAD LT 2005. No Experience Required
Junos Cookbook (Cookbooks (OReilly))
Programming .Net Windows Applications
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy