Go Ad-Free on CAclubindia with Daily Mobile Updates. Subscribe Now!

concept

SUDHIR & PRADEEP JI (CA FINAL+LLB + DISA) (2299 Points)

17 April 2010

can you tell me the concept of war dialing and internet terrorism.

Reply
Follow
Share

2 Replies

Ratan Deep Saxena (Asstt Manager (Accounts & Finance)) (2998 Points)
Replied 17 April 2010

War dialing or wardialing is a technique of using a modem to automatically scan a list of telephone numbers, usually dialing every number in a local area code to search for computers, Bulletin board systems and fax machines. Hackers use the resulting lists for various purposes, hobbyists for exploration, and crackers - hackers that specialize in computer security - for password guessing.

A single wardialing call would involve calling an unknown number, and waiting for one or two rings, since answering computers usually pick up on the first ring. If the phone rings twice, the modem hangs up and tries the next number. If a modem or fax machine answers, the wardialer program makes a note of the number. If a human or answering machine answers, the wardialer program hangs up. Depending on the time of day, wardialing 10,000 numbers in a given area code might annoy dozens or hundreds of people, some who attempt and fail to answer a phone in two rings, and some who succeed, only to hear the wardialing modem's carrier tone and hang up. The repeated incoming calls are especially annoying to businesses that have many consecutively numbered lines in the exchange, such as used with a Centrex telephone system.

The popularity of wardialing in 1980s and 1990s prompted some states to enact legislation prohibiting the use of a device to dial telephone numbers without the intent of communicating with a person.

The name for this technique originated in the 1983 film WarGames. In the film, the protagonist programmed his computer to dial every telephone number in Sunnyvale, California to find other computer systems. 'WarGames Dialer' programs became common on bulletin board systems of the time, with file names often truncated to wardial.exe and the like due to length restrictions on such systems. Eventually, the etymology of the name fell behind as "war dialing" gained its own currency within computing culture.^[1]

A more recent phenomenon is wardriving, the searching for wireless networks (Wi-Fi) from a moving vehicle. Wardriving was named after wardialing, since both techniques involve brute-force searches to find computer networks. The aim of wardriving is to collect information about wireless access points (not to be confused with piggybacking).

Similar to war dialing is a port scan under TCP/IP, which "dials" every TCP port of every IP address to find out what services are available. Unlike wardialing, however, a port scan will generally not disturb a human being when it tries an IP address, regardless of whether there is a computer responding on that address or not. Related to wardriving is warchalking, the practice of drawing chalk symbols in public places to advertise the availability of wireless networks. Despite its widespread coverage [in the news?], warchalking never particularly caught on as a popular activity.

The term is also used today by analogy for various sorts of exhaustive brute force attack against an authentication mechanism, such as a password. While a dictionary attack might involve trying each word in a dictionary as the password, "wardialing the password" would involve trying every possible password. Password protection systems are usually designed to make this impractical, by making the process slow and/or locking out an account for minutes or hours after some low number of wrong password entries.

War dialing is sometimes used as a synonym for demon dialing, a related technique which also involves automating a computer modem in order to repeatedly place telephone calls.

regards,

ratan

Upgrade to CAclubindia Pro. Subscribe Now!

Ratan Deep Saxena (Asstt Manager (Accounts & Finance)) (2998 Points)
Replied 17 April 2010

Cyberterrorism is typically defined as the use of the Internet as a vehicle through which to launch an attack. Terrorists could conceivably hack into electrical grids and security systems, or perhaps distribute a powerful computer virus. "Al-Qaeda operatives are known to have taken training in hacking techniques," Arquilla says, but the likelihood of such a cyber attack seems fairly remote. That said, Western governments have accused state and nonstate actors of infiltrating secure networks, including an alleged breach of a Pentagon system by Chinese hackers in June 2007.

Kohlmann suggests the established definition of cyberterrorism needs to be broadened. He says any application of terrorism on the Internet should be considered cyberterrorism. "There's no distinction between the online [terrorist] community and the real [terrorist] community." As evidence, Kohlmann recounts one extreme instance in which the Iraqi insurgent group Army of the Victorious Sect held a contest to help design the group's new website. According to Kohlmann, the prize for the winning designer was the opportunity to, with the click of a mouse, remotely fire three rockets at a U.S. military base in Iraq.

regards.

ratan