Re: [Asterisk-Users] Fwd: [ISN] Voice Over IP Can Be Vulnerable To Hackers, Too
Steve Totaro wrote: 2600mhz cpn crunch whistle? bump the oper off the line? Holy crap Batman! You've got a whistle that does 2.6Ghz? Perhaps you should look into some RF exposure safety literature. Hz = cycles of function per second (function being signwave, sawtooth, squarewave, etc) KHz = Thousanes of cycles of function per second. MHz = Millions of cycles of function per second. John ___ Asterisk-Users mailing list [EMAIL PROTECTED] http://lists.digium.com/mailman/listinfo/asterisk-users To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
[Asterisk-Users] Fwd: [ISN] Voice Over IP Can Be Vulnerable To Hackers, Too
Hope this isn't too far OT, but its relevant to us. From isn.attrition.org http://www.informationweek.com/story/showArticle.jhtml?articleID=20300851 By W. David Gardner TechWeb News May 13, 2004 As voice over IP sweeps across the high-tech landscape, many IT managers are being lulled into a dangerous complacency because they look upon Internet phoning as a relatively secure technology--not as an IP service susceptible to the same worms, viruses, and other pestilence that threatens all networked systems. With VoIP, security specialist Mark Nagiel said Thursday in an interview, we're inserting a new technology into an unsecured and unprotected environment. VoIP is essentially availability driven, not security driven, and that's the problem. But Nagiel, manager of security consulting at NEC Unified Solutions, said that there are measures that can be taken to protect voice over IP from the threats that confront Web telephoning. The first step--an obvious one, he says--is to secure existing TCP/IP networks. Nagiel is finding that the new government-required regulations--such as Sarbanes-Oxley, which stipulates improved accounting record-keeping, and HIPAA in health care--are helping IT managers because they impose security discipline across-the-board. The financial and health-care fields are getting secured very quickly, Nagiel said. Even so, there can be difficulties. He noted that although hospitals' protection of patient records generally has been excellent, they often neglect to completely secure physicians' conversations. Security managers can overlook the fact that voice over IP conversations can reside on servers that can be hacked. The traditional voice model utilized PBXs, which were stable and secure, Nagiel noted. If the voice over IP infrastructure isn't properly protected, it can easily be hacked and recorded calls can be eavesdropped. He says the networks utilized to transmit voice over IP--routers, servers, and even switches--are more susceptible to hacking than traditional telephony equipment. It's also relatively easy to launch an attack against a voice over IP network because the software tools available to hackers and others bent on invading a network are more available and easier to use. And the exposure levels have gone up because there are so many nets, he said. What's the solution? You need strong encryption over VoIP servers and VoIP client devices, Nagiel said. He observed that extensive encryption can slow down efficiency of networks, but encryption is a small price to pay to avoid denial-of-service attacks and invasions of networks. Another useful defense tactic is to use virtual LANs whenever possible to separate traffic, according to Nagiel. In this way, transmitted data can be segregated into unique virtual LANs for data and voice transmission. However, Nagiel cautioned that security managers should resist using shared Ethernet network segments for voice. _ ISN mailing list Sponsored by: OSVDB.org ___ Asterisk-Users mailing list [EMAIL PROTECTED] http://lists.digium.com/mailman/listinfo/asterisk-users To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [Asterisk-Users] Fwd: [ISN] Voice Over IP Can Be Vulnerable To Hackers, Too
I'm sorry, but any IT Manager who looks upon Internet phoning as a relatively secure technology doesn't deserve their job.. and any IT Manager that doesn't realise that VoIP is an IP service and hence susceptible to the pestilence that threatens all networked systems should be shot where they stand Andy On 14/05/2004 at 14:57 tmpm wrote: Hope this isn't too far OT, but its relevant to us. From isn.attrition.org http://www.informationweek.com/story/showArticle.jhtml?articleID=20300851 By W. David Gardner TechWeb News May 13, 2004 As voice over IP sweeps across the high-tech landscape, many IT managers are being lulled into a dangerous complacency because they look upon Internet phoning as a relatively secure technology--not as an IP service susceptible to the same worms, viruses, and other pestilence that threatens all networked systems. With VoIP, security specialist Mark Nagiel said Thursday in an interview, we're inserting a new technology into an unsecured and unprotected environment. VoIP is essentially availability driven, not security driven, and that's the problem. But Nagiel, manager of security consulting at NEC Unified Solutions, said that there are measures that can be taken to protect voice over IP from the threats that confront Web telephoning. The first step--an obvious one, he says--is to secure existing TCP/IP networks. Nagiel is finding that the new government-required regulations--such as Sarbanes-Oxley, which stipulates improved accounting record-keeping, and HIPAA in health care--are helping IT managers because they impose security discipline across-the-board. The financial and health-care fields are getting secured very quickly, Nagiel said. snip ___ Asterisk-Users mailing list [EMAIL PROTECTED] http://lists.digium.com/mailman/listinfo/asterisk-users To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
re: [Asterisk-Users] Fwd: [ISN] Voice Over IP Can Be Vulnerable To Hackers, Too
Folks seem to have forgotten that the original hackers were hacking stable and secure traditional PBXs with captain crunch whistles! Mitnik ran wild through PBX's and mobille networks. Let's work to set up secure VOIP, but don't let anyone kid you about the golden days when telephones were secure! (for extra points, why's the hacker mag called 2600?) tmpm [EMAIL PROTECTED] wrote: __ Hope this isn't too far OT, but its relevant to us. From isn.attrition.org ___ Asterisk-Users mailing list [EMAIL PROTECTED] http://lists.digium.com/mailman/listinfo/asterisk-users To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [Asterisk-Users] Fwd: [ISN] Voice Over IP Can Be Vulnerable To Hackers, Too
I'm sorry, but any IT Manager who looks upon Internet phoning as a relatively secure technology doesn't deserve their job And what about security specialist Mark Nagil who was quoted (http://www.informationweek.com/story/showArticle.jhtml?articleID=20300851) as saying: The traditional voice model utilized PBXs, which were stable and secure? g. ___ Asterisk-Users mailing list [EMAIL PROTECTED] http://lists.digium.com/mailman/listinfo/asterisk-users To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
re: [Asterisk-Users] Fwd: [ISN] Voice Over IP Can Be Vulnerable To Hackers, Too
On Fri, 2004-05-14 at 15:02, [EMAIL PROTECTED] wrote: Folks seem to have forgotten that the original hackers were hacking stable and secure traditional PBXs with captain crunch whistles! Mitnik ran wild through PBX's and mobille networks. Let's work to set up secure VOIP, but don't let anyone kid you about the golden days when telephones were secure! (for extra points, why's the hacker mag called 2600?) 2600hz, the tone made by the Capt. Crunch wistle used to signal on the lines. -- Steven Critchfield [EMAIL PROTECTED] ___ Asterisk-Users mailing list [EMAIL PROTECTED] http://lists.digium.com/mailman/listinfo/asterisk-users To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
RE: [Asterisk-Users] Fwd: [ISN] Voice Over IP Can Be Vulnerable To Hackers, Too
Just a guess from long-term memory, but wasn't 2600Hz the clear tone used by hackers in the 70's to access a Bell trunk line?? Cheers! Scott M. Stingel President, Emerging Voice Technology, Inc. Palo Alto California London England www.evtmedia.com -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: Friday, May 14, 2004 9:02 PM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: re: [Asterisk-Users] Fwd: [ISN] Voice Over IP Can Be Vulnerable To Hackers, Too Folks seem to have forgotten that the original hackers were hacking stable and secure traditional PBXs with captain crunch whistles! Mitnik ran wild through PBX's and mobille networks. Let's work to set up secure VOIP, but don't let anyone kid you about the golden days when telephones were secure! (for extra points, why's the hacker mag called 2600?) tmpm [EMAIL PROTECTED] wrote: __ Hope this isn't too far OT, but its relevant to us. From isn.attrition.org ___ Asterisk-Users mailing list [EMAIL PROTECTED] http://lists.digium.com/mailman/listinfo/asterisk-users To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users ___ Asterisk-Users mailing list [EMAIL PROTECTED] http://lists.digium.com/mailman/listinfo/asterisk-users To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [Asterisk-Users] Fwd: [ISN] Voice Over IP Can Be Vulnerable To Hackers, Too
2600mhz cpn crunch whistle? bump the oper off the line? - Original Message - From: [EMAIL PROTECTED] To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Friday, May 14, 2004 9:02 PM Subject: re: [Asterisk-Users] Fwd: [ISN] Voice Over IP Can Be Vulnerable To Hackers, Too Folks seem to have forgotten that the original hackers were hacking stable and secure traditional PBXs with captain crunch whistles! Mitnik ran wild through PBX's and mobille networks. Let's work to set up secure VOIP, but don't let anyone kid you about the golden days when telephones were secure! (for extra points, why's the hacker mag called 2600?) tmpm [EMAIL PROTECTED] wrote: __ Hope this isn't too far OT, but its relevant to us. From isn.attrition.org ___ Asterisk-Users mailing list [EMAIL PROTECTED] http://lists.digium.com/mailman/listinfo/asterisk-users To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users ___ Asterisk-Users mailing list [EMAIL PROTECTED] http://lists.digium.com/mailman/listinfo/asterisk-users To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [Asterisk-Users] Fwd: [ISN] Voice Over IP Can Be Vulnerable To Hackers, Too
meant to say hertz - Original Message - From: [EMAIL PROTECTED] To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Friday, May 14, 2004 9:02 PM Subject: re: [Asterisk-Users] Fwd: [ISN] Voice Over IP Can Be Vulnerable To Hackers, Too Folks seem to have forgotten that the original hackers were hacking stable and secure traditional PBXs with captain crunch whistles! Mitnik ran wild through PBX's and mobille networks. Let's work to set up secure VOIP, but don't let anyone kid you about the golden days when telephones were secure! (for extra points, why's the hacker mag called 2600?) tmpm [EMAIL PROTECTED] wrote: __ Hope this isn't too far OT, but its relevant to us. From isn.attrition.org ___ Asterisk-Users mailing list [EMAIL PROTECTED] http://lists.digium.com/mailman/listinfo/asterisk-users To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users ___ Asterisk-Users mailing list [EMAIL PROTECTED] http://lists.digium.com/mailman/listinfo/asterisk-users To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [Asterisk-Users] Fwd: [ISN] Voice Over IP Can Be Vulnerable To Hackers, Too
I'd probably shoot him too.. ;) Andy. On 14/05/2004 at 13:13 George Pajari wrote: I'm sorry, but any IT Manager who looks upon Internet phoning as a relatively secure technology doesn't deserve their job And what about security specialist Mark Nagil who was quoted (http://www.informationweek.com/story/showArticle.jhtml?articleID=20300851) as saying: The traditional voice model utilized PBXs, which were stable and secure? g. ___ Asterisk-Users mailing list [EMAIL PROTECTED] http://lists.digium.com/mailman/listinfo/asterisk-users To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
re: [Asterisk-Users] Fwd: [ISN] Voice Over IP Can Be Vulnerable To Hackers, Too
Mitnik is an asshole who used his friends for his own gain... 2600 hertz used to get operator mode captain crunch whistle generated 2600 hertz tone.. doesn't stop Mitnik being an asshole tho... Andy *** REPLY SEPARATOR *** On 14/05/2004 at 21:02 [EMAIL PROTECTED] wrote: Folks seem to have forgotten that the original hackers were hacking stable and secure traditional PBXs with captain crunch whistles! Mitnik ran wild through PBX's and mobille networks. Let's work to set up secure VOIP, but don't let anyone kid you about the golden days when telephones were secure! (for extra points, why's the hacker mag called 2600?) tmpm [EMAIL PROTECTED] wrote: __ Hope this isn't too far OT, but its relevant to us. From isn.attrition.org ___ Asterisk-Users mailing list [EMAIL PROTECTED] http://lists.digium.com/mailman/listinfo/asterisk-users To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users ___ Asterisk-Users mailing list [EMAIL PROTECTED] http://lists.digium.com/mailman/listinfo/asterisk-users To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [Asterisk-Users] Fwd: [ISN] Voice Over IP Can Be Vulnerable To Hackers, Too
On 5/14/04 9:02 PM, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: Folks seem to have forgotten that the original hackers were hacking stable and secure traditional PBXs with captain crunch whistles! Mitnik ran wild through PBX's and mobille networks. Let's work to set up secure VOIP, but don't let anyone kid you about the golden days when telephones were secure! (for extra points, why's the hacker mag called 2600?) Extra points please: because 2600Hertz is the frequency of the tone required on the old phone system to get free calls. There was a whistle that came in a captain crunch box that happened to produce this exact frequency. Or something like that. I'm too young to know this stuff first hand... I suppose I could look it up... Ah yes, google reveals this: http://whatis.techtarget.com/definition/0,,sid9_gci211496,00.html -- 2600 is the frequency in hertz (cycles per second) that ATT formerly put as a steady signal on any long-distance telephone line that was not currently in use. Prior to widespread use of out-of-band signaling, ATT used in-band signaling, meaning that signals about telephone connections were transmitted on the same line as the voice conversations. Since no signal at all on a line could indicate a pause in a voice conversation, some other way was needed for the phone company to know when a line was free for use. So ATT put a steady 2600 hertz signal on all free lines. Knowing this, certain people developed a way to use a whistle or other device to generate a 2600 hertz tone on a line that was already in use, making it possible to call anywhere in the world on the line without anyone being charged. Cracking the phone system became a hobby for some in the mostly under-20 set who came to be known as phreaks. In the 1960s, a breakfast cereal named Captain Crunch included a free premium: a small whistle that generated a 2600 hertz signal. By dialing a number and then blowing the whistle, you could fool the phone company into thinking the line was not being used while, in fact, you were now free to make a call to any destination in the world. Today, long-distance companies use Signaling System 7, which puts all channel signals on a separate signaling channel, making it more difficult to break into the phone system. -- Simon in New Orleans ___ Asterisk-Users mailing list [EMAIL PROTECTED] http://lists.digium.com/mailman/listinfo/asterisk-users To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
re: [Asterisk-Users] Fwd: [ISN] Voice Over IP Can Be Vulnerable To Hackers, Too
Er, 2600hz would blow down analog crossbars, not most PBX's...most PBX's were guessed since most used 4-6 digit codes for access...finding an outdial, hopefully, a 1-800 was goldenremember the first boxes, Black? Blue? the ones that would let you dial after you dropped the dialtone and got on the trunk? At 17:02 5/14/2004, you wrote: Folks seem to have forgotten that the original hackers were hacking stable and secure traditional PBXs with captain crunch whistles! Mitnik ran wild through PBX's and mobille networks. Let's work to set up secure VOIP, but don't let anyone kid you about the golden days when telephones were secure! Yes, VPN, VPN! (for extra points, why's the hacker mag called 2600?) 2600hz, dropped dialtone and allowed access to the trunk (on crossbars, Until they went to out-of-band switching) With combinations of DTMF and MF signalling you could pick the desired path for a call, been there, done that, and been published in 2600 and Phrack...heh... tmpm [EMAIL PROTECTED] wrote: __ Hope this isn't too far OT, but its relevant to us. From isn.attrition.org ___ Asterisk-Users mailing list [EMAIL PROTECTED] http://lists.digium.com/mailman/listinfo/asterisk-users To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users ___ Asterisk-Users mailing list [EMAIL PROTECTED] http://lists.digium.com/mailman/listinfo/asterisk-users To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [Asterisk-Users] Fwd: [ISN] Voice Over IP Can Be Vulnerable To Hackers, Too
ROTFLMAO! And what about security specialist Mark Nagil who was quoted (http://www.informationweek.com/story/showArticle.jhtml?articleID=20300851) as saying: The traditional voice model utilized PBXs, which were stable and secure? g. ___ Asterisk-Users mailing list [EMAIL PROTECTED] http://lists.digium.com/mailman/listinfo/asterisk-users To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users ___ Asterisk-Users mailing list [EMAIL PROTECTED] http://lists.digium.com/mailman/listinfo/asterisk-users To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [Asterisk-Users] Fwd: [ISN] Voice Over IP Can Be Vulnerable To Hackers, Too
Anything to improve the job market.. At 17:19 5/14/2004, you wrote: I'd probably shoot him too.. ;) Andy. ___ Asterisk-Users mailing list [EMAIL PROTECTED] http://lists.digium.com/mailman/listinfo/asterisk-users To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [Asterisk-Users] Fwd: [ISN] Voice Over IP Can Be Vulnerable To Hackers, Too
What ever happened to Draper (Capt. Krunch)? Simon Dorfman wrote: On 5/14/04 9:02 PM, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: Folks seem to have forgotten that the original hackers were hacking stable and secure traditional PBXs with captain crunch whistles! Mitnik ran wild through PBX's and mobille networks. Let's work to set up secure VOIP, but don't let anyone kid you about the golden days when telephones were secure! (for extra points, why's the hacker mag called 2600?) Extra points please: because 2600Hertz is the frequency of the tone required on the old phone system to get free calls. There was a whistle that came in a captain crunch box that happened to produce this exact frequency. Or something like that. I'm too young to know this stuff first hand... I suppose I could look it up... Ah yes, google reveals this: http://whatis.techtarget.com/definition/0,,sid9_gci211496,00.html -- 2600 is the frequency in hertz (cycles per second) that ATT formerly put as a steady signal on any long-distance telephone line that was not currently in use. Prior to widespread use of out-of-band signaling, ATT used in-band signaling, meaning that signals about telephone connections were transmitted on the same line as the voice conversations. Since no signal at all on a line could indicate a pause in a voice conversation, some other way was needed for the phone company to know when a line was free for use. So ATT put a steady 2600 hertz signal on all free lines. Knowing this, certain people developed a way to use a whistle or other device to generate a 2600 hertz tone on a line that was already in use, making it possible to call anywhere in the world on the line without anyone being charged. Cracking the phone system became a hobby for some in the mostly under-20 set who came to be known as phreaks. In the 1960s, a breakfast cereal named Captain Crunch included a free premium: a small whistle that generated a 2600 hertz signal. By dialing a number and then blowing the whistle, you could fool the phone company into thinking the line was not being used while, in fact, you were now free to make a call to any destination in the world. Today, long-distance companies use Signaling System 7, which puts all channel signals on a separate signaling channel, making it more difficult to break into the phone system. -- Simon in New Orleans ___ Asterisk-Users mailing list [EMAIL PROTECTED] http://lists.digium.com/mailman/listinfo/asterisk-users To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users -- Michael Welter Introspect Telephony Corp. Denver, Colorado +1 303 674 2575 [EMAIL PROTECTED] www.introspect.com ___ Asterisk-Users mailing list [EMAIL PROTECTED] http://lists.digium.com/mailman/listinfo/asterisk-users To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [Asterisk-Users] Fwd: [ISN] Voice Over IP Can Be Vulnerable To Hackers, Too
The demise of blue boxing, IMHO, has more to do with economic factors than SS7. Around 1970, a 3-minute call from the states to the UK cost $75. The company I worked for at that time, Honeywell in Boston, would require an authorization slip signed by a supervisor in order to make a domestic long distance call! Just today I received a T-1 quote from Qwest which included domestic long distance for $.028--you would need to talk for 36 minutes to be charged one dollar at this rate. I spend more at Starbucks. Actually, the 2600Hz tone would release the other end of the trunk. So from the local payphone one would dial the Avis 800 number (and bypass the AMA billing circuits). When Avis answered, one would hit 2600 to release the Avis side of the trunk. At that point one could key pulse any number in the world. Playing with the largest computer in the universe... what a kick! Michael Welter wrote: What ever happened to Draper (Capt. Krunch)? Simon Dorfman wrote: On 5/14/04 9:02 PM, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: Folks seem to have forgotten that the original hackers were hacking stable and secure traditional PBXs with captain crunch whistles! Mitnik ran wild through PBX's and mobille networks. Let's work to set up secure VOIP, but don't let anyone kid you about the golden days when telephones were secure! (for extra points, why's the hacker mag called 2600?) Extra points please: because 2600Hertz is the frequency of the tone required on the old phone system to get free calls. There was a whistle that came in a captain crunch box that happened to produce this exact frequency. Or something like that. I'm too young to know this stuff first hand... I suppose I could look it up... Ah yes, google reveals this: http://whatis.techtarget.com/definition/0,,sid9_gci211496,00.html -- 2600 is the frequency in hertz (cycles per second) that ATT formerly put as a steady signal on any long-distance telephone line that was not currently in use. Prior to widespread use of out-of-band signaling, ATT used in-band signaling, meaning that signals about telephone connections were transmitted on the same line as the voice conversations. Since no signal at all on a line could indicate a pause in a voice conversation, some other way was needed for the phone company to know when a line was free for use. So ATT put a steady 2600 hertz signal on all free lines. Knowing this, certain people developed a way to use a whistle or other device to generate a 2600 hertz tone on a line that was already in use, making it possible to call anywhere in the world on the line without anyone being charged. Cracking the phone system became a hobby for some in the mostly under-20 set who came to be known as phreaks. In the 1960s, a breakfast cereal named Captain Crunch included a free premium: a small whistle that generated a 2600 hertz signal. By dialing a number and then blowing the whistle, you could fool the phone company into thinking the line was not being used while, in fact, you were now free to make a call to any destination in the world. Today, long-distance companies use Signaling System 7, which puts all channel signals on a separate signaling channel, making it more difficult to break into the phone system. -- Simon in New Orleans ___ Asterisk-Users mailing list [EMAIL PROTECTED] http://lists.digium.com/mailman/listinfo/asterisk-users To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users -- Michael Welter Introspect Telephony Corp. Denver, Colorado +1 303 674 2575 [EMAIL PROTECTED] www.introspect.com ___ Asterisk-Users mailing list [EMAIL PROTECTED] http://lists.digium.com/mailman/listinfo/asterisk-users To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [Asterisk-Users] Fwd: [ISN] Voice Over IP Can Be Vulnerable To Hackers, Too
[EMAIL PROTECTED] wrote: Folks seem to have forgotten that the original hackers were hacking stable and secure traditional PBXs with captain crunch whistles! Mitnik ran wild through PBX's and mobille networks. Let's work to set up secure VOIP, but don't let anyone kid you about the golden days when telephones were secure! (for extra points, why's the hacker mag called 2600?) tmpm [EMAIL PROTECTED] wrote: __ Hope this isn't too far OT, but its relevant to us. From isn.attrition.org As others have said, 2600Hz is a widely used signalling frequency. Before ISDN and SS7 a large amount of telephony signalling consisted basically of beeping at 2600Hz in America, or 2280Hz in many other countries. If the filters in the network were inadequate (they usually were) you could send strong signalling tones yourself, get through the filters, and have your tone detected by the far end. Regards, Steve ___ Asterisk-Users mailing list [EMAIL PROTECTED] http://lists.digium.com/mailman/listinfo/asterisk-users To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [Asterisk-Users] Fwd: [ISN] Voice Over IP Can Be Vulnerable To Hackers, Too
ive heard he's a child molester nowor got popped for it... At 22:53 5/14/2004, you wrote: What ever happened to Draper (Capt. Krunch)? Simon Dorfman wrote: On 5/14/04 9:02 PM, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: Folks seem to have forgotten that the original hackers were hacking stable and secure traditional PBXs with captain crunch whistles! Mitnik ran wild through PBX's and mobille networks. Let's work to set up secure VOIP, but don't let anyone kid you about the golden days when telephones were secure! (for extra points, why's the hacker mag called 2600?) Extra points please: because 2600Hertz is the frequency of the tone required on the old phone system to get free calls. There was a whistle that came in a captain crunch box that happened to produce this exact frequency. Or something like that. I'm too young to know this stuff first hand... I suppose I could look it up... Ah yes, google reveals this: http://whatis.techtarget.com/definition/0,,sid9_gci211496,00.html -- 2600 is the frequency in hertz (cycles per second) that ATT formerly put as a steady signal on any long-distance telephone line that was not currently in use. Prior to widespread use of out-of-band signaling, ATT used in-band signaling, meaning that signals about telephone connections were transmitted on the same line as the voice conversations. Since no signal at all on a line could indicate a pause in a voice conversation, some other way was needed for the phone company to know when a line was free for use. So ATT put a steady 2600 hertz signal on all free lines. Knowing this, certain people developed a way to use a whistle or other device to generate a 2600 hertz tone on a line that was already in use, making it possible to call anywhere in the world on the line without anyone being charged. Cracking the phone system became a hobby for some in the mostly under-20 set who came to be known as phreaks. In the 1960s, a breakfast cereal named Captain Crunch included a free premium: a small whistle that generated a 2600 hertz signal. By dialing a number and then blowing the whistle, you could fool the phone company into thinking the line was not being used while, in fact, you were now free to make a call to any destination in the world. Today, long-distance companies use Signaling System 7, which puts all channel signals on a separate signaling channel, making it more difficult to break into the phone system. -- Simon in New Orleans ___ Asterisk-Users mailing list [EMAIL PROTECTED] http://lists.digium.com/mailman/listinfo/asterisk-users To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users -- Michael Welter Introspect Telephony Corp. Denver, Colorado +1 303 674 2575 [EMAIL PROTECTED] www.introspect.com ___ Asterisk-Users mailing list [EMAIL PROTECTED] http://lists.digium.com/mailman/listinfo/asterisk-users To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users ___ Asterisk-Users mailing list [EMAIL PROTECTED] http://lists.digium.com/mailman/listinfo/asterisk-users To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
