Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Wardialing - Odd Results

From: Diego Kellner <dkepler () gmail com>
Date: Mon, 1 Aug 2005 16:49:45 -0300
It might sound silly but when I did my wardialings, most of the
connections that appeared as 300NoEC turned out to be fax machines,
and the only way to check this was by sending a small piece of blank
paper and get the confirmation from the remote fax.
Of course, you'd be fooled by PCs that can both answer as Data or Fax,
but then again... if your wardialing software couldn't figure out the
way to connect to it, and your fax machine did, chances are that it IS
a fax machine after all.
My 2 cents
Kepler

On 7/27/05, Ron <iago () valhallalegends com> wrote:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hey guys,


John R. Dennison wrote:

On Fri, Jul 22, 2005 at 09:43:32AM -0700, Atom Powers wrote:


I've seen this if the data rate for the system you are dialing in to and
the program you are using are not in synch. For instance, if the system
you are dialing to is 9600bps and you have your hyperterminal set to
1500bps you will end up getting many duplicate bits, because you are
sampling more frequently than you are recieving. The result is garbage
like you show below even if the system you are dialing to is responding
with ASCII characters.



      Any mis-configured serial port settings (baud, parity, data
      bits, stop bits) can cause this behaviour.

      In /general/, the hyperterminal default settings of 8/N/1
      should work in most, but not all cases; some older mainframe
      based equipment, for instance, will use 7 data bits with Even
      parity.  If memory serves, in the past I have also had to
      use even more esoteric settings for parity, such as mark
      or space, but that was 2 decades ago.





                                                      John





Thanks for all your answers.  I've been relentlessly trying every
combination of baud/data bits/parity/stop bits I could think of, but I
can't get it to work.  I can get it to look different, but that's not
much help.

I discovered that at least one of the systems that PhoneSweep picked up
as "CARRIER" turned out to be a fax machine, so the question becomes,
how can I programmatically tell a fax from a modem?

Is anybody aware of any kind of software that can reliably identify or
cycle through the different protocols until it figures out which it is?
 And, for preference, which are fax machines?  Any platform would be great.

Thanks again for your help,
Ron
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.9.15 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFC57apfqSf2EkP4p4RAuZGAJ9eaIWUPyCneOjSql3tSPER+tVP4gCeKxM9
w/nUB8IPMvBQNa9FqS6V5lg=
=gxH8
-----END PGP SIGNATURE-----
Previous By Date Next
Previous By Thread Next

Current thread: