Security Basics mailing list archives
Re: Wardialing - Odd Results
From: Diego Kellner <dkepler () gmail com>
Date: Mon, 1 Aug 2005 16:49:45 -0300
It might sound silly but when I did my wardialings, most of the connections that appeared as 300NoEC turned out to be fax machines, and the only way to check this was by sending a small piece of blank paper and get the confirmation from the remote fax. Of course, you'd be fooled by PCs that can both answer as Data or Fax, but then again... if your wardialing software couldn't figure out the way to connect to it, and your fax machine did, chances are that it IS a fax machine after all. My 2 cents Kepler On 7/27/05, Ron <iago () valhallalegends com> wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hey guys, John R. Dennison wrote:On Fri, Jul 22, 2005 at 09:43:32AM -0700, Atom Powers wrote:I've seen this if the data rate for the system you are dialing in to and the program you are using are not in synch. For instance, if the system you are dialing to is 9600bps and you have your hyperterminal set to 1500bps you will end up getting many duplicate bits, because you are sampling more frequently than you are recieving. The result is garbage like you show below even if the system you are dialing to is responding with ASCII characters.Any mis-configured serial port settings (baud, parity, data bits, stop bits) can cause this behaviour. In /general/, the hyperterminal default settings of 8/N/1 should work in most, but not all cases; some older mainframe based equipment, for instance, will use 7 data bits with Even parity. If memory serves, in the past I have also had to use even more esoteric settings for parity, such as mark or space, but that was 2 decades ago. JohnThanks for all your answers. I've been relentlessly trying every combination of baud/data bits/parity/stop bits I could think of, but I can't get it to work. I can get it to look different, but that's not much help. I discovered that at least one of the systems that PhoneSweep picked up as "CARRIER" turned out to be a fax machine, so the question becomes, how can I programmatically tell a fax from a modem? Is anybody aware of any kind of software that can reliably identify or cycle through the different protocols until it figures out which it is? And, for preference, which are fax machines? Any platform would be great. Thanks again for your help, Ron -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.9.15 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFC57apfqSf2EkP4p4RAuZGAJ9eaIWUPyCneOjSql3tSPER+tVP4gCeKxM9 w/nUB8IPMvBQNa9FqS6V5lg= =gxH8 -----END PGP SIGNATURE-----
Current thread:
- Re: Wardialing - Odd Results Diego Kellner (Aug 02)