[Asterisk-Users] Fwd: [ISN] Voice Over IP Can Be Vulnerable To Hackers, Too

Michael Welter mike at introspect.com
Fri May 14 20:12:01 MST 2004 

The demise of blue boxing, IMHO, has more to do with economic factors 
than SS7.  Around 1970, a 3-minute call from the states to the UK cost 
$75.  The company I worked for at that time, Honeywell in Boston, would 
require an authorization slip signed by a supervisor in order to make a 
domestic long distance call!

Just today I received a T-1 quote from Qwest which included domestic 
long distance for $.028--you would need to talk for 36 minutes to be 
charged one dollar at this rate.  I spend more at Starbucks.

Actually, the 2600Hz tone would release the other end of the trunk.  So 
from the local payphone one would dial the Avis 800 number (and bypass 
the AMA billing circuits).  When Avis answered, one would hit 2600 to 
release the Avis side of the trunk.  At that point one could key pulse 
any number in the world.  Playing with the largest computer in the 
universe... what a kick!


Michael Welter wrote:

> What ever happened to Draper (Capt. Krunch)?
> 
> Simon Dorfman wrote:
> 
>> On 5/14/04 9:02 PM, "tpanton at attglobal.net" <tpanton at attglobal.net> 
>> wrote:
>>
>>
>>> Folks seem to have forgotten that
>>> the original hackers were hacking
>>> "stable and secure" traditional PBXs
>>> with captain crunch whistles!
>>>
>>> Mitnik ran wild through PBX's and mobille networks.
>>>
>>> Let's work to set up secure VOIP, but
>>> don't let anyone kid you about the golden days when telephones were 
>>> secure!
>>>
>>>
>>> (for extra points, why's the hacker mag called 2600?)
>>
>>
>>
>> Extra points please:  because 2600Hertz is the frequency of the tone
>> required on the old phone system to get free calls.  There was a whistle
>> that came in a captain crunch box that happened to produce this exact
>> frequency.  Or something like that.  I'm too young to know this stuff 
>> first
>> hand... I suppose I could look it up...
>>
>> Ah yes, google reveals this:
>> http://whatis.techtarget.com/definition/0,,sid9_gci211496,00.html
>> -------------------------------------------------------------------------- 
>>
>>  2600 is the frequency in hertz (cycles per second) that AT&T formerly 
>> put
>> as a steady signal on any long-distance telephone line that was not
>> currently in use. Prior to widespread use of out-of-band signaling, AT&T
>> used in-band signaling, meaning that signals about telephone connections
>> were transmitted on the same line as the voice conversations. Since no
>> signal at all on a line could indicate a pause in a voice 
>> conversation, some
>> other way was needed for the phone company to know when a line was 
>> free for
>> use. So AT&T put a steady 2600 hertz signal on all free lines. Knowing 
>> this,
>> certain people developed a way to use a whistle or other device to 
>> generate
>> a 2600 hertz tone on a line that was already in use, making it 
>> possible to
>> call anywhere in the world on the line without anyone being charged.
>> Cracking the phone system became a hobby for some in the mostly 
>> under-20 set
>> who came to be known as phreaks.
>>
>>  In the 1960s, a breakfast cereal named Captain Crunch included a free
>> premium: a small whistle that generated a 2600 hertz signal. By dialing a
>> number and then blowing the whistle, you could fool the phone company 
>> into
>> thinking the line was not being used while, in fact, you were now free to
>> make a call to any destination in the world.
>>
>>  Today, long-distance companies use Signaling System 7, which puts all
>> channel signals on a separate signaling channel, making it more 
>> difficult to
>> break into the phone system.
>> -------------------------------------------------------------------------- 
>>
>>
>> Simon in New Orleans
>>
>> _______________________________________________
>> Asterisk-Users mailing list
>> Asterisk-Users at lists.digium.com
>> http://lists.digium.com/mailman/listinfo/asterisk-users
>> To UNSUBSCRIBE or update options visit:
>>    http://lists.digium.com/mailman/listinfo/asterisk-users
>>
>>
> 

-- 
Michael Welter
Introspect Telephony Corp.
Denver, Colorado
+1 303 674 2575
mike at introspect.com
www.introspect.com

More information about the asterisk-users mailing list