Sign in to follow this  
Followers 0
slorm

phone DOS

9 posts in this topic

Has anyone done a DOS attack on a phone system at the same time as regular DOS attack? It would take them even long to fix is they can't make or receive phone calls because they are receiving 100's of phone calls every second. I used a internet phone and had it make call after call to a tow truck company that pissed me off. Basically shut them down for a day.

Slorm

Share this post


Link to post
Share on other sites
Are you inferring it would take longer for the to sort the DDOS on their internet pipe as they cant speak to their upstream provider etc? Maybe, but why wouldnt they use a mobile or a PSTN line?

In it self though, you could potentially cost them a fair amount of business by tying up their sales lines with crap. I heard of people doing similar with 56k dial ups and icmp echoing peoples modems with hex'd hayes commands as the pattern. A few pings go a long way ;)

Share this post


Link to post
Share on other sites
[quote name='wwwd40' timestamp='1323261427' post='359816']
Are you inferring it would take longer for the to sort the DDOS on their internet pipe as they cant speak to their upstream provider etc? Maybe, but why wouldnt they use a mobile or a PSTN line?

In it self though, you could potentially cost them a fair amount of business by tying up their sales lines with crap. I heard of people doing similar with 56k dial ups and icmp echoing peoples modems with hex'd hayes commands as the pattern. A few pings go a long way ;)
[/quote]


Well the tow company wasn't doing much on the internet so shutting down their internet connection would not have done much but tying up there phones ( POTS and cell ) with call after call did shut down their business. You might not want to use a modem since the could trace the calls but with an internet phone you could easily cover your tracks.

Share this post


Link to post
Share on other sites
[quote name='slorm' timestamp='1323284702' post='359818']

Well the tow company wasn't doing much on the internet so shutting down their internet connection would not have done much but tying up there phones ( POTS and cell ) with call after call did shut down their business. You might not want to use a modem since the could trace the calls but with an internet phone you could easily cover your tracks.
[/quote]


what voip provider does one use for something like that?

Share this post


Link to post
Share on other sites
[quote name='Afterm4th' timestamp='1323300324' post='359820']
[quote name='slorm' timestamp='1323284702' post='359818']

Well the tow company wasn't doing much on the internet so shutting down their internet connection would not have done much but tying up there phones ( POTS and cell ) with call after call did shut down their business. You might not want to use a modem since the could trace the calls but with an internet phone you could easily cover your tracks.
[/quote]


what voip provider does one use for something like that?
[/quote]


so you are claiming that VoIP phones are untraceable? there are plenty of news stories of people getting arrested for calls made with skype and other VoIP services thinking that they were untraceable...

no call is completely untraceable... even if you fail your ANI your provider still has a record of the call.. although if you fail your ANI it is highly unlikely that the call would be able to be traced back to you

even if the call was not able to be traced conventionally admitting to your activities on a public forum - that is crawled by google - is not that good of an idea, it gives reasonable cause for your outgoing call records to be subpoenaed, assuming that you do not use a proxy every time you log in here...

not that i think any law enforcement agency would waste that much time and resources for what you described, if what you described could even be considered illegal (i am not sure that it is or not, but i do know some places have a law that makes calling a phone number with out the intent to engage in a conversation a crime, i think this law was created to prevent scanning)

Share this post


Link to post
Share on other sites
Now what would be the best way to prevent such an attack?


[quote name='nyphonejacks' timestamp='1323311484' post='359827']
[quote name='Afterm4th' timestamp='1323300324' post='359820']
[quote name='slorm' timestamp='1323284702' post='359818']

Well the tow company wasn't doing much on the internet so shutting down their internet connection would not have done much but tying up there phones ( POTS and cell ) with call after call did shut down their business. You might not want to use a modem since the could trace the calls but with an internet phone you could easily cover your tracks.
[/quote]


what voip provider does one use for something like that?
[/quote]


so you are claiming that VoIP phones are untraceable? there are plenty of news stories of people getting arrested for calls made with skype and other VoIP services thinking that they were untraceable...

no call is completely untraceable... even if you fail your ANI your provider still has a record of the call.. although if you fail your ANI it is highly unlikely that the call would be able to be traced back to you

even if the call was not able to be traced conventionally admitting to your activities on a public forum - that is crawled by google - is not that good of an idea, it gives reasonable cause for your outgoing call records to be subpoenaed, assuming that you do not use a proxy every time you log in here...

not that i think any law enforcement agency would waste that much time and resources for what you described, if what you described could even be considered illegal (i am not sure that it is or not, but i do know some places have a law that makes calling a phone number with out the intent to engage in a conversation a crime, i think this law was created to prevent scanning)
[/quote]

Share this post


Link to post
Share on other sites
[quote name='slorm' timestamp='1323284702' post='359818']
[quote name='wwwd40' timestamp='1323261427' post='359816']
Are you inferring it would take longer for the to sort the DDOS on their internet pipe as they cant speak to their upstream provider etc? Maybe, but why wouldnt they use a mobile or a PSTN line?

In it self though, you could potentially cost them a fair amount of business by tying up their sales lines with crap. I heard of people doing similar with 56k dial ups and icmp echoing peoples modems with hex'd hayes commands as the pattern. A few pings go a long way ;)
[/quote]


Well the tow company wasn't doing much on the internet so shutting down their internet connection would not have done much but tying up there phones ( POTS and cell ) with call after call did shut down their business. You might not want to use a modem since the could trace the calls but with an internet phone you could easily cover your tracks.
[/quote]

Sorry to rejoin the party late.

It was you that mentioned "regular DOS" whatever that is, so I figured you meant a ddos against their internet pipe - maybe you can clear up what you did mean?

With regard to modems.. I mentioned an attack that common in the mid-late 90's where 56k dial up was still prolific. You wouldnt be using your own PSTN line and modem - you would craft a ping to another modem user that included modem control string as the pattern to hang up and redial a number of your choice or whatever. In that way, you are never involved in the actual call. Add to the mix that you would be doing this from a dial up ISP account that was not your own, possibly from a dial tone you found out on the street and you have a pretty untracable means of other people doing your bidding - atleast difficult to trace to you as the source.

Surely that is infinitely less traceable than using a voip provider?

EDIT: A link I found regarding pinging hayes commands at other people's modems: http://www.swateam.org.uk/swat-b00kv1.2/190%20Fun%20with%20modems.txt

Bear in mind this is all pretty old stuff. Edited by wwwd40

Share this post


Link to post
Share on other sites
[quote name='slorm' timestamp='1323415129' post='359844']
Now what would be the best way to prevent such an attack?
[/quote]


a) creating a blacklist of block numbers
b) changing your phone number

those are the only two things I can think of, or possibly c) finding and busting the person for harassment




wwwd40: thanks for that info. interesting stuff.

Share this post


Link to post
Share on other sites
[quote name='slorm' timestamp='1323415129' post='359844']
Now what would be the best way to prevent such an attack?

[/quote]

*60 would do the trick

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0