>> Generally, these kind of attacks work like this: a person trying to
>> break in dials up the modem, and then simulates a hangup noise and
>> dialtone WITHOUT ACTUALLY HANGING UP. The dialback modem thinks the
>> line has hung up, picks up the line, dials, and waits for a carrier.
>> The person supplies a carrier, and viola, connects to the system.
In article <Pine .
com> you write:
>Well, that's just *broken*. Either that, or it's from the way-back days
>when the callee couldn't hang up on a call if the caller stayed off
>hook. Nowadays, there's no possible reason why a callback modem wouldn't
>just hang up the line itself before picking up, listening for dial-tone,
The normal behaviour of a local telephone switch is to disconnect
the call within a second if the CALLER hangs up, but to allow the
CALLEE to disconnect temporarily for 15-30 seconds without
terminating the call. This allows a person to move to a different
phone without having to run back and forth between, say, the kitchen
and a bedroom.
So when the callback modem "just hangs up the line itself before picking
up" it would have to stay on-hook for at least 35 seconds. (The exact
time is a programmable parameter on the central office switch, and
some telcos may have set it even higher.)
There are some ways around the problem:
1) Implement the callback not in the modem, but in the access server
behind the modem, and use a different line for the outcall.
2) Get 3-way calling on the line, and FLASH before starting the outdial.
/ Lars Poulsen Internet E-mail: lars @
Rockwell Network Systems Phone: +1-805-562-3158
7402 Hollister Avenue Telefax: +1-805-968-8256
Santa Barbara, CA 93105 Internets: designed and built while you wait