Re: Caller ID Spoofing

[Dalvenjah FoxFire <dal.dalvenjah@net>]

On Sat, Oct 30, 1999 at 02:50:06AM -0700, Allan Carhart put this into my mailbox:
> Hey guys..
> 
> A few days ago, my roommates and I got caller ID in our house --
> Pretty cool. But it got me thinking. How difficult (or impossible?)
> would it be to spoof caller ID? I have no idea why someone would want to,
> but it just seems odd to blindly accept the caller ID info.

You can, to an extent. But in order to do it, you have to have access
to a switch that connects to the PSTN with a T1 or somesuch, so that
it has its own out-of-band signaling channel. Basically at that point,
you have a gateway into the signaling side of the switch, and can send
whatever caller ID you like. (insert SS7-related jargon here.)

You most likely can't do it from a normal POTS line at your home or
whatever; the caller ID info originates on the switch at the Pac
Bell CO.

This was in the spotlight a year or so ago when someone used this
(proof of concept, not maliciously) to show Pac Bell PCS that it
was possible to break into peoples' voice mailboxes on their PCS phones.
Their only form of security was checking the caller ID, which the PCS
phones sent back. However, by programming a switch like the above to
send a PCS phone # as its caller ID info, someone not on the PCS
network could gain access to someone's PCS voice mailbox. They
quickly had everyone set passwords on their mailboxes. }:>

-dalvenjah

-- 
 Dalvenjah FoxFire (aka Sven Nielsen) "We've lost the bleeps, the creeps,
 Founder, the DALnet IRC Network       and the sweeps!" "That's not all
                                       he's lost!"
 
 e-mail: dal.dalvenjah@net             WWW: http://www.dal.net/~dalvenjah/
 whois: SN90                           Try DALnet! http://www.dal.net/