Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Posting-Version: version B 2.10.3 alpha 4/15/85; site sdcc3.UUCP Path: utzoo!watmath!clyde!bonnie!akgua!whuxlm!harpo!decvax!ittvax!dcdwest!sdcsvax!sdcc3!10880733 From: 10880733@sdcc3.UUCP (10880733) Newsgroups: net.legal,net.dcom Subject: Re: Need help stopping telephone harrassment Message-ID: <2903@sdcc3.UUCP> Date: Sat, 8-Jun-85 01:18:20 EDT Article-I.D.: sdcc3.2903 Posted: Sat Jun 8 01:18:20 1985 Date-Received: Mon, 10-Jun-85 20:51:52 EDT References: <3368@utah-cs.UUCP> Reply-To: 10880733@sdcc3.UUCP ({|lit}) Distribution: net Organization: U.C. San Diego, Academic Computer Center Lines: 151 Keywords: "phone phreaks" Xref: watmath net.legal:1772 net.dcom:1029 Summary: Pac-Tel I used to live across the street from a friend that happens to run a BBS system. I had to maintain the system for him. (He wasn't a real computer "type.") As a result of maintainance, I would come across a few of his friends. All of them at least one time or another have broken into many Pacific Bell/Tel control systems. (Cosmos rings a bell here...) His friends could be considered phone "phreaks" who, given a computer, a modem with a D/A converter and BASIC could call the Kremlin and have it billed to Sen. Joe McCarthy (yes, I know he's dead, that wouldn't stop the phone phreaks.) (I have done my best to curtail this activity in my area, but is still exists...) --- The following is a reply to something that really seems tooooo common in the "secret world" of the phone "phreaks" --- In article <3368@utah-cs.UUCP> donn@utah-cs.UUCP (Donn Seeley) writes: > My friend decided to do some investigating of his own and called up > some of the numbers that appeared on his long distance bill. Many of > them turned out to be recordings of various kinds, such as 'dial-a-porn'; Very common for phreaks. (Seriously...) > a few of them turned out to be homes with teenagers, and the latter > readily admitted that they had been given the access code and told to > 'get this guy', and to spread the number far and wide. I have seen this done. On many bulletin boards, the system operator (SYSOP) just has to say the word, and he can have an access code distributed to the ends of the earth in a day. I sometimes think the BBS "human-network" is faster than "uucp". > When he got his phone bill at the end of the > month, he discovered that he was being charged for hundreds of dollars > worth of bogus toll calls through Pac Tel, all made in his local area > code. ---------------------------/ /--------------------------------------- > Pac Tel said that the calls originated from his residential phone, but > it was quite clear that no one in the household could possibly be doing > it. The family kept logs of where all its members were for periods of > weeks at a time, and these showed that the calls were being made when > the house was empty, or when the family was eating dinner and so on. Sounds like someone is playing with the local distribution box When I was attending Jr. High, a Pacific Telephone employee was tracing a problem at our local "light green" distribution box on my corner. I (being the abnoxiously curious type) just started asking him questions. What I learned that afternoon, well, I could have terrorized the neighborhood. > Pac Tel traced the house's local loop, but could > find no indication that it had been compromised in any way. Pac Tel > now steadfastly maintains that there is no other way of making a call > appear to originate from the residence's phone. Yeah, what else would you expect them to say? :-) Sure it's possible to do the things that are happening... .... Probably about 5 or 6 different ways. 1) Patch into the local line. (Which if done correctly can't be detected.) 2) Contact the local Pac Tel computer and "fake the calls" through the billing system 3) Find an information or TSPS (dial "0" operator) operator in an area that has not switched over to the "Electronic Switching System (ESS) and send the appropriate magic tones over the line to disconnect the operator, and make any call they wish billed to any other phone they wish (as an operator would.) (The tones are simple, but for the phone companies sake, won't be listed here.) 4) Get to know a TSPS operator, a phone phone company "techie" or anybody inside the phone company. This will help to no end on information gathering. (What test numbers do what, etc...) 5) Use those "Special field service" numbers that Telco employees use in the field repairing lines. They aren't very hard to break (after all, who is doing the repairing? Einstein?) Using these methods, I have seen these 12 year-olds make 20 person conference calls through Montreal, Canada. I have heard of countless "infiltrations" of the AT&T Long Distance Net. (To the point, where they could actually re-reroute calls, break-in on lines, become INWARD, OUTWARD, TSPS, RATE AND ROUTE, or INFORMATION operators themselves.) What can be done on the AT&T net is nothing short of amazing. > After several months > of wrangling, Pac Tel sent its own investigator to look at the case. > After one phone call to my friend and three days of 'investigation', > Pac Tel's man announced that my friend's son was responsible for all > the calls, and that my friend was liable for the thousands of dollars > worth of bogus calls that had been made over the previous eight months. > FIGHT IT! Have the phone company put (probably one of their favorite pieces of equipment) a line recorder on the line. It records when the calls were made, what numbers were dialed, what special tones were sent, etc. If no calls are recorded but still appear on the bill, something is ABSOLUTELY WRONG. ----------------- Have the phone company disconnect the line in question from the house only, and give the family a new line and number. That way, the telco can't accuse the house occupants of calling. (Most houses are pre-wired and capable of three separate lines.) > The FBI suggested that my friend call > the PUC. This turned out to be a joke -- my friend couldn't even get > past the secretary. Sounds like the PUC. > Any help you can give would be deeply appreciated, > > Donn Seeley University of Utah CS Dept donn@utah-cs.arpa > 40 46' 6"N 111 50' 34"W (801) 581-5668 decvax!utah-cs!donn -------------------------------------------------------------------------- Perhaps what shocks me the most, is the fact the all the information needed to do just about anyghing you want is available within a five mile radius. Further, it is privately "published" by certain people. Even worse, programs that use modems to emulate a TSPS operator's console exist, and work well. Do you own an Apple ][ with a Novation Apple Cat? If so, you too can be come a phone company operator. (The modem has an 8-Bit D/A converter on board to tone dial and emit the special tones.) I hope this helped some. -Jim Hayes, UC San Diego.