> The home phone rang at breakfast time today.
> The phone display box showed the source number as :
> 1 - 510 - 510 - 9988
It's extremely easy to fake the caller-id name/number. Not only that,
but thanks to VoIP and various Internet voice call services, you can
hide just about anywhere. The traditional telephone system is very
traceable, but if a person wants to disguise his location and
originating caller location, it's not difficult at all. As long as you
are originating calls. Getting a call back to that same location is
far more difficult. But it would take me about 15 minutes to set up a
three hop disguise for originating calls without even leaving the
country. The only reason why it would take me 15 minutes is that it
would take me that long to dig up my cheat notes. If I had all the
steps remembered and the router nodes memorized, I could do it in less
than five.
As to the reverse trace, the trace gets you back to the first NAT.
(network address translation). Those good with hacking skills and
tools can break through each NAT in about 30 seconds on the trace.
With three NATs involved and at least two public VoIP services, I'm
good for at least five minutes before the best of the best can find
me. And that's with just a sloppy off-the-shelf configuration. Those
who really don't want to be found won't be found. However, if you
originate a phishing call from home through a broadband connection
from your telephone or cable company, I can trace to the serving node.
As that node has a known location with a limited reach, that gets me
to a three mile radius. From that point, I can get the NAT'd address
of the network on the firewalled side of the router. If you have a
WiFi router, I then pull up the list of all known WiFi routers in that
area and match IP addresses. If the population base isn't very high, I
can narrow it down to a handful of locations pretty quickly. A "search
warrant" request to the local telephone provider would give the exact
customer address in matter of a couple minutes.
That assumes, though, that the bad guy is at that address. If the bad
guy is really a bad guy, he's working through a Trojan Horse program
through somebody's computer and is who knows where and the search
continues.
In addition to the above, the really bad guys use "Trac Phones" with
spoofed altered antennas and disabled GPS receivers. By disabling the
GPS function, not having WiFi built in (another location identifying
tool) and highly directional antennas that are aimed at a reflection
point a mile away.
Fun times.
About two years ago, I got really irate with one repeat phishing call.
So, I started reversing it and figured out what neighborhood in Tampa
the guy was in. Looking at Google Earth, I figured he lived in one
particular apartment complex. He calls me again and I ask him what
it's like living in XYZ Apartments.
CLICK
Never called me again.
AG
--
_________________________________________________________________
Options: http://lists.thomasclausen.net/mailman/listinfo/olympus
Archives: http://lists.thomasclausen.net/mailman/private/olympus/
Themed Olympus Photo Exhibition: http://www.tope.nl/
|