Using a PABX, the employee of a large company could dial
another employee in-house without incurring the cost of a local
telephone call. If the employee was, for example, staying in a hotel
out of town, the company might ask him to make all his calls through
the company's PABX to avoid paying extortionate hotel long-distance
rates. If the employee was in Brisbane on business, he could dial a
Brisbane number which might route him via the company's PABX to
Sydney. From there, he might dial out to Rome or London, and the
charge would be billed directly to the company. What worked for an
employee also worked for a phreaker.
A phreaker dialling into the PABX would generally need to either know
or guess the password allowing him to dial out again. Often, the
phreaker was greeted by an automated message asking for the employee's
telephone extension--which also served as the password. Well, that was
easy enough. The phreaker simply tried a series of numbers until he
found one which actually worked.
Occasionally, a PABX system didn't even have passwords. The managers
of the PABX figured that keeping the phone number secret was good
enough security.
Pages:
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163