War dialing is still useful against certain targets, but for mass dialing it's not so great. For example, one could target a specific business based on their assigned number. Say its 555-5555 for the main number. So, in the Telco world most businesses have extra lines that roll to the main number so that they can receive more than one incoming call. It just happens to be, that phone companies assign blocks; so the rollover numbers may be 555-5556, 5557, 5558 and so on. Other companies have a completely separate block from the main number, but they are still in blocks. All you have to do is have someone call you back from the company after an innocent inquiry of something. Look my Caller ID says 555-2222, next block of targets...

Following that same logic, one could go to a whois site and do a lookup on the technical contact for a web site. Hmmm there is 555-9999, let me set my war dialer to 555-0001 to 555-9999 and see what happens? Most likely the technical contact could be located at the same location as a data center and most likely they have a modem for remote access at 3: am when the pager goes off. Now I have something to work with. At 2 o’clock in the morning who’s going to notice a nice stealthy probe? And once a number is established as a modem, keep on hitting it – night after night, heck it’s automated, eventually someone is going to leave it on or make a mistake and forget to turn of PC Anywhere.

Lovely…

I have a technical contact far away from my actual sites. Best not to place a number on the contact web page that is located near as well, if you can get away with it. Not only does it give potential modem targets away but you have also given away the geo-location of the site as well. Keep them separate if your paranoid and can work around it.