Finally, the admin woke up. He began checking the modem lines, one by one. If he knew which line the hacker was using, he could simply turn off the modem. Or request a trace on the line.

Mendax sent another anonymous message to the admin's computer screen:

It's been nice playing with your system.

We didn't do any damage and we even improved a few things. Please don't call the Australian Federal Police.

The admin ignored the message and continued his search for the hacker. He ran a program to check which telephone lines were active on the system's serial ports, to reveal which dial-up lines were in use. When the admin saw the carrier detect sign on the line being used by the hacker, Mendax decided it was time to bail out. However, he wanted to make sure that his call had not been traced, so he lifted the receiver of his telephone, disconnected his modem and waited for the NorTel modem to hang up first.

If the NorTel admin had set up a last party recall trace to determine what phone number the hacker was calling from, Mendax would know. If an LPR trace had been installed, the NorTel end of the telephone connection would not disconnect but would wait for the hacker's telephone to hang up first. After 90 seconds, the exchange would log the phone number where the call had originated.

If, however, the line did not have a trace on it, the company's modem would search for its lost connection to the hacker's modem. Without the continuous flow of electronic signals, the NorTel modem would hang up after a few seconds. If no-one reactivated the line at the NorTel end, the connection would time-out 90 seconds later and the telephone exchange would disconnect the call completely.

Mendax listened anxiously as the NorTel modem searched for his modem by squealing high-pitched noises into the telephone line. No modem here. Go on, hang up.

Suddenly, silence.

OK, thought Mendax. Just 90 seconds to go. Just wait here for a minute and a half. Just hope the exchange times out. Just pray there's no trace.