Penetration Testing mailing list archives

Re: [PEN-TEST] War Dialling

From: Steve <steve () SECURESOLUTIONS ORG>
Date: Thu, 16 Nov 2000 09:24:35 -0700

Hi Scott.

I'm not sure you would want to only seek out the numbers that are relevant
to just the IT department as in my experience, it is usually some VP of HR
or CEO that has the rogue modem setup.  Most people war dial to identify
modems that are set to answer and give backdoor access to a workstation on
the network.  You definitely want to cover the whole organization when doing
this.

-Steve

-----Original Message-----
From: Penetration Testers [mailto:PEN-TEST () SECURITYFOCUS COM]On Behalf
Of Scott, Mick
Sent: Thursday, November 16, 2000 5:00 AM
To: PEN-TEST () SECURITYFOCUS COM
Subject: [PEN-TEST] War Dialling

Being a new member to this list I am not sure how much this topic has been
aired.  How ever I wonder if anyone has any ideas, or pointers on how they
would eliminate irrelevant numbers on a war dialling exercise.

If acme.com, a global company, has a very wide range of numbers how is it
best to seek out the numbers that are relevant to the IT departments.
Obviously there is the social engineering approach, however I am
interested
in any other ideas.

Apologies if this has been discussed B4

Regards,
Mick

Current thread:

[PEN-TEST] War Dialling Scott, Mick (Nov 17)
- Re: [PEN-TEST] War Dialling mshines (Nov 17)
- Re: [PEN-TEST] War Dialling Lionel Ferette (Nov 17)
- Re: [PEN-TEST] War Dialling Steve (Nov 17)
- Re: [PEN-TEST] War Dialling Talisker (Nov 17)
- Re: [PEN-TEST] War Dialling Matthew Leeds (Nov 17)
- <Possible follow-ups>
- Re: [PEN-TEST] War Dialling Leibolt, Gregory, NBSO (Nov 17)
- Re: [PEN-TEST] War Dialling Michael Gough (Nov 17)
- Re: [PEN-TEST] War Dialling Meritt, Jim (Nov 20)