Penetration Testing mailing list archives

Re: [PEN-TEST] War Dialling

From: Talisker <Talisker () NETWORKINTRUSION CO UK>
Date: Thu, 16 Nov 2000 17:50:52 -0000

Mick

If acme.com, a global company, has a very wide range of numbers how is it
best to seek out the numbers that are relevant to the IT departments.

The IT dept should be wise enough not to install rogue modems (hehe did I
really say that!) I would look at the whole range.  Out of interest a BT (UK
telephone company) rep told me that they can place wardial detectors on
exchanges, just something to be aware of - so as you don't upset them when
you start your test

Furthermore, I have a page of wardialers on my website if anyone knows of
any that I'm missing please let me know - only good freeware ones though,
otherwise we'd be up to our armpits in them

And finally for those that aren't aware a have set up a low volume
security-tools
notification service, as I am made aware of new or updated tools I pass the
info on, I'm currently bundling the tools onto a single weekly email
http://www.egroups.com/subscribe/security-tools

Cheers
Andy
 http://www.networkintrusion.co.uk
Talisker's Network Security Tools List
                    '''
                 (0 0)
  ----oOO----(_)----------
  | The geek shall        |
  |  Inherit the earth     |
  -----------------oOO----
               |__|__|
                  || ||
              ooO Ooo
talisker () networkintrusion co uk

The opinions contained within this transmission are entirely my own, and do
not necessarily reflect those of my employer.





----- Original Message -----
From: "Scott, Mick" <Mick_scott () UK IBM COM>
To: <PEN-TEST () SECURITYFOCUS COM>
Sent: Thursday, November 16, 2000 11:59 AM
Subject: [PEN-TEST] War Dialling

Being a new member to this list I am not sure how much this topic has been
aired.  How ever I wonder if anyone has any ideas, or pointers on how they
would eliminate irrelevant numbers on a war dialling exercise.

If acme.com, a global company, has a very wide range of numbers how is it
best to seek out the numbers that are relevant to the IT departments.
Obviously there is the social engineering approach, however I am

interested

in any other ideas.

Apologies if this has been discussed B4


Regards,
Mick

Current thread:

[PEN-TEST] War Dialling Scott, Mick (Nov 17)
- Re: [PEN-TEST] War Dialling mshines (Nov 17)
- Re: [PEN-TEST] War Dialling Lionel Ferette (Nov 17)
- Re: [PEN-TEST] War Dialling Steve (Nov 17)
- Re: [PEN-TEST] War Dialling Talisker (Nov 17)
- Re: [PEN-TEST] War Dialling Matthew Leeds (Nov 17)
- <Possible follow-ups>
- Re: [PEN-TEST] War Dialling Leibolt, Gregory, NBSO (Nov 17)
- Re: [PEN-TEST] War Dialling Michael Gough (Nov 17)
- Re: [PEN-TEST] War Dialling Meritt, Jim (Nov 20)