mleedsCDDB.COM

• Next message: Claudio Pino: "Re: [PEN-TEST] ISS not detecting unicode bug??"
• Previous message: Michael Gough: "Re: [PEN-TEST] War Dialling"
• In reply to: Scott, Mick: "[PEN-TEST] War Dialling"
• Next in thread: Meritt, Jim: "Re: [PEN-TEST] War Dialling"
• Reply: Matthew Leeds: "Re: [PEN-TEST] War Dialling"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

If you're doing a test with full assistance from the target, get a list of telcom providers from them, and an executed approval letter to get the Customer Service Records (CSRs) from each telcom provider. This will list all the telcom lines, both those that may terminate on a PBX, and all those old analog lines that everyone has forgotten about, but that may terminate on service modems for who knows what equipment. You may be surprised by what gets found.

---Matthew Leeds

*********** REPLY SEPARATOR ***********

On 11/16/00 at 11:59 AM Scott, Mick wrote:

>Being a new member to this list I am not sure how much this topic has been
>aired. How ever I wonder if anyone has any ideas, or pointers on how they
>would eliminate irrelevant numbers on a war dialling exercise.
>
>If acme.com, a global company, has a very wide range of numbers how is it
>best to seek out the numbers that are relevant to the IT departments.
>Obviously there is the social engineering approach, however I am interested
>in any other ideas.
>
>Apologies if this has been discussed B4
>
>
>Regards,
>Mick

• Next message: Claudio Pino: "Re: [PEN-TEST] ISS not detecting unicode bug??"
• Previous message: Michael Gough: "Re: [PEN-TEST] War Dialling"
• In reply to: Scott, Mick: "[PEN-TEST] War Dialling"
• Next in thread: Meritt, Jim: "Re: [PEN-TEST] War Dialling"
• Reply: Matthew Leeds: "Re: [PEN-TEST] War Dialling"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]