Re: DID Range Enumeration

From: Secure Green (sec_green@yahoo.com)
Date: Thu May 09 2002 - 17:32:09 EDT

• Next message: Jason: "Determining Trojans, File & Print Sharing, Services running remotely on W2K"
• Previous message: Chris Reining: "Re: DID Range Enumeration"
• In reply to: John Smith: "DID Range Enumeration"
• Next in thread: BParis@sorrentolactalis.com: "Re: DID Range Enumeration"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Depends how blind it needs to be...

Option 1. Call several different people at the company during lunch, and
leaving messages requesting that they call you back at a number which has
caller ID. Make sure you have a believable pitch to give them, otherwise
they may suspect you and warn others not to call the number. Do this over
several days, and you should get a good sampling of the different voice
lines that they have. This may or may not provide any good information on
what their data lines are (contrary to some other posts, the numbers are
often not consecutive, especially when the data lines are added at a
different time than the data lines were set up).

Option 2. Dumpster diving (long shot.. It'd be real dumb for them to put
the phone bill in the garbage unshredded.)

Option 3. Mail scoop, i.e. pick up the phone bill out of the mailbox (get
explicit permission if you're going to try this! tampering with the mail is
a federal offense!!).

Option 4. Call their facilities manager, and tell them that your company
(SomeMadeUpName Telco) is offering a guaranteed 33% savings on local phone
service, all they have to do is send you a copy of a recent phone bill, and
you'll send them a price quote!

Best of luck, remember, the people are the weakest link!

--SG

----- Original Message -----
From: "John Smith" <netguardianrz@yahoo.com>
To: <pen-test@securityfocus.com>
Sent: Tuesday, May 07, 2002 5:09 PM
Subject: DID Range Enumeration

> I apologize if this is a double post, but my
> connection was cut when I tried to send the first
> time.
>
> Does anyone know of a method to identify the DID
> ranges assigned to a company? As part of a blind
> pen-test I have been asked to complete a war dial, but
> the company does not want to give me the ranges.
>
> I would greatly appreciate any help.
>
> Thanx
>
>
> __________________________________________________
> Do You Yahoo!?
> Yahoo! Health - your guide to health and wellness
> http://health.yahoo.com
>
> --------------------------------------------------------------------------

--
> This list is provided by the SecurityFocus Security Intelligence Alert
(SIA)
> Service. For more information on SecurityFocus' SIA service which
> automatically alerts you to the latest security vulnerabilities please
see:
> https://alerts.securityfocus.com/
----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

• Next message: Jason: "Determining Trojans, File & Print Sharing, Services running remotely on W2K"
• Previous message: Chris Reining: "Re: DID Range Enumeration"
• In reply to: John Smith: "DID Range Enumeration"
• Next in thread: BParis@sorrentolactalis.com: "Re: DID Range Enumeration"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:20 EDT