Penetration Testing mailing list archives

Re: DID Range Enumeration

From: Chris Reining <creining () securepipe com>
Date: Thu, 9 May 2002 15:59:25 -0500 (CDT)

I am not aware of any public resource that would provide you with this
information, CMIIW. It would make sense to do fingerprinting of their
phone ranges starting with a known number. Call every +/- 25th phone
number from the original and see who answers. This way you should be able
to discover where their block starts and ends. This poses a problem if 
they have multiple blocks assigned, but google should be able to reveal 
phone numbers associated with them.

HTH

On Tue, 7 May 2002, John Smith wrote:

 : I apologize if this is a double post, but my
 : connection was cut when I tried to send the first
 : time.
 : 
 : Does anyone know of a method to identify the DID
 : ranges assigned to a company?  As part of a blind
 : pen-test I have been asked to complete a war dial, but
 : the company does not want to give me the ranges.
 : 
 : I would greatly appreciate any help.
 : 
 : Thanx


----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

Current thread:

DID Range Enumeration John Smith (May 09)
- Re: DID Range Enumeration Akatosh (May 09)
- Re: DID Range Enumeration Chris Reining (May 09)
- Re: DID Range Enumeration Secure Green (May 10)
- <Possible follow-ups>
- Re: DID Range Enumeration BParis (May 10)