Wardialing is one of the oldest methods of gaining unauthorized access to the targeted systems, it is one of the dangers most commonly forgotten by network engineers and system administrators. A hacker can sneak past all the expensive firewalls and IDS and connect easily into the network. Through wardialing, an attacker searches for the devices located in the target network infrastructure that are also accessible through the telephone line.
‘Dial backup’ in routers is most frequently found in networks where redundancy is required. Dial-on-demand routing (DDR) is commonly used to establish connectivity as a backup.
As a security tester, how would you discover what telephone numbers to dial-in to the router?

A.
Run a war-dialing tool with range of phone numbers and look for CONNECT response

B.
Connect using ISP’s remote-dial in number since the company’s router has a leased line connection established with them

C.
Search the Internet for leakage of target company’s telephone number to dial-in

D.
Brute force the company’s PABX system to retrieve the range of telephone numbers to dial-in

Explanation:
Use a program like Toneloc to scan the company’s range of phone numbers.