BCM got Hacked

[nsanto17]

We had our BCM 400 3.7 up and running for over a year. All of sudden the LEDs would start flashing indicating a bad BFT or bad Harddrive. The phone guys came and checked the BFT and checked the harddrives. They were able to determine that neither of them were the cause. They decided to give me a new BCM and restored from a backup from a month ago. Everything worked fine for a day. Then they noticed some errors in the log pointing to the DTM card. They came in today to replace and while on the phone with nortel they found that someone or something had deleted files on the BCM. Below are cuts from the log file. Can anyone tell me if its possiable for someone to hack into the BCM and screw me up this badly... If so is there a way i could avoid it? Maybe by configuring the Firewall?


Log file Starts Here----
[Mon Mar 06 10:40:06 2006] [error] [client 10.10.10.2] (2)No such file or directory: script not found or unable to stat: f:/program files/nortel networks/voice platform/cgi-bin/upgprep.exe
[Mon Mar 06 11:57:01 2006] [error] [client 10.10.10.2] File does not exist: f:/program files/nortel networks/unified manager/java/pics/mgt/7.gif
[Mon Mar 06 11:57:01 2006] [error] [client 10.10.10.2] File does not exist: f:/program files/nortel networks/unified manager/java/pics/mgt/7.gif
[Mon Mar 06 11:57:01 2006] [error] [client 10.10.10.2] File does not exist: f:/program files/nortel networks/unified manager/java/pics/mgt/collapsed.gif
[Mon Mar 06 11:57:01 2006] [error] [client 10.10.10.2] File does not exist: f:/program files/nortel networks/unified manager/java/pics/mgt/collapsed.gif
[Mon Mar 06 11:57:01 2006] [error] [client 10.10.10.2] File does not exist: f:/program files/nortel networks/unified manager/java/pics/mgt/expanded.gif
[Mon Mar 06 11:57:01 2006] [error] [client 10.10.10.2] File does not exist: f:/program files/nortel networks/unified manager/java/pics/mgt/expanded.gif
[Mon Mar 06 11:57:07 2006] [error] [client 10.10.10.2] File does not exist: f:/program files/nortel networks/unified manager/java/jclass/bwt/resources/LocaleInfo_en_US.class
[Mon Mar 06 11:57:07 2006] [error] [client 10.10.10.2] File does not exist: f:/program files/nortel networks/unified manager/java/jclass/bwt/resources/LocaleInfo_en_US.class
[Mon Mar 06 11:57:07 2006] [error] [client 10.10.10.2] File does not exist: f:/program files/nortel networks/unified manager/java/jclass/bwt/resources/LocaleInfo_en_US.properties
[Mon Mar 06 11:57:07 2006] [error] [client 10.10.10.2] File does not exist: f:/program files/nortel networks/unified manager/java/jclass/field/resources/LocaleInfo_en_US.class
[Mon Mar 06 11:57:07 2006] [error] [client 10.10.10.2] File does not exist: f:/program files/nortel networks/unified manager/java/jclass/field/resources/LocaleInfo_en_US.class
[Mon Mar 06 11:57:07 2006] [error] [client 10.10.10.2] File does not exist: f:/program files/nortel networks/unified manager/java/jclass/field/resources/LocaleInfo_en_US.properties

 

[acewarlock]

More then likley when restored the Backuip to that BCM, they also loaded whatever problem you had on the 1st BCM to the 2nd BCM. Whenever I can't figure out what is wrong with a BCM, I program from the start and don't use the backup copy.

 

[nsanto17]

That is the next step according to them...

 

[MagnaRGP]

I would guess that they restored more than just Voice Apps and Telephony.

I would suggest imaging that new BCM's drive and ONLY restore voice apps. Be sure to apply all of the patches that pre-existed at the time the backup was taken. Telephony will survive the reimage process intact.

 

[DigitelD]

This may or may not be relevant but I had a BCM 3.6 that we applied an update to. It was stuck at 45%. Nortel said that it did take and everything should be OK. I went back later to do a backup and after the backup the Voice Mail would never come back up. Come to find out the Voice Mail had been completely deleted from the hard drive. Why and how that happened no one knows.

SHK Certified (School of Hard Knocks)