Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Callpilot hacking 2

Status
Not open for further replies.

bossman57

IS-IT--Management
Feb 10, 2010
37
US
How can I check my callpilot to see if someone is hacking in and making phone calls through my PMX?
 
Call your phone company and see if a lot of overseas call are being made.
Plus need to know what call pilot you have.
 
We have AT&T fraud protect and they were the ones that notified us. We checked call records and looks like the fraudulent calls we going out thru ectentions accociated with our callpilot. Callpilot 4.0.
 
Hacker Monitor is a system wide option everyone gets monitored. Then use Event Browser to see who is thru dialing. We have all selected on our CP, we don't want to be discriminating.

Monitoring options
You can monitor
• all CLIDs for suspicious behavior, or you can specify certain CLIDs to be monitored
• logon or thru-dial attempts
• for the entire day, or for a specified time period

To monitor CLIDs
Step Action
1 On the CallPilot Manager toolbar, select Messaging > Security Administration.
2 Under the CLIDs section, click the checkbox Monitor CLIDs for All Mailbox Logins and all Thru-Dials on the System. Result: The Add and Delete buttons are enabled.
3 Select the times when you would like the Hacker Monitor active
4 Enter the phone number (DN) you would like to monitor in the Internal or External box and click Add.
5 Click Save.
Result: The entered DN is now activated and will be monitored.

 
If you already have the hacker monitor turned on use event browser to see who's dialing in and using your CP to dial out. If hacker monitor is not turned on I believe you will only be able to monitor for future abuses.
 
Do you need anything or anyone dialing international through CP. If not change your TGAR/NCOS to a value that does not permit Intl dialing on all your CP ports.
 
Be sure to verify your RPL's are not allowed for 0, 01, or 011, or any other digit that can get to your trunks or routes. Change your password in the admin mailbox and Call Pilot Manager. Make sure there are not any other admin's in any mailbox. Check for an internal extension forwarded to "9" or a trunk access code. Start looking!

DocVic
Dedicated to Nortel Products till the end.
Need help? Call Me Now!
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top