Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

CP100 call fraud question 1

Status
Not open for further replies.
MontrealSoft

MontrealSoft

Vendor
Oct 5, 2002
302
CA
Hi, a customer was frauded and I need to secure the system as the phone line provider « can’t » simply block everything starting with 01.

My question.

If I block all 01* calls for every extensions in Restrictions of his CICS, will this prevent the callpilot to transfer to 01* numbers ?

Thanks !

MontrealSoft.com
 
Sort by date Sort by votes
Most hacking is done via External Transfer or Off Premise Notify.

In the web browser go to the Mailbox/Class Of Service and disable (if they do not use):
-External Transfer
-Off premise Notify
Do not be lazy, do all classes 1-15

If they insist having one or the other enabled then put them in their own COS and have them sign off on you enabling it.

Restrict lines (not the vmails DN):
0 (or 01 if somebody still uses the operator, if they even exist still)
10
*72 <---hackers are using this a lot lately with Off Prem Notify especially on Startalk Flash
They hack the mailbox, change outdial to their mobile, get the caller id, dial back in and change the # to *72011YYXXXXXXXXXX
They then call back and leave a message in that mailbox, bionic betty then calls out to what should be a mobile but instead unknowingly (she's blonde) forwards the line oversea's.

Make sure they (or you change) all passwords, use 6 to 8 digits passwords.

I always disable the Password Expiry (set to 0) it actually does more bad then good because people are frustrated with having to change passwords then the mailbox locks up and then they just use 1234 because they forgot the old one and so on.
You can also bump up the password retries so the mailbox does not lock up, they will only try so many passwords like 1234, 1111 the DN twice etc.

See my FAQ's for more in case you need to check things like DISA:

It all boils down to passwords, the rest is precautions.
I have always said 50% of humans are stupid and using passwords like 1234 is just plain stupid.
Other lose out on special features because of this.





________________________________________
small-logo-sig.png


=----(((((((((()----=
Toronto, Canada

Add me to LinkedIN
 
Upvote 0 Downvote
To add to Curly's restriction, don't forget about *67 (caller ID block)

Marv ccna

 
Upvote 0 Downvote
Thanks for the complete answer !

Now, you say “ Restrict lines (not the vmails DN):”

Doing this what way then, via the sets line restrictions ? (Then I copy yo all sets) ?

MontrealSoft.com
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

DTGMI
  • Locked
  • Question
Call Pilot CP600R Help
Replies
1
Views
158
ramsay
ramsay
highgravity
  • Locked
  • Question
Can call center monitor call times by extension?
Replies
1
Views
137
curlycord
curlycord
Maestro21
  • Locked
  • Question
call pilot ccr tree
Replies
2
Views
184
Maestro21
Maestro21
Mountainbear
  • Locked
  • Question
Call pilot - Power supply tolerance 3
Replies
4
Views
164
Mountainbear
Mountainbear
Michael OConnor
  • Locked
  • Question
Norstar Phones and Call Pilot compatible with an Option 11?
Replies
2
Views
146
Michael OConnor
Michael OConnor

Part and Inventory Search

Sponsor

Back
Top