Hacking

[rbelleroseanalog]

I have an active hacking situation, how do I drop current line? Also does anyone have guide lines for securring the BCM. Currently they are getting into the mail system and getting out. I have added the numbers they are dialing in the restriction table but they have multiple numbers they are using.
Thanks.

 

[RPMcMurphy]

I would definately start by turning off enable redirect in the sets capabilities, turning off outbound transer/outcalling in the users mailbox, changing system administrator and gen deliv mbox passwords regularly, change the mbox class of service mbox expiry time.

 

[Dasheen]

Also restrict the vmail ports from making LD calls. U most likely use filter 1 for LD restriction so apply it to the vmail ports.

Also go into the vmail and go to COS and disable "enable outbound transfer" for each of the COS u use. Most likely 1 & 7.

 

[rbelleroseanalog]

I actually found the COS and dis abled the transfer function. FYI the number is 8125402800 which is not anything meaningful, does not match any country code with a real city code. But if you see this you will know they are trying to bounce from system to system. They are now dropping off as they should.
Is there an easy way to drop a line imediately via the BCM when I tried to disable the active call it said something like "close to end" but never acutally dropped the active call.
Thanks for the response everyone.