Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

hacking

Status
Not open for further replies.

SEastTech

Vendor
Jul 7, 2004
56
US
help if you can...
I have a BCM 50...customer called freaking out with a $4000 LD bill. I originally set up external xfr on mailboxes to go to local cell phones....I just got into a mailbox that had the ext xfr to #(link) and an 800#. I called the number and got a conferencing company...The phone bill has no referrence to this number but there are multiple calls to India, Pakastan...etc.

The customer states they would hear a short ring...then they would look at the ect 221 and Conference was on the display???Never seen that.

No remote access or DISA is enabled

The customer deleted all of the mailboxes before I got on site so I could not determine if other mailboxes were involved...

Question:

Is there any way a caller could involk a conference call within a mailbox? Any feedback would be appreciated.

I have restricted all sets and vmail ports so for now this issue is in control but I would ponder the involvement of this conference company and wonder if any techies have any feedback.

Thanks to you all!
G
 
If they get to a voice mail then yes if they can figure the correct DTMF tones they can call out remember anything on the system that can be manipulated via DTMF can be hacked if some really wants to. Others can add but some of the main things I do is:
1) Make them change passwords to mailboxes often
2) Build a Filter that restricts outside dialing and set that filter to the voice mail ports. If some one wants to external transfer out of there box then I put in an over ride for that number on the filter.
3) If you do not use 1010 codes then let your carrier know this and also build a filter restricting 1010 and assign it to all the lines in the system.

Nortel has a bulliten on Hacking and some things that they recommend to secure a system I just don't remeber the number.
 
If you want to see just how big this is then you can do an Internet search on "PHREAKING". They are sites that explain it and some that give you ideas how to better secure your system.
 
thanks for the feedback...I have built restriction filters and they are assigned to the vm ports as well as all sets/ I set up cos so everyone dialing out has to enter a code.

Thank you all!
 
Please make sure you change the programming passwords. Not only for Element Manager access, but also set programming. Believe it or not, it could also be someone internally who is getting kickbacks from phreakers. Download the LOGS files and somewhere in there you should be able to see what extensions/users are logging in to the system.

Don't leave anything to chance. Once the system is locked down, explain to the customer contact what you did. Best to restrict everything (as you did) than to leave them vulverable for attacks.

Also, make sure you do NOT allow for external call forwarding (Set Capabilities->Redirection to NO) unless the customer requests it on certain extensions.

Trust me, some companies will go after the installation company with everything they got to recoup any lost monies (especially in this day of age).

CYA (Cover Yo Ass!!).. Because nobody else will.

The company I work for makes it a practice to loack eveything down, then have the customer sign a paper releasing our company. Once thats done, the customer can start opening themselves up based upon their requests, which we document everything. Seems like a hassle, but if you are being sued for excess of $30,000 for a long distance bill because you didn't close down the system, the extra 10 minutes in programming doesn't seem so bad.


Just my two cents on this subject...



--DB
 
one quick note : make sure they do not use 1111 or 1234 as a password

I've had a site and the big boss refused to change her password and wondered why they got a $4000 bill

to err is human
to really f things up requires a computer

mike
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top