Since Avaya dropped our Def G1 switch, we dropped their $12K/yr maint and went with UAC in Tenn. They are using the same ext for monitoring switch as INADS used. After a recent service call that brought Avaya on site through the UAC contract, I noticed entries in LIST HIST where craft, inads, and init pswds were all chged by INADS. Since they dropped us first, it boils me that they keep meddling with my system. Any way to keep INADS out? I administer the system but only have a cust super-user login.
Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
INADS still messing after maint vendor change 5
- Thread starter Defey
- Start date
- Thread starter
- #4
-
2
- #5
Your records are probably not updated as having dropped maintenance. Only switches with maintenance have their passwords changed on a regular basis. Call the customer care center and have them look into it. If you're not paying them, they don't want to mess with your switch.
-
2
- #6
If you're really worried about 'unauthorized' access to your switch, pull out the INADS and get a new one from your provider. You may also want to check the NETCONS hunt-group, if there is one... and change the extension of the hunt-group.
By the way, it is really worth the money to pay AVAYA to give you the password for craft or another service login, since you may need the maintenance commands in the future.
Any help needed? Please let me know.
Kind Regards,
Maarten Copini
-Please let fellow members know if their post was of any help-
By the way, it is really worth the money to pay AVAYA to give you the password for craft or another service login, since you may need the maintenance commands in the future.
Any help needed? Please let me know.
Kind Regards,
Maarten Copini
-Please let fellow members know if their post was of any help-
-
1
- #7
You may also want to check where your alarms call out to. If your vendor hasn't changed the call-out number, it will dial the 800 number that Avaya uses for monitoring switches under their control (in the US at least).
Try 'disp syst maint' and check out the OSS Numbers.
They can get your ANI information from that call, even if you have changed your INADS number. I don't know that they do this, but I suspect that they do.
pansophic
Try 'disp syst maint' and check out the OSS Numbers.
They can get your ANI information from that call, even if you have changed your INADS number. I don't know that they do this, but I suspect that they do.
pansophic
I have to agree w/Jaymzter
You may also want to check with your vendor on this issue. Avaya can issue them a super user acccount. Which costs nothing depending on their status (I think). Either way, they then can correct the changes Avaya has been making.
You may also want to check with your vendor on this issue. Avaya can issue them a super user acccount. Which costs nothing depending on their status (I think). Either way, they then can correct the changes Avaya has been making.
Avaya always logs in with "init". I think you see these entries because they loged in when they came on site.
The only way to have control on who loggs in to your system is to connect the system's modem to an analog port and administer an analog extension for that port.
So if someone wants to connect, they would have to call the attendant and (after they identify themselves as your vendor) ask to be transfered to the modem's extension.
We support more than 750 Definity systems and most of them are protected like this. Disadvantage: noone can connect if there is nobody to pick up the call!!!!
Tell me if you need additional info on how to do this.
Petros Ntellis
ntp@altec.gr
The only way to have control on who loggs in to your system is to connect the system's modem to an analog port and administer an analog extension for that port.
So if someone wants to connect, they would have to call the attendant and (after they identify themselves as your vendor) ask to be transfered to the modem's extension.
We support more than 750 Definity systems and most of them are protected like this. Disadvantage: noone can connect if there is nobody to pick up the call!!!!
Tell me if you need additional info on how to do this.
Petros Ntellis
ntp@altec.gr
You are far better off using some form of secondary authentication device, like Teltronic's SEB ( or ION Networks' Secure series ( To protect your dial in modems. That way, you can still put them on a PSTN line, but have much greater confidence that the modems will not be compromised.
Personally, I like the two part (something you have and something you know) authentication of the ION Networks box, but it can be expensive for a small operation. It can also be used for network logins, using the same two-part authentication.
Another benifit to using a PSTN line for maintenance is that you can still dial in, even when the PBX has stopped routing calls. It is an extremely rare occurrance, but does happen. And it is so much nicer to be able to get the customer back in business faster than you could even get someone there.
pansophic
Personally, I like the two part (something you have and something you know) authentication of the ION Networks box, but it can be expensive for a small operation. It can also be used for network logins, using the same two-part authentication.
Another benifit to using a PSTN line for maintenance is that you can still dial in, even when the PBX has stopped routing calls. It is an extremely rare occurrance, but does happen. And it is so much nicer to be able to get the customer back in business faster than you could even get someone there.
pansophic
- Status
Similar threads
- Question