Securing Mitel SX 200 ICP

[mikbai]

Looks like our PBX was compromised. Our provider notified us of an excessive amount of overseeas calls made, and took the liberty of disabling overseas calls for the time being until we rectify the situation.
We extended password lengths and requested users to change VM passwords.
With no knowledge as to which phone system we use, our provider suggested that we look into disabling the 'through-dialing feature' which allows off site users to make calls via the work line through the voice mail system.

I'm not 100% sure what that is or even how to disable it. How would it be disabled? And how can I even test to see if it's disabled correctly? Maybe the first question to ask is how to even see if it's possible. I dialed into my VM and did not fine any prompts to make calls over the the work phone system.

Any help would be appreciated so we can open our overseas calling again with our provider.

Thanks

 

[kwbMitel]

Form 34 is the interconnection table.

Disable 3 - 3, 3 - 4, 4 - 3 and 4 - 4.

This will prevent unsupervised trunk to trunk connections

**********************************************
What's most important is that you realise ... There is no spoon.

 

[wireman50]

wouuld it not be better to just disable trunk to trunk in VM COS?

 

[kwbMitel]

Wireman50 Better?. Preventing VM trunk to trunk conference might work but then again it might not.

**********************************************
What's most important is that you realise ... There is no spoon.

 

[mikbai]

Thanks for the replies guys. Much appreciated.

Can someone tell me how I can test it once implemented. Is there some special key when in VM to access a line to dial out? I dialed into my VM, and could not figure it out.

Thanks again.

 

[kwbMitel]

If the form 34 connections are disabled then your system will not allow trunk to trunk conferencing by any device (including VM).

Call into a phone, try to transfer to an external number and hang up. The call will disconnect.

**********************************************
What's most important is that you realise ... There is no spoon.

 

[mikbai]

Sorry kwbMitel,

Not sure what you mean by 'Call into a phone, try to transfer to an external number and hang up'. Can you clarify with specific steps? Do I call into the VM, and try to transfer to an external number? How do I transfer to an external number?

I just need to verifyt that it's blocked and not working.

Thanks

 

[kwbMitel]

Form 34 affects all devices including voicemail.

Take voicemail out of the equation for testing.

Establish a call from the outside world to a phone.

Now try and transfer the outside call to a different outside number. It should fail once the phone that is controlling the transfer hangs up.

You do not need to test using voicemail ports. The restriction is system wide.

**********************************************
What's most important is that you realise ... There is no spoon.

 

[mikbai]

Ok, thanks

I will verify that. I was more curious to see how the VM was compromised.

 

[IrwinMFletcher]

Just a thought, have you looked at any call records? Although there is a way to make calls through VM, it's also quite possible that the calls originated from within the system itself.