Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

System Compromised

Status
Not open for further replies.

dbeaty

Technical User
Dec 14, 2010
7
We received a message from our telephone provider indicating our BCM system CalPilot had been compromised and calls were being placed to about 2-3 dozen countries around the world.

I discovered a couple of Class of Service selections and two outbound transfers were activated on sets for people to transfer incoming calls to cellphones. Also, message notification was active.

How would someone do this? And would turning off ALL outbound transfer options correct the problem? Our BCM is not connected to a WAN. Nor is it's router being used.

The provider has blocked all outbound international calling.
 
People are lazy, need passwords more complex and implement in class of service to wear you need to change password every 30 days, disable out bound transfer in class of service also, when employee leaves delete mailbox. Call your provider and change the numbers of PSTN to a minimal amount, dial tone using flash on outbound transfer, usually they will give you 30 PSTN,s as default, that means 30 calls transfered by that mailbox and each time the line becomes available since the provider has done the transfer. They will make the changes after closing hours and reprogram the old number before the business opens.
 
I did turn off Outbound Transfer in class of service. No need for it. I will change the password to every 30 days. I think people just change it back and forth 0000, 1111,. Not to hard to quess.

Is there a section of logs that would show me what they were doing. I think it was in the mailbox outbound transfer.

Then again, we are a small company. 5 employees, how they found out VM system..sheesh. Do they troll all exchanges looking for companies? Then sell the numbers..there were literally 20-30 countries being called. But the calls were all less than 1 minute. At least the spreadsheet from Century Link showed that. All on one line.
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top