Toll Fraud

[tipple]

Hey Guys
We haven’t experienced any toll fraud “yet” but a customer recently asked “Is our phone system secure?” A very good question I thought but one I’m not really qualified to answer.
Most of our customers have IP500’s with embedded Voicemail. A couple with Voicemail Pro.

After much searching on the web I’m still not really sure how these undesirables go about their business.
It looks like the IP Office is secure by default which is very reassuring but depending on how it is setup can change everything.

Putting aside actually getting control of the IP Office switch, it sounds like the most common method of achieving their goal is to exploit a poorly designed Auto Attendant.
Ie One were the caller can somehow break out of the attendant and somehow get dial tone....?

Are there any examples or users guides for securing an IP Office...? Auto Attendant configurations to avoid etc...?
Any advice would be most welcome.

Cheers
Mike

 

[DBrewsky]

I guess my best suggestion is to try to hack it.. Since you installed it you should know more than any hacker about voicemail passwords, etc.. Use that knowledge and see if you can do any damage.

I know as a Norstar/BCM tech I have seen many systems get "phreaked". They would normally use a generic password in voicemail to access the users voicemail box then setup remote transfer to allow them access to international calling. When I come across a system that has been hacked I will restrict 011 (international), 1010 (the old 1010+ to allow calls across another long distance provider) and most recently I have seen access to POTS lines where they actually use *82 (block caller-ID) which will give them dial tone and they can bypass the 011 and 1010 dialing.

You're the best person to test the possibility of fraud for your customer. Do a bit of research. Google "phreaking" and "IP Office" to see what other people know about the system. With this information you can come up with a solution that will almost guarantee your customer is safe.

Remember, if someone has the ability to access trunks from a remote number, then you're not secure!!

--DB

http://support.csctech.us

Remote Support Specialist

 

[amriddle01]

Indeed, but out the box on a default configuration the IP Office is secure against toll fraud, so unless you have created some programming to allow access to trunks externally etc then they will be ok

ACSS (SME)
APSS (SME)

http://www.ipoffice.tel

 

[hairlessupportmonkey]

as well as VM, unless you actually create unsecured methods to dial off switch, then it too will not allow you to do so - unlike a splicecom where the the VXML will actually let you dial off switch (out of the box) unless you create its own dial plan to prevent that.

 

[kkkites]

no1 i would say change all the default ip office passwords
Administrator,customer,mamanger ones, even security one.

no2 make sure you dont have features like DISA or dial off site or trk to trk transfer via voicemail or AA.(voicemail and AA are normally the loop holes)

no3 delete the remote manager user completely and create a new one.

no4 program your ip office so only your isdn can dial in for remote programming.

 

[IPGuru]

if you need a dial extn number option on your auto attendant make sure it can only dial valid extn. numbers.


example extns are 3 digits 201 -299

In your menu action use 2?? not ??? (never use a leading ?)

In the UK callers could still be able to break out to local numbers so also add the following system short code

Sc: 2XX
tn:
Feature: Busy

the error log will warn about possible number clashes, Just ignore it.

Also be careful if your VM is configured with a "Play Configuration Menu" action as this can allow changing of divert destinations.

 

[tipple]

Thanks guys for all the advice.
Have been wading deeper and deeper into the dark realms of telephone fraud.
There is soooo much to read it’s rather daunting.
I guess I’ll get my head around it eventually. Setting up a system to work for the customer is one thing. Figuring out how to hack in to it is a whole new ball game.
All I can conclude so far is that telephone fraudsters must be very clever people...

I am surprised that Avaya don’t publish any articles on traps to avoid when configuring their systems. Or any security articles for that matter.
(They probably do, I just haven’t found them yet – grin)

Cheers
Mike

 

[TomMills]

They arent needed. as others have posted, the system is secure, unless you program it not to be, in which case you will know how you have opened it up to fraud and take steps to protect it.

http://www.twitter.com/tem1985

ACSS-SME
fo shizzle ma nizzle.

 

[hairlessupportmonkey]

Found this:

Preventing toll fraud
"Toll fraud" is the unauthorized use of your telecommunications system by an
unauthorized party (for example, a person who is not a corporate employee,
agent, subcontractor, or is not working on your company's behalf). Be aware
that there can be a risk of toll fraud associated with your system and that, if
toll fraud occurs, it can result in substantial additional charges for your
telecommunications services.
Avaya fraud intervention
If you suspect that you are being victimized by toll fraud and you need
technical assistance or support, call Technical Service Center Toll Fraud
Intervention Hotline at +1-800-643-2353 for the United States and Canada.
For additional support telephone numbers, see the Avaya Support Web site:

http://support.avaya.com

Suspected security vulnerabilities with Avaya products should be reported to
Avaya by sending mail to: securityalerts@avaya.com.

in this

http://support.avaya.com/css/P8/documents/100073460