Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Unauthorized outgoing long distance 1

Status
Not open for further replies.
desphoneguy

desphoneguy

Vendor
Sep 29, 2005
135
CA
I have a customer with a BCM400 that is experiencing unauthorized international long distance calls.

I ensured Outdialing and notification were not active in the voicemail class of service.

When I download CDR it only shows outgoing calls from the extensions which are in the Application Section of the SETS.

Any ideas how the calls are being made?
 
Sort by date Sort by votes
Is the BCM connected onto the Internet?. If so then unplug it now!. Then check the firewall to see if any ports are forwarded onto the BCM system. Very recently (In the past two days), we have discovered a problem whereby hackers have got in via port 443 and used the Mailbox Manager tool.

There will soon be an updated FAQ on this.

Also get all the mailbox accounts to have their passwords reset and remove any that aren't in use any more.

Check that DISA isn't in use.


Firebird Scrambler
Nortel Meridian 1 / Succession and BCM / Norstar Programmer in the UK
Advance knowledge on BCM support
 
Upvote 0 Downvote
Thanks for the path to find this.

What do you mean by Mailbox Manager?
 
Upvote 0 Downvote
Also, FYI I do not see any incoming calls CDR only outgoing calls.
 
Upvote 0 Downvote
Toll Fraud FAQ has now been updated:

Mailbox Manager is what users use to admin their own mailbox instead of using the phone:
You might have been hacked the good ol fashion way (most common) by hackers dialing into the mailbox via AA at night and the users had a weak password like 1234 then the hacker changed the outdial number.

Activity Reporter only records last 4 days, it is in and out
Callpilot Mailbox reporting will record up to 7 days, in there you can see the out dial number if programmed.








________________________________________
We take the time to try to answer your questions for free, please return the favor and take the time to answer back and include any resolution you found elsewhere, thanks.

=----(((((((((()----=

small-logo-sig.png

Toronto Canada
 
Upvote 0 Downvote
I restricted the outdial access in class of service lets say on Monday and the CDR showed LD on Tuesday.

Again the CDR only shows outgoing calls it does not show incoming calls being routing out wards.
 
Upvote 0 Downvote
Has your BCM system got any SIP trunks or any IP sets that are remote (or even on site!).

Have you used the BCM Monitor tool and leave it running and watch for any incoming and outgoing activity.

I also used a tool found on my release 6.0 BCM called the CDR Live Client. I leave this running on my computer and it records all CDR activity.


Firebird Scrambler
Nortel Meridian 1 / Succession and BCM / Norstar Programmer in the UK
Advance knowledge on BCM support
 
Upvote 0 Downvote
What time of day are the calls being made? Could it be a cleaning crew at night dialing out?
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

pabx1121
  • Locked
  • Question
Sip trunk outgoing route
Replies
3
Views
109
curlycord
curlycord
trmg
  • Locked
  • Question
BCM50 - Outgoing Line Order /w Analog Trunk Pool
Replies
5
Views
56
curlycord
curlycord
cndr99
  • Locked
  • Question
BCM R3.7 VOIP Line - Outgoing Set-up
Replies
9
Views
72
cndr99
cndr99
Jared R
  • Locked
  • Question
Dial 9 for outgoing line 1
Replies
8
Views
65
curlycord
curlycord
NorrinRadd1
  • Locked
  • Question
BCM50 R6.0 Outgoing SIP trunks dropping after 18 sec.
Replies
12
Views
91
NorrinRadd1
NorrinRadd1

Part and Inventory Search

Sponsor

Back
Top