Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations wOOdy-Soft on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Hacker Problem

Status
Not open for further replies.
MattNMNB

MattNMNB

Technical User
Sep 25, 2001
7
US
We have a NEAX 200 IVS PPX with NEAXMail AD-40 voicemail system. I have been assigned to administer the system which I do through the voicemail console and through MatWorx. I admit that I am not savy about these systems but can manage the simple stuff on my own.

In the past 4 days, someone has hacked into our voicemail system (I believe through unpassword protected voice mail boxes) and set up call transfers to international phone numbers. They used 1010 dialing to access a long distance company and place the calls. As near as I can tell, they set up call transfering within the mail system. We were made aware of the intrusions by the fraud control unit of MCI and also AT&T. I have added passwords to all mailboxes and I think I have the problem somewhat under control.

As an added security, I want to implement several other measures.

1) Block all international calls
2) Block 1010 dialing (I.E. Such as 1010288 to access AT&T)
3) Block all long distance between 7pm and 6am.

Can someone please tell me how to get started with this? Also, Is there something I am missing in the voicemail system that is being exploited?

Thanks in advance for your help.

MattB
 
Sort by date Sort by votes
Is the Login to your Voice Mail System Manager "NEC" ? If so change it to $NEC Or something that you and your company can remember. "NEC" is the default System ID for AD-40. YOu can tell what make of VM system just by the prompts and VM Hackers love this. They know NEC is the System Manager ID and exploit it. $NEC will not let them key in the ID with a telephone due to the $. They will not spend time trying to crack an ID either.

Check all you mailboxes for message notification. look for unusual things like LD and Intl dial codes. Call each mailbox and listen to the greetings. If there is a greeting that is in a strange language, get rid of the box.

1) See if you have good LCR set up. On your extension change CM 1201. its probably set to 11. Change it to 33 or 55 and place some LD and International calls to see if it gets restricted, also test PIC calls 1010288 and so on.

2)If you do not want to have 1010+ calls go out then set CM 8a4005 1010 to NONE (CCC)

3) YOu would have to set up Schedules in LCR. Gets ugly if you don't know how to program it.

Post back and let me know how it goes.



 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

makuka
  • Question
SL 2100 sip trunk problem
Replies
10
Views
673
DoubleDriveLine
DoubleDriveLine
Johnny Mourani
  • Locked
  • Question
NEC UT880 Phone Problem
Replies
0
Views
391
Johnny Mourani
Johnny Mourani
Pocopelo
  • Locked
  • Question
power failure problem
Replies
10
Views
787
Pocopelo
Pocopelo
Hichamis88
  • Locked
  • Question
Sl2100 inmail problem
Replies
4
Views
550
Hichamis88
Hichamis88
M
  • Locked
  • Question
Problem of hanging up calls in Panasonic kx-tde600
Replies
1
Views
408
OzzieGeorge
OzzieGeorge

Part and Inventory Search

Sponsor

Back
Top