New? Call fraud with enhanced dialing? 5

[gutwrench]

I have a customer that is having thier system hacked. I checked for rougue and unsecured mailboxes. There are no boxes with outdial enabled. How are the calls getting out??? And how can I make them stop?
Thanks

 

[Roldan]

what voicemail system are you using, Flash, NAM or CP?

Louie Roldan

http://www.4vertex.com

 

[senk1s]

do you have an smdr? that'll show where the call is starting

 

[phoneguy427]

Did you check both mbox's (102 and 100), admin and general delivery?

 

[gutwrench]

hello all. thank you for your responses. Okay, Roldan, the V Mail is a NAM. What difference does it make? senk1s, I don't have an SMDR on the system. I'll try to find one to loan the customer. phoneguy427, yes, I checked 100 and 102. None of the boxes on the system have outdial allowed.

Is there a way other than through the NAM to automaticly redirect the call?

 

[hawks]

Build a filter restricting all numbers and assign it to the NAM DN. If you use any remote notification then you can do an over ride for those numbers. Then build another Filter blocking (1010) if you don't use pick codes and assign that filter to the Lines. I would also let my carrier know that I do not use 1010 codes. As to how they do it well that's another story one thing you have to remember is that Voice Mail is nothing more than a phone setting on the system so with the right DTMF you can place calls anywhere a normal caller could call. If you want some reading material just do a search on the internet with "PHEAKER". Good luck and let us know how it turns out.

 

[DTone]

Not only restrict all numbers also restrict star any and pound any.

 

[gutwrench]

Thanks hawks and DTone. I have alreday built restriction filters for 0, 0 any, 10, 10 any, 011, 011 any and assigned them to all system sets including the voice mail ports. I will try adding star any and puond any and do that search.

Again, thank you all for your suggestions.

 

[gutwrench]

hawks, can you point my in a more specific direction with that search? "PHEAKER" didn't really get me very far.

 

[TRONIC1]

I think that was a typo. The word hawks was talking about is "PHREAKER".

"Hope for the best, plan for the worst

 

[hawks]

Thanks tronic my head seems to go faster than my fingers.

 

[gutwrench]

Okay, I saw "phreaker" too while serching. I'll do some more digging. Thanks everyone for you suggestions. I will follow up after I get out to the customer prem to implement all of your ideas. Thanks again.

 

[gutwrench]

Hey everybody, today's question is... Is there a way to assign set restriction to B2 DNs? They are voice mail channels, aren't they?

So far I have successfully assigned a filter which restricts every dialpad charachter, removed all line access and allow redirect from the B1 Voice Mail DNs. As I see it, that's only half. Any possibility the B2 DNs pick up the programming perameters from the B1s?

Thanks for reading.

 

[gutwrench]

Also, what about that enhanced dialing thing? Any body know anthing about that? It was mentioned to the customer by a carrier representative, so the sourse is suspect but I thought it worth a mention/ask...

THanks again.

 

[PERRYPJ]

no you can't assign to b2 dn, i beieve that it follows the b1. never heard of enhanced dialing in a norstar

OLD ROLMEN WORKING ON NORTELS

 

[Roldan]

If you have a NAM with a NIC in it, why don't you log onto the NAM with a PC and you can check all mailboxes and their outdialing properties. I've done this for a customer and we located the exact mailbox that was being used and the number that was being dialed. That's why I asked the question I did.

Louie Roldan

http://www.4vertex.com

 

[gutwrench]

Thanks PERRYPJ and Roldan for your posts.

Since the VM is a NAM, I connected a printer and pullled a mailbox report and found no boxes that had outdial enabled. I would have used the Call Pilot Manager if it were a Call Pilot. Thank you Roldan. I have previous experience with call fraud and usually, pulling the MBox report identifies the unsecured MBox. In this case, the MBox outdial doesn't appear to be the security hole...

I built a dialing filter that restricts ALL 12 dialpad DTMFs and assigned it to all the VMDNs -hence the B1/B2 question. Thank you Hawks and Perry. I also ended up editing the class of service to disable outdial capability completely, I hope, that is...

Just an observation, every customer I have had with call fraud has a PRI. It never happens on analog and if memory serves, not on T1 either. Any thoughts on that other than the probability of a group af Phreakers having access to a carrier's records of who's got what kind of dial tone..?

 

[hawks]

Any system that has access to Voice Mail has the potential of being Phreaked. You've just been lucky with the others so far but I would take steps to secure them also. Did you also let Telco know that you do not use pick codes?

 

[gutwrench]

Hawks,
Thanks and yes, telco is aware and blocking international and pick codes. With this customer, they do quite a lot of international dialing and that telco bandaid will have to be removed eventually once the system is locked down.

 

[hawks]

No problem I found out the hardway also. I got hit on an Option 61C with mermail back in 1995 for the tune of 25k over 1 weekend.