|
|
Joined: Jun 2011
Posts: 30
Member
|
|
Member
Joined: Jun 2011
Posts: 30 |
We have a customer who's been hit with unauthorized toll charges or fraud. I believe they're getting in via voicemail, and dialing out to the 900 numbers. When this happened a few months ago, they changed all the vpn passwords, we reassigned those physical phones which were associated with the extensions that placed the calls, and changed all of the voicemail pins. But it's happening again, so I believe they must be getting in via voicemail.
900 numbers both 900*, 1900*, 91900* and 9900* are blacklisted in the CoS elements.
How can I know if they're placing the calls via hacking someone's voicemail and getting dial-tone or getting in through the vpn? The extensions that placed the calls have had registrations disabled, so it could possibly be someone spoofing (outpulsing their number) and dialing the 900 numbers.
|
|
|
Visit Atcom to get started with your new business VoIP phone system ASAP
Turn up is quick, painless, and can often be done same day.
Let us show you how to do VoIP right, resulting in crystal clear call quality and easy-to-use features that make everyone happy!
Proudly serving Canada from coast to coast.
|
|
|
|
Joined: Mar 2001
Posts: 3,869
Member
|
|
Member
Joined: Mar 2001
Posts: 3,869 |
I don't know anything about 3Com but I saw the topic.
Is it possible to change the voicemail passwords to 8 digit instead of maybe 4 that they may be breaking?
Can your carrier block those calls as the hackers are getting out of the 3Com switch?
Would someone like Adtran have a router that would prevent those calls?
Again, not a 3Com person, just throwing out grasping at straws ideas.
THE Bracha, old blond specialist in Rube Goldberg solutions.
|
|
|
|
|
Joined: Jun 2004
Posts: 1,367
Member
|
|
Member
Joined: Jun 2004
Posts: 1,367 |
Also not a 3Com person, but I know how to spell it.
Does the 3Com have any logs? You may want to set up a machine to collect SMDR (if possible) an have ALL extensions output to it (Some systems you can exclude SMDR output on an extension by extension basis)
The Spoofing brings up an interesting point.I wonder how the destination knows how to bill for the calls? I assume the phone company does it, but does the phone company truly know where the call originates. or does it xreference the BTN it recieves.
IS the VM in the same COS the other stations are in?
|
|
|
|
|
Joined: Dec 2007
Posts: 6,819 Likes: 21
Retired Admin
|
|
Retired Admin
Joined: Dec 2007
Posts: 6,819 Likes: 21 |
...again another person who only knows how to spell 3Com giving advice: I believe if you change the password to 8 digits, that you cannot change it back to 4 digits. Also Call Reports After you install NBX Call Detail Reports, you can: - Retrieve calling data from the system.
- Generate formatted reports.
- Export reports in formats suitable for use with third-party reporting software, spreadsheets, databases, and word processing applications.
- Export your call data in HTML format for publication on a web server.
- Export reports to a disk file or directly to a Microsoft mail message or a Microsoft Exchange folder.
A question: Does the 3Com have "Remote Diagnostics" activated? Is this a potential source? Again, just a rookie offering advice. Keep us updated.
|
|
|
|
|
Joined: Dec 2011
Posts: 4
Member
|
|
Member
Joined: Dec 2011
Posts: 4 |
1. Block 900 calls thru dial plan.
(even if you can do this, the fact that outbound calls from off premises can be made is a breach you need to lock down)
Direct system inward access (DISA) parameter
2. In the system configuration within NETSET, there is a check box field to prevent giving dialtone out.
|
|
|
|
|
ESI 50.
by Gary S. - 11/21/24 07:34 AM
|
|
|
|
|
|
|
Forums84
Topics94,439
Posts639,541
Members49,823
| |
Most Online5,661
May 23rd, 2018
|
|
|
|
![[Linked Image from i26.servimg.com]](http://i26.servimg.com/u/f26/14/56/80/78/logo12.png){kind=logo}
