atcomsystems.ca/forum Forums TDM Business Telephone Systems NEC Telephones & Systems hackers on system SV8100

Hi folks
I'm new on the forum, some great topics that have help so I signed up.

I'm fairly new with SV8100 system and well I'm the phone guy at work.

just recently our provider explained we got hacked (most likely thought remote VM), because of this I've disabled access to remote VM in our dialing tables until I setup a pass for all VM's.

I just want to know if anyone can tell me if I should be looking at other things in our system to ensure hacker prevention to access our system to make ANY calls period.

few things to consider.
How was your system hacked? is it web accessible from the outside world? Have you changed the password....to include the well known MF password?

Have you disabeled ALL unused mailboxes?
Do you have good passwords for all used mailboxes and stronger passwords for admin mailboxes?

Do you have Voicemail notification? If not, prevent trunk access; if so, make approriate Toll restrictions on the VM group.


You may also want to contact your vendor and ask why this happened. Se if they will get in and set this up for you. 1 hour remote (if you have all of the your ducks in a row) charge sure coudl be cheaper than getting hacked again.

Also toll bar your voicemail ports for local service access only..

thanks guys for the replies
This was hacked through VM that were not password is what was suspected. I don't know of any reporting with WebPro which I think you need added software that costs a gazillion dollars for reporting that could help identify this if I'm correct.
Accessible from the outside world = yes but not everyone knows this pass but I will change to make sure.
disabled on msgeboxes yesterday that I could find.

Vendor could only see outside the system and only knows our DID number so they can`t get into more details then that apparently.

I will look at toll restriction for VM`s and see about toll bar VM for service access only.

I`m told I can`t force a password with webpro for VM`s, I have to do this individually which sucks. I`m also told I can`t force users to change pass immediately on first log on like windows which I think sucks too. Let me know if any of you know where I can apply the change pass to VM after 30day rule would be in the system if that`s possible and save me time...

thanks again for the help!

Guy

If they have or you ever setup the UM8000 voice mail you automatically have default pass code which can be change by the installer before going online. Also when you setup the template for the mailboxes check first time enrollment, this will for the users to change their security code.

InMail does not have these options

Im curious @ Work. I have had this happen to me at 3 separate accounts of mine.After the hacking happened when you logged into the system was the modification history still there?
All three of my customers had the find me follow me turned on and the international telephone numbers were programmed as one of the entries. At one customer site I was able to find one entry the hackers missed deleting. Also every one of my customer hacks the modification history was gone, nothing was there. That means they hacked in thru the remote,I changed all the user names and passwords but its not going to do any good if they know the manufacturer UN and password.

This thread is from 2012.

Hey Coral Tech ,
Am I red in the face or what,? well as usual Im late to the game. My question still stands. : )

Apples and oranges. On an 8100 you have to set passwords on all mailboxes or they will find a mailbox to do this. Unless they have access through the network. There are MUCH batter ways to do this that a mailbox. Even so make sure it's not accessible thru teh network and change the MF password.