web statisticsweb stats Business Phone Systems Tech Talk Forum - VOIP & Cloud Phone Help

Business Phone Systems

Previous Thread
Next Thread
Print Thread
Rate Thread
Page 1 of 2 1 2
Joined: May 2004
Posts: 324
Member
OP Offline
Member
Joined: May 2004
Posts: 324
hi all hope you can help with this!! i have a customer who was contacted by Eircom(our only service provider)in ireland.they informed him that he (or his phone system)had made 7000 euro of calls to a primary rate number over the weekend.the customer site is equiped with the following..

1. panasonic KX-TDA100
2. panasonic KX-TVM50

lines : PRI30

vm setup=
1. system password = 6 digit for user,manager,& installer.
2. Ext mailboxes = no password.
3. All mailbox COS = 1
4. all mailboxes including 998 & 999 remote forward to co Disable.
5. all mailboxes including 998 & 999 transfere to co Disable.
Ringing...no auto attendent setup just mailbox on ext 201 for messages at night.
outgoing ports (normaly set 1-6)i have deleted the entry (1-6)
co access digit(normaly -(9T) i have inserted(0T)
finaly
all mailboxes including 998-999 menu Disabled.

TDA Setup is as following.
1. system password 6 digit all 3 levels
2. ext password(pin) = none
3. reception COS = 1
4. all Other extention COS = 3 (including unused ports)
5. vm port 16 COS 3
6. TRS for COS 3 = 15 (no handset can dial 15)(execpt ext 201) the number dialed = 1550-***-***
7. DDI for remote Programing = none

but it gets better i logged into the system with call logging hyperterm and logged calls during the lunch hour system says no calls made by ext265(vm port) provider says 10 calls made.
here is the log.
Number Ring Duration Acc code CD

--------------------------------------------------------------------------------

28/05/07 10:04AM 208 02 6618145 00:00'43

28/05/07 10:14AM 207 02 0868337114 00:00'34

28/05/07 10:17AM 204 04 0872551841 00:00'26

28/05/07 10:19AM 205 02 8125515 00:03'29

28/05/07 10:22AM 204 04 6399656 00:00

28/05/07 10:24AM 204 01 0862579549 00:00'15

28/05/07 10:39AM 206 05 2760512 00:00'03

28/05/07 10:42AM 206 04 2760373 00:03'28

28/05/07 10:43AM 206 04 0866010708 00:00'33

28/05/07 10:49AM 205 02 0906480600 00:03'52

28/05/07 10:50AM 206 05 4973255 00:02'47

28/05/07 10:50AM 207 04 4945522 00:00'01

28/05/07 11:05AM 209 01 0862521007

28/05/07 11:24AM 205 01 6760251 00:00'59

28/05/07 11:26AM 209 02 8678650 00:00'53

28/05/07 11:27AM 206 05 04782136 00:00'02

28/05/07 11:28AM 206 04 04782417 00:00'04

28/05/07 11:28AM 205 01 6623255 00:00'44

28/05/07 11:29AM 206 04 0866010708 00:00'37

28/05/07 11:30AM 205 03 6185500 00:00'35

28/05/07 11:30AM 206 06 0866010708

28/05/07 11:35AM 206 02 04782417 00:06'07

28/05/07 11:42AM 206 05 0861713981 00:04'11

28/05/07 11:46AM 205 01 2674000 00:00'05

28/05/07 11:47AM 209 02 6044665 00:08'12

28/05/07 11:48AM 205 01 0868127095 00:01'22

28/05/07 11:51AM 205 01 0863880746 00:01'52

28/05/07 11:52AM 206 05 0872945522 00:06'11

28/05/07 11:54AM 208 02 4068155

28/05/07 12:00PM 206 04 4973255 00:03'31

28/05/07 12:07PM 206 03 0879212886 00:01'23

28/05/07 12:09PM 206 04 04782417 00:00'27

28/05/07 12:10PM 206 03 04756219 00:00'42

28/05/07 12:14PM 101 30 2830329 00:01'27

28/05/07 12:21PM 206 05 6115100 00:02'03

28/05/07 12:38PM 205 01 0872987519 00:00'02

28/05/07 12:52PM 208 02 0863793526

28/05/07 12:52PM 205 02 0872987519 00:00'02

28/05/07 12:56PM 207 03 4604260 00:01'51

28/05/07 01:04PM 205 02 0872513873 00:00'03

28/05/07 01:05PM 205 02 0872987519 00:00'02

28/05/07 01:06PM 206 04 0866010708 00:00'33

28/05/07 01:07PM 206 03 0906480600 00:00'09

2828/05/07 01:16PM 206 06 0878306101 00:00'28

28/05/07 01:22PM 209 01 8678650 00:01'06

28/05/07 02:12PM 206 05 4951111 00:01'26

28/05/07 02:25PM 206 03 0863855735 00:00'33

28/05/07 02:28PM 206 05 4903511 00:00'54

28/05/07 02:30PM 209 01 0879783143 00:01'35

28/05/07 02:34PM 206 01 0906480600 00:01'16

28/05/07 02:37PM 206 03 0861713981 00:02'20

28/05/07 02:37PM 204 03 0861713981- 00:00'15


Date Time Ext CO Dial Number Ring Duration Acc code CD

--------------------------------------------------------------------------------

28/05/07 02:37PM MN ALM #510 10000 SMDR disconnect

--------------------------------------------------------------------------------

28/05/07 02:37PM MN ALM #510 10000 SMDR disconnect

i have also checked the vm log it also says no transfers to co at any stage. so its a good one this time have i forgoton to do something here our panasonic supplier told me it is possible to program an Extention on the system by entring through th vm but couldnt tell me how.!!so my question is this with the above settings is it possible to get calls through the system to dial a 1550 number without seeing it on the call log of the system.Or is this more likely to be a supplier error.

peter.

Atcom VoIP Phones
VoIP Demo

Best VoIP Phones Canada


Visit Atcom to get started with your new business VoIP phone system ASAP
Turn up is quick, painless, and can often be done same day.
Let us show you how to do VoIP right, resulting in crystal clear call quality and easy-to-use features that make everyone happy!
Proudly serving Canada from coast to coast.

Joined: Jan 2005
Posts: 15,378
Likes: 13
Moderator-Vertical, Vodavi, 1A2, Outside Wire
*****
Offline
Moderator-Vertical, Vodavi, 1A2, Outside Wire
*****
Joined: Jan 2005
Posts: 15,378
Likes: 13
This happens very frequently with Panasonic voice mail systems since their programming and operation is relatively universal world-wide. Scammers dial into systems and seek the ones that are Panasonics.

This happened to one of my customers that is a small flower shop. They ended up with thousands of dollars in long distance charges within two months of installation. The culprit set up a phantom mailbox that would outdial to an international number to a number in the Carribean any time a message was left. It was mailbox "666". They set this number as a pager notification number so that the voice mail would repeatedly dial. I couldn't see how this was of any use to them, but it resulted in a fat long distance calling bill.

My guess is that they were getting paid for call termination fees in the Carribean Islands where there really are no laws with regard to telecommunications.

They could call into that mailbox, mute out long enough to create a legimate message, then the mailbox would continuously dial the "pager" number for notification at dollars per-call.

All that I can suggest is to do what we did: Toll-restrict the voice mail ports.


Ed Vaughn, MBSWWYPBX
Joined: Jun 2006
Posts: 211
Member
Offline
Member
Joined: Jun 2006
Posts: 211
I had the same problem with our Panasonic system. Deleted all the mailboxes we weren't using, made sure the rest all had a password, and put toll restriction on the v-mail ports. Never had a problem since.

Joined: Jan 2007
Posts: 1,026
Member
Offline
Member
Joined: Jan 2007
Posts: 1,026
It seems as though you've covered your bases on programming. Is it possible some one has an extension forwarded to this outside number?

Joined: May 2004
Posts: 324
Member
OP Offline
Member
Joined: May 2004
Posts: 324
well it is posible that a forward was set then disabled first thing on monday morning although the the problem is call logging or voicemail reports say its not it has stopped now but now i cant find how or who is responceable for the costs (i dont fancy paying 7000 euro for somthing that nothing to do with the system..thoughts..

Joined: Jan 2007
Posts: 2,116
Likes: 2
OBT Offline
Admin
*****
Offline
Admin
*****
Joined: Jan 2007
Posts: 2,116
Likes: 2
Hi peter, this has happened to a few sites in dublin. they come in through the voicemail and enter the manager voice mail and change in class of service the personal option 1/2 and enable remote forward to co.
once they do this they can enter any voicemail box and remote forward the extensions to external numbers and will come and change this over night. they then use the ddi's which we all put as same as extension numbers for practial reasons.
Check the cos settings on voicemail and disable access to manager mailbox through telephone or put a 6-8 digit password on them. if customer wants remote maintenance on vm put in modem.
if customer does not use call forward on system disable this also.
These people are good at this. Lock any system with pri lines with voice mail, does not have to be auto-attendant

If you have the system with good passwords and some one breaks in it is not your fault. Just like if a locksmith puts in a lock and some one breaks in it is not his fault!


“I have not failed. I've just found 10,000 ways that won't work.”
Joined: Sep 2006
Posts: 121
Member
Offline
Member
Joined: Sep 2006
Posts: 121
this started around 2001, the hacker called himself "The Sniper". He was hitting panasonic vmails as well as other brands. He got into systems that were not passworded and programmed new mailboxes, 555,666,777. He programmed these mailboxes to call a number in the phillipeens (that didn't pickup) whenever a messege was in that mbx. this would tie up the vm and cause phone bills in the thousands.
the FBI finally caught up to him 2003-2004. the problems disappered for a year or two but then started again.
You know the saying... Location, Location, location.
well here's a better saying...Passwords, Passwords, Passwords.

Joined: Jan 2005
Posts: 15,378
Likes: 13
Moderator-Vertical, Vodavi, 1A2, Outside Wire
*****
Offline
Moderator-Vertical, Vodavi, 1A2, Outside Wire
*****
Joined: Jan 2005
Posts: 15,378
Likes: 13
He, or a copycat got into one of my customer's Panasonic voice mails about a year or so ago by creating mailbox "666". They racked up about $2,000.00 in calls in one month to some international number. Oh boy was the customer mad.


Ed Vaughn, MBSWWYPBX
Joined: Oct 2005
Posts: 1,078
Member
Offline
Member
Joined: Oct 2005
Posts: 1,078
I never allow outgoing line access/Trunk group access on vm ports on any of my systems
if the customer insists then I warn them
about the evils of out dialing and on a small
system its a giant resource hog.

Joined: Oct 2005
Posts: 1,078
Member
Offline
Member
Joined: Oct 2005
Posts: 1,078
Quote
Originally posted by peter doyle:
well it is posible that a forward was set then disabled first thing on monday morning although the the problem is call logging or voicemail reports say its not it has stopped now but now i cant find how or who is responceable for the costs (i dont fancy paying 7000 euro for somthing that nothing to do with the system..thoughts..
did they cover there trial ? any caller id info
on smdr?

Page 1 of 2 1 2

Moderated by  Carl Navarro, OBT 

Link Copied to Clipboard
Forum Statistics
Forums84
Topics94,262
Posts638,696
Members49,757
Most Online5,661
May 23rd, 2018
Popular Topics(Views)
211,098 Shoretel
187,707 CTX100 install
186,794 1a2 system
Newest Members
BPopilek, Rich F, LewisR, TDKs79, Buttinset
49,757 Registered Users
Top Posters(30 Days)
dexman 18
Toner 14
TDKs79 8
Who's Online Now
1 members (Toner), 136 guests, and 236 robots.
Key: Admin, Global Mod, Mod
Contact Us | Sponsored by Atcom: One of the best VoIP Phone Canada Suppliers for your business telephone system!| Terms of Service

Sundance Communications is not affiliated with any of the above manufacturers. Sundance Phone System Forums - VOIP & Cloud Phone Help
©Copyright Sundance Communications 1998-2024
Powered by UBB.threads™ PHP Forum Software 7.7.5