|
|
|
|
Joined: Jan 2009
Posts: 22
Member
|
|
Member
Joined: Jan 2009
Posts: 22 |
Hello all. I am a long time (around 13 years or so) Samsung installer.
I have been working on Samsung equipment since the Prostar Plus 816 was the latest product.
I have not made a post here in a while because I kind of forgot about it until dealing with my current issue.
Recently in my area, some of my customers using Samsung telephone systems have been receiving calls from the phone company stating that there has been calls made internationally. The customer reports no such calls.
After investigating, I found that some of the users who had simple or default passwords had their MBX's compromised. The hackers would activate message notification to a 011 (int) telephone number.
At several sites I have gone over every active mailbox in the system to make sure that there were no default VM passwords. I have deactivated the ability to make outbound calls from the system. I have even disabled the ability to set your MBX to call you after receiving messages. I also made sure of course that the admin MBX was not using default passwords. I also verified that (as it is by default) that DISA was not active.
I started making these changes around a year ago.
To make a long story short, some of these same sites have had recent calls from the telco again that there were a few of these international call attempts recently again. I returned to the site (several of them) and went over the setup again, checking MBX passwords, attempting to access anyones mailbox myself with no success. I found no international numbers in the mailbox or extension block pages.
This does not happen often......but I am stumped.
I can not see how anyone could compromise a system from the outside and attempt to make calls.
The hacking attempts are coming (as far as we can tell) from the UK and Eastern Bloc area.
Any ideas would be helpful.
I realize we may not want to have this discussion in the open forum, so please feel free to relocate this thread or MSG me.
I appreciate all assistance.
|
|
|
Visit Atcom to get started with your new business VoIP phone system ASAP
Turn up is quick, painless, and can often be done same day.
Let us show you how to do VoIP right, resulting in crystal clear call quality and easy-to-use features that make everyone happy!
Proudly serving Canada from coast to coast.
|
|
|
|
Joined: Nov 2012
Posts: 49 Likes: 1
Member
|
|
Member
Joined: Nov 2012
Posts: 49 Likes: 1 |
Outcalling in Mclass and Eclass needs to be set to No and the dialling codes removed (900 & something), also you can set the VM ports to c.o.s. 30
It turns out that if you only set the VM ports to cos 30, it can still be hacked as the outgoing call is seen as coming from the extension, not the voicemail
|
|
|
|
|
Joined: Jun 2005
Posts: 574
Member
|
|
Member
Joined: Jun 2005
Posts: 574 |
I Would also look at your cos of service plans make * and # in wildcards plan disabled plus if customer not using it international, might be slightly differnt in uk to your dialing plans but samsung made us aware of ways to stop people using voicemail to make outcalls
|
|
|
|
|
Joined: Aug 2006
Posts: 1,811 Likes: 15
Moderator-Iwatsu
|
|
Moderator-Iwatsu
Joined: Aug 2006
Posts: 1,811 Likes: 15 |
Also, be sure to change the default passwords on any group extensions/mailboxes, such as group 500 and the like.
Sometimes the thoughts in my head get so bored, they go for a stroll through my mouth. This is rarely a good thing.
|
|
|
|
|
Joined: Jun 2006
Posts: 3,004 Likes: 4
Moderator-Samsung
|
|
Moderator-Samsung
Joined: Jun 2006
Posts: 3,004 Likes: 4 |
Make sure the operator dial number is infact the operator digit/group and not a trunk or trunk group
|
|
|
|
Forums84
Topics94,515
Posts639,962
Members49,847
| |
Most Online5,661
May 23rd, 2018
|
|
|
1 members (MooreTel),
145
guests, and
43
robots. |
|
Key:
Admin,
Global Mod,
Mod
|
|
|
|
|
|
