|
|
|
|
Joined: Feb 2010
Posts: 505 Likes: 1
Member
|
|
Member
Joined: Feb 2010
Posts: 505 Likes: 1 |
A lot of customers are getting hacked
Does anyone know how they are doing it
We usually just shut down international dialing
Change passwords
Its always Comcast
It would be nice to know the procedure
Someone mentioned the MC feature thu voice mail
Just wondering
Thanks
JD
|
|
|
Visit Atcom to get started with your new business VoIP phone system ASAP
Turn up is quick, painless, and can often be done same day.
Let us show you how to do VoIP right, resulting in crystal clear call quality and easy-to-use features that make everyone happy!
Proudly serving Canada from coast to coast.
|
|
|
|
Joined: Dec 2006
Posts: 83
Member
|
|
Member
Joined: Dec 2006
Posts: 83 |
Hacking of the SV9100
ID# 11514 | Published 4/10/2015 9:59:18 AM | Updated 4/13/2015 7:37:45 AM
Products: SV9100 Categories: PCPro, Programming Tools, Applications, WebPro, Business, Features
What can be done to protect the SV9100 from hacking?
Like other customer sensitive network equipment, the SV9100 should be placed behind a network firewall and all relative ports should be blocked from outside access. To ensure security, port 80 (HTTP) for the WebPro port, port 8000 for the PCPro port should all be secured from outside Internet access.
Along with the above network firewall protection, all user names and passwords should be set to the maximum allowed entries in PRG 90-02. User Names can be set for up to 10 uppercase, lowercase and special alphanumeric characters. Passwords can be set for up to 8 digits using only digits 0-9, * and #. Note: Unlike the User Name, all special characters cannot be used in the password. Only * and # are allowed. Avoid sequential numbers and mix in as many combinations of the allowed digits as possible. An example of usernames and passwords would be:
Username: TeSt96%K#*
Password: *538#*49
When changing the username and passwords, the changes should be documented and stored by the Associate. These changes should also be provided to the customer for safe storage.
If ports are going to be forwarded in the router for Remote Maintenance, then NEC recommends changing the default well known port numbers of WebPro and PCPro in programs 90-54-01 and 90-54-02.
In addition to changing the port numbers and system passwords as described above, if port forwarding of WebPro's port will be used (Not recommended) then you should also go to program 90-28 and change each extension password for User Pro; for the extensions that need access to User Pro; or delete the passwords for extensions that do not need access to User Pro so that it may not be accessed. This will prevent hackers from being able to make changes to individual extensions such as Call Forwarding.
|
|
|
|
|
Joined: Dec 2008
Posts: 239
Member
|
|
Member
Joined: Dec 2008
Posts: 239 |
I have seen this on Sv8100 not Sv9100 due to the fact that mailboxes 1-64 are created at default. Hackers hack a mailbox, setup notification to an international number, call back in and leave a message in the mailbox. When the notified number gets the message left while listening they request a callback to the original sender. We have deleted all unused mailboxes. It is imperative that the end users set up a password. This happened on Christmas day and Time Warner fraud notified the customer. After a lot of investigation it happened on a actual user who did not setup a password. Hope that helps.
|
|
|
|
|
Joined: Sep 2004
Posts: 4,220 Likes: 2
Member
|
|
Member
Joined: Sep 2004
Posts: 4,220 Likes: 2 |
You should be removing all extra numbers from the system and deactivating mailboxes when you first program a system. Frankly they should come with NOTHING programmed IMHO save service codes.
|
|
|
|
Forums84
Topics94,491
Posts639,864
Members49,836
| |
Most Online5,661
May 23rd, 2018
|
|
|
0 members (),
324
guests, and
248
robots. |
|
Key:
Admin,
Global Mod,
Mod
|
|
|
|
|
|
