Phone Systems


Previous Thread
Next Thread
Print Thread
Rate This Thread
Page 1 of 2 1 2
#614502 - 12/01/17 09:58 PM Nortel CICS Hack ??  
Joined: Jan 2007
Posts: 36
TelDog Offline
Member
TelDog  Offline
Member

Joined: Jan 2007
Posts: 36
Nixa, MO
I have a new customer with a hacking issue. I do have some experience on the Nortel systems , but I am more experienced with Panasonic. Its seems someone is calling in and calling back out using my customers numbers to solicit people. I have gone in to the Callpilot and turned off outbound calling option in class of service (1) & (2) which is what Mbx's are set too. Does anyone have any thoughts ??

Thanks

Google Telephone Equipment Search
#614503 - 12/01/17 10:17 PM Re: Nortel CICS Hack ?? [Re: TelDog]  
Joined: Jan 2004
Posts: 6,478
skip555 Online content
Moderator-Nisuko-Tie, General
skip555  Online Content

Moderator-Nisuko-Tie, General
*****

Joined: Jan 2004
Posts: 6,478
Sarasota FL
did it continue after you disabled out bound calling ?


Skip
------------------------------------

Serving SW and West central Fl since 1984
#614504 - 12/01/17 10:26 PM Re: Nortel CICS Hack ?? [Re: TelDog]  
Joined: Dec 2003
Posts: 1,989
NTlayoff Offline
Moderator-Nortel
NTlayoff  Offline
Moderator-Nortel

Joined: Dec 2003
Posts: 1,989
Columbus, Ohio, USA
Yes, that is a good first step.
Most of the time it is because people use Mail Box passwords that are easy to crack.
In other words like: 1234 123456 1111 or their ext number twice.
Tell them to make all users change their passwords to a better secure number.
You can also use LINE Restriction that will disable calling overseas. Then also restrict area codes for the Carribean area.


If CON is the opposite of PRO
Then what is the opposite of Progress?
#614515 - 12/02/17 12:06 PM Re: Nortel CICS Hack ?? [Re: TelDog]  
Joined: Jan 2007
Posts: 36
TelDog Offline
Member
TelDog  Offline
Member

Joined: Jan 2007
Posts: 36
Nixa, MO
At first I thought the problem had been solved. Customer sent me email the other day, with the message from the person the outbound call went too. I did tell customer that all passwords should be changed, but you know how that goes. I made the class of service change though Callpilot Manager, the mbx's only used COS 1 & 2. that I could see. Maybe I missed one !? As far as overseas, have not had any issues with that. Strangely the calls are local and to a law firm, my customer is a law firm as while. (odd) Calls are not that often, the previous episode was two or three a month. ???

#614517 - 12/02/17 02:24 PM Re: Nortel CICS Hack ?? [Re: TelDog]  
Joined: Feb 2005
Posts: 1,516
Curlycord Offline
Member
Curlycord  Offline

Member

Joined: Feb 2005
Posts: 1,516
Toronto, Canada
Make sure the CICS does not have DISA programmed

When removing "Outbound Transfer" also remove "Off Premise Notify" for all COS's that do or will not require it in future (including unused COS's)

Make sure General Delivery and System Manager do not have access either way.

Change Password Expiry to 0 so they do not have to keep changing passwords and muck things up.

Enable Trivial Password Checking in System Properties so they will not be allow passwords like 1234
Tell them to use 6,7 or 8 digit passwords.

Look at Reports/MailboxInformation and it will show any mailbox that has been dialing out and show the number....do ASAP as the reports last only a week.

Ask if they have ever seen the calls go out (shows lines in use)

If you do not see any evidence via visual or reports then know that it is possible the marketers are just spoofing their Caller ID.




=---()))))))))---=
www.curlycord.com
[Linked Image]
Toronto, Canada




#614561 - 12/04/17 11:42 PM Re: Nortel CICS Hack ?? [Re: TelDog]  
Joined: Dec 2007
Posts: 4,739
Professor Shadow Online content
Admin
Professor Shadow  Online Content

Admin
*****

Joined: Dec 2007
Posts: 4,739
Canby, Oregon
Make sure there isn't a mailbox set up that shouldn't be there. Something beyond extension number range.


Dean
Photographs: https://www.instagram.com/deanwilsoncanby/

Please don't confuse your "Google Search" with my licenses, certifications and 30 years experience.
#614562 - 12/05/17 12:44 AM Re: Nortel CICS Hack ?? [Re: TelDog]  
Joined: Jun 2006
Posts: 8,363
MooreTel Online content
Moderator-Nortel, Computers, General
MooreTel  Online Content

Moderator-Nortel, Computers, General
*****

Joined: Jun 2006
Posts: 8,363
Lennoxville, Quebec, Canada
....Unless that mailbox is a "Guest", "Info", Hunt Group", etc mailbox.


Scientists say that the universe is made up of Protons, Neutron & Electrons. They forgot "Morons".
Dave. (CTUB) Canadian Techs Use Bix!
#614578 - 12/05/17 05:01 PM Re: Nortel CICS Hack ?? [Re: TelDog]  
Joined: Aug 2002
Posts: 930
jsaad Offline
Member
jsaad  Offline

Member

Joined: Aug 2002
Posts: 930
Union NJ
I like to make a set filter to deny everything for the voicemail ports and then overrides for the local area codes to that customer .

#615395 - 01/13/18 11:26 PM Re: Nortel CICS Hack ?? [Re: TelDog]  
Joined: Feb 2010
Posts: 306
teldata1 Offline
Member
teldata1  Offline
Member

Joined: Feb 2010
Posts: 306
Boston
I had a service call this week that the customer was being hacked
It was on Norstar Flash
They were using General Dilivery MB 100
Using the Message Notication feature
The password was 1234
They put a *72 plus phone number called back in to system
Left message and all calls were forwarded



And because it’s a flash I couldn’t deny the B Chanel’s
From line access

So they only way is to make sure there’s a good password

On all MBs




#615413 - 01/14/18 03:52 AM Re: Nortel CICS Hack ?? [Re: teldata1]  
Joined: Dec 2003
Posts: 1,989
NTlayoff Offline
Moderator-Nortel
NTlayoff  Offline
Moderator-Nortel

Joined: Dec 2003
Posts: 1,989
Columbus, Ohio, USA
Originally Posted by teldata1
........
And because it’s a flash I couldn’t deny the B Chanel’s
From line access

So they only way is to make sure there’s a good password
On all MBs


That is why I put restrictions on the LINES not on Users.
I also restrict the STAR and the NUMBER sign (pound sign)

But a good password is where it starts.


If CON is the opposite of PRO
Then what is the opposite of Progress?
Page 1 of 2 1 2

Moderated by  MooreTel, NTlayoff, Z-man 

Refurbished Phones & Equipment Search
Shout Box
FREE DESI Labeling System Software!
FREE DESI Labeling Software - Click Here!
Most Recent 5 Post
DSX 80 Remote access
by cctech. 12/18/18 06:18 AM
OSM Manager 2007
by mfecko. 12/17/18 09:38 PM
Voice Announce and BGM Volume
by Yoda. 12/17/18 02:28 PM
NEC DX7NA48 aka DS2000 caller id issues??
by Telesystems. 12/17/18 03:29 AM
Who's Online Now
54 registered members (dexman, phonemeister, nabulsi, Test-ok, metelcom, Telesystems, cctech, Michael J Miller, Ceejust, Bob3470, morephones, justbill, newtecky, gelehu, pvj, zoomo, ABLE1, Professor Shadow, Yoda, mbhydro, jb-alert@live.com, Ted, Mercenary Roadie, skip555, RonP, RM SYSTEMS, jeffmoss26, hitechcomm, mfecko, dans, mreilly, Carlos#1, MooreTel, TopekaPhone, barnito, hbiss, Daniel, ChrisRR, usedphones, oobie, nonameyet, jknichols, msnell, andyphones, seafort, helpifican, Memphisribs, Touch Tone Tommy, DankyChado, Regan, VIBob, jab1780, 2 invisible), 717 guests, and 456 spiders.
Key: Admin, Global Mod, Mod
Tech Support Line 1.800.766.3425
Over the Phone Tech Support for your Phones and Business Phone Systems
Popular Topics(Views)
Newest Members
US66TELCOMUSEUM, Jay Shop, wolf8963, Sonny1823, Ceejust
48851 Registered Users
Forum Statistics
Forums62
Topics91,927
Posts625,379
Members48,851
Most Online5,661
May 23rd, 2018
Today's Birthdays
fsifw, Mandy
Top Posters(30 Days)
dexman 75
hbiss 30
tylan 17
SSPhone 14
Daniel 12
RESPONSIVE WEBSITE DEVELOPMENT Need to check code
Free Phone Repair Diagnostic
Contact Us | Telephone System Tech Support | Terms of Service

Sundance Communications is not affiliated with any of the above manufacturers.
©Copyright Sundance Communications 1998-2018
Trusted Partners
Sitemap