Business Phone Systems

Previous Thread
Next Thread
Print Thread
Rate Thread
#615936 01/28/18 10:50 PM
Joined: Mar 2009
Posts: 385
Member
OP Offline
Member
Joined: Mar 2009
Posts: 385
KXTD 1232
4x14 + 2 ports for TVS100
AT&T carrier
DPITS integration.
They have DSS keys to track the ports status.
All ports set to XDP
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

The story I got was 2½ weeks ago they noticed line 3 on all the time and both the VM ports were alternating busy. I call coincidence but I've seen strange things in my time.

The line held up was a DEAD short on the analog pr of ext 109 due to the Napa Fire. I cleared that but the VM ports keep busying each other out.

The pattern is port 1 is on for about 3 min then port 2 goes busy just as it drops port 1. The VM ports analog side will draw DT from a buttset and does not have any traffic on it. If I unplug port 2 port 1 will just stay up. I cycled the power and it came back in about 5 min.

Another thing of historical note is that I was out there about 12 weeks ago. The VM had been hacked using the notification method. I changed all passwords, reconfigured this and restricted outbound line access for the VM ports. I rechecked what I had done Friday and I could find nothing had changed on the Mailboxes.

Oddly the system works fine on whichever port is idle but keeps grabbing one and making it busy..

I'm stumped.

Anyone seen this before??

Atcom VoIP Demo
VoIP Demo
Joined: Jan 2007
Posts: 2,102
Likes: 1
OBT Offline
Admin
*****
Offline
Admin
*****
Joined: Jan 2007
Posts: 2,102
Likes: 1
If it was hacked at some point Iand is still picking up lines I would default the system in case something is still in there

Even though you barred the ports because the system will still all 911 calls it will be able to seize a line


“I have not failed. I've just found 10,000 ways that won't work.”
Joined: Mar 2009
Posts: 385
Member
OP Offline
Member
Joined: Mar 2009
Posts: 385
Hi OBT,

I was afraid you were going to say that.

I didn't install this originally and they have a bunch of custom service menus. Naturally no backup or documentation.

Too bad there is no trace function or a way to put my digigrab on the port to sample what it's doing too. Just seems weird that it sets itself for XDP but uses the data connection instead.

It doesn't pick up lines but it DOES seize the VM ports

I checked the SMDR log and it hasn't gotten out.... So Far.

Is there any other notification entry other than at the individual mailboxes?

I hadn't considered the 911 hole either.

Thank you for your insight.

Joined: Jan 2007
Posts: 2,102
Likes: 1
OBT Offline
Admin
*****
Offline
Admin
*****
Joined: Jan 2007
Posts: 2,102
Likes: 1
You can monitor the ports

7.2
UTILITY COMMANDS
SYSTEM MAINTENANCE AND TROUBLESHOOTING
151
7.2.18
Circuit Condition Display (LMON)
This command is used to display the circuit condition every 1.5 s. To disable the display in the
VT100 mode,
Type [\].
When in the ASCII mode, the circuit condition is only displayed once.
The command can be turned off by entering [\].
The following circuit conditions may be displayed.
7.2.19
DTMF Information Display (PUTD)
This command is used to display the DTMF tones the VPS receives and sends.
In addition to the DTMF tones the following are displayed — the Incoming Call Service (Voice
Mail, Automated Attendant, Custom, and Interview) entered by the caller and the time periods
that the ports are enabled.
Type PUTD.
The VPS will remain in this mode until "PUTD" is entered again. The default
setting for this mode for all ports is "OFF.


“I have not failed. I've just found 10,000 ways that won't work.”
Joined: Mar 2009
Posts: 385
Member
OP Offline
Member
Joined: Mar 2009
Posts: 385
THAT'S GOLD!!!!
Thanks OBT!!!


I kinda remember PUTD from a hundred years ago when I was trying to troubleshoot a VPS150. After I identified that it was doubling digits randomly Panasonic flew out 2 engineers from Arizona. They worked on it for about 4 hrs, pull the chips and went back to Japan. 2 weeks later they sent out an engineer and their software developer from Japan!

No Sh**...
There I was....

After about 5 hrs they spoke through an interpreter. IN FRONT OF THE CUSTOMER

He grunts and says Hmmph. Product no work. Give back money. They pulled the 150 from the shelves later that month.

Joined: Mar 2009
Posts: 385
Member
OP Offline
Member
Joined: Mar 2009
Posts: 385
FOUND IT from the trace!

THANK YOU OBT! aok

Whoever installed it originally had made boxes for all 16 ports.

When I was out there in Oct. I corrected the hacking.

I personally changed the passwords on the Administrator, Message Manager's, Phantom boxes and eliminated the ones assigned to the VM ports.

I told them to change or put new PWs on all their own boxes.

What I didn't know was that there was a mailbox with no extension on it so no one put a password on it.

Apparently there was another hacking attempt mid January and that 1 single box was found vulnerable so they attempted exploit it again. Fortunately I had blocked it from Co access so it got nowhere other than continuously seizing the ports. I had to disconnect them both just it make the box idle long enough to even see the setup.

It is ALL so clear AFTER you find it!

Thanks Again!

Joined: Jan 2007
Posts: 2,102
Likes: 1
OBT Offline
Admin
*****
Offline
Admin
*****
Joined: Jan 2007
Posts: 2,102
Likes: 1
That’s great.

Once they get in there it is hard on the old terminal programing to find what they have done


“I have not failed. I've just found 10,000 ways that won't work.”

Moderated by  Carl Navarro, OBT 

Link Copied to Clipboard
Forum Statistics
Forums84
Topics93,832
Posts636,788
Members49,649
Most Online5,661
May 23rd, 2018
Popular Topics(Views)
Today's Birthdays
bravesfan, cjvio, Cory S., Jack Scott, l.landeche, TexasD
Newest Members
Lazlo, devben, bubblegum, Carl Arnold, Marjan Shaw
49,649 Registered Users
Top Posters(30 Days)
ramo 13
pvj 11
Toner 9
Who's Online Now
3 members (Curlycord, Bushmills, Toner), 178 guests, and 88 robots.
Key: Admin, Global Mod, Mod
Contact Us | Sponsored by Atcom: Business Phone Systems | Terms of Service

Sundance Communications is not affiliated with any of the above manufacturers.
©Copyright Sundance Communications 1998-2023
Powered by UBB.threads™ PHP Forum Software 7.7.5