atcomsystems.ca/forum
Posted By: teldata1 Hacking SV 8100/9100 - 08/23/17 06:14 PM
A lot of customers are getting hacked
Does anyone know how they are doing it
We usually just shut down international dialing
Change passwords
Its always Comcast

It would be nice to know the procedure
Someone mentioned the MC feature thu voice mail

Just wondering

Thanks

JD
Posted By: nec-guru Re: Hacking SV 8100/9100 - 08/23/17 06:23 PM
Hacking of the SV9100
ID# 11514 | Published 4/10/2015 9:59:18 AM | Updated 4/13/2015 7:37:45 AM
Products: SV9100 Categories: PCPro, Programming Tools, Applications, WebPro, Business, Features

What can be done to protect the SV9100 from hacking?
Like other customer sensitive network equipment, the SV9100 should be placed behind a network firewall and all relative ports should be blocked from outside access. To ensure security, port 80 (HTTP) for the WebPro port, port 8000 for the PCPro port should all be secured from outside Internet access.

Along with the above network firewall protection, all user names and passwords should be set to the maximum allowed entries in PRG 90-02. User Names can be set for up to 10 uppercase, lowercase and special alphanumeric characters. Passwords can be set for up to 8 digits using only digits 0-9, * and #. Note: Unlike the User Name, all special characters cannot be used in the password. Only * and # are allowed. Avoid sequential numbers and mix in as many combinations of the allowed digits as possible. An example of usernames and passwords would be:

Username: TeSt96%K#*

Password: *538#*49

When changing the username and passwords, the changes should be documented and stored by the Associate. These changes should also be provided to the customer for safe storage.

If ports are going to be forwarded in the router for Remote Maintenance, then NEC recommends changing the default well known port numbers of WebPro and PCPro in programs 90-54-01 and 90-54-02.

In addition to changing the port numbers and system passwords as described above, if port forwarding of WebPro's port will be used (Not recommended) then you should also go to program 90-28 and change each extension password for User Pro; for the extensions that need access to User Pro; or delete the passwords for extensions that do not need access to User Pro so that it may not be accessed. This will prevent hackers from being able to make changes to individual extensions such as Call Forwarding.
Posted By: erniejoey Re: Hacking SV 8100/9100 - 08/28/17 12:16 PM
I have seen this on Sv8100 not Sv9100 due to the fact that mailboxes 1-64 are created at default. Hackers hack a mailbox, setup notification to an international number, call back in and leave a message in the mailbox. When the notified number gets the message left while listening they request a callback to the original sender. We have deleted all unused mailboxes. It is imperative that the end users set up a password. This happened on Christmas day and Time Warner fraud notified the customer. After a lot of investigation it happened on a actual user who did not setup a password. Hope that helps.
Posted By: Coral Tech Re: Hacking SV 8100/9100 - 08/28/17 01:13 PM
You should be removing all extra numbers from the system and deactivating mailboxes when you first program a system. Frankly they should come with NOTHING programmed IMHO save service codes.

© Sundance Business VOIP Telephone Help