Hi Everyone,

We've got quite an old OfficeServ 7200 system, with a SVMi-20E voicemail system.

We've recently seen alot of calls outside of office hours to premium rate numbers. I suspect someone has guessed one of the mailbox passwords, then pressed # for personal services menu, then 5 for placing a direct call.

I've blocked 09 numbers with our telco provider, but would quite like to disable the "direct call" feature if possible, or failing this, the whole personal services menu.

Can anyone advise how I might do this, as my skills with the OfficeServ are somewhat limited!

Thanks

You'll need a cisco cable connected to the SIO port. Fire up hyperterminal and change programming as necessary.

Were based in Blackburn so if you prefer an engineer sort it just give us a call on 01254 272000.

Cheers for the pointer! I've connected to it ok - and got close to the setting (I think) - I just need to press page down to get to it, using puTTY the page down key just sends [6~ tried hyperterminal, which doesnt seem to do much there - also tried changing terminal type without much luck.

Any ideas what could fix this, or is it something simple like a ctrol key combo I need?

Couldn't find anything in the tech documents.

eesh!

Thanks again

CTRL+D (F1 for help menu)

Sorted! Hopefully no more calls to Nigeria now!

Cheers for your help guys!

Are there any other ways that someone could remotly dial in then out of this PBX?

I've tested dialing into voicemail externally, then doing #<PASS>, # (personal services), 5 (direct call) and entering an external number.

I get an error saying call failed, which it didnt previously do - could there be any other ways that are leaving the OfficeServ7200 insecure?

I need to be a little cautious what I write in an open forum but there are numerous methods to hack or appear to hack the VM.

Typically the 'hacker' will create additional mailboxes and use these to break out of the system. I wont say how!

Also consider the fact that calls could be routed through the VM and ring an extn. This extn could be forwarded externally....

Suggestions:

1) Deploy Call Management software. In the UK look at the Tollring products available through Samsung. It wont stop the problem but you'll see it happening!

2) Most importantly stop the VM from dialling out. Not onyl block the relevent outcalling in the VM, go much further than this. Put all the physical VM ports into a different COS group in the phone system and block ANY outgoing access (Barring level H)

3) Never leave the VM admin mailbox password in default. Even consider changing it from time to time.

4) Never leave mailboxes with default passwords. Anyone can guess 0000 or 1234 or similar as passwords. Increase the min password length above 4 digits!

I think you get the gist of what's required to secure a system. This is not a definitive list!

I hate to revive a thread from 2011 but Google searching kept leading me back to this topic. The problem is, no one actually said how to do it. Ironically the article listed here led me to this thread: https://sundance-communications.com/forum/ubbthreads.php/topics/579359


Unfortunately you will need a terminal emulator like Putty since Hyperterminal is no longer in existence for Windows 7.

There are two different manuals I found on connecting to the SVMi-20E card. The settings were as follows:

1. Set 'Bits per second' to 9,600
2. Set "Data Bits' to 8
3. Set "Parity" to None
4. Set "Stop Bits" to 1
5 Set "Flow Control" to None

The ones that worked for me were:
1. Set 'Bits per second' to 38,400
2. Set "Data Bits' to 8
3. Set "Parity" to None
4. Set "Stop Bits" to 1
5 Set "Flow Control" to None
6. Emulation type was ANSI


Once you get the screen interface you want to go to:

1: Open Block
2: EClass
3: Standard Template (may be different on yours)
4: Navigate to the 4th page with I believe CTRL-D
5: Outcall Authorizations
6: Set all to "N"

This blocks anyone coming in through voice mail and using the direct dial feature. This does not block transfers from within the company though. So if you transfer a phone call to an outside line, it will still transfer. It just will not do it through the voice mail system.

I hope this helps someone as it took us about 4 hours to connect and find the correct menu.