Hi all! I am a tech who does not have any experience with ESI systems so I respectfully ask for some guidance. I am trying to assist this customer as the line provider and tech seem to be blaming each other so I am mediating.This customer has an IVX E class with digital lines coming from their cable co. The hackers apparently have been dialing in the system and then calling overseas numbers causing cost and alarms with their provider.The line provider has finally blocked outgoing international calls from this customer but is still requesting more to be done on the pbx side as attempts have not slowed. They are calling more than one line. The trunk to trunk and call forward features are off. If I read correctly in the manual, calling international is already blocked? I don't believe any remote maint ports are connected. Unclear as if there is a log to refer to. Maybe additional toll restrictions? Hoping for guidance in the right direction. Thank you very much for the help.

Probably an exploit of the voice message notification and delivery feature. You can lock it out by assigning an unused line group in Function 552. F551 will show any evidence of the hacking, but not when it happened.

I appreciate your input. I will check on it. Thank you bdunne!

In the immortal words of the Asian airline pilot, Sum Ting Wong, I think there is something else at play here. Function 551 is extremely limited as to what can be dialed out by the system. Numbers and routes have to be programmed in 551 and restrictions do apply. Since ESI does not have any function for DISA, I would look at anything else connected to the lines that may be shared with the ESI. If there is no programming in function 551, and there are no trunk to trunk out dials in the AA, then no one can dial out of the ESI.

Rcaman

Check to see if any of the mailboxes have been hacked and outcalling set up.

Thank you gentlemen for the additional possibilities! I hope to get back to this customer tomorrow to check. I will post something as soon as I have something notable to report.

Had this happened to our customer's a few times. They were using the guest mailboxes with notification. Check your open loop interval for disconnects on all co lines. Make sure when the system hangs up a call the line disconnects. Check the analog ports for outdial and lock them down. Call ESI tech support as we informed them of this a few times and I know they had a tech write up about it. Lastly, download PABX soft and install it on a temporary basis to track all of the call patterns. This will show what is up.

You guys were right on. I found several mailboxes which had the international numbers in the remote notification settings. I will still check your suggestions breeze as to make sure I am complete though. Still figuring how they did it though so I can secure all avenues. I cant figure how to secure the mailboxes which do not have a physical set attached. Many thnaks again!

Someone would need at least the admin password to enable the MB's to use outside lines. Is the admin password still the default? Even if not; It's time to change the admin and installer passwords.