Manualshelf

System information

ManualsBrandsAT&T ManualsNetwork RouterDEFINITY Remote Port Security Device
21222324252627282930
System Security and Toll Fraud
xxii Issue 1 October 1997
abuse. If the system is not properly secured, thieves can make fraudulent long
distance calls or request a company employee to transfer them to a long
distance number.
Automated Attendant
Auto attendants are used by many companies to augment or replace a
switchboard operator. When an auto attendant answers, the caller is generally
given several options. A typical greeting is: “Hello, you’ve reached XYZ Bank.
Please enter 1 for Auto Loans, 2 for Home Mortgages. If you know the number of
the person you are calling, please enter that now.”
In some switches, button 9 is to access dial tone. In addition, when asked to
enter an extension, the hacker enters 9180 or 9011. If the system is not properly
configured, the auto attendant passes the call back to the PBX. The PBX reacts
to 9 as a request for a dial tone. The 180 becomes the first numbers of a 1-809
call to the Dominican Republic. The 011 is treated as the first digits of an
international call. The hacker then enters the remaining digits of the telephone
number and the call is completed. You, the PBX owner, pay for it. This hacker
scenario works the same way with a voice mail system.
Switch Administration
To minimize the risk of unauthorized people using the INTUITY™ AUDIX® system
to make toll calls, administer your switch in any of the following ways.
Restrict Outward Dialing
The measures you can take to minimize the security risk of outcalling depend on
how it is used. When outcalling is used only to alert on-premises subscribers who
do not have AUDIX message indicator lamps on their telephones, you can assign
an outward-restricted Class of Restrictions (COR) to the AUDIX voice ports.
Use P010 W3 F19 to assign outward restriction to the voice mail ports’ Class of
Service (COS).
Assign Low Facilities Restriction Level (FRL)
The switch treats all the PBX ports used by voice mail systems as stations.
Therefore, each voice mail port can be assigned a COR/COS with an FRL
associated with the COR/COS. FRLs provide eight different levels of restrictions
for Automatic Alternate Routing (AAR), Automatic Route Selection (ARS), or
World Class Routing (WCR) calls. They are used in combination with calling
permissions and routing patterns and/or preferences to determine where calls
can be made. FRLs range from 0 to 7, with each number representing a different
level of restriction (or no restrictions at all).