Manualshelf

Technical information

ManualsBrandsAT&T ManualsNetwork RouterDEFINITY Remote Port Security Device
221222223224225226227228229230
MERLIN II Communications System
Issue 7 June 2001
6-35
The MERLIN MAIL Voice Messaging System provides automated attendant, call
answer, and voice mail functionality. The automated attendant feature answers
incoming calls and routes them to the appropriate department, person, or mailbox.
The call answer feature provides call coverage to voice mailboxes. The voice mail
feature provides a variety of voice messaging features.
The area of toll fraud risk associated with the automated attendant feature is
indicated below.
Pooled facility (line/trunk) access codes are translated to a selector code to
allow Remote Access. If a hacker chooses this selector code, the hacker
has immediate access.
Take the following preventative measures to limit the risk of unauthorized use of
the automated attendant feature by hackers:
Do not program automated attendant selector codes for Automatic Route
Selection (ARS) codes or Pooled Facility codes.
Assign all unused automated attendant selector codes to zero, so that
attempts to dial these will be routed to the system operator or to the
General Mailbox.
Protecting Passwords
Passwords can be up to 4 digits. See ‘‘Administration / Maintenance Access’’ on
page 3-4 and ‘‘General Security Measures’’ on page 3-8 for secure password
guidelines. See Chapter 13 for information on how to change passwords.
Security Tips
The MERLIN MAIL Voice Messaging System can be administered to reduce the
risk of unauthorized persons gaining access to the network. However, phone
numbers and authorization codes can be compromised when overheard in a
public location, lost through theft of a wallet or purse containing access
information, or when treated carelessly (writing codes on a piece of paper and
improperly discarding them).
Hackers may also use a computer to dial an access code and then publish the
information for other hackers. Substantial charges can accumulate quickly. It is
your responsibility to take appropriate steps to implement the features properly, to
evaluate and administer the various restriction levels, and to protect and carefully
distribute access codes.