Technical information
Keeping Unauthorized Third Parties from Entering the
System
Issue 7 June 2001
4-3
Require maximum length barrier codes and authorization codes. For
System 75 R1V1 and R1V2, require the entry of a barrier code. For
System 85 and releases of DEFINITY G2.1 and G2.2 prior to 3.0, require
either a barrier code or an authorization code. For DEFINITY G2 and
System 85, require the entry of 11 digits (4-digit barrier code and 7-digit
authorization code). For DEFINITY G1, G2.2 Issue 3.0 and later, DEFINITY
G3, DEFINITY ECS, and System 75 R1V3, require the entry of 14 digits (a
7-digit barrier code and a 7-digit authorization code) before users can gain
access to the feature.
Do not assign barrier codes or authorization codes in sequential order.
Assign random number barrier codes and authorization codes to users so if
a hacker deciphers one code, it will not lead to the next code.
Since most toll fraud happens after hours and on week-ends, restrict the
hours that Remote Access is available.
Disabling/Removing Remote Access
For the “n” versions of DEFINITY G1, G2.2 Issue 3.0 and later, DEFINITY G3,
DEFINITY ECS, System 85 R2V4n, and System 75 R1V3, as an additional step
to ensure system security, the Remote Access feature may be “permanently”
disabled if there is no current or anticipated need for it. Permanent removal
protects against unauthorized remote access usage even if criminals break into
the maintenance port. Once Remote Access is permanently disabled, however, it
will require Avaya maintenance personnel intervention to reactivate the feature.
See your Account Representative for information on the North American Dialing
Plan, and on the “n” upgrade. See Chapter 11 for procedures to permanently
disable the Remote Access feature.
Too ls to Protect Remote Access
You can help prevent unauthorized users from gaining access to the PBX system
by using the following tools. (See Table 4-1.)