Technical information
Tools that Restrict Unauthorized Outgoing Calls
Issue 7 June 2001
4-21
Restricting Incoming Tie Trunks
You can deny access to AAR/ARS/WCR trunks when the caller is on an incoming
tie trunk. For all the switches, you can force the caller to enter an authorization
code when AAR/ARS/WCR is used.
Use the COR of the incoming tie trunk to restrict calls from accessing the network.
Set the calling party restriction to outward, set the FRL to 0, and specify
n for all
other trunk group CORs on the calling permissions screen.
Authorization Codes
Authorization codes can be used to protect outgoing trunks if an unauthorized
caller gains entry into the Remote Access feature. Authorization codes are also
used to override originating FRLs to allow access to restricted AAR/ARS/WCR
facilities. They can be recorded on SMDR/CAS to check against abuse. Refer to
the description of Authorization Codes in ‘‘Authorization Codes’’ on page 4-7.
The list command can be used to display all administered authorization codes.
Trunk-to-Trunk Transfer
Trunk-to-Trunk Transfer allows a station to connect an incoming trunk to an
outgoing trunk and then drop the connection. When this feature is disabled, it
prevents stations from transferring an incoming trunk call to an outgoing trunk.
Then if the controlling station drops off the call, the call is torn down.
NOTE:
Hackers use this to convince unsuspecting employees to transfer them to 9#
or 900. If trunk-to-trunk transfer is allowed, the station can transfer the
incoming trunk call to an outgoing trunk and hang up, leaving the trunks still
connected.
System 75, System 85, DEFINITY ECS, DEFINITY G1, G2, G3V1, and G3V2 can
either allow or disallow trunk-to-trunk transfer. This is for public network trunks
only. DS1 and WATS trunks assigned as tielines are not considered public
network trunks.