Manualshelf

Instruction manual

ManualsBrandsBetter Music Builder ManualsMicrophones and systemsVM-82U G3
71727374757677787980
Keeping unauthorized third parties from entering the
system
Issue 9 May 2003
5-3
If possible, administer remote access (Communication Manager,
MultiVantage™ Software, DEFINITY ECS, DEFINITY G1, G3, and
System 75) so no dial-tone prompt is supplied for entry of the authorization
code. No dial tone after a remote access call is connected discourages
most hackers who listen for dial tone or use modems to detect dial tone.
Restrict the bands or area code sets when you offer remote access on an
800 number. If all your authorized users are on the east coast, for example,
do not provide trunks that allow calling in from San Francisco.
Require maximum length barrier codes and authorization codes. For
System 75 R1V1 and R1V2, require the entry of a barrier code. For
System 85 and releases of DEFINITY G2.1 and G2.2 prior to 3.0, require
either a barrier code or an authorization code. For DEFINITY G2 and
System 85, require the entry of 11 digits (4-digit barrier code and 7-digit
authorization code). For DEFINITY G1, G2.2 Issue 3.0 and later, DEFINITY
G3, Communication Manager, MultiVantage™ Software, DEFINITY ECS,
and System 75 R1V3, require the entry of 14 digits (a 7-digit barrier code
and a 7-digit authorization code) before users can gain access to the
feature.
Do not assign barrier codes or authorization codes in sequential order.
Assign random number barrier codes and authorization codes to users so if
a hacker deciphers one code, it will not lead to the next code.
Since most toll fraud happens after hours and on week-ends, restrict the
hours that remote access is available.
Disabling/removing the Remote Access feature
For the “n” versions of DEFINITY G1, G2.2 Issue 3.0 and later, DEFINITY G3,
Communication Manager, MultiVantage™ Software, DEFINITY ECS, System 85
R2V4n, and System 75 R1V3, as an additional step to ensure system security, the
Remote Access feature may be “permanently” disabled if there is no current or
anticipated need for it. Permanent removal protects against unauthorized usage
even if criminals break into the maintenance port. Once this feature is
permanently disabled, however, it will require Avaya maintenance personnel
intervention to reactivate the feature.
See your account representative for information on the North American dialing
plan, and on the “n” upgrade. See Chapter 12
for procedures to permanently
disable the Remote Access feature.
Too ls to protect the Remote Access feature
You can help prevent unauthorized users from gaining access to the PBX system
by using the following tools. (See Table 5-1
.)