Author Topic: 3300 remote access (Read 1869 times)

nMitel · « **on:** March 19, 2018, 11:24:44 AM »

Hi,

I'm wondering if there is a way for me to call my 3300 system from and get access that will allow me to place calls that I don't want to place from the outside number I'm calling from?

Thanks

acejavelin · « **Reply #1 on:** March 19, 2018, 12:07:15 PM »

Do you mean DISA service? Sure, but it is a very dangerous option that is often exploited for toll fraud, most security guides recommend disabling it entirely.

Better to use a softphone or something similar...

nMitel · « **Reply #2 on:** March 19, 2018, 02:01:53 PM »

acejavelin, The reason I'm asking is that I believe, my system was hacked and multiple international calls were made from it I check the DISA setting to see if it was used to hack the system but it's not enabled. what got my attention is on one of the extension's voicemail box settings "Operator Extension (0)" field was changed to the international number that was called from my system but im still not sure how could the hacker change it and how did he use it to place the calls, any idea?

PC77375 · « **Reply #3 on:** March 19, 2018, 03:26:55 PM »

Is this a Nupoint or an Embedded voicemail implementation?

acejavelin · « **Reply #4 on:** March 19, 2018, 03:32:02 PM »

Voicemail is a very common access point for hackers... There are guidelines on Mitel's website for security like password restrictions, but the best thing is to use ARS properly on all the ports, whether NuPoint or Embedded.

ZuluAlpha · « **Reply #5 on:** March 20, 2018, 10:18:41 AM »

Quote from: nMitel on March 19, 2018, 02:01:53 PM

acejavelin, The reason I'm asking is that I believe, my system was hacked and multiple international calls were made from it I check the DISA setting to see if it was used to hack the system but it's not enabled. what got my attention is on one of the extension's voicemail box settings "Operator Extension (0)" field was changed to the international number that was called from my system but im still not sure how could the hacker change it and how did he use it to place the calls, any idea?

If your embedded administrator mailbox has a default or common passcode attached to it, these changes can be made by calling in, selecting the admin mailbox, and modifying as desired.

nMitel · « **Reply #6 on:** March 21, 2018, 09:56:41 AM »

Thank you all for your inputs. I made sure that admin mailbox and all voicemail boxes have unique passcodes after the incident. I will have to keep an eye on the system and I will figure it out.

Thank you everyone.

x-man · « **Reply #7 on:** March 21, 2018, 10:29:00 AM »

Also use the three attempts and lockout for 15 minutes for invalid attempts to guess /scripted attack on VM passwords.

Mitel Forums - The Unofficial Source

News:

Author Topic: 3300 remote access (Read 1869 times)

nMitel

3300 remote access

acejavelin

Re: 3300 remote access

nMitel

Re: 3300 remote access

PC77375

Re: 3300 remote access

acejavelin

Re: 3300 remote access

ZuluAlpha

Re: 3300 remote access

nMitel

Re: 3300 remote access

x-man

Re: 3300 remote access