MiVoice Business call to high pay numbers

[nowickj]

Hello.

Is it possible to change Operator Extension field in Operator VM box using phone (I cannot see any changes in Audit Trial logs)? And how many times someone can type wrong PIN for VM box till box will be blocked. Additional question how someone can connect to the VM center from outside if VM HG is out of the DDI?
One of our customer had a some kind of hacker attack and system made a call to high pay number, and We have find that in Operator Extension field i VM box 0 was numer 00016042516000.

[PC77375]

This can happen a number of ways- the most common is to access any VM user, then * or # until you get to the option to "login to your MB"- hackers will dial over and over until the figure out the correct pattern. Most of the time, it is pretty easy to do...admin mailboxes assigned as repetitive digits, with fairly easy passwords. This helps the installer to "remember" passwords to all of the hundreds of customers that they manage. I recommend that you CHANGE PASSWORDS for admin/manager mailboxes IMMEDIATELY! Also change the mailboxes to random digits. Also recommend you consider restricting VM from being able to access outgoing trunks. If the passcode length is 4, change it to 8. Make sure that mailbox lockout is enabled and set to max lockout duration as well. I used to have a great document on securing voicemail, I will share it if I can find it.

[ZuluAlpha]

Good write up on here:

http://www.mitelforums.com/articles/voice-mail-security.php

[PC77375]

@ZuluAlpha - That looks to cover most of the basics! I had one for Nupoint as well.
I would probably add, "CHANGE ADMIN PASSCODES REGULARLY!"

Just as you have to change passwords on PC accounts, make it a habit to change VM admin passcodes as well- especially since you have been recently hacked and they may continue to try.

[nowickj]

many THX for Your replay. Now problem is in Mitel, and We are trying to secure not only PBX but whole network.