Mitel Forums - The Unofficial Source

Mitel Forums => Mitel MiVoice Business/MCD/3300 => Topic started by: nMitel on March 19, 2018, 11:24:44 AM

Title: 3300 remote access
Post by: nMitel on March 19, 2018, 11:24:44 AM

Hi,

 I'm wondering if there is a way for me to call my 3300 system from and get access that will allow me to place calls that I don't want to place from the outside number I'm calling from?

Thanks

Title: Re: 3300 remote access
Post by: acejavelin on March 19, 2018, 12:07:15 PM

Do you mean DISA service? Sure, but it is a very dangerous option that is often exploited for toll fraud, most security guides recommend disabling it entirely.

Better to use a softphone or something similar...

Title: Re: 3300 remote access
Post by: nMitel on March 19, 2018, 02:01:53 PM

acejavelin, The reason I'm asking is that I believe, my system was hacked and multiple international calls were made from it I check the DISA setting to see if it was used to hack the system but it's not enabled. what got my attention is on one of the extension's voicemail box settings "Operator Extension (0)" field was changed to the international number that was called from my system but im still not sure how could the hacker change it and how did he use it to place the calls, any idea?

Title: Re: 3300 remote access
Post by: PC77375 on March 19, 2018, 03:26:55 PM

Is this a Nupoint or an Embedded voicemail implementation?

Title: Re: 3300 remote access
Post by: acejavelin on March 19, 2018, 03:32:02 PM

Voicemail is a very common access point for hackers... There are guidelines on Mitel's website for security like password restrictions, but the best thing is to use ARS properly on all the ports, whether NuPoint or Embedded.

Title: Re: 3300 remote access
Post by: ZuluAlpha on March 20, 2018, 10:18:41 AM

Quote from: nMitel on March 19, 2018, 02:01:53 PM

acejavelin, The reason I'm asking is that I believe, my system was hacked and multiple international calls were made from it I check the DISA setting to see if it was used to hack the system but it's not enabled. what got my attention is on one of the extension's voicemail box settings "Operator Extension (0)" field was changed to the international number that was called from my system but im still not sure how could the hacker change it and how did he use it to place the calls, any idea?

If your embedded administrator mailbox has a default or common passcode attached to it, these changes can be made by calling in, selecting the admin mailbox, and modifying as desired.

Title: Re: 3300 remote access
Post by: nMitel on March 21, 2018, 09:56:41 AM

Thank you all for your inputs. I made sure that admin mailbox and all voicemail boxes have unique passcodes after the incident. I will have to keep an eye on the system and I will figure it out.

Thank you everyone.

Title: Re: 3300 remote access
Post by: x-man on March 21, 2018, 10:29:00 AM

Also use the three attempts and lockout for 15 minutes for invalid attempts to guess /scripted attack on VM passwords.