Show Posts
1
MiVoice Office 250/Mitel 5000 / Re: Mitel 5000 Hacked
« on: March 24, 2014, 12:11:10 PM »
I am not quite sure if we are having a hacking problem. My general voicemail box keeps getting filled up with voicemail messages from random telephone numbers (all local). I am looking at my CPU utilization and (at the lowest point in the day) it reads 100%. Looking at the breakdown it shows that applications are taking the majority of the resources.
I am looking at the reporting section in Mitel System Administration & Diagnostics. I am trying to run a report showing what extension are dialing out. I did notice that a user who is not in the office was showing off-hook. I cannot find were to run this report though, I am just reading the generic/standard reports (All Extensions, Call Routing Tables, ..., Timers & Limits, and Trunks).
I did download the reporting data... where should I be going to get the report you are referencing.
By the way, I also looking into the DB Programming and see I have port 5060 listening for SIP UDP. Should I NOT have this port listening?
Thanks,
Erin
I am looking at the reporting section in Mitel System Administration & Diagnostics. I am trying to run a report showing what extension are dialing out. I did notice that a user who is not in the office was showing off-hook. I cannot find were to run this report though, I am just reading the generic/standard reports (All Extensions, Call Routing Tables, ..., Timers & Limits, and Trunks).
I did download the reporting data... where should I be going to get the report you are referencing.
By the way, I also looking into the DB Programming and see I have port 5060 listening for SIP UDP. Should I NOT have this port listening?
Thanks,
Erin
Jmarcwsp1,
First of all did you look in your Reports section of the System Administration and Diagnostic program to see what extension(s) were making those calls and at what time they were doing it?
Did you make sure your IP and SIP phones were not using the same password as the extension?
There are a lot of things we can do to help, but there is some information we will need to help out. The system does not just grant access to anyone who wants to make a call, but if the implementation did not have security in mind it may not be implemented as well as it should be. I also understand where Hovus is coming from, but I am not so sure you want to start changing your Firewall rules if there are other options out there, especially if some of the users are working from home and they do not have a static IP address associated with their internet access or if they are traveling users who do not connect up through "known" connects such as hotels or customer sites. Let's try to implement some easier security measures and see if that works first and then get into more complicated ones once we reach that point with no success.
Thanks,
TE