1
Mitel MiVoice Business/MCD/3300 / Re: Securing a 3300
« on: March 21, 2014, 03:56:12 PM »
Texas, D/FW area.
News:
Welcome to Mitel Forums. The Mitel resource - by techies, for techies...
Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages: [1]
2
Mitel MiVoice Business/MCD/3300 / Re: Securing a 3300
« on: March 21, 2014, 03:51:08 PM »
Okay thanks. I'll start looking around for another vendor and send them this info so hopefully they can help out.
Thanks again for your help.
Thanks again for your help.
3
Mitel MiVoice Business/MCD/3300 / Re: Securing a 3300
« on: March 21, 2014, 03:26:29 PM »
Thanks for the quick reply and the good article.
Here is what I have so far:
I've had our PRI provider block all international calls that don't require a country code, plus most of our lines require long distance codes to call out of our metro area. The few that don't are fax lines and might be difficult to add that requirement (since putting in a long distance code on our faxes is unreliable at best).
I didn't know the 0 passcode, so I just reset it so something known and non-default.
For the VM being able to transfer to the outside, we have completed making sure no one is using 1111 or their extension for their passcode. I don't think I can turn off VM transferring to the outside (please correct me if I'm wrong) as we use the "press 2 to be transferred to the cell phone" feature in the voicemail very heavily.
For this next part, please forgive my ignorance if I am getting this wrong. I have fairly limited phone knowledge.
I looked in "System Administration" -> "Automatic Route Selection (ARS)" and under there I only find one "Class of Restriction" section which is "Class of Restriction Group Assignment". In it I have 4 pages of numbers, 1-64, but everyone is completely blank. In selecting one and clicking "Change", the only thing I can fill in is "Class Of Restriction For Group". It will only allow numbers.
Is there maybe somewhere else I should look?
Thanks again for all of your help
Here is what I have so far:
I've had our PRI provider block all international calls that don't require a country code, plus most of our lines require long distance codes to call out of our metro area. The few that don't are fax lines and might be difficult to add that requirement (since putting in a long distance code on our faxes is unreliable at best).
I didn't know the 0 passcode, so I just reset it so something known and non-default.
For the VM being able to transfer to the outside, we have completed making sure no one is using 1111 or their extension for their passcode. I don't think I can turn off VM transferring to the outside (please correct me if I'm wrong) as we use the "press 2 to be transferred to the cell phone" feature in the voicemail very heavily.
For this next part, please forgive my ignorance if I am getting this wrong. I have fairly limited phone knowledge.
I looked in "System Administration" -> "Automatic Route Selection (ARS)" and under there I only find one "Class of Restriction" section which is "Class of Restriction Group Assignment". In it I have 4 pages of numbers, 1-64, but everyone is completely blank. In selecting one and clicking "Change", the only thing I can fill in is "Class Of Restriction For Group". It will only allow numbers.
Is there maybe somewhere else I should look?
Thanks again for all of your help
4
Mitel MiVoice Business/MCD/3300 / Securing a 3300
« on: March 21, 2014, 01:25:27 PM »
We have a 3300 on 8.0.10.7_1. Last night we were notified by our PRI provider of a 6+ hour call to our 800 number. I looked in our SMDR logs and found another call right after that one ended that was 2+ hours. In both cases, it looks like they went into the voicemail system and were "poking" around.
I'm the IT guy, so I talked to our "phone vendor", but they really haven't been that trustworthy from the start. For example, my first question was, "Is the 3300 capable of limiting the length of calls?" The answer I got (from the owner mind you) was "I don't really know, I'll have to wait until I have a tech in Monday". I found the option after reading through the help some and have set limits on call lengths.
In talking to our vendor, he claimed that people "get into the voicemail, then get into a voicemail box with a weak password, then somehow re-program the system to auto call out to a 900 number or other toll number to rack up charges". I'm having our Jr. IT guy go through all our voicemails and change any with a 1111 passcode and/or a passcode that is the same as the extension. I'm also having our PRI provider block all calls to the NANP Member countries (places like the Dominican Republic and Jamaica where you only have to dial 1 + area code to call, no country code required, but aren't other US states).
Our OpsManager and the Mitel web interface are inaccessable from the outside network, and I feel pretty confident about their security.
I've seen suggestions to turn off trunk to trunk calling, but we actually use that feature a lot, so that is kind of a non-starter.
I've also gone through the article here: http://www.mitelforums.com/articles/mitel-toll-fraud.php
but I'm unsure as to how to block 9-00 calls and to block specific extensions from making international calls.
Can anyone give me any pointers on how to setup those blocks? Is there anything else I should look for or set (assume my vendor didn't do even the most basic security features)?
Should I really just search for a new vendor and let them handle it?
Thanks in advance for your help.
I'm the IT guy, so I talked to our "phone vendor", but they really haven't been that trustworthy from the start. For example, my first question was, "Is the 3300 capable of limiting the length of calls?" The answer I got (from the owner mind you) was "I don't really know, I'll have to wait until I have a tech in Monday". I found the option after reading through the help some and have set limits on call lengths.
In talking to our vendor, he claimed that people "get into the voicemail, then get into a voicemail box with a weak password, then somehow re-program the system to auto call out to a 900 number or other toll number to rack up charges". I'm having our Jr. IT guy go through all our voicemails and change any with a 1111 passcode and/or a passcode that is the same as the extension. I'm also having our PRI provider block all calls to the NANP Member countries (places like the Dominican Republic and Jamaica where you only have to dial 1 + area code to call, no country code required, but aren't other US states).
Our OpsManager and the Mitel web interface are inaccessable from the outside network, and I feel pretty confident about their security.
I've seen suggestions to turn off trunk to trunk calling, but we actually use that feature a lot, so that is kind of a non-starter.
I've also gone through the article here: http://www.mitelforums.com/articles/mitel-toll-fraud.php
but I'm unsure as to how to block 9-00 calls and to block specific extensions from making international calls.
Can anyone give me any pointers on how to setup those blocks? Is there anything else I should look for or set (assume my vendor didn't do even the most basic security features)?
Should I really just search for a new vendor and let them handle it?
Thanks in advance for your help.
Pages: [1]