Manualshelf

Instruction manual

ManualsBrandsBetter Music Builder ManualsMicrophones and systemsVM-82U G3
51525354555657585960
Administration / maintenance access
Issue 9 May 2003
4-7
Another area that may be vulnerable to toll fraud is the System 75 and the
DEFINITY ECS, DEFINITY G1 and G3 (except G3r) NETCON data channel —
the internal extension number that can be used for administration and
maintenance access. If the NETCON data channel is not restricted, a hacker can
do a valid transfer from the voice mail port (or other ports in the system) to the
network extension, get dial tone, and connect to and log into the administrative
port, bypassing any port protection device, such as an RPSD. In a modem pool or
NETCON modem installation, this would permit a hacker to transfer to a NETCON
extension, get data tone, and get a login prompt. In a modem pool installation, this
would also permit the hacker to transfer out to make toll calls.
Use COR-to-COR restrictions to restrict stations from calling the NETCON so that
only CORs allowed to access the maintenance port are able to do so. For
example, if voice mail extensions have a COR of 9, and extensions assigned to
NETCON channels have a COR of 2, ensure that COR 9 does not have access to
COR 2. Anyone not authorized to use the NETCON channel should not be able to
access it.
NOTE:
To determine how the NETCON channels have been assigned, use the list
data-module
command. The output from this command identifies the
modules in your system. If NETCON extensions are administered, they will
be listed as NETCON, along with the four 3- or 4-digit extension numbers
associated with the data channel(s).
NOTE:
NETCON extensions may also be contained in a hunt group. If list
data-module
does not list the NETCON extensions, use list hunt-group to
see if the NETCON data channels are in a hunt group.
NOTE:
For verification purposes, you may also enter list data-module
<extension>
, if you think you know the extension that is associated with the
NETCON data channel. This command will list the COR, COS, Tenant
Number, and name of the data module (for example, NETCON, TDM)
associated with the extension you entered.
In addition, the modem port used for voice mail maintenance or administrative
access is often a switch extension. It should be restricted in the same manner as
the NETCON channel.