User`s guide
8-94 Local voice users
Monitoring mailbox logins for suspected hacker activity
Standard 1.0 System Administration Guide January 1998
Monitoring mailbox logins for suspected hacker activity
Introduction
Hacker Monitor is a new feature that flags hacker activity by
issuing information SEERs to bring your attention to
suspicious activity. Since mailboxes are a potential security
risk, mailbox logins are one type of activity that you should
check using Hacker Monitor.
When to use
Typically, you do not need to turn mailbox monitoring on for
new users. Turn it on only if you suspect that a hacker has
been using a particular mailbox. You may, for example, get
complaints of abusive messages being sent from a particular
mailbox. This is an indication of potential hacker abuse.
How it works
A monitoring period is defined in the Voice Security Options
screen. This is the time period during which logins will be
monitored.
If mailbox monitoring is enabled, every time someone logs in
to the mailbox during the monitoring period, a SEER will be
issued. For MMUI users, SEER 2262 will be issued, whereas
for VMUIF users, SEER 5662 will be issued.
Procedure
To enable mailbox monitoring, follow these steps.
Starting Point:
The Main Menu
Step Action
1 Obtain the times when the suspected hacker uses the system.
Note:
You can do this from Meridian 1 CDR records, or from
Meridian Mail Reporter.
2 Is the monitoring period set up to reflect these times?
• If yes, go to step 5.
• If no, go to step 3.
3 Select Voice Administration and then Voice Security Options.
4 Enter the time period in the System Access Monitoring Period
field, save your change, and return to the Main Menu.
5 Select User Administration.