Manualshelf

Installation guide

ManualsBrandsVertical ManualsComputer equipmentWave Phone
961962963964965966967968969970
Securing your system against toll fraud A-6
: Protecting Your Phone System Against Toll Fraud
Wave Global Administrator Guide
The full list of country codes can be found in your phone book. The list is maintained by
the ITU (International Telecommunication Union), a division of the United Nations. The
ITU web site is http://www.itu.int and the most recently published list of country codes
is available at http://www.itu.int/itudoc/itu-t/ob-lists/icc/e212_685.html (this list is
valid as of January 2004, and some additional country codes have been assigned since
then.)
Disallow dialing sequences that call for-pay services like 1900 or 1976, 976, etc. For
information on additional numbers that should be blocked, see this website:
http://www.lincmad.com/telesleaze.html
Disallow dialing certain international North American area codes if desired, such as those
in the Caribbean. For example, disallowing 1242 blocks calls to the Bahamas.
The full list of North American area codes can be found in your phone book or at the web
site for the North American Numbering Plan Administration:
http://www.nanpa.com
Making account logon more secure
There are several ways to prevent hackers from even getting to the account logon choice of your
auto attendant. Some methods make it difficult for your own users to use the system, so you
need to judge how far you want to go to prevent toll fraud at the expense of phone system ease
of use. Please note that these options do not make your system secure by themselves, as they
only slow down hackers. The only way to do that is to make sure your user passwords are secure
and change often.
Auto attendant security options include the following:
In your main auto attendant, change the default “#” for user logon to something else.
Ideally, give your remote users a phone number routed to a special auto attendant that
permits remote logon, while your main auto attendant does not. For DID systems, where
you can't control the specific trunk used on inbound calls, give your remote users a DID
number instead that routes them to the special auto attendant.
Do not permit logon in your main auto attendant that is assigned to every trunk. Instead,
create a unique auto attendant on a different trunk each week that permits logon. Publish
the trunk's phone number to your users as it changes.
Release 2.0
September 2010