Security risks associated with transferring throug, Preventive measures – Lucent Technologies MERLIN LEGEND 6 User Manual

Page 388

Advertising
background image

MERLIN LEGEND Communications System Release 6.0
System Manager’s Guide

555-660-118

Issue 1

February 1998

Customer Support Information

Page A-12

Toll Fraud Prevention

A

Any time a call appears to be suspicious, call the Lucent Technologies BCS
Fraud Intervention Center at 1 800 628-2888 (fraud intervention for System
25, PARTNER

®

and MERLIN systems).

Customers should also take advantage of Lucent Technologies monitoring
services and devices, such as the NetPROTECT

SM

family of fraud-

detection services, CAS with HackerTracker

®

, and CAT Terminal with

Watchdog. Call 1 800 638-7233 to get more information on these Lucent
Technologies fraud detection services and products.

Security Risks Associated with Transferring
through Voice Messaging Systems

1

Toll fraud hackers try to dial into a voice mailbox and then execute a transfer by
dialing

ÃU

. The hacker then dials an access code (either

(

for Automatic Route

Selection or a pooled facility code) followed by the appropriate digit string to either
direct dial or access a network operator to complete the call.

NOTE:

In Release 3.1 and later systems, all extensions are initially and by default
restricted from dial access to pools. In order for an extension to use a pool
to access an outside line/trunk, this restriction must be removed.

Preventive Measures

1

Take the following preventive measures to limit the risk of unauthorized transfers
by hackers:

Outward restrict all MERLIN LEGEND Communications System voice mail
port extension numbers. This denies access to facilities (lines/trunks). In
Release 3.1 and later systems, voice mail ports are by default outward
restricted.

As an additional security step, network dialing for all extensions, including
voice mail port extensions, should be processed through ARS using dial
access code

Ã(

.

SECURITY

l

ALERT:

!

The MERLIN LEGEND Communications System ships with ARS
activated with all extensions set to Facility Restriction Level 3,
allowing all international calling. To prevent toll fraud, ARS Facility
Restriction Levels (FRLs) should be established using:

FRL 0 for restriction to internal dialing only

FRL 2 for restriction to local network calling only

Advertising
Popular Brands
Popular manuals