Alert on suspicious call

You found one ?
You know about one ?
Share it !
Post Reply
User avatar
alf
Member
Posts: 53
Joined: 16 Mar 2006 13:52
Location: Germany
Contact:

Alert on suspicious call

Post by alf »

Hello,

customer oxe 12.3 was hacked last week.

Several calls to Uruguay, Antigua, Barbados, Turkmenistan, Albanien, Tunesien and Israel.

Provider blocked international calls already, but the customer need the ability to call his international clients.

Did anybody know a function / trick to alert via incident, when a suspicious call is established/initiated ?

Currently we dont know, how the calls where established.

Now we activated accounting and several kinds of traces, to log next hack attemps.

Best Regards,
Alf
Regards,
Alf

User avatar
alex
Senior Member
Posts: 1408
Joined: 06 Jul 2004 07:27
Location: Russia
Contact:

Re: Alert on suspicious call

Post by alex »

We can evade reality but we cannot evade the consequences of evading reality." –Ayn Rand
No such real-time function is available AFAIK. Only "postmortem" tools like If you have 8770 either you could create a specific report on international calls or if you have monitoring license you may check who's running out of limits.
Also there is a security guidelines in System documentation.
If it looks like a duck, swims like a duck, and quacks like a duck, then it probably is a duck.

haroun
Member
Posts: 983
Joined: 29 Mar 2010 11:09

Re: Alert on suspicious call

Post by haroun »

if those calls are made from outside and pabx is used as transit ,if u have voice mail may be the issue comes from , also check for DISA
there is a system doc about the pabx hacking for call fraud u should lock ur pnc and entities,
if call are made from user extension pnc and entities are u friends

sadim
Alcatel Unleashed Certified Guru
Alcatel Unleashed Certified Guru
Posts: 528
Joined: 02 Jun 2006 07:11
Location: Portugal

Re: Alert on suspicious call

Post by sadim »

Hi,
Alex is right, you should check the "security guidelines" in the system documentation.
Regarding a realtime alert, if the system has real time tickets licenses, you can make software to collect tickets via ethernet, and in that software monitor the calling number field and if the number is considered suspicious, make an action for example triggering a trap

Post Reply

Return to “Bugs & Security issues”