Alert on suspicious call

[alf]

Hello,

customer oxe 12.3 was hacked last week.

Several calls to Uruguay, Antigua, Barbados, Turkmenistan, Albanien, Tunesien and Israel.

Provider blocked international calls already, but the customer need the ability to call his international clients.

Did anybody know a function / trick to alert via incident, when a suspicious call is established/initiated ?

Currently we dont know, how the calls where established.

Now we activated accounting and several kinds of traces, to log next hack attemps.

Best Regards,
Alf

[alex]

We can evade reality but we cannot evade the consequences of evading reality." –Ayn Rand

No such real-time function is available AFAIK. Only "postmortem" tools like If you have 8770 either you could create a specific report on international calls or if you have monitoring license you may check who's running out of limits.
Also there is a security guidelines in System documentation.

[haroun]

if those calls are made from outside and pabx is used as transit ,if u have voice mail may be the issue comes from , also check for DISA
there is a system doc about the pabx hacking for call fraud u should lock ur pnc and entities,
if call are made from user extension pnc and entities are u friends

[sadim]

Hi,
Alex is right, you should check the "security guidelines" in the system documentation.
Regarding a realtime alert, if the system has real time tickets licenses, you can make software to collect tickets via ethernet, and in that software monitor the calling number field and if the number is considered suspicious, make an action for example triggering a trap