AT&T MERLIN LEGEND Release 3.1 System Manager's Manual page 353
Communications system
Hide thumbs
Also See for MERLIN LEGEND Release 3.1:
- System programming manual (887 pages) ,
- Maintenance and troubleshooting manual (426 pages) ,
- System planning manual (384 pages)
Table of Contents
Advertisement
Customer Support Information
n
Any time a call appears to be suspicious, call the AT&T GBCS Fraud
Intervention Center at 1 800 628-2888 (fraud intervention for System 25,
PARTNER
n
Customers should also take advantage of AT&T monitoring services and
devices, such as the NetPROTECT
CAS with HackerTracker
1 800 638-7233 to get more information on these AT&T fraud detection
services and products.
Security Risks Associated with Transferring
through Voice Messaging Systems
Toll fraud hackers try to dial into a voice mailbox and then execute a transfer by
dialing * T. The hacker then dials an access code (either 9 for Automatic
Route Selection or a pooled facility code) followed by the appropriate digit
string to either direct dial or access a network operator to complete the call.
NOTE:
In Release 3.1 and later systems, all extensions are initially and by default
restricted from dial access to pools. In order for an extension to use a pool to
access an outside line/trunk, this restriction must be removed.
Preventive Measures
Take the following preventive measures to limit the risk of unauthorized transfers
by hackers:
n
Outward restrict all MERLIN LEGEND voice mail port extensions. This
denies access to facilities (lines/trunks). In Release 3.1 and later
systems, voice mail ports are by default outward restricted.
n
As an additional security step, network dialing for all extensions,
including voice mail port extensions, should be processed through ARS
using dial access code 9
!
A–12
System Manager's Guide
®
®
and MERLIN
systems).
®
, and CAT Terminal with Watchdog. Call
SECURITY ALERT:
The MERLIN LEGEND system ships with ARS activated with all
extensions set to Facility Restriction Level 3, allowing all
international calling. To prevent toll fraud, ARS Facility Restriction
Levels (FRLs) should be established using:
n
FRL 0 for restriction to internal dialing only
n
FRL 2 for restriction to local network calling only
n
FRL 3 for restriction to domestic long distance (excluding area
code 809 for the Dominican Republic as this is part of the
North American Numbering Plan, unless 809 is required)
SM
family of fraud detection services,
Advertisement
Chapters
Table of Contents
