Lucent Technologies MERLIN LEGEND Release 6.1 Feature Reference page 629
Release 6.1
Hide thumbs
Also See for MERLIN LEGEND Release 6.1:
- System programming manual (1010 pages) ,
- System planning manual (588 pages) ,
- Maintenance and troubleshooting manual (510 pages)
Table of Contents
Advertisement
MERLIN LEGEND Communications System Release 6.1
Feature Reference 555-661-110
Features
Remote Access
Common carriers are required by law to collect their tariffed charges. While
these charges are fraudulent charges made by persons with criminal intent,
applicable tariffs state that the customer of record is responsible for
payment of all long-distance or other network charges. Lucent Technologies
cannot be responsible for such charges and will not make any allowance or
give any credit for charges that result from unauthorized access.
To minimize the risk of unauthorized access to your communications
system:
Beginning with Release 3.0, additional security to prevent telephone toll
fraud is included:
Program the maximum length (11) for systemwide barrier code
length (Release 3.0 and later).
Use an unpublished remote access number.
Assign barrier codes randomly to users on a need-to-have basis,
keeping a log of all authorized users and assigning one code to one
person.
Use random-sequence barrier codes, which are less likely to be
easily broken.
Deactivate all unassigned codes promptly.
Ensure that remote access users are aware of their responsibility to
keep the telephone number and any barrier codes secure.
When possible, restrict the off-network capability of off-premises
callers, through use of calling restrictions and Disallowed List
features.
When possible, block out-of-hours calling.
Frequently monitor system call detail reports for quicker detection of
any unauthorized or abnormal calling patterns.
Limit Remote Call Forwarding to persons on a need-to-have basis.
Change barrier codes periodically.
The remote access default requires a barrier code.
The barrier code is a flexible-length code ranging from 4 to 11 digits
(with a default of 7) and includes the * character. The length is set
systemwide.
The user is given three attempts to enter the correct barrier code.
Whether or not the dialed digits are correct, an inter-digit time-out
occurs during the first attempt. The system processes only the valid
number of digits. So if a hacker enters four digits and the length is
four digits, he or she hears dial tone. If a hacker enters four digits
and keeps entering more, the system uses the time-out to hide the
correct number of digits from the hacker. The time-out recurs until
Issue 1
August 1998
Page 580
Advertisement
Table of Contents
