Lucent Technologies BCS Products Security Handbook

							BCS Products
Security Handbook  
555-025-600  Issue 6
December 1997
Small Business Communications Systems 
Page 4-21 System 25 
4
However, unauthorized persons could disrupt your business by altering your 
system programming. In addition, they could activate features (such as Remote 
Access) that would permit them to make long distance calls through your system.
The following security measures assist you in managing the Remote System 
Administration feature to help prevent unauthorized use.
Security Tips
nThe System Administration capability of the system is protected by a 
password. Passwords can be up to eight characters in length and can be 
alpha or numeric and include the pound sign (#). See ‘‘
Administration / 
Maintenance Access’’ on page 2-4 and ‘‘General Security Measures’’ on 
page 2-7 for secure password procedures. See Appendix E for information 
on how to change passwords.
nIf you have a special telephone line connected to your system for Remote 
System Administration, do one of the following: 
— Unplug the line when it is not being used.
— Install a switch in the line to turn it off when it is not being used.
— Install a security device, such as Lucent Technologies’ Remote Port 
Security Device. (See Appendix G for more information.)
nProtect your Remote System Administration telephone number and 
password. Only give them to people who need to know them, and impress 
upon these people the need to keep the telephone number and password 
secret.
nIf your Remote System Administration feature requires that someone in 
your office transfer the caller to the Remote System Administration 
extension, impress upon your employees the importance of transferring 
only authorized individuals to that extension. 
						

							Voice Messaging Systems 
Page 5-1  
5
BCS Products
Security Handbook  
555-025-600  Issue 6
December 1997
5
5Voice Messaging Systems
The information in this chapter helps prevent unauthorized users from finding 
pathways through the voice messaging system and out of the switch. This chapter 
presents each communications system, and the voice mail systems it may host.
nDEFINITY ECS (page 5-4)
nDEFINITY Communications Systems (page 5-4)
nMERLIN II Communications System (page 5-33)
nMERLIN LEGEND Communications System (page 5-36)
nPARTNER II Communications System (page 5-48)
nPARTNER Plus Communications System (page 5-50)
nSystem 25 (page 5-52)
nSystem 75 (page 5-4)
nSystem 85 (page 5-4)
NOTE:
The tools and measures in this chapter fall into two categories; those that 
are implemented in the switch, and those that are implemented in the voice 
messaging adjunct. It is recommended that security measures related to 
voice adjuncts be implemented in both the switch and the voice adjunct. If 
you are using a non-Lucent Technologies adjunct with a Lucent 
Technologies switch, the switch security measures described here should 
be implemented as well as adjunct security measures described in the 
adjunct documentation supplied by the non-Lucent Technologies vendor. 
						

							BCS Products
Security Handbook  
555-025-600  Issue 6
December 1997
Voice Messaging Systems 
Page 5-2 Protecting Voice Messaging Systems 
5
Protecting Voice Messaging Systems
Voice messaging toll fraud has risen dramatically in recent years. Now more than 
ever, it is imperative that you take steps to secure your communications systems. 
Callers into the voice messaging/auto attendant system may transfer to an 
outgoing trunk if adequate security measures are not implemented (see Figure 
5-1).
In addition, mailboxes associated with voice messaging systems can facilitate toll 
fraud or industrial espionage if they are accessible to unauthorized users.
Figure 5-1. Call Transfer Through the PBX
Criminals attempt to transfer to the following codes:
nARS Dial Access Codes (most likely the digit “9”)
nTrunk Access Codes (TACs)
nTrunk Verification Codes, Facility Test Call Access Codes, or Data 
Origination Codes
All security restrictions that prevent transfer to these codes should be 
implemented. The only tool a criminal needs to breach an inadequately secured 
CO
DID
800
SDNVoice
Messaging
Auto
Attendant
PBX 
						

							BCS Products
Security Handbook  
555-025-600  Issue 6
December 1997
Voice Messaging Systems 
Page 5-3 Protecting Voice Messaging Systems 
5
system is a touch tone telephone. With the advent of cellular phones, hackers 
have yet another means of accessing voice mailboxes. If a user calls the voice 
mail system from a cellular phone and inputs his or her password, the voice 
mailbox becomes vulnerable to toll fraud. Since cellular phones can be monitored, 
a hacker can obtain the password and access the voice mailbox. Tell users not to 
enter passwords on a cellular phone.
Security Tips
nRestrict transfers back to the host PBX, by not allowing transfers, by using 
Enhanced Call Transfer, or by allowing Transfer to Subscriber Only.
nWhen password protection into voice mailboxes is offered, it is 
recommended that you use the maximum length password where feasible.
nDeactivate unassigned voice mailboxes. When an employee leaves the 
company, remove the voice mailbox.
nDo not create voice mailboxes before they are needed.
nEstablish your password as soon as your voice mail system extension is 
assigned. This ensures that only YOU will have access to your mailbox not 
anyone who enters your extension number and #. (The use of only the “#” 
indicates the lack of a password. This fact is well-known by telephone 
hackers.)
nNever have your greeting state that you will accept third party billed calls. A 
greeting like this allows unauthorized individuals to charge calls to your 
company. If you call someone at your company and get a greeting like this, 
point out the vulnerability to the person and recommend that they change 
the greeting immediately.
nNever use obvious or trivial passwords, such as your phone extension, 
room number, employee identification number, social security number, or 
easily guessed numeric combinations (for example, 999999). See 
‘‘
Administration / Maintenance Access’’ on page 2-4 and ‘‘General Security 
Measures’’ on page 2-7 for secure password guidelines.
nChange adjunct default passwords immediately; never skip the password 
entry. Hackers find out defaults.
nLock out consecutive unsuccessful attempts to enter a voice mailbox.
nDiscourage the practice of writing down passwords, storing them, or 
sharing them with others. If a password needs to be written down, keep it in 
a secure place and never discard it while it is active.
nNever program passwords onto auto dial buttons.
nIf you receive any strange messages on the voice mail system, if your 
greeting has been changed, or if for any reason you suspect that your 
voice mail system facilities are being used by someone else, contact 
Lucent Technologies Network Corporate Security. 
						

							BCS Products
Security Handbook  
555-025-600  Issue 6
December 1997
Voice Messaging Systems 
Page 5-4 DEFINITY ECS, DEFINITY Communications Systems, System 75, and System 85 
5
nContact your central office to verify that your carrier provides “reliable 
disconnect” for your host PBX or switch. “Reliable disconnect” is 
sometimes referred to as a forward disconnect or disconnect supervision. It 
guarantees that the central office will not return a dial tone after the called 
party hangs up. If the central office does not provide reliable disconnect 
and a calling party stays on the line, the central office will return a dial tone 
at the conclusion of the call. This permits the caller to place another call as 
if it were being placed from your company.
nContact your voice messaging system supplier. There may be additional 
measures you can take to prevent unauthorized users from transferring 
through voice mail to outgoing trunks.
DEFINITY ECS, DEFINITY 
Communications Systems, System 75, 
and System 85
The voice messaging products that work with these systems are listed below:
nAUDIX Voice Mail System — The AUDIX Voice Mail System is a system 
that is external to the DEFINITY ECS and DEFINITY Communications 
Systems and connected to the switch by station lines and data links. (See 
‘‘
Protecting the AUDIX, DEFINITY AUDIX, and Lucent Technologies 
INTUITY Voice Mail Systems’’ on page 5-15.)
nAUDIX Voice Power System — The AUDIX Voice Power System includes 
AUDIX Voice Power (VP), AUDIX VP Lodging, and AUDIX VP Auto 
Attendant. (See ‘‘
Protecting the AUDIX Voice Power System’’ on page 
5-28.)
nCONVERSANT Voice Information System. (See ‘‘Protecting the 
CONVERSANT Voice Information System’’ on page 5-31.)
nDEFINITY AUDIX System — The DEFINITY AUDIX System is a system 
comprised of circuit packs resident in the switch. (See ‘‘
Protecting the 
AUDIX, DEFINITY AUDIX, and Lucent Technologies INTUITY Voice Mail 
Systems’’ on page 5-15.)
nLucent Technologies INTUITY AUDIX System — The Lucent Technologies 
I
NTUITY System includes both the INTUITY Voice Messaging System and 
the I
NTUITY Intro Voice Response System. (See ‘‘Protecting the AUDIX, 
DEFINITY AUDIX, and Lucent Technologies INTUITY Voice Mail Systems’’ 
on page 5-15.)
Also see ‘‘Related Documentation’’ in the ‘‘About This Document’’ section for a list 
of manuals on these products. 
						

							BCS Products
Security Handbook  
555-025-600  Issue 6
December 1997
Voice Messaging Systems 
Page 5-5 DEFINITY ECS, DEFINITY Communications Systems, System 75, and System 85 
5
Tools that Prevent Unauthorized Calls
You can help prevent unauthorized callers who enter the voice messaging system 
from obtaining an outgoing facility by using the security tools shown in Table 5-1
.
Facility Restriction Levels
The switch treats all the PBX ports used by voice mail systems as stations. 
Therefore, each voice mail port can be assigned a COR/COS with an FRL 
associated with the COR/COS. FRLs provide eight different levels of restrictions 
for AAR/ARS/WCR calls. They are used in combination with calling permissions 
and routing patterns and/or preferences to determine where calls can be made. 
FRLs range from 0 to 7, with each number representing a different level of 
restriction (or no restrictions at all).
The FRL is used for the AAR/ARS/WCR feature to determine call access to an 
outgoing trunk group. Outgoing call routing is determined by a comparison of the 
FRLs in the AAR/ARS/WCR routing pattern to the FRL associated with the 
COR/COS of the call originator.
The higher the FRL number, the greater the calling privileges. For example, if a 
station is not permitted to make outside calls, assign it an FRL value of 0. Then  Table 5-1. DEFINITY ECS, DEFINITY Communications Systems, System 75, and 
System 85 Voice Mail Security Tools
Security Tool Switch Page #
Enhanced Call Transfer 
(see ‘‘
Protecting the 
AUDIX, DEFINITY 
AUDIX, and Lucent 
Technologies INTUITY 
Voice Mail Systems’’)DEFINITY G1 (Issue 
5.0), G2, G3, DEFINITY 
ECS, System 75 R1V3 
(Issue 2.0), System 85 
R2V45-15
Facility Restriction 
Levels*All5-5
Station-to-Trunk 
Restrictions*All5-6
Class of Restriction DEFINITY G1, G3, 
DEFINITY ECS, and 
System 755-6
Class of Service DEFINITY G2 and 
System 855-6
Toll Analysis DEFINITY G1, G2, G3, 
DEFINITY ECS, and 
System 855-7 
						

							BCS Products
Security Handbook  
555-025-600  Issue 6
December 1997
Voice Messaging Systems 
Page 5-6 DEFINITY ECS, DEFINITY Communications Systems, System 75, and System 85 
5
ensure that the FRLs on the trunk group preferences in the routing patterns are 
1or higher.
For example, when voice mail ports are assigned to a COR with an FRL of 0, 
outside calls are disallowed. If this is too restrictive because the outcalling feature 
is being used, the voice mail ports can be assigned to a COR with an FRL that is 
low enough to limit calls to the calling area needed.
NOTE:
Voice messaging ports that are outward restricted via COR cannot use 
AAR/ARS/WCR trunks. Therefore, the FRL level doesn’t matter since FRLs 
are not checked.
Station-to-Trunk Restrictions
Station-to-Trunk Restrictions can be assigned to disallow stations from dialing 
specific outside trunks. By implementing these restrictions, callers cannot transfer 
out of voice mail to an outside facility using Trunk Access Codes.
For G2 and System 85, if TACs are necessary for certain users to allow direct dial 
access to specific facilities, such as tie trunks, use the Miscellaneous Trunk 
Restriction feature to deny access to others. For those stations and all 
trunk-originated calls, always use ARS/AAR/WCR for outside calling.
NOTE:
Allowing TAC access to tie trunks on your switch may give the caller access 
to the Trunk Verification feature on the next switch, or the outgoing trunks 
through either ARS or TACs.
Class of Restriction
For DEFINITY ECS, DEFINITY G1, G3, and System 75, each voice port on the 
voice mail adjunct is considered an extension to the switch and should be 
assigned its own unique COR. Up to 64 CORs can be defined in the system. For 
DEFINITY G3rV1, G3i-Global, and G3V2 and later, this has been increased to 96 
CORs. The CORs are assigned to stations and trunks to provide or prevent the 
ability to make specific types of calls, or calls to other specified CORs. For 
example, a voice mail extension could be assigned to a COR that prohibits any 
outgoing calls.
Class of Service
For DEFINITY G2 and System 85, a voice mail port must be assigned a COS. The 
following COS options relate to voice mail toll fraud prevention:
nCall Forward Off-Net: allows a user to call forward outside the switch to 
non-toll locations.
nCall Forward Follow Me: allows a user to forward calls outside the switch 
when other options are set. 
						

							BCS Products
Security Handbook  
555-025-600  Issue 6
December 1997
Voice Messaging Systems 
Page 5-7 DEFINITY ECS, DEFINITY Communications Systems, System 75, and System 85 
5
nMiscellaneous Trunk Restrictions: restricts certain stations from calling 
certain trunk groups via dial access codes.
nOutward Restriction: restricts the user from placing calls over the CO, FX, 
or WATS trunks using dial access codes to trunks. Outward restriction also 
restricts the user from placing calls via ARS/WCR. Use ARS/WCR with 
WCR toll restrictions instead.
nToll Restriction: prevents users from placing toll calls over CO, FX, or 
WATS trunks using dial access codes to trunks. Use ARS/WCR with WCR 
toll restrictions instead.
nWCR Toll Restriction: restricts users from dialing the ARS or WCR Network 
I Toll Access Code, or from completing a toll call over ARS/WCR.
nTerminal-to-Terminal Restrictions: restricts the user from placing or 
receiving any calls except from and to other stations on the switch.
Toll Analysis
The Toll Analysis screen allows you to specify the toll calls you want to assign to a 
restricted call list (for example, 900 numbers) or to an unrestricted call list (for 
example, an outcalling number to a call pager). Call lists can be specified for 
CO/FX/WATS, TAC, and ARS calls, but not for tie TAC or AAR calls.
Security Measures in the PBX
Security measures in the PBX are designed to prevent criminals from placing 
fraudulent calls once they have accessed the voice messaging system. However, 
these security measures do not restrict criminals from reaching the voice mail 
system, such as by dialing a DID station that is forwarded to the voice mail 
system. Incoming calls to the voice mail system may transfer to outgoing facilities 
if proper security measures are not implemented. Security steps can be 
implemented in the PBX and in the voice messaging/auto attendant system.
Limit Voice Mail to Internal Calling
If outcalling is not activated in the voice mail system, you can restrict voice mail 
callers from dialing an outside number by making the ports outward restricted.
For DEFINITY G1, G3, and System 75:
nUse change cor to display the Class of Restriction screen, then create an 
outward restricted COR by entering outward in the Calling Party 
Restriction field.
nAssign FRL 0.
nUse change station to assign the outward restricted COR to the voice mail 
ports.
nUse COR-to-COR restrictions to block voice mail ports from directly 
accessing the CORs of outgoing trunks. The trunk CORs should be unique. 
						

							BCS Products
Security Handbook  
555-025-600  Issue 6
December 1997
Voice Messaging Systems 
Page 5-8 DEFINITY ECS, DEFINITY Communications Systems, System 75, and System 85 
5
For DEFINITY G2 and System 85:
nUse PROC010 WORD3 FIELD19 to assign outward restriction to the voice 
mail ports’ COS.
nMake the voice ports Toll Restricted and ARS Toll Restricted, and assign 
an FRL of 0. Enter no for all Miscellaneous Trunk Restriction Groups 
(MTRGs).
Restrict the Outside Calling Area
When you assign the lowest possible FRL to the voice mail ports, you can limit the 
trunks that are available to callers. FRLs can be assigned to offer a range of 
calling regions. Choose the one that provides the most restricted calling range 
that is required. Table 5-2
 provides suggested FRL values.
 
NOTE:
In Table 5-2, FRLs 1 through 7 include the capabilities of the lower FRLs. 
For example, FRL 3 allows private network trunk calls and local calls in 
addition to FX and WATS trunk calls. Verify the route pattern FRLs — no 
pattern should carry an FRL of 0.
For DEFINITY G1, G3, and System 75:
nUse change cor for the voice mail ports (versus subscribers) to display the 
Class of Restriction screen.
Table 5-2. Suggested Values for FRLs
FRL Suggested Value
0No outgoing (off-switch) calls permitted.
1Allow local calls only; deny 0+ and 1 800 calls.
2Allow local calls, 0+, and 1 800 calls.
3Allow local calls plus calls on FX and WATS trunks.
4Allow calls within the home NPA.
5Allow calls to certain destinations within the 
continental USA.
6Allow calls throughout the continental USA.
7Allow international calling. Assign attendant console 
FRL 7. Be aware, however, if Extension Number 
Portability is used, the originating endpoint is 
assigned FRL 7.