Home
>
Lucent Technologies
>
Communications System
>
Lucent Technologies BCS Products Security Handbook
Lucent Technologies BCS Products Security Handbook
Have a look at the manual Lucent Technologies BCS Products Security Handbook online for free. It’s possible to download the document as PDF or print. UserManuals.tech offer 413 Lucent Technologies manuals and user’s guides for free. Share the user manual or guide on Facebook, Twitter or Google+.
BCS Products Security Handbook 555-025-600 Issue 6 December 1997 Voice Messaging Systems Page 5-29 DEFINITY ECS, DEFINITY Communications Systems, System 75, and System 85 5 Protecting Passwords The AUDIX Voice Power System offers password protection to help restrict unauthorized access. Subscribers should use a maximum length password and should change it routinely. Passwords can be up to 9 digits. See ‘‘ Administration / Maintenance Access’’ on page 2-4 and ‘‘General Security Measures’’ on page 2-7 for secure password guidelines. See Appendix E for information on how to change passwords. Security Tips The following security measures assist you in managing features of the AUDIX Voice Power System to help prevent unauthorized use. nSet Transfer to Subscribers Only to yes. This limits transfers to only those switch extensions with a mailbox in the AUDIX Voice Power System. nRequire employees who have voice mailboxes to use passwords to protect their mailboxes. See ‘‘ Administration / Maintenance Access’’ on page 2-4 and ‘‘ General Security Measures’’ on page 2-7 for secure password guidelines. nMake sure subscribers change the default password the first time they log in to the AUDIX Voice Power System. nHave the AUDIX Voice Power System administrator delete unneeded voice mailboxes from the system immediately. nOn the System Parameters form, use the maximum number of digits allowable for extension entry (six). This will make it more difficult for criminals to guess the login and password combinations of your users. nSet up auto attendant selection codes so that they do not permit outside line selection. nIf you have Release 1.0 of the AUDIX Voice Power System, implement all appropriate security measures on the PBX side. nIf you do not need to use the Outcalling feature of the AUDIX Voice Power System, completely restrict the outward calling capability of the AUDIX Voice Power System ports through the COR assignments of the ports on the switch. nIf outcalling is used, restrict the calling area through the CORs of the voice ports on the switch. !WARNING: Entering “#” transfers calls to the switch; that is, the transfer feature is always available and appropriate outgoing port restrictions must be in place to avoid toll fraud.
BCS Products Security Handbook 555-025-600 Issue 6 December 1997 Voice Messaging Systems Page 5-30 DEFINITY ECS, DEFINITY Communications Systems, System 75, and System 85 5 Security Measures The security measures described in this section do not apply if you are using Release 1.0 of the AUDIX Voice Power System. In this case, use PBX restrictions to safeguard your system. Transfer Only to System Subscribers The AUDIX Voice Power System has the ability to allow callers to transfer only to mailbox subscribers. When an AUDIX Voice Power System caller requests a transfer using followed by an extension number, the AUDIX Voice Power System can compare the extension number entered with the valid extension numbers administered in the subscriber database. If the extension is invalid, the transfer is denied and an error message is played to the caller. However, it does not prevent transfers from pre-administered dial strings in the automated attendant from accessing the outgoing facilities. Refer to Chapter 6 for procedures to restrict the automated attendant ports. nOn the AUDIX Voice Power System, within the System Parameter Administration form, enter yes in the Transfer to Subscribers Only field. NOTE: You cannot use this security measure if calls are transferred to people in your company who are not AUDIX Voice Power System subscribers (see ‘‘ Limit Transfers Out of the System’’ on page 5-30). Limit Transfers Out of the System When you need to allow transfers to people who are not AUDIX Voice Power System subscribers, you can add their extension numbers to the AUDIX Voice Power System subscriber database, but restrict access to their voice mailboxes. nOn the System Parameter Administration form, enter yes in the Transfer to Subscriber Only field. nOn the Subscriber Administration form, add each extension number for non-AUDIX Voice Power System subscribers. nEnter # in the Subscriber Password field to prevent access to the corresponding voice mail. nEnter yes in the Does the subscriber have switch call coverage field. On the switch side, do not specify the AUDIX Voice Power System extension as a coverage point for any of these added extensions. NOTE: Although these restricted voice mailboxes cannot receive Call Answer messages, they do receive broadcast messages and even may receive a misdirected message from another subscriber. To save storage space, you should periodically clean out these mailboxes by accessing the restricted mailboxes and deleting all messages. *T
BCS Products Security Handbook 555-025-600 Issue 6 December 1997 Voice Messaging Systems Page 5-31 DEFINITY ECS, DEFINITY Communications Systems, System 75, and System 85 5 NOTE: On AUDIX Voice Power System 2.1.1, mailboxes can be set individually to “1 minute,” reducing the clean-up that these mailboxes require. Protecting the CONVERSANT Voice Information System This section addresses security issues for the CONVERSANT and INTUITY CONVERSANT Voice Information Systems. These systems provide a platform used to build and execute voice response applications that involve network connections. Poor application design could allow unauthorized calls to be placed through the VIS. Two ways to prevent unauthorized use of the CONVERSANT Voice Information Systems are as follows: nBlock outbound access to the network at the switch (PBX or central office) that provides service to the VIS. Blocking outbound access includes blocking call origination, bridging, and transfer capabilities. This method does not rely on a secure VIS or robust VIS application design, and can be done by blocking all outgoing calls or transfer access (using one-way trunks for T1 or PRI), or by limiting the codes that can be dialed. nMonitor the current VIS environment to determine if your application is at risk. This method should be used when blocking outbound access is inappropriate (for example, if the application requires outbound features, or if access to VIS administration is not well-controlled or only provides partial protection). Protecting Passwords System Administrator passwords follow standard UNIX password conventions. There are no end-user passwords. See ‘‘ Administration / Maintenance Access’’ on page 2-4 and ‘‘General Security Measures’’ on page 2-7 for secure password guidelines. Also, do the following: nRestrict the “root” login to a single individual or to as few individuals as possible. nDo not document any passwords. nAlways change the “root” password from the default during installation and change it frequently after installation. NOTE: This information applies to remote maintenance board (RMB) access as well. See Appendix E for information on how to change System Administrator passwords.
BCS Products Security Handbook 555-025-600 Issue 6 December 1997 Voice Messaging Systems Page 5-32 DEFINITY ECS, DEFINITY Communications Systems, System 75, and System 85 5 Security Measures Design applications with toll fraud in mind. nMake sure the application verifies that long distance numbers are not being requested, or that only permitted numbers are requested. The Transfer Call and Call Bridge capabilities of Script Builder, and the “tic” instruction at the Transaction State Machine (TSM) script level provide network access. If the ASAI package is loaded, additional TSM instructions and libraries provide access using the ASAI facility. In addition, a poorly designed Prompt and Collect action for transfer could let the caller enter any number for an outside access number. nIf numbers are contained in a database where anyone with database access can change them, or if they are entered by the caller, fraud is possible. Build the numbers into the application, or have the application control them to minimize the possibility of toll fraud. nThe VIS Feature Test (feature_tst) package contains application programs that can be assigned to channels to test system components that allow any 4-digit number to be dialed, such as transfer and call bridging. The application should not be assigned to a channel, or the package should not be loaded except when these tests are being used. nAnyone with access to application code can hide logic in it that provides network access and is triggered under specific circumstances. Make sure that only trusted individuals can access application code. nAn application can be audited using Automatic Number Identification (ANI) capabilities through PRI and ASAI (or normal call data tools) to set up local database tables to collect numbers. If a significant number of repeat inbound calls are identified, an administrator can be notified using the Netview package, UNIX, or ARU, or an application can be spawned to call someone to alert the administrator about the calls. Protect local and remote access. nRestrict login access to trusted individuals with a need to maintain or administer the system. nRestrict remote login access. nUse the administrative interface and its security classes for logins. Certain capabilities are restricted for particular classes. For example, the Operations class cannot modify applications. nMake sure when you use a modem that it is administered properly to prevent access by outside users. Make sure the phone is disconnected from the modem when the modem is not in use, or use the RPSD lock. nUse standard UNIX tools to monitor login statistics.
BCS Products Security Handbook 555-025-600 Issue 6 December 1997 Voice Messaging Systems Page 5-33 MERLIN II Communications System 5 Security Tips Toll fraud is possible when the application allows the incoming caller to make a network connection with another person. Thus, bridging to an outbound call, call transfer, and 3-way-conferencing should be protected. nRequire callers to use passwords. nHave the application verify that long distance numbers are not being requested, or verify that only permitted numbers are requested. nUse appropriate switch translation restrictions. nRestrict the COR and have distinctive audible alert set to no for all analog ports assigned in the switch. If no calls are routed out of the system, assign outward restriction and an FRL of 0, and enter no for all trunk group CORs. MERLIN II Communications System The MERLIN II Communications System may be used with the MERLIN MAIL Voice Messaging System. For security measures to protect the voice messaging system, see ‘‘ Protecting the MERLIN MAIL Voice Messaging System’’ on page 5-33. Also see ‘‘Related Documentation’’ in the ‘‘About This Document’’ section for a list of manuals on this product. The MERLIN II Communications System R3 offers the following features: nIt does not allow trunk-to-trunk transfer, thus reducing toll fraud exposure. To reduce the system’s vulnerability to toll fraud, do the following: nProgram the MERLIN II Communications System to assign Toll Restriction level to the MERLIN MAIL Voice Messaging System ports. nMonitor SMDR reports and/or Call Accounting System reports for outgoing calls that might be originated by internal and external abusers. Protecting the MERLIN MAIL Voice Messaging System Unauthorized persons concentrate their activities in two areas with the MERLIN MAIL Voice Messaging System: nThey try to use the MERLIN MAIL Voice Messaging System to gain access to an outgoing trunk in order to make long distance calls. nThey try to locate unused or unprotected mailboxes and use them as dropoff points for their own messages.
BCS Products Security Handbook 555-025-600 Issue 6 December 1997 Voice Messaging Systems Page 5-34 MERLIN II Communications System 5 The MERLIN MAIL Voice Messaging System provides automated attendant, call answer, and voice mail functionality. The automated attendant feature answers incoming calls and routes them to the appropriate department, person, or mailbox. The call answer feature provides call coverage to voice mailboxes. The voice mail feature provides a variety of voice messaging features. The area of toll fraud risk associated with the automated attendant feature is indicated below. nPooled facility (line/trunk) access codes are translated to a selector code to allow Remote Access. If a hacker chooses this selector code, the hacker has immediate access. Take the following preventative measures to limit the risk of unauthorized use of the automated attendant feature by hackers: nDo not program automated attendant selector codes for Automatic Route Selection (ARS) codes or Pooled Facility codes. nAssign all unused automated attendant selector codes to zero, so that attempts to dial these will be routed to the system operator or to the General Mailbox. Protecting Passwords Passwords can be up to 4 digits. See ‘‘Administration / Maintenance Access’’ on page 2-4 and ‘‘General Security Measures’’ on page 2-7 for secure password guidelines. See Appendix E for information on how to change passwords. Security Tips The MERLIN MAIL Voice Messaging System can be administered to reduce the risk of unauthorized persons gaining access to the network. However, phone numbers and authorization codes can be compromised when overheard in a public location, lost through theft of a wallet or purse containing access information, or when treated carelessly (writing codes on a piece of paper and improperly discarding them). Hackers may also use a computer to dial an access code and then publish the information for other hackers. Substantial charges can accumulate quickly. It is your responsibility to take appropriate steps to implement the features properly, to evaluate and administer the various restriction levels, and to protect and carefully distribute access codes. To reduce the risk of unauthorized access through your voice messaging system, observe the following procedures: nMonitor SMDR reports and/or Call Accounting System reports for outgoing calls that might be originated by internal and external abusers.
BCS Products Security Handbook 555-025-600 Issue 6 December 1997 Voice Messaging Systems Page 5-35 MERLIN II Communications System 5 nCreate a Disallowed List to disallow dialing 0, 70, 011, 809, 1809, 0809, 10, 9999, 411, 1411, 800, 888, 700, 900, 976, 550, 1800, 1888,1700, 1500, 1900, 1976, 1550, 0800, 0888, 0700, 0500, 0900, 0976, and 0550. Assign all MERLIN MAIL Voice Messaging System ports to this list. Lucent Technologies recommends using List 7 — the last Disallowed List. This is an added layer of security, in case other restrictions are inadvertently removed. nRequire employees who have voice mailboxes to use 4-digit passwords to protect their mailboxes. nRequire the System Administrator and all voice mailbox owners to change their password from the default. nHave employees use random sequence passwords. nImpress upon employees the importance of keeping their passwords a secret. nEncourage employees to change their passwords regularly. nUse a secure password for the General Mailbox. nReassign the System Administrator’s mailbox/extension number from the default of 9997. Be certain to password protect the new mailbox. nHave the MERLIN MAIL Voice Messaging System Administrator delete unneeded voice mailboxes from the system immediately. nSet the maximum number of digits in an extension parameter appropriate to your dial plan. The MERLIN MAIL Voice Messaging System will not perform transfers to extensions greater than that number. nWhen possible, restrict the off-network capability of callers by using calling restrictions and Disallowed List features. nWhen possible, block out-of-hours calling. nToll Restrict all voice mail port extensions. nConsider requiring network dialing to be allowed through ARS only. nDeny access to pooled facility codes by removing pool dial-out codes 9, 890-899, or any others on your system. nInstruct employees to contact their System Administrator immediately if any of the following occur: nstrange voice mail messages are received ntheir personal greeting has been changed nthey suspect their MERLIN MAIL Voice Messaging System mailbox is being used by someone else
BCS Products Security Handbook 555-025-600 Issue 6 December 1997 Voice Messaging Systems Page 5-36 MERLIN LEGEND Communications System 5 MERLIN LEGEND Communications System The MERLIN LEGEND Communications System may be used with the following voice messaging systems: nAUDIX Voice Power System — the AUDIX Voice Power System is a system that is external to the MERLIN LEGEND Communications System and connected to the switch by station lines and data links. (See ‘‘ Protecting the AUDIX Voice Power System’’ on page 5-37.) nINTUITY Voice Messaging System (See ‘‘Protecting the INTUITY Voice Messaging System’’ on page 5-39.) nMERLIN MAIL Voice Messaging System. (See ‘‘Protecting the MERLIN MAIL, MERLIN MAIL-ML, MERLIN MAIL R3, and MERLIN LEGEND Mail Voice Messaging Systems’’ on page 5-43.) nMERLIN MAIL-ML Voice Message System. (See ‘‘Protecting the MERLIN MAIL, MERLIN MAIL-ML, MERLIN MAIL R3, and MERLIN LEGEND Mail Voice Messaging Systems’’ on page 5-43.) nMERLIN MAIL R3 Voice Message System. (See ‘‘Protecting the MERLIN MAIL, MERLIN MAIL-ML, MERLIN MAIL R3, and MERLIN LEGEND Mail Voice Messaging Systems’’ on page 5-43.) nMERLIN LEGEND Mail Voice Messaging System. (See ‘‘Protecting the MERLIN MAIL, MERLIN MAIL-ML, MERLIN MAIL R3, and MERLIN LEGEND Mail Voice Messaging Systems’’ on page 5-43.) Also see ‘‘Related Documentation’’ in the ‘‘About This Document’’ section for a list of manuals on these products. The MERLIN LEGEND Communications System ships with ARS activated and all extensions set to Facility Restriction Level 3, allowing all international calling. To prevent toll fraud, ARS Facility Restriction Levels (FRLs) should be established using: nFRL 0 for restriction to internal dialing only nFRL 2 for restriction to local network calling only nFRL 3 for restriction to domestic long distance (excluding area code 809 for the Dominican Republic, as this is part of the North American Numbering Plan, unless 809 is required) nFRL 4 for international calling Each extension should be assigned the appropriate FRL to match its calling requirement. All voice mail port extensions and barrier codes not used for outcalling should be assigned to FRL 0, which is the default setting for voice mail ports starting with Release 3.1. Prior to this release, the default setting is FRL 3.
BCS Products Security Handbook 555-025-600 Issue 6 December 1997 Voice Messaging Systems Page 5-37 MERLIN LEGEND Communications System 5 Protecting the AUDIX Voice Power System The AUDIX Voice Power System provides both automated attendant and voice mail functionality. The automated attendant feature answers incoming calls and routes them to the appropriate department, person, or mailbox. The voice mail feature provides call coverage to voice mailboxes along with a variety of voice messaging features. Unauthorized persons concentrate their activities in two areas with the AUDIX Voice Power System: nThey try to transfer out of the AUDIX Voice Power System to gain access to an outgoing trunk and make long distance calls. nThey try to locate unused or unprotected mailboxes and use them as dropoff points for their own messages. Protecting Passwords The AUDIX Voice Power System offers password protection to help restrict unauthorized access. Subscribers should use a maximum length password and should change it routinely. Passwords can be up to 9 digits. See ‘‘ Administration / Maintenance Access’’ on page 2-4 and ‘‘General Security Measures’’ on page 2-7 for secure password guidelines. See Appendix E for information on how to change passwords. Security Tips The following security measures assist you in managing features of the AUDIX Voice Power System to help prevent unauthorized use. nLucent Technologies recommends setting Transfer to Subscribers Only to yes. This limits transfers to only those valid switch extensions for which a mailbox is assigned. nIf you have Release 1.0 of the AUDIX Voice Power System, implement all appropriate security measures on the switch side. nRequire employees who have voice mailboxes to use passwords to protect their mailboxes. See ‘‘ Administration / Maintenance Access’’ on page 2-4 and ‘‘ General Security Measures’’ on page 2-7 for secure password guidelines. nMake sure subscribers change the default password the first time they log in to the AUDIX Voice Power System. nHave the AUDIX Voice Power System Administrator delete unneeded voice mailboxes from the system immediately. nOn the System Parameters form, use the maximum number of digits allowable for extension entry (six). This will make it more difficult for criminals to guess the login and password combinations of your users.
BCS Products Security Handbook 555-025-600 Issue 6 December 1997 Voice Messaging Systems Page 5-38 MERLIN LEGEND Communications System 5 nSet up auto attendant selection codes so that they do not permit outside line selection. nAssign toll restriction levels to the AUDIX Voice Power System ports. nIf you do not need to use the Outcalling feature of the AUDIX Voice Power System, completely restrict the outward calling capability of the AUDIX Voice Power System ports. !WARNING: Entering “#” transfers calls to the switch; that is, the transfer feature is always available and appropriate outgoing port restrictions must be in place to avoid toll fraud. Security Measures The security measures described in this section do not apply if you are using Release 1.0 of the AUDIX Voice Power System. In this case, use switch restrictions. Transfer Only to System Subscribers The AUDIX Voice Power System has the ability to allow callers to transfer only to mailbox subscribers. When an AUDIX Voice Power System caller requests a transfer using followed by an extension number, the AUDIX Voice Power System can compare the extension number entered with the valid extension numbers administered in the subscriber database. If the extension is invalid, the transfer is denied and an error message is played to the caller. However, it does not prevent transfers from pre-administered dial strings in the automated attendant from accessing the outgoing facilities. Refer to Chapter 6 for procedures to restrict the automated attendant ports. nOn the AUDIX Voice Power System, within the System Parameter Administration form, enter yes in the Transfer to Subscribers Only field. NOTE: You cannot use this security measure if calls are transferred to people in your company who are not AUDIX Voice Power System subscribers (see ‘‘ Limit Transfers Out of the System’’ on page 5-30). Limit Transfers Out of the System When you need to allow transfers to people who are not AUDIX Voice Power System subscribers, you can add their extension numbers to the AUDIX Voice Power System subscriber database, but restrict access to their voice mailboxes. nOn the System Parameter Administration form, enter yes in the Transfer to Subscriber Only field. nOn the Subscriber Administration form, add each extension number for non-AUDIX Voice Power System subscribers. *T