Guest

Cisco ICS 7700 Series Integrated Communication Systems

Field Notice: Fraud Issue: Restriction Tables Allow Calls to International Operator


Revised September 20, 2002


Products Affected

  • Cisco Unity 3.x

Problem Description

Restriction tables in Unity do not block calls to the international operator. The defaults only block DNs that start with 9 011. This poses a major problem because subscribers can configure their call forwarding in unity to point to the international operator (9 00) and then place international calls.

This is considered toll fraud and can be accomplished by anyone inside or outside of a company who is familiar with how to configure Unity. The frequency of toll fraud reported to Cisco has increased recently and requires each company to apply Security best practices to lock down their Unity systems, as detailed in the Workaround/Solution section below.

Background

After installing Unity, customers often ignore the Example Administrator subscriber. Individuals of questionable character can exploit this by dialing into Unity, logging into the Example Administrator with the default extension and password, and configuring it to call forward to the international operator. At the very least changing the Eadministrator's password will prevent this.

The same can be said for the Example Subscriber. In this case, however,customers should delete this subscriber from Unity. It poses a security risk and uses up a licensed mailbox.

Two other scenarios in which this could happen are:

  1. Internal users can set their own Unity mailboxes to forward to international numbers.

  2. External callers could log into a poorly password protected mailbox (for example: password=1234), and forward to international numbers.

Workaround/Solution

Adding an additional dial string to the restriction tables like 900* will prevent Unity from trying to place a call to the international operator.

  1. If Unity is integrated with a Call Manager, adding a route filter to the route pattern Unity uses to dial to the PSTN will prevent calls to the international operator.

  2. Restricting Unity from placing calls to the PSTN is another option.

  3. Apply a good password policy. Refer to the URL in step 4.

  4. Lock down your Cisco Unity System.

DDTS

To follow the bug ID link below and see detailed bug information, you must be a registered user and you must be logged in.

DDTS

Description

CSCdy54570 (registered customers only)

Restriction tables allow calls to international operator

For More Information

If you require further assistance, or if you have any further questions regarding this field notice, please contact the Cisco Systems Technical Assistance Center (TAC) by one of the following methods:

Receive Email Notification For New Field Notices

Product Alert Tool - Set up a profile to receive email updates about reliability, safety, network security, and end-of-sale issues for the Cisco products you specify.