RE: War Dial on my PBX

• Previous message: Jerry Shenk: "RE: strange logs -- tcp port 16166"
• Maybe in reply to: David Barnett: "War Dial on my PBX"
• Next in thread: Maria J. Vello: "RE: War Dial on my PBX"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Wed, 25 Jun 2003 07:04:12 -0500
To: "David Barnett" <dbarn064@earthlink.net>, <incidents@securityfocus.com>

I would think the first thing to do is contact your local telco. You
should work with them to determine who this is. They should be able to
figure out who is initiating this attack (ANI or otherwise). It could be
as harmless as someone having a misconfigured telemarketing system or a
fax spammer looking for places to send junk. But I would START with your
local telco.

-Joe

-----Original Message-----
From: David Barnett [mailto:dbarn064@earthlink.net]
Sent: Tuesday, June 24, 2003 5:41 PM
To: incidents@securityfocus.com
Subject: War Dial on my PBX

My company's PBX system (Nortel Meridien) is getting hammered. All our

DIDs are getting hit. Aside from disabling trunk to trunk, what could I
do

to help mitigate this problem. Another office last year was hit and

through the voice mail system someone was able to make $25,000 worth of

calls in a day. This was another system though.

Any help is much appreciated.

------------------------------------------------------------------------

----
Attend the Black Hat Briefings & Training, July 28 - 31 in Las Vegas,
the 
world's premier technical IT security event! 10 tracks, 15 training
sessions, 
1,800 delegates from 30 nations including all of the top experts, from
CSO's to 
"underground" security specialists.  See for yourself what the buzz is
about!  
Early-bird registration ends July 3.  This event will sell out.
www.blackhat.com
------------------------------------------------------------------------
----
----------------------------------------------------------------------------
Attend the Black Hat Briefings & Training, July 28 - 31 in Las Vegas, the 
world's premier technical IT security event! 10 tracks, 15 training sessions, 
1,800 delegates from 30 nations including all of the top experts, from CSO's to 
"underground" security specialists.  See for yourself what the buzz is about!  
Early-bird registration ends July 3.  This event will sell out. www.blackhat.com
----------------------------------------------------------------------------

• Previous message: Jerry Shenk: "RE: strange logs -- tcp port 16166"
• Maybe in reply to: David Barnett: "War Dial on my PBX"
• Next in thread: Maria J. Vello: "RE: War Dial on my PBX"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]