Customer Support Information
System Programming
A–15
n
If Remote Call Forwarding (RCF) is required, MERLIN LEGEND
Communications System owners should coordinate with their AT&T
Account Team or authorized dealer to verify the type of central office
facility used for RCF. If it is a ground-start line/trunk, or if it is a loop-start
line/trunk and central office reliable disconnect can be ensured, then
nothing else needs to be done.
NOTE:
In most cases these will be loop-start lines/trunks without reliable
disconnect. The local telephone company will need to be involved to
change the facilities used for RCF to ground start lines/trunks. Usually a
charge applies for this change. Also, hardware and software changes
may need to be made in the MERLIN LEGEND system. The MERLIN MAIL
Automated Attendant feature merely accesses the RCF feature in the
MERLIN LEGEND system. Without these changes being made, this
feature is highly susceptible to toll fraud. These same preventive
measures must be taken if the RCF feature is active for MERLIN LEGEND
system extensions whether or not it is accessed by an Automated
Attendant menu.
Security Risks Associated with the Remote
Access Feature
Remote Access allows the MERLIN LEGEND Communications System owner to
access the system from a remote telephone and make an outgoing call or
perform system administration, using the network facilities (lines/trunks)
connected to the MERLIN LEGEND system. Hackers, scanning the public
switched network by randomly dialing numbers with war dialers (a device that
randomly dials telephone numbers, including 800 numbers, until a modem or
dial tone is obtained), can find this feature, which will return a dial tone to them.
They can even employ war dialers to attempt to discover barrier codes.
Preventive Measures
Take the following preventive measures to limit the risk of unauthorized use of
the MERLIN LEGEND Communications System Remote Access feature by
hackers:
n
The Remote Access feature can be abused by criminal toll fraud hackers,
if it is not properly administered. Therefore, this feature should not be
used unless there is a strong business need.
n
It is strongly recommended that customers invest in security adjuncts,
which typically use one-time passcode algorithms. These security
adjuncts discourage hackers. Since a secure use of the Remote Access
feature generally offers savings over credit-card calling, the break-even
period can make the investment in security adjuncts worthwhile.
n
If a customer chooses to use the Remote Access feature without a
security adjunct, then multiple barrier codes should be employed, with
one per user if the system permits. The MERLIN LEGEND system permits
a maximum of 16 barrier codes.
Содержание MERLIN LEGEND Release 3.1
Страница 372: ...Memory Card 3 236 Common Administrative Procedures...
Страница 572: ...Telephones 4 200 Programming Procedures...
Страница 715: ...Memory Card Programming Procedures 4 343...
Страница 749: ...Feature Quick Reference 5 34 Centralized Telephone Programming...
Страница 773: ...Customer Support Information B 2 System Programming...
Страница 798: ...Button Diagrams E 6 System Programming...
Страница 800: ...Sample Reports F 2 System Programming Continued on next page...