I too would also be curious to see what Cisco pointed you to if anything.
-----Original Message----- From: Chuck [mailto:[EMAIL PROTECTED]] Sent: Monday, July 08, 2002 6:18 PM To: [EMAIL PROTECTED] Subject: Re: h225 IE data [7:48352] first off, I don't know the answer to your question. Having just sold a couple of AVVID's, I am interested, though in toll fraud and how it is pulled off. I know that in the PBX world there are or were certain timeout settings that generally had to be adjusted down to zero so that a hacker couldn't to an effective DoS and get dial tone. ( IIRC, hackers would use a "blue box" and just keep pounding a PBX until it gave up and offered dial tone. There were specific timeout settings that had to be zero to prevent this, IIRC ) Chris, without revealing the specifics of your situation, were there / are there specific Call Manager configurations you were able to change to prevent this going forward? Did Cisco point you to any specific links to read up on? ""Chris Charlebois"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > We have been experiencing some toll fraud with our CallManager / Unity > system. Thanks to CCM traces we were able to find out exactly how they were > getting in. However, we still don't know who "they" are. The ANI on the > incoming calls was blocked (suprise suprise). What I'm wondering if there > is any information that we can get from the H225 data. I know we won't be > able to get the calling number, but maybe we can pull out what city they are > calling from, or what carrier they are using, or any information at all. > > It is possible that the FBI will get involved in this (the destination of > these calls are countries that the FBI has an interest in) and, if they do, > I'm sure they have ways and means to get far more information than I do. > I'm just courious. > > If anyone knows what can be learned from H225 and how, I'd appreciate it. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=48366&t=48352 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
