Unnamed Administration sources reported that JOEL WEISER said:
>
> It looks like if you don't have a password on 999, then he puts in his own
> password- then he creates bogus mbxs.
...
> If you do have a password on 999 that he can't hack - then it looks like he
> searches for a mbx's that are already assigned and in use without having a
> personal password assigned. He sets up these boxes for notification (a
> feature that is controlled by the mbx owner) then assigns his own password
> to that persons mbx, locking out the owner of the mbx from accessing that
> mbx.
...
> SOLUTION - - password protect all mbx's especially 998 & 999!!! I believe
> that you can use 4-10 digits for you password - I suggest using atleast 6
> digits.
>
> If your customer doesn't use any type of external message delivery then you
> can set the "outgoing call setup sequence" which is under "system parameters
> / others / dialing parameters" to something like "**##", so that the TVS
> will not be able to draw dialtone from the system.
Thanks for the summary.
Some comments: It's easy to protect 998 & 999. It's far harder
to get users to choose good passwords. (Too bad we can't force
a MINIMUM length... & run crack..)
Thus it's useful to know you can eliminate the threat by stopping
external message delivery.
--
A host is a host from coast to [EMAIL PROTECTED]
& no one will talk to a host that's close........[v].(301) 56-LINUX
Unless the host (that isn't close).........................pob 1433
is busy, hung or dead....................................20915-1433
*********************************************************
* To unsubscribe, e-mail [EMAIL PROTECTED] *
* The KXT-Digest Home Page: http://kxthelp.com/ *
*********************************************************
