Filter
Top Products
Mitel NuPoint Messenger Technical Documentation - Release 7.0
Modify Permission Categories for Current User IDs CP 4343
Respond to “Login Incorrect” or “Permission Denied” CP 3290
Restrict Line Group Access CP 3412
Run an Audit Trail Report CP 3346
Set the Site Name, Site Banner, and Site Code CP 5415
Start or Stop an Audit Trail CP 4340
View a List of Current Users CP 4341
Protection From Outside Abuse
Mailboxes that can be reached through the telephone network are seen as the primary entry point
for “hostile invasion” of a communications server such as the NuPoint Messenger server. Service
providers and corporate telecommunications managers alike are concerned about hackers taking
over mailboxes for their own applications, or using mailboxes for toll fraud by calling through long-
distance facilities accessible from the server.
You can configure your server to require access codes or passcodes before callers can reach
various functions, and you can configure mailboxes to automatically perform certain functions,
such as hanging up after playing a greeting.
Existing Mailboxes
The first level of security is protection of the mailboxes by passcodes. By default, the server
requires passcodes on all mailboxes. You can turn this feature off using feature bit 218 for direct
calls, but you should do so with caution. Mailbox owner passcodes can be up to 10 digits in
length, and users can change their passcodes at any time (feature bit 073).
The server administrator typically sets a temporary passcode for new mailboxes, but the user is
forced to enter a permanent passcode during the interactive tutorial. Using FCOS settings, you
can prevent users from setting a passcode that is the same as the mailbox number (feature bit
130), or from using trivial passcodes, such as 1234 or 8888 (feature bit 201).
If a caller enters the wrong passcode when trying to get into a mailbox, the server requires the
caller to enter the correct passcode twice, or the server hangs up. Callers are not told whether the
mailbox number or the passcode was incorrect; hackers do not know if they have even half of a
valid combination. (You can use feature bit 081 to set the server to only require a single correct
passcode after an incorrect attempt, but this reduces the effectiveness of the security feature.)
The server tracks bad passcode attempts for each mailbox and compares the number to the
parameters set for the line group. If the bad passcode attempts for a mailbox exceeds the number
allowed in the passcode trip period, the server plays a bad passcode warning at the next login so
that the mailbox owner knows that someone may have tried to gain unauthorized entry.
Feature bit 132 allows you to enable a bad passcode lockout, in which a mailbox is locked when
the threshold of bad passcode attempts is reached. Only the server administrator can unlock the
mailbox, set a new temporary passcode, reset the tutorial, and require reinitialization from the
integrated telephone number (feature bit 142).
New Mailboxes
When you create a new mailbox, you can designate a temporary passcode for that mailbox,
either by making up a passcode, or by using the server’s random passcode generation program.
©
Copyright 2002, Mitel Networks Corporation 136