• ×
    Information
    Windows update impacting certain printer icons and names. Microsoft is working on a solution.
    Click here to learn more
    Information
    Need Windows 11 help?
    Check documents on compatibility, FAQs, upgrade information and available fixes.
    Windows 11 Support Center.
  • post a message
  • ×
    Information
    Windows update impacting certain printer icons and names. Microsoft is working on a solution.
    Click here to learn more
    Information
    Need Windows 11 help?
    Check documents on compatibility, FAQs, upgrade information and available fixes.
    Windows 11 Support Center.
  • post a message
Guidelines
The HP Community is where owners of HP products, like you, volunteer to help each other find solutions.
HP Recommended

Bit of a general discussion but neither I or one of my long serving colleagues has ever seen anything like this before.

Corporate Customer. VSX7000e/VSX5000 & HDX8000 in 3 differenct rooms. The VSX8k & HDX8K have ISDN BRI lines attached from their PBX PRI.

Since mid-Augiust they received a £30k ISDN bill.

PBX CDRs indicate the VC kit was being called by & instructed to call primary rate numbers in Ghania, Liberia etc.

The devices are not on the corporate lan but have their own public IP addresses (no NAT).  They cannot be telnetted from "out here" nor can the web UI be accessed. V3.0.1.x is in use.

For now I've advised they turn off auto-answer, upgrade to V3.1.2 & dissable Telnet (if not already).

Anyone seen anything like this or could see how thius could be acomplished?

Pete

1 ACCEPTED SOLUTION

Accepted Solutions
HP Recommended

Please refer to the Polycom security web site for details on items like this.

 

www.polycom.com/security

 

There is a link to the security center on the right side of the page.

View solution in original post

3 REPLIES 3
HP Recommended

I don´t know if it´s the same problem but i know some customers who had similar problems.

We found out, that someone had called the extensions number (which, in this case was on of the bri lines) and entered a standard pin to access the pbx (customer had left the default pin number unchanged). From the pbx the "hacker" programmed a call forwarding to primary rate numbers outside germany. So maybe the problem isn´t in this case the vc system but the pbx.

Check if the pbx can be accessed with a standard pin and if the pbx can be accessed from outside (modem connection or someting else).

HP Recommended

Please refer to the Polycom security web site for details on items like this.

 

www.polycom.com/security

 

There is a link to the security center on the right side of the page.

HP Recommended

Thanks Uwe, Steven.  Other discussions with friends in the VoIP/SIP Service inductries also suggest that some one has "got at" the PBX & is dialing out on the ISDN numbers associated with the VC endpoint, hence the implication that it's the HDX/VSX that's doing this.  Of course, it's not.

† The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the <a href="https://www8.hp.com/us/en/terms-of-use.html" class="udrlinesmall">Terms of Use</a> and <a href="/t5/custom/page/page-id/hp.rulespage" class="udrlinesmall"> Rules of Participation</a>.