T 5.44 Abuse of Remote Access Ports for Management Functions of Private Branch Exchanges

Private branch exchanges have remote access ports for management functions. It is possible to execute all administration and maintenance tasks as well as other management functions such as alarm signalling and processing via these access ports.

Such remote access ports are particularly useful and sometimes indispensable in connected PBX installations (corporate networks). It is possible to distinguish between two types of remote access:

• "Modem" access via dedicated management ports and

• Direct dialling via DISA (Direct Inward System Access).

. Furthermore, in more recent logging procedures such as QSig and some of the other proprietary protocols, management functions are already contained within the signalling spectrum. This results in the potential for abuse.

In the case of insufficiently secured access ports for remote maintenance, it is conceivable that hackers could gain access to the PBX's management programs. Consequently, once they had mastered the system password they would perhaps be able to perform all administration tasks. The resultant damage may range from failure of the complete system, via the most serious operating malfunctions, loss of confidentiality of all data present on the system, through to huge direct financial loss, e.g. through call charges fraud.