How Can It Be Prevented
The most obvious way is not to allow remote access to the administration facilities of the PBX. However this may not be practical and could lead to increased charges from the maintenance company. The second method is to use a very random password on the PBX, up to the maximum number of characters and to lock the modem so that it will only answer calls from a single phone number. This solution is very inflexible and after a while could be turned off if it becomes impractical.

Ideally, you would want a solution that could offer the following benefits:

1. Use a modem that employs authenticated encryption to prevent hackers with standard modems from being able to connect.
2. Some hardware to act as an intermediary between the connection and the PBX. The hardware could then determine through a username/password what level of access to give to the PBX.
3. The hardw
   Packaging Supplies
   There are many concerns which deal with a variety of packaging supplies and supply these materials in wholesale to the customers who require them for their large scale business needs. They also provide these supplies to customers who need them for their personal use, such as when they are shifting. There are many kinds of packaging supplies such as cardboard shipping boxes, jewelry boxes, shrink wrap, padded mailers and mailing tubes.The many kinds of boxes include corrugated shipping cartons, bakery boxes, file storage boxes, moving boxes, chipboard boxes, silverware boxes, apparel boxes, candy boxes, clear lid boxes and many others. Each is intended for a specific kind of item and is designed to provide full protection for the said item. The large shipping cartons are intended for larger items such as electronic goods, furniture and other such items. Bakery boxes, file storage boxes, silverware boxes and candy boxes are among those kinds of boxes which are for specific items.Shi
   What steps would you take to protect your business from a burglar coming in after office hours and stealing ?40,000? I suspect that you would make sure that all the doors have very good locks. You would install a burglar alarm and maybe even have CCTV surveillance. That should protect your business. Wrong! The burglar did not break into your office; they broke into your internal phone exchange (PBX). Unseen by human or electronic eyes, thousands of pounds are being spent on international telephone calls and your business will pay the bill.

   How Does It Work?
   Dial through fraud is not a new problem, it just has limited publicity. It exploits a PBX feature that allows employees to ring in to the switchboard and by keying certain dialling codes, make national and international calls for which the company will pay the bill.

   Many businesses will take an "It will never happen to me" approach to dial through fraud, even though most business PBXs are setup to be maintained remotely. This is to allow engineers from a maintenance company to make changes to the configuration without needing to make a site visit but it exposes the PBX. The administration port on the PBX will be connected to a modem that in turn is connected to an extension on the PBX.

   Using trial and error, hackers will identify the number that this modem is on. The default passwords like "admin", "0000" or "1234" will be tried first. Even if the password has been changed, there are plenty of free utilities on the Internet that will use brute force to try every number and letter combination until the right password is found. It has been known for 16 character passcodes to be cracked in this way.

   Once the hacker has gained administrative access to your PBX, they will identify unused extension numbers and set them up to allow dial through using the company PSTN lines. For the cost of a local phone call, the hacker can be making calls to the Middle East, Far East, Africa, Australasia, etc. Some of these calls could be costing the business up to ?3 a minute.

   To compound the problem, the hacker will usually set up a disguised PBX that routes its calls through the company PBX. The hacker will then operate a "Call Sell"; selling international calls to customers at cheap rates. Alternatively they could make calls to their own premium rate revenue share services. It is possible that during the 15 hours when your office is closed, up to 10 simultaneous calls could be occurring. And that is just for one day! The problem is likely to go unnoticed and unresolved until the phone bill arrives at the end of the month.

   It Will Never Happen To Me
   A recent report in the Guardian highlighted the plight of one UK Company that suffered from a fraud attack. The company had secured its PBX with a 16 character password but it was still compromised. The discovery of the fraud was by pure chance when the MD of the company came into the office early one day to find the lights on the telephone switchboard lit up like a Christmas tree, even though he was the only one in the office.

   The report showed that recovering the losses was not easy. Although the company's Telco admitted that the calls were fraudulent, it was not their responsibility to secure the customer's equipment from attack. Therefore the customer was liable for any calls made through the PBX. It was also discovered that the company's insurance policy had a standard clause exempting it from any "electronic losses".

   A Matter For The Police
   Surely if a fraud has been perpetrated, then the police should investigate the matter? This is true. The Regulation of Investigatory Powers Act 2000 (Ripa) gives police the power to request "intercept data" from the Telco that would identify the origin of the inbound calls into the PBX. Under the act, a Telco is allowed to charge up to ?1,500 to cover their costs of retrieving the data asked for by the police. This means that in every case, the police must decide whether the financial losses involved in the fraud justifies the cost of the "intercept data". For big losses, the answer is likely to be yes every time. However, in small cases involving just a few hundred or few thousand pounds, the answer may not be so clear cut.

   How Can It Be Prevented
   The most obvious way is not to allow remote access to the administration facilities of the PBX. However this may not be practical and could lead to increased charges from the maintenance company. The second method is to use a very random password on the PBX, up to the maximum number of characters and to lock the modem so that it will only answer calls from a single phone number. This solution is very inflexible and after a while could be turned off if it becomes impractical.

   Ideally, you would want a solution that could offer the following benefits:

   1. Use a modem that employs authenticated encryption to prevent hackers with standard modems from being able to connect.
   2. Some hardware to act as an intermediary between the connection and the PBX. The hardware could then determine through a username/password what level of access to give to the PBX.
   3. The hardwa
      New York Nursing Jobs
      With a throbbing population of over 8 million, New York City is one of the largest urban areas in the world. More than a third of its population is born in other countries, and it is no surprise that New York is a melting pot of diverse cultures and ways of life. People who man important positions in public service are always on their toes to offer assistance whenever required with minimum response-time. Seen from this angle, New York nursing jobs not only provide opportunities to aspirants, but also offer challenges to overcome and excel.To say that New York nursing jobs demand efficiency and willingness to deliver the best is not a deviation from truth. Let us see what some unique features of New York nursing jobs are:• With the exception of Staten Island, each of the 4 other boroughs of the city accommodates more than a million residents, which means each of them may as well be considered as a big city, if taken independently. The more the population, the more is the requireme
      to make changes to the configuration without needing to make a site visit but it exposes the PBX. The administration port on the PBX will be connected to a modem that in turn is connected to an extension on the PBX.

      Using trial and error, hackers will identify the number that this modem is on. The default passwords like "admin", "0000" or "1234" will be tried first. Even if the password has been changed, there are plenty of free utilities on the Internet that will use brute force to try every number and letter combination until the right password is found. It has been known for 16 character passcodes to be cracked in this way.

      Once the hacker has gained administrative access to your PBX, they will identify unused extension numbers and set them up to allow dial through using the company PSTN lines. For the cost of a local phone call, the hacker can be making calls to the Middle East, Far East, Africa, Australasia, etc. Some of these calls could be costing the business up to ?3 a minute.

      To compound the problem, the hacker will usually set up a disguised PBX that routes its calls through the company PBX. The hacker will then operate a "Call Sell"; selling international calls to customers at cheap rates. Alternatively they could make calls to their own premium rate revenue share services. It is possible that during the 15 hours when your office is closed, up to 10 simultaneous calls could be occurring. And that is just for one day! The problem is likely to go unnoticed and unresolved until the phone bill arrives at the end of the month.

      It Will Never Happen To Me
      A recent report in the Guardian highlighted the plight of one UK Company that suffered from a fraud attack. The company had secured its PBX with a 16 character password but it was still compromised. The discovery of the fraud was by pure chance when the MD of the company came into the office early one day to find the lights on the telephone switchboard lit up like a Christmas tree, even though he was the only one in the office.

      The report showed that recovering the losses was not easy. Although the company's Telco admitted that the calls were fraudulent, it was not their responsibility to secure the customer's equipment from attack. Therefore the customer was liable for any calls made through the PBX. It was also discovered that the company's insurance policy had a standard clause exempting it from any "electronic losses".

      A Matter For The Police
      Surely if a fraud has been perpetrated, then the police should investigate the matter? This is true. The Regulation of Investigatory Powers Act 2000 (Ripa) gives police the power to request "intercept data" from the Telco that would identify the origin of the inbound calls into the PBX. Under the act, a Telco is allowed to charge up to ?1,500 to cover their costs of retrieving the data asked for by the police. This means that in every case, the police must decide whether the financial losses involved in the fraud justifies the cost of the "intercept data". For big losses, the answer is likely to be yes every time. However, in small cases involving just a few hundred or few thousand pounds, the answer may not be so clear cut.

      How Can It Be Prevented
      The most obvious way is not to allow remote access to the administration facilities of the PBX. However this may not be practical and could lead to increased charges from the maintenance company. The second method is to use a very random password on the PBX, up to the maximum number of characters and to lock the modem so that it will only answer calls from a single phone number. This solution is very inflexible and after a while could be turned off if it becomes impractical.

      Ideally, you would want a solution that could offer the following benefits:

      1. Use a modem that employs authenticated encryption to prevent hackers with standard modems from being able to connect.
      2. Some hardware to act as an intermediary between the connection and the PBX. The hardware could then determine through a username/password what level of access to give to the PBX.
      3. The hardw
         Being a Skilled Listener
         Whether you are a corporate executive trying to manage hundreds of employees, a marketing or sales rep trying to land a new client, or even an entry level gofer just struggling to appease a demanding boss, it is almost impossible to succeed without developing effective communication skills. In fact, effective communication skills are fundamental to almost every successful business interaction- a fact acknowledged by the plethora of courses and seminars offered teaching people how to persuasively convey their ideas and get what they want.However, all too often we forget that communication is a two way street, and that in order to effectively communicate we must learn not only to be a good speaker, but also to be a good listener. how to speak well, but also how to listen well. how to listen communicate thei is widely acknowledged that solid communication skills are fundamental to almost every successful business interaction, but too often we forget that communication skills encompass not o
         guised PBX that routes its calls through the company PBX. The hacker will then operate a "Call Sell"; selling international calls to customers at cheap rates. Alternatively they could make calls to their own premium rate revenue share services. It is possible that during the 15 hours when your office is closed, up to 10 simultaneous calls could be occurring. And that is just for one day! The problem is likely to go unnoticed and unresolved until the phone bill arrives at the end of the month.

         It Will Never Happen To Me
         A recent report in the Guardian highlighted the plight of one UK Company that suffered from a fraud attack. The company had secured its PBX with a 16 character password but it was still compromised. The discovery of the fraud was by pure chance when the MD of the company came into the office early one day to find the lights on the telephone switchboard lit up like a Christmas tree, even though he was the only one in the office.

         The report showed that recovering the losses was not easy. Although the company's Telco admitted that the calls were fraudulent, it was not their responsibility to secure the customer's equipment from attack. Therefore the customer was liable for any calls made through the PBX. It was also discovered that the company's insurance policy had a standard clause exempting it from any "electronic losses".

         A Matter For The Police
         Surely if a fraud has been perpetrated, then the police should investigate the matter? This is true. The Regulation of Investigatory Powers Act 2000 (Ripa) gives police the power to request "intercept data" from the Telco that would identify the origin of the inbound calls into the PBX. Under the act, a Telco is allowed to charge up to ?1,500 to cover their costs of retrieving the data asked for by the police. This means that in every case, the police must decide whether the financial losses involved in the fraud justifies the cost of the "intercept data". For big losses, the answer is likely to be yes every time. However, in small cases involving just a few hundred or few thousand pounds, the answer may not be so clear cut.

         How Can It Be Prevented
         The most obvious way is not to allow remote access to the administration facilities of the PBX. However this may not be practical and could lead to increased charges from the maintenance company. The second method is to use a very random password on the PBX, up to the maximum number of characters and to lock the modem so that it will only answer calls from a single phone number. This solution is very inflexible and after a while could be turned off if it becomes impractical.

         Ideally, you would want a solution that could offer the following benefits:

         1. Use a modem that employs authenticated encryption to prevent hackers with standard modems from being able to connect.
         2. Some hardware to act as an intermediary between the connection and the PBX. The hardware could then determine through a username/password what level of access to give to the PBX.
         3. The hardw
            Setting Up a New Nursery - Avoid the Common Mistakes when Starting Up in the Nursery World - Part 2
            In Part 1 of setting up a new Nursery we looked at how important researching the Nursery market was along with making sure you get your finances right from the very beginning.This next instalment will deal with 2 further issues that anyone looking to open their own nursery, Pre School, kindergarten or day care centre needs to know. They are Business Plans and your Competitors.1. Nursery Business PlansYour Business Plan really goes hand in hand with market research and finances. Do your research so you know how many children your new Nursery is going to have as this will have a direct effect on how many staff you need, what size premises you need and how much you can charge parents. And ultimately how much money you need to borrow.When it comes to writing Business Plans many people over forecast what the first year is likely to bring. You have to be realistic in that if this is your first venture into owning and running your own nursery it will take t

            The report showed that recovering the losses was not easy. Although the company's Telco admitted that the calls were fraudulent, it was not their responsibility to secure the customer's equipment from attack. Therefore the customer was liable for any calls made through the PBX. It was also discovered that the company's insurance policy had a standard clause exempting it from any "electronic losses".

            A Matter For The Police
            Surely if a fraud has been perpetrated, then the police should investigate the matter? This is true. The Regulation of Investigatory Powers Act 2000 (Ripa) gives police the power to request "intercept data" from the Telco that would identify the origin of the inbound calls into the PBX. Under the act, a Telco is allowed to charge up to ?1,500 to cover their costs of retrieving the data asked for by the police. This means that in every case, the police must decide whether the financial losses involved in the fraud justifies the cost of the "intercept data". For big losses, the answer is likely to be yes every time. However, in small cases involving just a few hundred or few thousand pounds, the answer may not be so clear cut.

            How Can It Be Prevented
            The most obvious way is not to allow remote access to the administration facilities of the PBX. However this may not be practical and could lead to increased charges from the maintenance company. The second method is to use a very random password on the PBX, up to the maximum number of characters and to lock the modem so that it will only answer calls from a single phone number. This solution is very inflexible and after a while could be turned off if it becomes impractical.

            Ideally, you would want a solution that could offer the following benefits:

            1. Use a modem that employs authenticated encryption to prevent hackers with standard modems from being able to connect.
            2. Some hardware to act as an intermediary between the connection and the PBX. The hardware could then determine through a username/password what level of access to give to the PBX.
            3. The hardw
               Finding Businesses For Sale
               The Internet has made it very easy to find information about almost any topic. It is therefore very easy to use the Internet to help in finding businesses for sale. By just using a simple search option or any of the powerful search engines like Google or Yahoo, Ask, or MSN, you can get results instantly.Businesses are usually put up for sale for various reasons, including mounting debts, the ill health or death of the owner, heavy competition, a lack of sufficient cash flow management, or a series of changes that didn’t work. Be very sure to find out exactly why the business is being sold and analyze carefully if those reasons would not affect you. Nothing can beat word-of-mouth advertisements. Therefore, talk to people related to the business you are interested in and seek their help in finding businesses for sale.You can inform the manager of your bank that you are interested in buying a particular kind of business and can ask him to inform you if he has any information regardin
               time. However, in small cases involving just a few hundred or few thousand pounds, the answer may not be so clear cut.

               How Can It Be Prevented
               The most obvious way is not to allow remote access to the administration facilities of the PBX. However this may not be practical and could lead to increased charges from the maintenance company. The second method is to use a very random password on the PBX, up to the maximum number of characters and to lock the modem so that it will only answer calls from a single phone number. This solution is very inflexible and after a while could be turned off if it becomes impractical.

               Ideally, you would want a solution that could offer the following benefits:

               1. Use a modem that employs authenticated encryption to prevent hackers with standard modems from being able to connect.
               2. Some hardware to act as an intermediary between the connection and the PBX. The hardware could then determine through a username/password what level of access to give to the PBX.
               3. The hardware should proactively monitor the PBX looking for the first signs of fraudulent activity.

               Secure Access Modems
               Secure access modems tend to be hardware based. One modem is connected to the PBX, while one or more modems are deployed in the field. The modems use an encrypted secret key and a unique ID to provide a challenge/response to incoming calls. Consequently only a modem with a matching encrypted secret key, using an ID that is allowed by the PBX modem will be able to connect.

               This provides a more flexible alternative to calling from a single phone number. The modem is self contained and does not require any special software. It is unlikely that a random hacker using a standard modem will be able to breach this initial barrier.

               Hardware Acting As An Intermediary
               If you use a hardware appliance, it can act as a gateway between the PBX and the user. It could log all login attempts. It could be configured to send out an alert (as an email for example) when it detects multiple login failures. This type of behaviour would occur if a hacker was using a brute force attack to try and discover the password.

               Different combinations of usernames and passwords could be given different levels of access to the PBX. Users can therefore be restricted to performing only certain actions from a limited menu choice. This prevents the hacker from gaining full unrestricted access to all of the administration functionality.

               Proactively Monitoring For Dial Through Fraud
               A dial through fraud solution can proactively monitor the call output from the PBX. It can be set to look for suspicious call activity. In the case of the company featured in the Guardian article, this would use a "ruleset" to look for any call that occurred outside of office hours. When suspicious activity is detected, an alert would be sent out containing the details. This allows an appropriate response to be taken, reducing the potential losses caused by the fraud.

               Dial through fraud can very quickly and silently cause thousands of pounds worth of losses to a business. The standard security precautions in place to prevent it are weak, especially compared to those used on IT networks. Trying to recover any loss is as difficult as detecting the fraud in the first instance. Data Track can offer a range of Tracker Solutions that will not only add extra security to your PBX but also provide a means of detecting losses before they progress too far.