how do I speak "telco" to my telco - more hack/DoS woes
My telco keeps dropping all the registrations for our DID phone numbers. For the last two months, they wouldn't say why. The phones would magically start working, and they claimed they were doing nothing...and kept blaming our PBX.
Today, I talked to a rep who said our circuits were showing our DIDs calling themselves. Including DIDs that haven't been assigned internally, or are assigned to phones that have been unused for days or weeks.
Our PBX is not showing this traffic. The telco techs on the last 4 support tickets have admitted that inbound calls are not terminating at the T1 router.
Here's the kicker: one DID tried to repeatedly register itself with the telco 24,000 times. So, they booted all of our numbers again.
They won't tell me the source of the traffic. They put a block on one IP, then restored the numbers temporarily, until it happens again. Since they are changing nothing, this is pretty much 100% certain that our inbound/outbound lines will go down again in the near future.
How do speak the language here? They seemed unconcerned. They say that it does look like another attack (has happened in the past, including a breach). But, their official advice is to scan our computers with anti-virus software to prevent this from happening in the future.
How does desktop anti-virus software factor into this? These are PRI handoffs over a T1. I think I am seriously missing something in the telco-speak. It's like we are using different languages.
Any advice from people with relevant telco experience?
Today, I talked to a rep who said our circuits were showing our DIDs calling themselves. Including DIDs that haven't been assigned internally, or are assigned to phones that have been unused for days or weeks.
Our PBX is not showing this traffic. The telco techs on the last 4 support tickets have admitted that inbound calls are not terminating at the T1 router.
Here's the kicker: one DID tried to repeatedly register itself with the telco 24,000 times. So, they booted all of our numbers again.
They won't tell me the source of the traffic. They put a block on one IP, then restored the numbers temporarily, until it happens again. Since they are changing nothing, this is pretty much 100% certain that our inbound/outbound lines will go down again in the near future.
How do speak the language here? They seemed unconcerned. They say that it does look like another attack (has happened in the past, including a breach). But, their official advice is to scan our computers with anti-virus software to prevent this from happening in the future.
How does desktop anti-virus software factor into this? These are PRI handoffs over a T1. I think I am seriously missing something in the telco-speak. It's like we are using different languages.
Any advice from people with relevant telco experience?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Yes...it took the threat of reducing or eliminating service before they sent a tech out to troubleshoot!
I had to refuse to pay a bill for nearly 6 months to get someone to come out and test my line prooperly. The trouble is that the billng departments don't have much sway with engineering any more. They are only geared up to collecting their money.
ASKER
Replaced the 5-year-old router with same basic model (newer revision hardware and firmware), copied config. Asked them to replace cable with one of their own. He made up a cross-over jack and plugged in a new patch cable. Booted it up...and same problem.
He plugged in his very expensive tester & was able to place and receive calls. Plugged in PBX, and it wouldn't sync with the router.
Bypassed his jack, put my cable back in place, and it synced. Calls worked. Put his cable back...calls disappeared between the router and the PBX.
Looks like even the fresh router was not enough. We'll have to continue using my hand-made cable. Their patch cables are straight-through, and UTP. My cable is built as crossover and has shielding and metal plugs. (OK...so I did something right, for once.)
Now, I have to re-run my patch cable to ensure it stays away from all of the power cables and fluorescent lights. Don't know if it's the router interface or PBX card that is sensitive to the noise on the line...irrelevant if I continue with the shielded cable and re-route it smartly.
Sadly, it took two months of problems before someone showed up on-site with testing equipment and the mindset to do some troubleshooting.
Thanks for letting me bounce ideas off you.