Register a SA Forums Account here!
JOINING THE SA FORUMS WILL REMOVE THIS BIG AD, THE ANNOYING UNDERLINED ADS, AND STUPID INTERSTITIAL ADS!!!

You can: log in, read the tech support FAQ, or request your lost password. This dumb message (and those ads) will appear on every screen until you register! Get rid of this crap by registering your own SA Forums Account and joining roughly 150,000 Goons, for the one-time price of $9.95! We charge money because it costs us money per month for bills, and since we don't believe in showing ads to our users, we try to make the money back through forum registrations.
 
  • Post
  • Reply
MrMojok
Jan 27, 2011



I have finally taken the advice of this thread to be That Guy who works a normal schedule and enjoys weekends and holidays off, instead of that Other Guy Who is basically on call 24x7 and is the first person everyone goes to at 11 PM on a Friday when citrix doesn’t work or the print server hangs up.

I am sitting at home right now with my work email account disabled on my phone, I literally have no idea if servers are up or down or if users are panicking and it’s glorious. I’m not reading a single email until Wednesday and I haven’t read any since 12/22.

Adbot
ADBOT LOVES YOU

MrMojok
Jan 27, 2011



Welp, I guess we got Kevin Mitnicked today.

I had just gotten off the phone and a couple of users crept up to me, wide-eyed. One almost in tears. "Mojok, something is wrong with our phone system. A bunch of us are getting calls from some super pissed-off people screaming "STOP CALLING US!"

https://www.drvoip.com/blog/shorete...fun-and-profit/


"So lets put this simple ShoreTel hack together – the hackers gained control of a voice mail box, then called into the ShoreTel Voice Mail system with a spoofed Caller ID and the left a brief message. Calling back into the system, this time to check their voice messages and then hit the “return call” option key, which then placed a call to an International Middle East location all billed to the the ShoreTel system owner and showing up only as a Call Detail Record owned by the Automated Attendant."

In our case these bad men weren't calling a middle east location, they were... calling and hanging up in some cases? And some of the irate people calling in here said when they picked up someone was on the line trying to sell them insurance or scam them or some poo poo.

I opened the Shoretel trunk test tool and all our trunks were lighting up like Christmas trees as these vermin used their autodialer on us. It was incredible, never experienced anything like that before.

e: I think they compromised the user accounts whose voicemail password had never been changed from the default “12345”

MrMojok fucked around with this message at 01:09 on Jan 5, 2018

MrMojok
Jan 27, 2011



We are still using exchange 2010. We're moving to O365 soon, thank goodness, but recently we've been seeing an issue where the Exchange Transport service seems to hang, but not to the extent that windows even realizes anything is wrong and throws an error in the event viewer. The service shows as running, but it's really hung up. Incoming and outgoing mail stop, and nothing weird shows in event viewer until you try to restart the Transport service (which you can't... it just errors out repeatedly. You have to reboot). I think this has happened twice now.

Most recent occurence was yesterday, and it happened at the worst possible time. Now everyone is carrying around torches and pitchforks looking for the IT people, and just today I found that it was again due to MS patching fuckups:

https://blogs.technet.microsoft.com...xchange-server/

Sometimes I really, really regret this career choice. You guys might have discussed this recently in this threat but I'm a few hundred posts behind. If it's already been mentioned, apologies.

  • 1
  • 2
  • 3
  • 4
  • 5
  • Post
  • Reply