[asterisk-users] Transfer Fraud
jg
webaccounts at jgoettgens.de
Fri Sep 13 15:12:45 CDT 2013
Is there a general recipe to avoid fraudulent calls under the following conditions?
A receptionist transfers calls as a callee (customers are calling) and as a caller (boss asks to
call and then transfer to him), i.e. the Dial cmd for the internal context contains "Tt". Then
an outside call would operate as a Local channel in an internal context after the first
transfer. If the internal context allows to dial outside, which is quite common, then this can
be abused by the outside caller.
An obvious solution is to disallow Local channels to call outside lines, but there are some
possible side effects if Local channels are used explicitly. This would require adding a
persistent channel variable (the ones with "__").
I apologize if this type of question has already been asked before.
jg
More information about the asterisk-users
mailing list