_____ From: asterisk-users-boun...@lists.digium.com [mailto:asterisk-users-boun...@lists.digium.com] On Behalf Of Gary Kuznitz Sent: Monday, November 22, 2010 10:23 AM To: Asterisk Users Mailing List - Non-Commercial Discussion Subject: [asterisk-users] Someone has hacked into our system
Someone has hacked into our system and is making calls overseas. How can I: 1. Find out the where the calls are originating from? 2. Block all calls that are not authorized? Our system is in the USA. Only calls from inside our LAN are allowed. Thank you, Gary Kuznitz For #1, start with the CDR. You know that X is calling an overseas number. Determine who X is (or is supposed to be) For #2 (and the rest of #1) restrict your dialing access to a known set of IP's. If you have 5 phones (softphones or actual handsets), block everything that doesn't start with those 5 IP addresses. The first thing I would do is to change all of your passwords in sip.conf and do a sip reload. That will slow down or temporarily stop the hacker.
-- _____________________________________________________________________ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users