This morning someone tried to make sip call through my Asterisk. My
server just drop these calls and record them in CDR with IP address:
2012-11-28 06:30:51 SIP/216... 1000 1000 1000 Hangup
999011972592249388 ANSWERED 00:01 Hacker: 168.63.67.239
2. 2012-11-28 06:30:49 SIP/216... 1000 1000
On Wed, Nov 28, 2012 at 7:45 PM, J Gao j...@veecall.com wrote:
This morning someone tried to make sip call through my Asterisk. My server
just drop these calls and record them in CDR with IP address:
2012-11-28 06:30:51 SIP/216... 10001000 1000
Hangup 999011972592249388
On 11/28/2012 11:52 PM, Steve Totaro wrote:
You're not serious right ?
That is just the center of the country since no better location is
available.
On Wed, Nov 28, 2012 at 7:45 PM, J Gao j...@veecall.com wrote:
This morning someone tried to make sip call through my Asterisk. My server
just
On 11/28/2012 9:03 PM, jon pounder wrote:
On 11/28/2012 11:52 PM, Steve Totaro wrote:
You're not serious right ?
That is just the center of the country since no better location is
available.
On Wed, Nov 28, 2012 at 7:45 PM, J Gao j...@veecall.com wrote:
This morning someone tried to make sip
On Tuesday 07 April 2009 11:28:52 Tilghman Lesher wrote:
The recent vulnerability had nothing to do with this, but with the ability
of an attacker to scan a SIP server for legitimate usernames and passwords.
This, by the way, merely took advantage of the SIP protocol, as written.
Normally, SIP
Here's what fail2ban service caught
The IP 89.111.184.221 has just been banned by Fail2Ban after
80 attempts against ASTERISK.
On Wed, Apr 8, 2009 at 7:01 PM, Tilghman Lesher
tilgh...@mail.jeffandtilghman.com wrote:
On Tuesday 07 April 2009 11:28:52 Tilghman Lesher wrote:
The recent
: [asterisk-users] Hacked
Here's what fail2ban service caught
The IP 89.111.184.221 has just been banned by Fail2Ban after
80 attempts against ASTERISK.
On Wed, Apr 8, 2009 at 7:01 PM, Tilghman Lesher
tilgh...@mail.jeffandtilghman.com wrote:
On Tuesday 07 April 2009 11:28:52 Tilghman
On Monday 06 April 2009 19:22:30 Martin wrote:
Can you give more information about this vulnerability ?
It's unlikely that it's this vulnerability. Every Asterisk box allows guest
access to the machine, by default. The context it goes to is generally
the default context. This is what allows
I thought so. Unless someone can write a buffer overrun code to email
them the sip.conf or other config files
then you should be fine if you don't provision unsecured contexts to
dial out to PSTN ...
there was a buffer overrun in chan_sip but it was a couple years ago
Martin
On Tue, Apr 7, 2009
Just FYI:
IP address 89.248.168.176 has been trying to use the recently release SIP
vulnerability in Asterisk to make outbound calls via our box. They are running
a bank account callback scam.
Jeremy Mann
Director of IT
Texas Health Management Group
Direct Line: 817-310-4956
Main Line:
http://www.websiteoutlook.com/www.songania.com
From: asterisk-users-boun...@lists.digium.com
[mailto:asterisk-users-boun...@lists.digium.com] On Behalf Of Jeremy Mann
Sent: April-06-09 3:55 PM
To: 'Asterisk Users Mailing List - Non-Commercial Discussion'
Subject: [asterisk-users] Hacked
3:55 PM
To: 'Asterisk Users Mailing List - Non-Commercial Discussion'
Subject: [asterisk-users] Hacked
Just FYI:
IP address 89.248.168.176 has been trying to use the recently release SIP
vulnerability in Asterisk to make outbound calls via our box. They are
running a bank account
List - Non-Commercial Discussion
Subject: Re: [asterisk-users] Hacked
Ok, I'll bite. What does websiteoutlook have to do with it?
The IP mentioned is in the Netherlands:
% Information related to '89.248.168.0 - 89.248.168.255'
inetnum:89.248.168.0 - 89.248.168.255
netname:NL
Can you give more information about this vulnerability ?
Martin
On Mon, Apr 6, 2009 at 2:55 PM, Jeremy Mann jm...@txhmg.com wrote:
Just FYI:
IP address 89.248.168.176 has been trying to use the recently release SIP
vulnerability in Asterisk to make outbound calls via our box. They are
14 matches
Mail list logo
