Here is the trace.. please DEVs... add a reporting option to sip stack that will report on that ip , or something.. This guy has been hacking alot of servers and is currently under FBI investigation You see he's using s=Asterisk PBX 1.6.0.5.
U 2009/05/14 06:42:17.973715 93.190.143.10:5060 -> 174.x.x.x:5060 INVITE sip:[email protected]/2.0. Via: SIP/2.0/UDP 93.190.143.10:5060;branch=z9hG4bK3f5cffbb;rport. Max-Forwards: 70. From: "MeucciSolutions" <sip:[email protected]>;tag=as123b6c7b. To: <sip:[email protected]>. Contact: <sip:[email protected]>. Call-ID: [email protected]. CSeq: 102 INVITE. User-Agent: MeucciSolutions. Date: Thu, 14 May 2009 10:42:25 GMT. Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY. Supported: replaces, timer. Content-Type: application/sdp. Content-Length: 287. . v=0. o=root 634218215 634218215 IN IP4 93.190.143.10. s=Asterisk PBX 1.6.0.5. c=IN IP4 93.190.143.10. t=0 0. m=audio 10990 RTP/AVP 8 0 101. a=rtpmap:8 PCMA/8000. a=rtpmap:0 PCMU/8000. a=rtpmap:101 telephone-event/8000. a=fmtp:101 0-16. a=silenceSupp:off - - - -. a=ptime:20. a=sendrecv. >>-----Original Message----- >>From: [email protected] [mailto:asterisk-biz- >>[email protected]] On Behalf Of Elliot Otchet >>Sent: May-13-09 7:43 PM >>To: '[email protected]' >>Subject: Re: [asterisk-biz] Bad routign or hack attempt ? >> >>Agreed. We've seen it too. >> >>Pardon the typos, my Blackberry has small buttons. >>Elliot Otchet >>Calling Circles LLC >> >>----- Original Message ----- >>From: [email protected] <asterisk-biz- >>[email protected]> >>To: Commercial and Business-Oriented Asterisk Discussion <asterisk- >>[email protected]> >>Sent: Wed May 13 19:27:03 2009 >>Subject: Re: [asterisk-biz] Bad routign or hack attempt ? >> >> >>Hack attempt 100%. Ban it. >> >>--- On Wed, 5/13/09, ContactTel Business <[email protected]> wrote: >> >>> From: ContactTel Business <[email protected]> >>> Subject: [asterisk-biz] Bad routign or hack attempt ? >>> To: "'Commercial and Business-Oriented Asterisk Discussion'" >><[email protected]> >>> Date: Wednesday, May 13, 2009, 7:05 PM >>> >>> >>> >>> >>> >>> >>> >>> >>> >>> >>> >>> >>> >>> >>> >>> Seems someone at [email protected] >>> could be trying to break in .. >>> >>> >>> >>> Anyone have heard of any of the 2 >>> parts of the uri ? >>> >>> >>> >>> Thanks >>> >>> >>> >>> >>> >>> >>> >>> >>> >>> >>> >>> >>> >>> -----Inline Attachment Follows----- >>> >>> _______________________________________________ >>> --Bandwidth and Colocation Provided by http://www.api-digital.com-- >>> >>> asterisk-biz mailing list >>> To UNSUBSCRIBE or update options visit: >>> http://lists.digium.com/mailman/listinfo/asterisk-biz >> >>_______________________________________________ >>--Bandwidth and Colocation Provided by http://www.api-digital.com-- >> >>asterisk-biz mailing list >>To UNSUBSCRIBE or update options visit: >> http://lists.digium.com/mailman/listinfo/asterisk-biz >> >>This message is intended only for the use of the individual (s) or >>entity to which it is addressed and may contain information that is >>privileged, confidential, and/or proprietary to Calling Circles LLC and >>its affiliates. If the reader of this message is not the intended >>recipient, you are hereby notified that any dissemination, >>distribution, forwarding or copying of this communication is prohibited >>without the express permission of the sender. If you have received this >>communication in error, please notify the sender immediately and delete >>the original message. >>_______________________________________________ >>--Bandwidth and Colocation Provided by http://www.api-digital.com-- >> >>asterisk-biz mailing list >>To UNSUBSCRIBE or update options visit: >> http://lists.digium.com/mailman/listinfo/asterisk-biz _______________________________________________ --Bandwidth and Colocation Provided by http://www.api-digital.com-- asterisk-biz mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-biz
