He's also using this IP address 173.45.67.130
> From: ContactTel Business <[email protected]> > Reply-To: Commercial and Business-Oriented Asterisk Discussion > <[email protected]> > Date: Thu, 14 May 2009 10:15:47 -0400 > To: 'Commercial and Business-Oriented Asterisk Discussion' > <[email protected]> > Subject: Re: [asterisk-biz] Bad routign or hack attempt ? > > Here is the trace.. please DEVs... add a reporting option to sip stack that > will report on that ip , or something.. > This guy has been hacking alot of servers and is currently under FBI > investigation > You see he's using s=Asterisk PBX 1.6.0.5. > > > > > U 2009/05/14 06:42:17.973715 93.190.143.10:5060 -> 174.x.x.x:5060 > INVITE sip:[email protected]/2.0. > Via: SIP/2.0/UDP 93.190.143.10:5060;branch=z9hG4bK3f5cffbb;rport. > Max-Forwards: 70. > From: "MeucciSolutions" <sip:[email protected]>;tag=as123b6c7b. > To: <sip:[email protected]>. > Contact: <sip:[email protected]>. > Call-ID: [email protected]. > CSeq: 102 INVITE. > User-Agent: MeucciSolutions. > Date: Thu, 14 May 2009 10:42:25 GMT. > Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY. > Supported: replaces, timer. > Content-Type: application/sdp. > Content-Length: 287. > . > v=0. > o=root 634218215 634218215 IN IP4 93.190.143.10. > s=Asterisk PBX 1.6.0.5. > c=IN IP4 93.190.143.10. > t=0 0. > m=audio 10990 RTP/AVP 8 0 101. > a=rtpmap:8 PCMA/8000. > a=rtpmap:0 PCMU/8000. > a=rtpmap:101 telephone-event/8000. > a=fmtp:101 0-16. > a=silenceSupp:off - - - -. > a=ptime:20. > a=sendrecv. > > >>> -----Original Message----- >>> From: [email protected] [mailto:asterisk-biz- >>> [email protected]] On Behalf Of Elliot Otchet >>> Sent: May-13-09 7:43 PM >>> To: '[email protected]' >>> Subject: Re: [asterisk-biz] Bad routign or hack attempt ? >>> >>> Agreed. We've seen it too. >>> >>> Pardon the typos, my Blackberry has small buttons. >>> Elliot Otchet >>> Calling Circles LLC >>> >>> ----- Original Message ----- >>> From: [email protected] <asterisk-biz- >>> [email protected]> >>> To: Commercial and Business-Oriented Asterisk Discussion <asterisk- >>> [email protected]> >>> Sent: Wed May 13 19:27:03 2009 >>> Subject: Re: [asterisk-biz] Bad routign or hack attempt ? >>> >>> >>> Hack attempt 100%. Ban it. >>> >>> --- On Wed, 5/13/09, ContactTel Business <[email protected]> wrote: >>> >>>> From: ContactTel Business <[email protected]> >>>> Subject: [asterisk-biz] Bad routign or hack attempt ? >>>> To: "'Commercial and Business-Oriented Asterisk Discussion'" >>> <[email protected]> >>>> Date: Wednesday, May 13, 2009, 7:05 PM >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> Seems someone at [email protected] >>>> could be trying to break in .. >>>> >>>> >>>> >>>> Anyone have heard of any of the 2 >>>> parts of the uri ? >>>> >>>> >>>> >>>> Thanks >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> -----Inline Attachment Follows----- >>>> >>>> _______________________________________________ >>>> --Bandwidth and Colocation Provided by http://www.api-digital.com-- >>>> >>>> asterisk-biz mailing list >>>> To UNSUBSCRIBE or update options visit: >>>> http://lists.digium.com/mailman/listinfo/asterisk-biz >>> >>> _______________________________________________ >>> --Bandwidth and Colocation Provided by http://www.api-digital.com-- >>> >>> asterisk-biz mailing list >>> To UNSUBSCRIBE or update options visit: >>> http://lists.digium.com/mailman/listinfo/asterisk-biz >>> >>> This message is intended only for the use of the individual (s) or >>> entity to which it is addressed and may contain information that is >>> privileged, confidential, and/or proprietary to Calling Circles LLC and >>> its affiliates. If the reader of this message is not the intended >>> recipient, you are hereby notified that any dissemination, >>> distribution, forwarding or copying of this communication is prohibited >>> without the express permission of the sender. If you have received this >>> communication in error, please notify the sender immediately and delete >>> the original message. >>> _______________________________________________ >>> --Bandwidth and Colocation Provided by http://www.api-digital.com-- >>> >>> asterisk-biz mailing list >>> To UNSUBSCRIBE or update options visit: >>> http://lists.digium.com/mailman/listinfo/asterisk-biz > > > _______________________________________________ > --Bandwidth and Colocation Provided by http://www.api-digital.com-- > > asterisk-biz mailing list > To UNSUBSCRIBE or update options visit: > http://lists.digium.com/mailman/listinfo/asterisk-biz _______________________________________________ --Bandwidth and Colocation Provided by http://www.api-digital.com-- asterisk-biz mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-biz
