When will you people learn ... you set the secret=0000 and it's one of the many frequent passwords most people sets out of being lazy ...
that simply says ... guess my password and call through my pbx for free ... so again ... 1) bad people scan extensions 100-199 and 1000-9999 trying to guess your password if you were nice enough to set it within a known statistical easy guess 2) either use complicated passwords and sip accounts other than 100-199 1000-9999 or install the fail2ban Martin On Fri, Jun 11, 2010 at 4:55 PM, sean darcy <[email protected]> wrote: > This is a small 12 line system, internal extensions 150 - 180. I didn't > have a phone on 151. Here's the sip.conf stanza: > > ;;[151] > ;;type=friend > ;;context=longdistance > ;;callerid="Conf Room" <151> > ;;secret=0000 > ;;host=dynamic > ;;qualify=yes > ;;dtmfmode=rfc2833 > ;;allow=all > ;;defaultuser=151 > ;;nat=yes > ;;canreinvite=no > > There's no DISA. And then somehow (how???) ip address 79.117.17.247 > becomes extension 151 and starts making calls to West Africa. > > Now contactdeny and contactpermit over solve the problem. For instance, > I can't register with my voip provider. I don't care about peers who I > make calls to, or receive calls from. I'm just stunned someone can > become a peer and make calls themselves. > > How do I fix this in some reasonable way. > > sean > > [Jun 10 15:51:19] VERBOSE[1662] chan_sip.c: -- Registered SIP '151' > at 79.117.17.247 port 5060 > [Jun 10 15:51:20] NOTICE[1662] chan_sip.c: Peer '151' is now Reachable. > (161ms / 2000ms) > [Jun 10 15:51:20] NOTICE[1662] chan_sip.c: Received SIP subscribe for > peer without mailbox: 151 > [Jun 10 15:51:21] VERBOSE[1662] netsock.c: == Using SIP RTP TOS bits 184 > [Jun 10 15:51:21] VERBOSE[1662] netsock.c: == Using SIP RTP CoS mark 5 > [Jun 10 15:51:21] VERBOSE[1662] netsock.c: == Using SIP VRTP CoS mark 6 > [Jun 10 15:51:21] VERBOSE[1662] netsock.c: == Using UDPTL TOS bits 184 > [Jun 10 15:51:21] VERBOSE[1662] netsock.c: == Using UDPTL CoS mark 5 > [Jun 10 15:51:22] VERBOSE[4780] pbx.c: -- Executing > [01125240212...@longdistance:1] Answer("SIP/151-000000ae", "") in new stack > [Jun 10 15:51:22] VERBOSE[4780] pbx.c: -- Executing > [01125240212...@longdistance:2] Gosub("SIP/151-000000ae", > "DialOut,s,1(01125240212154 > ,DAHDI/g0)") in new stack > ......... > [Jun 10 15:51:22] VERBOSE[4780] pbx.c: -- Executing [...@dialout:9] > Dial("SIP/151-000000ae", "DAHDI/g0/01125240212154") in new stack > [Jun 10 15:51:22] VERBOSE[4780] chan_dahdi.c: -- Requested transfer > capability: 0x00 - SPEECH > [Jun 10 15:51:22] VERBOSE[4780] app_dial.c: -- Called g0/01125240212154 > [Jun 10 15:51:22] VERBOSE[4780] app_dial.c: -- DAHDI/2-1 is > proceeding passing it to SIP/151-000000ae > [Jun 10 15:51:23] VERBOSE[4780] app_dial.c: -- DAHDI/2-1 is making > progress passing it to SIP/151-000000ae > [Jun 10 15:51:23] VERBOSE[4780] app_dial.c: -- DAHDI/2-1 is making > progress passing it to SIP/151-000000ae > [Jun 10 15:51:25] VERBOSE[4780] app_dial.c: -- SIP/151-000000ae > requested special control 16, passing it to DAHDI/2-1 > [Jun 10 15:51:25] VERBOSE[4780] channel.c: -- Music class default > requested but no musiconhold loaded. > [Jun 10 15:51:25] VERBOSE[4780] app_dial.c: -- SIP/151-000000ae > requested special control 20, passing it to DAHDI/2-1 > > > > > -- > _____________________________________________________________________ > -- Bandwidth and Colocation Provided by http://www.api-digital.com -- > New to Asterisk? Join us for a live introductory webinar every Thurs: > http://www.asterisk.org/hello > > asterisk-users mailing list > To UNSUBSCRIBE or update options visit: > http://lists.digium.com/mailman/listinfo/asterisk-users > -- _____________________________________________________________________ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
