[asterisk-users] Hacked by Microsoft?

Wed, 28 Nov 2012 16:46:40 -0800

This morning someone tried to make sip call through my Asterisk. My server just drop these calls and record them in CDR with IP address:
2012-11-28 06:30:51 SIP/216... 1000 "1000" <1000> Hangup 999011972592249388 ANSWERED 00:01 Hacker: 168.63.67.239 2. 2012-11-28 06:30:49 SIP/216... 1000 "1000" <1000> Hangup 88011972592249388 ANSWERED 00:01 Hacker: 168.63.67.239 3. 2012-11-28 06:30:46 SIP/216... 1000 "1000" <1000> Answer 99011972592249388 ANSWERED 00:02 4. 2012-11-28 06:30:43 SIP/216... 1000 "1000" <1000> Answer 1011972592249388 ANSWERED 00:02 5. 2012-11-28 06:30:39 SIP/216... 1000 "1000" <1000> Hangup 2011972592249388 ANSWERED 00:00 Hacker: 168.63.67.239 6. 2012-11-28 06:30:33 SIP/216... 1000 "1000" <1000> Hangup 7011972592249388 ANSWERED 00:01 Hacker: 168.63.67.239 7. 2012-11-28 06:30:30 SIP/216... 1000 "1000" <1000> Answer 8011972592249388 ANSWERED 00:03 8. 2012-11-28 06:30:27 SIP/216... 1000 "1000" <1000> Hangup 9011972592249388 ANSWERED 00:06 Hacker: 168.63.67.239 9. 2012-11-28 06:30:25 SIP/216... 1000 "1000" <1000> Answer 011972592249388 ANSWERED 00:07 

Now I noticed something interesting: The hacker's IP address: 168.63.67.239

whois gave me:
NetRange:       168.61.0.0 - 168.63.255.255
CIDR:           168.61.0.0/16, 168.62.0.0/15
OriginAS:
NetName:        MSFT-EP
NetHandle:      NET-168-61-0-0-1
Parent:         NET-168-0-0-0-0
NetType:        Direct Assignment
RegDate:        2011-06-22
Updated:        2012-10-16
Ref:            http://whois.arin.net/rest/net/NET-168-61-0-0-1

OrgName:        Microsoft Corp
OrgId:          MSFT-Z
Address:        One Microsoft Way
City:           Redmond
StateProv:      WA
PostalCode:     98052
Country:        US
RegDate:        2011-06-22
Updated:        2011-06-22
Ref:            http://whois.arin.net/rest/org/MSFT-Z


hmmmmmmm.... Did I just hacked by Micro$oft?

Gao


--


--
_____________________________________________________________________
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
              http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
  http://lists.digium.com/mailman/listinfo/asterisk-users






















					Reply via email to