I had similar issues with dynamic registration type SIP accounts on Unlimitel.
We have two Asterisk systems, one connected by iax2 to Unlimitel,
another one by dynamic SIP registrations to hosts like
(sip04.unlimitel.ca). And only SIP one got such phoney international
calls.
After our accounts blocked - we went through all the logs of all the
connections immediately - nothing traceable was found, no ssh failed
logins, no failed SIP registrations, etc and systems themselves are
behind Juniper firewalls with only ssh and SIP allowed to bypass with
ALG for SIP . And our passwords were not simple phrases, so I don't
think it is possible to easily run dictionary attack before unlimited
will block it.
It happened twice in three days, and we solved it by switching to
static ip type of registration with Unlimitel. Afterwards no phoney
international calls.
At the end, I think it is somehow hijacked sessions on Unlimitel side.
I did not dispute the charges - total value was smaller then my hourly
rate and as soon as we found solution I calmed down :-)
On 2013-01-21, at 9:33 AM, Yajie <[email protected]>
wrote:
this has been pain in the ass. as soon as I make some international calls
for several days, my account will be hacked, hacker made a lot of calls to
high rate country in no time and my account will be blocked by Unlimitel.
this happened at least 5 times in last two years. my friend has same issue
too. interestingly, i didn't use asterisk to make calls recently, but a
SIP softphone on my cell phone. so there is no way hacker can hack into my
asterisk. I know unlimtel has much restrict password rule than any other
ITSP i used. but only unlimitel got hacked every time . Do you guys know
why? or i really should abandon Unlimitel's ship? Thanks!
Roger
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
