i am sure i reset SIP password every time, but not sure I reset portal password every time.
Roger On 2013-01-21, at 4:34 PM, Stéphan Monette <[email protected]> wrote: > Or did you just asked to re-activate your account without reseting your SIP > passwords? > > On 2013-01-21, at 4:29 PM, Roger Si <[email protected]> wrote: > >> >> the account was blocked by unlimitel yesterday after it was hacked (which >> was good by the way) >> >> i didn't ask them to unblock it. so i don't know if the account is still >> hacked. >> >> to Stephan's point, i probably should reset portal password as well. >> >> >> but, my question is, why always unlimitel? I am using other ITSP, they >> don't have problem for last 2-3 years. >> >> >> Roger >> >> >> On 2013-01-21, at 4:24 PM, Stéphan Monette <[email protected]> wrote: >> >>> Was your account still hacked after resetting your passwords? >>> >>> On 2013-01-21, at 4:22 PM, Roger Si <[email protected]> wrote: >>> >>>> >>>> I used 3CX soft phone version 1.1.5 running on iPhone 5 on Fido's LTE >>>> network to make some phone calls before the account is comprised yesterday >>>> evening.. >>>> >>>> of course, I reset passwords in unlimited portal afterwards. >>>> >>>> >>>> Roger >>>> >>>> >>>> >>>> On 2013-01-21, at 3:54 PM, Mike - QTI <[email protected]> wrote: >>>> >>>>> Stephan, Very good points! >>>>> >>>>> Also you should reverse search your IP in http://www.shodanhq.com/ . I had >>>>> a user who did not change the admin password on their ATA and it was >>>>> exposed to the internet. So hackers just went to the ATA web maint page, >>>>> used the default credentials and then scrape the account information. Then >>>>> used the account to call cell phones in Moscow. Found his IP and device in >>>>> the Shodan Database. >>>>> >>>>> Mike >>>>> >>>>> On Mon, Jan 21, 2013 at 3:36 PM, Stéphan Monette >>>>> <[email protected]>wrote: >>>>> >>>>>> Roger, >>>>>> >>>>>> Just to make sure I didn't left my list of userids and passwords in some >>>>>> file with Google or somewhere else, I would first login into the web >>>>>> portal >>>>>> and reset my SIP and IAX passwords. >>>>>> >>>>>> I've seen a lot of people with their Hotmail, Gmail, Yahoo Mail accounts >>>>>> hacked without them knowing about it. Sometimes; the hackers are getting >>>>>> the userids and passwords from the saved emails you have left in your >>>>>> Gmail >>>>>> or other free email services! They usually look for bank account data, >>>>>> but >>>>>> they would sell any good information to anyone willing to pay for it >>>>>> including SIP accounts info! >>>>>> >>>>>> In the past when I was working on the Unlimitel systems, we made sure the >>>>>> username and passwords could not be guessed. We even stopped sending >>>>>> passwords by email! And we would still see users having their passwords >>>>>> stolen because they shared a Google drive (docs back then) with someone >>>>>> else who got their google account hacked!!!! >>>>>> >>>>>> After Primus took over, they even went an extra step by blocking any IP >>>>>> that would fail to register a SIP account to stop hackers from guessing >>>>>> Unlimitel SIP passwords. >>>>>> >>>>>> The web portal is designed so that your browser do not cache any infos! >>>>>> The passwords are not even listed in TEXT on the web portal to make sure >>>>>> customers with some sort of virus or malware could spy on your data! So >>>>>> if >>>>>> the hackers were able to make calls using your SIP credentials, this >>>>>> means >>>>>> they had the right data on hand and never got blocked because they never >>>>>> failed the SIP authentication. >>>>>> >>>>>> So I would suggest to reset your passwords (using the web portal) and do >>>>>> not save your passwords list anywhere on your computer or cloud storage >>>>>> services. >>>>>> >>>>>> That should stop them. If not, use a different tools or softphone! >>>>>> >>>>>> >>>>>> >>>>> >>>>>> On 2013-01-21, at 3:20 PM, Mark Brown <[email protected]> wrote: >>>>>> >>>>>>> Roger, >>>>>>> >>>>>>> Is there a chance the phone was compromised? >>>>>>> >>>>>>> You didn't say what phone or app you were using. >>>>>>> >>>>>>> Android phones seem to have a swiss cheese security model, and many apps >>>>>> are not always as they seem..... >>>>>>> I'm not sure the iPhones are much better. >>>>>>> I've automatically discounted Windows phones.... :-) >>>>>>> >>>>>>> I have a remote ATA with Unlimitel, and I haven't had such a problem.... >>>>>> yet. >>>>>>> >>>>>>> /M >>>>>>> >>>>>>> On 1/21/2013 9:33 AM, Yajie wrote: >>>>>>>> this has been pain in the ass. as soon as I make some international >>>>>> calls >>>>>>>> for several days, my account will be hacked, hacker made a lot of calls >>>>>> to >>>>>>>> high rate country in no time and my account will be blocked by >>>>>> Unlimitel. >>>>>>>> this happened at least 5 times in last two years. my friend has same >>>>>> issue >>>>>>>> too. interestingly, i didn't use asterisk to make calls recently, but a >>>>>>>> SIP softphone on my cell phone. so there is no way hacker can hack >>>>>> into my >>>>>>>> asterisk. I know unlimtel has much restrict password rule than any >>>>>>>> other >>>>>>>> ITSP i used. but only unlimitel got hacked every time . Do you guys >>>>>>>> know >>>>>>>> why? or i really should abandon Unlimitel's ship? Thanks! >>>>>>>> >>>>>>>> >>>>>>>> Roger >>>>>>>> >>>>>>> >>>>>>> >>>>>>> --------------------------------------------------------------------- >>>>>>> To unsubscribe, e-mail: [email protected] >>>>>>> For additional commands, e-mail: [email protected] >>>>>>> >>>>>> >>>>>> >>>>>> --------------------------------------------------------------------- >>>>>> To unsubscribe, e-mail: [email protected] >>>>>> For additional commands, e-mail: [email protected] >>>>>> >>>>>> >>>>> >>>>> >>>>> -- >>>>> Mike Ashton >>>>> CTO >>>>> Quality Track International >>>>> >>>>> Phone: +1 647.724.3500 x251 >>>>> Cell: +1 416.527.4995 >>>> >>>> >>>> --------------------------------------------------------------------- >>>> To unsubscribe, e-mail: [email protected] >>>> For additional commands, e-mail: [email protected] >>>> >>> >> > --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
