also check the freeswitch log,
On Wed, Jan 12, 2011 at 9:20 AM, Huw Jones <[email protected]> wrote: > Thank you (and Tony) for the suggestions. I'll investigate as per your advice. > > > Cheers > > > Huw > > > >>>> "Nikolay Kondratyev" 01/12/11 11:08 AM >>> > Somebody (something :) ) from your local lan might just sent invites > directly to AC. > Do you collect syslog or cdr from your AC? (that would be for certain). > "IP to tel calls count" on the AC may be interesting... > Regards, > Nikolay. > >> -----Original Message----- >> From: [email protected] >> [mailto:[email protected]] On Behalf Of Huw Jones >> Sent: Wednesday, January 12, 2011 1:38 PM >> To: [email protected] >> Subject: [sipx-users] Suspicious calls >> >> Hi folks >> >> We've had a strange situation in our college. Over the >> Christmas holiday one of our sites is reported (by BT) to >> have made thousands of 'suspicious' calls to Sierra Leone!! >> I've checked the Call Detail Records on the web interface and >> there's no sign of these calls, I've also searched through >> the contents of /var/log/sipxpbx/ and there's no sign of the >> numbers there either. >> >> Our SipX server is not visible from outside our own network >> and it only interfaces with the outside world via three >> Audiocodes gateways connected to ISDN. If the calls were made >> maliciously I'm at a loss how they did it. :-( >> >> Can anyone suggest where I might look for further >> information? I'm pretty dubious that these calls really have >> come from our system but I'd like to be certain!! I'd very >> much appreciate any advice or suggestions. >> >> Happy New Year to you all >> >> Huw >> >> >> ******************************************************************* >> Mae'r e-bost yma ac unrhyw ffeiliau a drosglwyddir oddi fewn >> iddo yn gyfrinachol, a bwriedir ef ar gyfer yr unigolyn neu'r >> endidau mae wedi ei gyfeirio ato'n unig. Os ydych wedi derbyn >> yr e-bost yma trwy gamgymeriad hysbyswch y rheolwr system os >> gwelwch yn dda. >> >> Mae'r troednodyn yma hefyd yn cadarnhau bod y neges e-bost >> yma wedi cael ei wirio gan MIMEsweeper am unrhyw feirysau >> cyfrifiadurol oedd yn bodoli. >> www.mimesweeper.com >> ******************************************************************* >> This email and any files transmitted with it are confidential >> and intended solely for the use of the individual or entity >> to whom they are addressed. If you have received this email >> in error please notify the system manager. >> >> This footnote also confirms that this email message has been >> swept by MIMEsweeper for the presence of computer viruses. >> >> www.mimesweeper.com >> ******************************************************************* >> >> >> _______________________________________________ >> sipx-users mailing list >> [email protected] >> List Archive: http://list.sipfoundry.org/archive/sipx-users/ > > _______________________________________________ > sipx-users mailing list > [email protected] > List Archive: http://list.sipfoundry.org/archive/sipx-users/ > > > _______________________________________________ > sipx-users mailing list > [email protected] > List Archive: http://list.sipfoundry.org/archive/sipx-users/ > _______________________________________________ sipx-users mailing list [email protected] List Archive: http://list.sipfoundry.org/archive/sipx-users/
