No it's not safe to say it has been compromised. If you have 5060 open to the world, you're bound to see these. As you can see, both failed.
Mike On Sun, Oct 28, 2012 at 11:59 AM, Joe Conway <[email protected]> wrote: > While looking through my CDR history I noticed the following two records > from yesterday afternoon. > > From To Start > ------- --------------- ---------------- > 5550000 011972599537676 10/27/12 3:17 PM > > Duration Status > -------- ------ > 00:00:00 Failed > > From To Start > ------- --------------- ---------------- > 5550000 9011972599537676 10/27/12 3:18 PM > Duration Status > -------- ------ > 00:00:00 Failed > > Is it safe to assume from those records that my system has been > compromised (I know that no legitimate calls were attempted in that time > frame, let alone international ones)? > > Does the "From 5550000" provide any clue as to how the system was > compromised? > > FWIW, I am running a very old version: > 4.2.1-018971.21.0 2011-05-24T20:34:29 snowbird.hubler.us > Would upgrading plug some known hole that might be getting exploited here? > > Thanks for any insights. > > Joe > > > -- > Joe Conway > credativ LLC: http://www.credativ.us > Linux, PostgreSQL, and general Open Source > Training, Service, Consulting, & 24x7 Support > > _______________________________________________ > sipx-users mailing list > [email protected] > List Archive: http://list.sipfoundry.org/archive/sipx-users/ > -- Michael Picher, Director of Technical Services eZuce, Inc. 300 Brickstone Square**** Suite 201**** Andover, MA. 01810 O.978-296-1005 X2015 M.207-956-0262 @mpicher <http://twitter.com/mpicher> linkedin <http://www.linkedin.com/profile/view?id=35504760&trk=tab_pro> www.ezuce.com ------------------------------------------------------------------------------------------------------------ There are 10 kinds of people in the world, those who understand binary and those who don't.
_______________________________________________ sipx-users mailing list [email protected] List Archive: http://list.sipfoundry.org/archive/sipx-users/
