Le 28/01/2015 22:03, Steven McCann a écrit :
Hello,
Hi
I'm investigating a situation where there was a hundreds of minutes of calls from an internal SIP extension to an 855 number in Cambodia, resulting in a crazy ($25,000+) bill from the phone company. I'm investigating, but can anyone provide some feedback on what's happened here? I'm investigating how this happened as well as what types of arrangements can be made with the phone company (CenturyLink in Texas). Some details: * PBX is located in Texas * Phone carrier is CenturyLink * FreePBX distro running asterisk 1.8.14 * source SIP extension is Mitel 5212, firmware 08.00.00.04, default admin password (argh!). Phone is used by many different people. More PBX setting details: * inbound SIP traffic is not allowed through the firewall * internal network is not accessed by many * FreePBX web interface *Questions I have at this moment:* 1) how were the calls placed? Was the Mitel SIP phone hacked somehow? Asterisk PBX?
Check your logs. In the full log with verbosity 3 you can follow how calls were treated. Also the CDR should give you informations like the extension(s) who placed those calls
[...] -- Daniel -- _____________________________________________________________________ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
