On 10/14/10 9:10 PM, Jeff LaCoursiere wrote:
Hi,
Embarrassed as I am to write this, I am hoping for some advice. One of
our very first PBX installs, now six years old, was taken advantage of
over the past few weeks. A victim of sipvicious, I assume, that managed
to guess one of the SIP
- Original Message -
When we designed our systems on asterisk we designed it to me multi-tenant. Se
we use customer prefixes on all extensions. This allows us to have multiple
customers using the same extension pools. It also reduces the hack foot print
as hackers must know the
...@totarotechnologies.com
Sent: Friday, October 15, 2010 11:22 AM
To: Asterisk Users Mailing List - Non-Commercial Discussion
asterisk-users@lists.digium.com
Subject: Re: [asterisk-users] fraud advice
On Fri, Oct 15, 2010 at 10:29 AM, Steve Edwards
asterisk@sedwards.com wrote:
On Thu, 14 Oct 2010, bruce bruce
On Thu, 14 Oct 2010, bruce bruce wrote:
But it also sickens me at how badly Asterisk is made to not cope with
situations like this and worse than that is FreePBX.
Kind of like blaming the gun manufacturer instead of the criminal with
their finger on the trigger?
Is there some gaping hole in
For future I would highly recommend to have at least fail2ban installed.
This way sipvicous IPs will be blocked instantly before they could create
any damage. Also I prefer to limit International calling to only certain
limit, e.g. only for $10 per account, but this depends upon how your
business
On Fri, Oct 15, 2010 at 10:29 AM, Steve Edwards
asterisk@sedwards.com wrote:
On Thu, 14 Oct 2010, bruce bruce wrote:
But it also sickens me at how badly Asterisk is made to not cope with
situations like this and worse than that is FreePBX.
Kind of like blaming the gun manufacturer
We took a pretty nasty hit one time, a system administrator didnt listen to
us about changing the passwords. Luckily they took part of the blame in
that, and we split the 1800$ it cost us in half. We could have changed
them, and she didnt change them, so we were both at fault.
Like said
On Fri, Oct 15, 2010 at 11:50 AM, Jeff LaCoursiere j...@sunfone.com wrote:
snipped
(BTW Sierra Leone is in West Africa, not the Middle East.)
True ;) Most of the calls were Iraq, UAE, Lebanon... Found another one
today that was 2.5 DAYS long to Chile. Bizarre.
j
Not bizarre at all.
On Fri, 2010-10-15 at 07:29 -0700, Steve Edwards wrote:
On Thu, 14 Oct 2010, bruce bruce wrote:
But it also sickens me at how badly Asterisk is made to not cope with
situations like this and worse than that is FreePBX.
Kind of like blaming the gun manufacturer instead of the criminal
Hi,
Embarrassed as I am to write this, I am hoping for some advice. One of
our very first PBX installs, now six years old, was taken advantage of
over the past few weeks. A victim of sipvicious, I assume, that managed
to guess one of the SIP passwords. 4000 calls to various middle eastern
and save your
bacon.
Cary Fitch
-Original Message-
From: asterisk-users-boun...@lists.digium.com
[mailto:asterisk-users-boun...@lists.digium.com] On Behalf Of Jeff
LaCoursiere
Sent: Thursday, October 14, 2010 8:11 PM
To: asterisk-users@lists.digium.com
Subject: [asterisk-users] fraud
Jeff,
I suggest talking to your PSTN/VoIP provider. We had a large amount going
through TATA communications and have not accepted their word for payment
because they had a duty to not allow traffic if our credit went down to $1k
while the calls charged were actually more than that.
12 matches
Mail list logo
