ul it
wasn't SSH.
Thanks again. Waiting on reports from the telco to see what the damage is...
Tom
From: David Kerr [mailto:da...@kerr.net]
Sent: 16 July 2012 14:54
To: AstLinux Users Mailing List
Subject: Re: [Astlinux-users] Hacked - please help
You would start by analyse the C
You would start by analyse the CDR log and looking to see from which
context the calls are originating.
Make sure that you don't have a "default" context, but if you do need it
(to receive legitimate inbound calls) then make sure that this context only
permits access to internal extensions, not an
Sorry to hear this... A few notes from the voice of experience:
Probable cause:
hacked SIP password from an unauthorized IP address. problem could be
an overly simplistic or nonexistent SIP secret. look at your logs and
see what the source channel(s) are/is and shut that channel or channels
do
Hello all
It's finally happened, and our Astlinux box has been compromised, with many
premium/unauthorized calls being made. Would someone be willing to help out
diagnose what happened and rectify the vulnerability? Obviously, this can be
paid work. If anyone is interested, and can get back to me
