Somebody (something :) ) from your local lan might just sent invites directly to AC. Do you collect syslog or cdr from your AC? (that would be for certain). "IP to tel calls count" on the AC may be interesting... Regards, Nikolay.
> -----Original Message----- > From: sipx-users-boun...@list.sipfoundry.org > [mailto:sipx-users-boun...@list.sipfoundry.org] On Behalf Of Huw Jones > Sent: Wednesday, January 12, 2011 1:38 PM > To: sipx-users@list.sipfoundry.org > Subject: [sipx-users] Suspicious calls > > Hi folks > > We've had a strange situation in our college. Over the > Christmas holiday one of our sites is reported (by BT) to > have made thousands of 'suspicious' calls to Sierra Leone!! > I've checked the Call Detail Records on the web interface and > there's no sign of these calls, I've also searched through > the contents of /var/log/sipxpbx/ and there's no sign of the > numbers there either. > > Our SipX server is not visible from outside our own network > and it only interfaces with the outside world via three > Audiocodes gateways connected to ISDN. If the calls were made > maliciously I'm at a loss how they did it. :-( > > Can anyone suggest where I might look for further > information? I'm pretty dubious that these calls really have > come from our system but I'd like to be certain!! I'd very > much appreciate any advice or suggestions. > > Happy New Year to you all > > Huw > > > ******************************************************************* > Mae'r e-bost yma ac unrhyw ffeiliau a drosglwyddir oddi fewn > iddo yn gyfrinachol, a bwriedir ef ar gyfer yr unigolyn neu'r > endidau mae wedi ei gyfeirio ato'n unig. Os ydych wedi derbyn > yr e-bost yma trwy gamgymeriad hysbyswch y rheolwr system os > gwelwch yn dda. > > Mae'r troednodyn yma hefyd yn cadarnhau bod y neges e-bost > yma wedi cael ei wirio gan MIMEsweeper am unrhyw feirysau > cyfrifiadurol oedd yn bodoli. > www.mimesweeper.com > ******************************************************************* > This email and any files transmitted with it are confidential > and intended solely for the use of the individual or entity > to whom they are addressed. If you have received this email > in error please notify the system manager. > > This footnote also confirms that this email message has been > swept by MIMEsweeper for the presence of computer viruses. > > www.mimesweeper.com > ******************************************************************* > > > _______________________________________________ > sipx-users mailing list > sipx-users@list.sipfoundry.org > List Archive: http://list.sipfoundry.org/archive/sipx-users/ _______________________________________________ sipx-users mailing list sipx-users@list.sipfoundry.org List Archive: http://list.sipfoundry.org/archive/sipx-users/
