<html><head><style type="text/css"><!-- DIV {margin:0px;} --></style></head><body><div style="font-family:times new roman, new york, times, serif;font-size:12pt"><P>How can I tell from /var/log/asterisk/cdr-csv/Master.csv if a call was made using one of my existing asterisk accounts or was made from a DID that my VOIP provider furnishes. The provider is claiming that my server was brute force attacked. I think that my extensions.conf file had a hole in it which allowed someone to dial the DID number and then dial out. I'm pretty sure of the DID weakness and just wasn't aware that someone has got a hold of it. But is my asterisk server has been compromised, that would surprise me.</P>
<P> </P>
<P>My asterisk server is behing a firewall natd server. I only have a few user accounts on it and the passwords for them are very cyrptic. I don't doubt anything these days but I'm just not sure how to confirm how the hackers are getting in.</P></div><br>
</body></html>