[asterisk-users] Hacked by Microsoft?

jon pounder jonp at inline.net
Wed Nov 28 23:03:53 CST 2012 

On 11/28/2012 11:52 PM, Steve Totaro wrote:

You're not serious right ?

That is just the center of the country since no better location is 
available.
> On Wed, Nov 28, 2012 at 7:45 PM, J Gao <jgao at veecall.com> wrote:
>> This morning someone tried to make sip call through my Asterisk. My server
>> just drop these calls and record them in CDR with IP address:
>>
>>          2012-11-28 06:30:51     SIP/216...      1000    "1000" <1000>
>> Hangup   999011972592249388     ANSWERED        00:01   Hacker:
>> 168.63.67.239
>> 2.      2012-11-28 06:30:49     SIP/216...      1000    "1000" <1000>
>> Hangup   88011972592249388      ANSWERED        00:01   Hacker:
>> 168.63.67.239
>> 3.      2012-11-28 06:30:46     SIP/216...      1000    "1000" <1000>
>> Answer   99011972592249388      ANSWERED        00:02
>> 4.      2012-11-28 06:30:43     SIP/216...      1000    "1000" <1000>
>> Answer   1011972592249388       ANSWERED        00:02
>> 5.      2012-11-28 06:30:39     SIP/216...      1000    "1000" <1000>
>> Hangup   2011972592249388       ANSWERED        00:00   Hacker:
>> 168.63.67.239
>> 6.      2012-11-28 06:30:33     SIP/216...      1000    "1000" <1000>
>> Hangup   7011972592249388       ANSWERED        00:01   Hacker:
>> 168.63.67.239
>> 7.      2012-11-28 06:30:30     SIP/216...      1000    "1000" <1000>
>> Answer   8011972592249388       ANSWERED        00:03
>> 8.      2012-11-28 06:30:27     SIP/216...      1000    "1000" <1000>
>> Hangup   9011972592249388       ANSWERED        00:06   Hacker:
>> 168.63.67.239
>> 9.      2012-11-28 06:30:25     SIP/216...      1000    "1000" <1000>
>> Answer   011972592249388       ANSWERED        00:07
>>
>> Now I noticed something interesting: The hacker's IP address: 168.63.67.239
>>
>> whois gave me:
>> NetRange:       168.61.0.0 - 168.63.255.255
>> CIDR:           168.61.0.0/16, 168.62.0.0/15
>> OriginAS:
>> NetName:        MSFT-EP
>> NetHandle:      NET-168-61-0-0-1
>> Parent:         NET-168-0-0-0-0
>> NetType:        Direct Assignment
>> RegDate:        2011-06-22
>> Updated:        2012-10-16
>> Ref:            http://whois.arin.net/rest/net/NET-168-61-0-0-1
>>
>> OrgName:        Microsoft Corp
>> OrgId:          MSFT-Z
>> Address:        One Microsoft Way
>> City:           Redmond
>> StateProv:      WA
>> PostalCode:     98052
>> Country:        US
>> RegDate:        2011-06-22
>> Updated:        2011-06-22
>> Ref:            http://whois.arin.net/rest/org/MSFT-Z
>>
>>
>> hmmmmmmm.... Did I just hacked by Micro$oft?
>>
>> Gao
>>
> http://iplocation.truevue.org/168.63.67.239.html
>
> --
> _____________________________________________________________________
> -- Bandwidth and Colocation Provided by http://www.api-digital.com --
> New to Asterisk? Join us for a live introductory webinar every Thurs:
>                 http://www.asterisk.org/hello
>
> asterisk-users mailing list
> To UNSUBSCRIBE or update options visit:
>     http://lists.digium.com/mailman/listinfo/asterisk-users

More information about the asterisk-users mailing list