<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40"><head><META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=us-ascii"><meta name=Generator content="Microsoft Word 14 (filtered medium)"><style><!--
/* Font Definitions */
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Tahoma;
panose-1:2 11 6 4 3 5 4 4 2 4;}
@font-face
{font-family:"Comic Sans MS";
panose-1:3 15 7 2 3 3 2 2 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman","serif";}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
span.EmailStyle17
{mso-style-type:personal-reply;
font-family:"Calibri","sans-serif";
color:#1F497D;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]--></head><body lang=EN-US link=blue vlink=purple><div class=WordSection1><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>Use IPTables to lock down your machine to only accept incoming connections from your local network and from the particular IPs that you are expecting connections from (such as your SIP trunk, maybe).<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>That is of course assuming that these calls are made by SIP.<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>Don’t forget to also change all the passwords.<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'><o:p> </o:p></span></p><div><div style='border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in 0in 0in'><p class=MsoNormal style='margin-left:.5in'><b><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'>From:</span></b><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'> asterisk-users-bounces@lists.digium.com [mailto:asterisk-users-bounces@lists.digium.com] <b>On Behalf Of </b>Gary Kuznitz <br><b>Sent:</b> Monday, November 22, 2010 8:23 AM<br><b>To:</b> Asterisk Users Mailing List - Non-Commercial Discussion<br><b>Subject:</b> [asterisk-users] Someone has hacked into our system<o:p></o:p></span></p></div></div><p class=MsoNormal style='margin-left:.5in'><o:p> </o:p></p><p class=MsoNormal style='margin-left:.5in'><span lang=EN style='font-size:10.0pt;font-family:"Comic Sans MS"'>Someone has hacked into our system and is making calls overseas. </span><span lang=EN><o:p></o:p></span></p><p class=MsoNormal style='margin-left:.5in'><span lang=EN style='font-size:10.0pt;font-family:"Comic Sans MS"'>How can I:</span><span lang=EN><o:p></o:p></span></p><p class=MsoNormal style='margin-left:.5in'><span lang=EN><o:p> </o:p></span></p><p class=MsoNormal style='margin-left:.5in'><span lang=EN style='font-size:10.0pt;font-family:"Comic Sans MS"'>1. Find out the where the calls are originating from?</span><span lang=EN><o:p></o:p></span></p><p class=MsoNormal style='margin-left:.5in'><span lang=EN style='font-size:10.0pt;font-family:"Comic Sans MS"'>2. Block all calls that are not authorized?</span><span lang=EN><o:p></o:p></span></p><p class=MsoNormal style='margin-left:.5in'><span lang=EN><o:p> </o:p></span></p><p class=MsoNormal style='margin-left:.5in'><span lang=EN style='font-size:10.0pt;font-family:"Comic Sans MS"'>Our system is in the USA.</span><span lang=EN><o:p></o:p></span></p><p class=MsoNormal style='margin-left:.5in'><span lang=EN style='font-size:10.0pt;font-family:"Comic Sans MS"'>Only calls from inside our LAN are allowed.</span><span lang=EN><o:p></o:p></span></p><p class=MsoNormal style='margin-left:.5in'><span lang=EN><o:p> </o:p></span></p><p class=MsoNormal style='margin-left:.5in'><span lang=EN style='font-size:10.0pt;font-family:"Comic Sans MS"'>Thank you,</span><span lang=EN><o:p></o:p></span></p><p class=MsoNormal style='margin-left:.5in'><span lang=EN><o:p> </o:p></span></p><p class=MsoNormal style='margin-left:.5in'><span lang=EN style='font-size:10.0pt;font-family:"Comic Sans MS"'>Gary Kuznitz</span><span lang=EN><o:p></o:p></span></p><p class=MsoNormal style='margin-left:.5in'><span lang=EN><o:p> </o:p></span></p><p class=MsoNormal style='margin-left:.5in'><span lang=EN> <o:p></o:p></span></p></div></body></html>