<html>
<head>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<div class="moz-cite-prefix">Am 01.10.2014 um 15:48 schrieb Gokan
Atmaca:<br>
</div>
<blockquote
cite="mid:CAHg8tEDM+L1NP9DKszZz2q-Z4wrJs_=OOsL7WuO_Dsuo5Ybeqg@mail.gmail.com"
type="cite">
<blockquote type="cite">
<pre wrap="">Someone reported me that from a PBX on which someone gained fraudulent
access, he could observe hundreds of calls to the same destination
number.
</pre>
</blockquote>
<pre wrap="">
</pre>
<blockquote type="cite">
<pre wrap="">For curiosity's sake, I'm wondering why would this happen (dialing the
same number over and over) ?
</pre>
</blockquote>
<pre wrap="">
</pre>
<blockquote type="cite">
<pre wrap="">Some special numbers generate here and there revenues for callees (and
not for callers).
Beside sharing interests with the callee that get those revenues, why
a hacker would like to dial the same numbers over and over ?
In other words, in this case, is looking at callee number a promising
path to find hackers ?
</pre>
</blockquote>
<pre wrap="">
Is there a bot virus ? Do you IP address restrictions ?</pre>
</blockquote>
I have one SIP Proxy without any outbound trunks/routing and this
Proxy is just collecting bad source IPs and bad destination numbers
for the database blacklist table <br>
and I use this blacklist table in my productive System.<br>
<br>
<blockquote
cite="mid:CAHg8tEDM+L1NP9DKszZz2q-Z4wrJs_=OOsL7WuO_Dsuo5Ybeqg@mail.gmail.com"
type="cite">
<pre wrap="">
On Wed, Oct 1, 2014 at 4:36 PM, Administrator TOOTAI <a class="moz-txt-link-rfc2396E" href="mailto:admin@tootai.net"><admin@tootai.net></a> wrote:
</pre>
<blockquote type="cite">
<pre wrap="">Le 01/10/2014 11:40, Olivier a écrit :
</pre>
<blockquote type="cite">
<pre wrap="">
Hi,
</pre>
</blockquote>
<pre wrap="">
Hi
</pre>
<blockquote type="cite">
<pre wrap="">
Someone reported me that from a PBX on which someone gained fraudulent
access, he could observe hundreds of calls to the same destination
number.
For curiosity's sake, I'm wondering why would this happen (dialing the
same number over and over) ?
Some special numbers generate here and there revenues for callees (and
not for callers).
Beside sharing interests with the callee that get those revenues, why
a hacker would like to dial the same numbers over and over ?
</pre>
</blockquote>
<pre wrap="">
callee is also the bad men. Go and buy an 899 number in France, hack PBXS
and call your number :-)
[...]
--
Daniel
--
_____________________________________________________________________
-- Bandwidth and Colocation Provided by <a class="moz-txt-link-freetext" href="http://www.api-digital.com">http://www.api-digital.com</a> --
New to Asterisk? Join us for a live introductory webinar every Thurs:
<a class="moz-txt-link-freetext" href="http://www.asterisk.org/hello">http://www.asterisk.org/hello</a>
asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
<a class="moz-txt-link-freetext" href="http://lists.digium.com/mailman/listinfo/asterisk-users">http://lists.digium.com/mailman/listinfo/asterisk-users</a>
</pre>
</blockquote>
<pre wrap="">
</pre>
</blockquote>
<br>
<br>
<div class="moz-signature">-- <br>
<b>Rainer Piper</b>
<br>
Integration engineer
<br>
Koeslinstr. 56
<br>
53123 BONN <br>
GERMANY
<br>
Phone: +49 228 97167161
<br>
P2P: <a class="moz-txt-link-freetext" href="sip:rainer@sip.soho-piper.de:5072">sip:rainer@sip.soho-piper.de:5072</a> (pjsip-test)
<br>
XMPP: <a class="moz-txt-link-abbreviated" href="mailto:rainer@xmpp.soho-piper.de">rainer@xmpp.soho-piper.de</a></div>
</body>
</html>