[asterisk-biz] Bad routign or hack attempt ?
Ken Rice
krice at rmktek.com
Thu May 14 10:35:06 CDT 2009
He's also using this IP address
173.45.67.130
> From: ContactTel Business <lists at contacttel.com>
> Reply-To: Commercial and Business-Oriented Asterisk Discussion
> <asterisk-biz at lists.digium.com>
> Date: Thu, 14 May 2009 10:15:47 -0400
> To: 'Commercial and Business-Oriented Asterisk Discussion'
> <asterisk-biz at lists.digium.com>
> Subject: Re: [asterisk-biz] Bad routign or hack attempt ?
>
> Here is the trace.. please DEVs... add a reporting option to sip stack that
> will report on that ip , or something..
> This guy has been hacking alot of servers and is currently under FBI
> investigation
> You see he's using s=Asterisk PBX 1.6.0.5.
>
>
>
>
> U 2009/05/14 06:42:17.973715 93.190.143.10:5060 -> 174.x.x.x:5060
> INVITE sip:98103619990127 at 174.x.x.xSIP/2.0.
> Via: SIP/2.0/UDP 93.190.143.10:5060;branch=z9hG4bK3f5cffbb;rport.
> Max-Forwards: 70.
> From: "MeucciSolutions" <sip:MeucciSolutions at 93.190.143.10>;tag=as123b6c7b.
> To: <sip:98103619990127 at 174.x.x.x>.
> Contact: <sip:MeucciSolutions at 93.190.143.10>.
> Call-ID: 271aa7a750168cf60a36ad654a713caa at 93.190.143.10.
> CSeq: 102 INVITE.
> User-Agent: MeucciSolutions.
> Date: Thu, 14 May 2009 10:42:25 GMT.
> Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY.
> Supported: replaces, timer.
> Content-Type: application/sdp.
> Content-Length: 287.
> .
> v=0.
> o=root 634218215 634218215 IN IP4 93.190.143.10.
> s=Asterisk PBX 1.6.0.5.
> c=IN IP4 93.190.143.10.
> t=0 0.
> m=audio 10990 RTP/AVP 8 0 101.
> a=rtpmap:8 PCMA/8000.
> a=rtpmap:0 PCMU/8000.
> a=rtpmap:101 telephone-event/8000.
> a=fmtp:101 0-16.
> a=silenceSupp:off - - - -.
> a=ptime:20.
> a=sendrecv.
>
>
>>> -----Original Message-----
>>> From: asterisk-biz-bounces at lists.digium.com [mailto:asterisk-biz-
>>> bounces at lists.digium.com] On Behalf Of Elliot Otchet
>>> Sent: May-13-09 7:43 PM
>>> To: 'asterisk-biz at lists.digium.com'
>>> Subject: Re: [asterisk-biz] Bad routign or hack attempt ?
>>>
>>> Agreed. We've seen it too.
>>>
>>> Pardon the typos, my Blackberry has small buttons.
>>> Elliot Otchet
>>> Calling Circles LLC
>>>
>>> ----- Original Message -----
>>> From: asterisk-biz-bounces at lists.digium.com <asterisk-biz-
>>> bounces at lists.digium.com>
>>> To: Commercial and Business-Oriented Asterisk Discussion <asterisk-
>>> biz at lists.digium.com>
>>> Sent: Wed May 13 19:27:03 2009
>>> Subject: Re: [asterisk-biz] Bad routign or hack attempt ?
>>>
>>>
>>> Hack attempt 100%. Ban it.
>>>
>>> --- On Wed, 5/13/09, ContactTel Business <lists at contacttel.com> wrote:
>>>
>>>> From: ContactTel Business <lists at contacttel.com>
>>>> Subject: [asterisk-biz] Bad routign or hack attempt ?
>>>> To: "'Commercial and Business-Oriented Asterisk Discussion'"
>>> <asterisk-biz at lists.digium.com>
>>>> Date: Wednesday, May 13, 2009, 7:05 PM
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> Seems someone at MeucciSolutions at 93.190.143.10
>>>> could be trying to break in ..
>>>>
>>>>
>>>>
>>>> Anyone have heard of any of the 2
>>>> parts of the uri ?
>>>>
>>>>
>>>>
>>>> Thanks
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> -----Inline Attachment Follows-----
>>>>
>>>> _______________________________________________
>>>> --Bandwidth and Colocation Provided by http://www.api-digital.com--
>>>>
>>>> asterisk-biz mailing list
>>>> To UNSUBSCRIBE or update options visit:
>>>> http://lists.digium.com/mailman/listinfo/asterisk-biz
>>>
>>> _______________________________________________
>>> --Bandwidth and Colocation Provided by http://www.api-digital.com--
>>>
>>> asterisk-biz mailing list
>>> To UNSUBSCRIBE or update options visit:
>>> http://lists.digium.com/mailman/listinfo/asterisk-biz
>>>
>>> This message is intended only for the use of the individual (s) or
>>> entity to which it is addressed and may contain information that is
>>> privileged, confidential, and/or proprietary to Calling Circles LLC and
>>> its affiliates. If the reader of this message is not the intended
>>> recipient, you are hereby notified that any dissemination,
>>> distribution, forwarding or copying of this communication is prohibited
>>> without the express permission of the sender. If you have received this
>>> communication in error, please notify the sender immediately and delete
>>> the original message.
>>> _______________________________________________
>>> --Bandwidth and Colocation Provided by http://www.api-digital.com--
>>>
>>> asterisk-biz mailing list
>>> To UNSUBSCRIBE or update options visit:
>>> http://lists.digium.com/mailman/listinfo/asterisk-biz
>
>
> _______________________________________________
> --Bandwidth and Colocation Provided by http://www.api-digital.com--
>
> asterisk-biz mailing list
> To UNSUBSCRIBE or update options visit:
> http://lists.digium.com/mailman/listinfo/asterisk-biz
More information about the asterisk-biz
mailing list