[asterisk-users] Hacked
ContactTel Business
lists at contacttel.com
Mon Apr 6 15:51:22 CDT 2009
ping www.songania.com
PING www.songania.com (89.248.168.176) 56(84) bytes of data.
64 bytes from 89.248.168.176: icmp_seq=1 ttl=49 time=131 ms
If you clicked on it you would of seen it shows info on the domain, that is
hosted on it.. ill bite back ;)
Then on bottom.. Owned By Al-Sharif
Al-sharif ? rings a bell.. but who knows.. iptables --block all the worls
minus what you want..
-----Original Message-----
From: asterisk-users-bounces at lists.digium.com
[mailto:asterisk-users-bounces at lists.digium.com] On Behalf Of Jeff
LaCoursiere
Sent: April-06-09 4:29 PM
To: Asterisk Users Mailing List - Non-Commercial Discussion
Subject: Re: [asterisk-users] Hacked
Ok, I'll bite. What does websiteoutlook have to do with it?
The IP mentioned is in the Netherlands:
% Information related to '89.248.168.0 - 89.248.168.255'
inetnum: 89.248.168.0 - 89.248.168.255
netname: NL-ECATEL
descr: AS29073, Ecatel LTD
country: NL
admin-c: EL25-RIPE
tech-c: EL25-RIPE
status: ASSIGNED PA
mnt-by: ECATEL-MNT
mnt-lower: ECATEL-MNT
mnt-routes: ECATEL-MNT
source: RIPE # Filtered
role: Ecatel LTD
address: Gyroscoopweg 2F
address: 1042AB Amsterdam
address: Netherlands
abuse-mailbox: abuse at ecatel.net
admin-c: EL25-RIPE
tech-c: EL25-RIPE
nic-hdl: EL25-RIPE
source: RIPE # Filtered
% Information related to '89.248.168.0/24as29073'
route: 89.248.168.0/24
descr: AS29073 route object
origin: as29073
mnt-by: ECATEL-MNT
source: RIPE # Filtered
j
On Mon, 6 Apr 2009, ContactTel Business wrote:
> http://www.websiteoutlook.com/www.songania.com
>
>
>
>
>
>
>
> From: asterisk-users-bounces at lists.digium.com
> [mailto:asterisk-users-bounces at lists.digium.com] On Behalf Of Jeremy Mann
> Sent: April-06-09 3:55 PM
> To: 'Asterisk Users Mailing List - Non-Commercial Discussion'
> Subject: [asterisk-users] Hacked
>
>
>
> Just FYI:
>
>
>
> IP address 89.248.168.176 has been trying to use the recently release SIP
> vulnerability in Asterisk to make outbound calls via our box. They are
> running a bank account callback scam.
>
>
>
> Jeremy Mann
>
> Director of IT
>
> Texas Health Management Group
>
> Direct Line: 817-310-4956
>
> Main Line: 817-310-4999
>
> Helpdesk: 817-310-4999 x3
>
> Fax: 817-310-4990
>
> Email: jmann at txhmg.com
>
>
>
>
>
> _____
>
> This e-mail, facsimile, or letter and any files or attachments transmitted
> with it contains information that is confidential and privileged. This
> information is intended only for the use of the individual(s) and
> entity(ies) to whom it is addressed. If you are the intended recipient,
> further disclosures are prohibited without proper authorization. If you
are
> not the intended recipient, any disclosure, copying, printing, or use of
> this information is strictly prohibited and possibly a violation of
federal
> or state law and regulations. If you have received this information in
> error, please notify Texas Health Management Group immediately at
> 1-817-310-4999. Texas Health Management Group, its subsidiaries, and
> affiliates hereby claim all applicable privileges related to this
> information.
>
>
_______________________________________________
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
http://lists.digium.com/mailman/listinfo/asterisk-users
More information about the asterisk-users
mailing list