[asterisk-users] do carriers detect unusual / unauthorized VoIP calling patterns?

[C F]

I have had where the Phone provider (this was a PRI) cut long distance
service to a box that was compromised till we called them to assure
them that the security holes where fixed.


On Fri, Sep 17, 2010 at 1:10 PM, Jeff Brower <jbrower at signalogic.com> wrote:
> All-
>
> Recently an Asterisk server we host was hacked and used to route some unauthorized calls.  We have since improved our
> security measures, including installation of fail2ban.
>
> The interesting thing is the way in which this was discovered.  The unauthorized calls were occurring intermittently
> last Thurs evening thru Sat morning.  On Sat morning, some of our employees were attempting to log-in remotely to a
> company e-mail server and one found that his provider, Verizon, had blocked the server static IP.
>
> My question:  do carriers build some type of "internal blacklist" if they detect unusual VoIP calling patterns?  And
> possibly trade that between themselves, for example one carrier detects it, and after some time other carriers are
> aware?  The carrier was used for the unauthorized calls is Tata... I'm curious as to why Verizon (evidently) knew
> before Tata.
>
> -Jeff
>
> PS.  Interesting footnote:  upon learning of the Verizon block, one of our employees drove to the lab and disconnected
> the VoIP subnet (with the Asterisk box), reset some routers, etc in an attempt to get the company remote e-mail
> working again.  He didn't know it at the time, but in so doing, he cut off the hackers "in mid call" (hehe) and saved
> a bunch of $$.
>
>
> --
> _____________________________________________________________________
> -- Bandwidth and Colocation Provided by http://www.api-digital.com --
> New to Asterisk? Join us for a live introductory webinar every Thurs:
>               http://www.asterisk.org/hello
>
> asterisk-users mailing list
> To UNSUBSCRIBE or update options visit:
>   http://lists.digium.com/mailman/listinfo/asterisk-users
>