[asterisk-users] Numbers hackers call
Stefan Gofferje
lists at home.gofferje.net
Thu Mar 27 13:12:54 CDT 2014
On 03/26/2014 05:05 PM, Michelle Dupuis wrote:
> I see a lot of attempts by hackers to call 00972595301123
> or 011972595115207 or variations but that same 972595 is often present.
>
>
> Can someone break down that dial string with an explanation? The 011
> look like an overseas call (from Americas), while the 972595XXXXXX is
> unclear...
Those lame hacking attempts aren't the big issue - unless you have an
insecure SIP-PBX. Germany just got hit with a wave of hacks of Fritz!Box
home routers with integrated SIP, causing hundreds of thousands in damage.
The big issue is that the ISPs worldwide don't give a crap about
complaints! And that's not only some backwater-ISPs in some 3rd world
countries! It's mainly the big names, like Hetzner, L3, etc. who - oh
well, yeah - send you an autoreply but in the end don't bother doing
anything.
Just recently was an article, again in a German IT-newsticker, about
Hetzner's "abuse handling". They just forward the complaint to their
customer, including full contact data - which is pretty much illegal
(privacy protection, etc.) - but they don't follow up.
I got so fed up that I now put the top 20 of attacking IPs to my website...
Current top 5:
1. iWeb (Canada)
2. Level 3 (USA)
3. Dacom (S-Korea)
4. Intergenia (Germany)
5. OVH (France)
See http://stefan.gofferje.net/it-stuff/sipfraud
Really, if everybody would run statistics on attacks and publish them,
those ISPs would pretty quickly not only start reacting to fouled
servers but probably start monitoring proactively because being in the
top 20 of attacker-IPs ain't good for their reputation...
-S
--
(o_ Stefan Gofferje | SCLT, MCP, CCSA
//\ Reg'd Linux User #247167 | VCP #2263
V_/_ Heckler & Koch - the original point and click interface
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4079 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.digium.com/pipermail/asterisk-users/attachments/20140327/5c8ebcbe/attachment.bin>
More information about the asterisk-users
mailing list