PBXes » English » Bugs » RE: Hacked account
Print Page | Recommend to Friend | Add Thread to Favorites
Post New Thread Post Reply
Author
Post « Previous Thread | Next Thread »
hig
Premium Account


Registration Date: 03.03.2012
Posts: 4

geschockt Hacked account Post Reply with Quote Edit/Delete Post Report Post to a Moderator       IP Information Go to the top of this page

One of the SIP accounts I have registered as a trunk here got hacked and someone burnt up all my call credit on that account. I contacted that provider and they said that "the firewall on your asterisk box is not configured correctly."

They have suspended my account until this is cleared up, so at least no further charges can be racked up.

None of the calls show up in my call monitor here, so what actually happened, and how do we prevent this from happening again?

Zitat:
Thank you for contacting us, the fraudulent activity you are describing is due to the Asterisk box on your account not having been installed correctly.

As an instant security measure we have suspended the SIP accounts to prevent any further outgoing calls on the account which may have a negative monetary affect.

Please make sure that the firewall being used on your device is up to date and fully secure and that your device cannot be accessed by any public or third parties.

Our recommended firewall settings are as follows:
1. Allow all traffic from and to IP range of XX.YY.ZZ.0/24 (Whole Subnet).
2. Make sure SIP ALG is disabled.
3. UDP - Alive time out needs to be set to 200 seconds

Once this is completed, you need to change all of your SIP usernames and SIP passwords as these details have been compromised.

This post has been edited 1 time(s), it was last edited by hig on 16.02.2015 at 15:24.

16.02.2015 15:24 highlandsun2 is offline Search for Posts by highlandsun2 Add highlandsun2 to your Buddy List
i-p
Super Moderator


Registration Date: 14.01.2006
Posts: 4734

RE: Hacked account Post Reply with Quote Edit/Delete Post Report Post to a Moderator       IP Information Go to the top of this page

Thank you for your report. Three customers of us, you, and two in Switzerland have been affected in total.

We have no clues yet how private data could have been accessed.

18.02.2015 16:42 i-p-tel is offline Search for Posts by i-p-tel Add i-p-tel to your Buddy List
i-p
Super Moderator


Registration Date: 14.01.2006
Posts: 4734

RE: Hacked account Post Reply with Quote Edit/Delete Post Report Post to a Moderator       IP Information Go to the top of this page

The security hole has been fixed. We are very sorry to inform you that private data of every user on PBXes could have been stolen. All passwords, especially the passwords of all trunks, need now to be updated for security reasons.

We will be sending out an email broadcast as soon as possible.

18.02.2015 19:46 i-p-tel is offline Search for Posts by i-p-tel Add i-p-tel to your Buddy List
 
Post New Thread Post Reply
Go to:

Powered by Burning Board Lite 1.0.2 © 2001-2004 WoltLab GmbH
English Translation by Satelk