similar to: Investigating international calls fraud

It's very unlikely that this was an employee calling Mom for 66 hours (I'm assuming these calls appeared on a single bill). It's also unlikely that someone "inside" would benefit financially from making these calls. (Follow the money!) Don't discount the possibility that you've overlooked something in the firewall. Meanwhile, does the client need to do international

Did you have a look at the phone it self already? Is call forwarding activated or something and can you call the phone/extension from externally? I have seen this in the past where an employee enabled call forwarding on the phone and once at home he or family called the phone which forwarded the call to abroad. Good luck. Michel. Op 29-01-15 om 12:51 schreef dk at donkelly.biz: > It's

On 29 Jan 2015, at 11:07, Administrator TOOTAI wrote: > Le 28/01/2015 22:03, Steven McCann a ?crit : >> Hello, > > Hi > >> >> I'm investigating a situation where there was a hundreds of minutes >> of >> calls from an internal SIP extension to an 855 number in Cambodia, >> resulting in a crazy ($25,000+) bill from the phone company. I'm

Hello, I'm investigating a situation where there was a hundreds of minutes of calls from an internal SIP extension to an 855 number in Cambodia, resulting in a crazy ($25,000+) bill from the phone company. I'm investigating, but can anyone provide some feedback on what's happened here? I'm investigating how this happened as well as what types of arrangements can be made with the

You don't mention if the phone is remote, or local. Although you do mention it had a default user/pass. If the UI of the phone was/is accessible from the I'net, the GUI does have the ability to place a call from it, that is one way the calls could have been placed. From: asterisk-users-bounces at lists.digium.com [mailto:asterisk-users-bounces at lists.digium.com] On Behalf Of Steven

Hmm the calls are made during the day (and sometimes very early in the morning). Right now it looks like someone actually made these calls. If that is the case it's somewhat comforting to know the system wasn't compromised. However, the $25,000 phone bill still remains. Yikes. $6.25 per minute to Cambodia seems quite steep to me. On Wed, Jan 28, 2015 at 6:07 PM, Duncan Turnbull <duncan

Do you have DISA setup? We're seeing lots of attackers running scripts that send digits until they strike a DISA, misconfigured mailbox, etc. (Assuming it wasn't a stupid employee forwarding an inbound call to a 9xxxxxxx number etc). Have a look at SecAst (www.generationd.com) - it detects callers sending too many digits, monitors digit dialing speeds, etc. to help identify and block

I?ve seen the following exploits of Asterisk / FreePBX boxes: 1) Default PlcmSpIp username and password for Polycom provisioning 2) Insecure SIP usernames and secrets 3) FreePBX GUI accessable from the internet 4) OS remote exploit (maybe ssh/ssl exploit) Mitigation options: 1) Don?t use an easy to guess or default password on provisioning servers. 2) Use secure secrets. Users never

Le 28/01/2015 22:03, Steven McCann a ?crit : > Hello, Hi > > I'm investigating a situation where there was a hundreds of minutes of > calls from an internal SIP extension to an 855 number in Cambodia, > resulting in a crazy ($25,000+) bill from the phone company. I'm > investigating, but can anyone provide some feedback on what's happened > here? I'm

The Authenticate application will do this for you. https://wiki.asterisk.org/wiki/display/AST/Asterisk+13+Application_Authenticate You can either give it a single PIN to use for all calls, Authenticate using a value in the Asterisk Database, Or use a plain text file for the PIN's On Mon, Jul 6, 2015 at 2:43 PM, Motty Cruz <motty.cruz at gmail.com> wrote: > Hello All, > >

Hello All, I will like to configure Asterisk to use PIN Code for all outgoing international calls. Also, any suggestions as to when should I prompt users for code prior to dialing the number or after dialing the number? can someone provide with a example on how to accomplish this goal? I am a bit confuse by this :

Hello, I used this guide, it worked for me: http://www.binaryheartbeat.net/2014/03/asterisk-pin-based-dialing.html Thanks, On 07/06/2015 04:54 PM, John Kiniston wrote: > The Authenticate application will do this for you. > > https://wiki.asterisk.org/wiki/display/AST/Asterisk+13+Application_Authenticate > > You can either give it a single PIN to use for all calls, Authenticate

Hi all, I'm currently working through the "Beginner's Guide to R" (Zurr et al.) and I'm wondering about the first exercise in chapter 3: I imported the data from BirdFluCases.txt and executed the 'names' and 'str' functions as follows: Bird = read.table(file='C:\\rbook\\BirdFluCases2.txt', header=TRUE) names(Bird) [1] "Year"

hello everyone. i am concerned about security to the PBX and i would like to discuss different fraud detection methods. Apart from making everything to secure the PBX (latest patches, iptables, firewalls, no outside users, strongs passwds,...) i would like to find out if there are any fraud detection techniques. As for my setup i do have a PBX running asterisk 11.4 and it has 3 sip trunks (over

Hi, Some days ago I spent about US$700,00 in a Tormenta III board in www.govarion.com. I used credit card. I didn't receive any answer for my emails and there is no telephone number to contact them.. Now, I'd like to cancel this order, because I couldn?t wait so long, and my credit card was billed. Is www.govarion.com a fraud ???? Does anybody know something about them ?? Thanks.

hi, i have strange problem with call-limit/groupcount limiting. i set up limit of 2 calls. i'm using both methods but a for few times i have problem with successfull fraud with more calls than 2 asterisk is 1.8.22 someone with the same problem? any ideas how to solve or debug this problem? -- --------------------------------------- Marek =======================================

Maurik, You are right. I am currently using 4.1.17 and have the same failed login messages as you describe. There is, however, a bit more information further down in the logfile: [2015/10/07 16:51:24.076283, 2] authentication for user [HPRS/Administrator] FAILED with error NT_STATUS_WRONG_PASSWORD auth_check_password_send: Checking password for unmapped user [HPRS]\[Administrator]@[ROVER]

Hello all, Voisonics is pleased to introduce easySysAdmin, an automated support/security platform, designed to save your engineer's time and prevent hacking attempts and telecom fraud. It comprises of an online service run by us, and a lightweight and easy-to-install client on your side. Specifically of interest to Asterisk users is the monitoring of SIP registrations, and automatic blocking

Subject says it all... A Simple Asterisk Based Toll Fraud Prevention Script http://www.infiltrated.net/asterisk-ips.html Ramblings for admins/engineers to think about. Doesn't have to cost you umteen thousand dollars for stuff like IPS/IDS. Although a little on the crude side, quite effective. If you care to dabble with MySQL you can create quite an impressive hosts based IPS that is custom

Is there a general recipe to avoid fraudulent calls under the following conditions? A receptionist transfers calls as a callee (customers are calling) and as a caller (boss asks to call and then transfer to him), i.e. the Dial cmd for the internal context contains "Tt". Then an outside call would operate as a Local channel in an internal context after the first transfer. If the