similar to: Asterisk pin code for out-going international calls (safeguard against fraud)

Hello, I used this guide, it worked for me: http://www.binaryheartbeat.net/2014/03/asterisk-pin-based-dialing.html Thanks, On 07/06/2015 04:54 PM, John Kiniston wrote: > The Authenticate application will do this for you. > > https://wiki.asterisk.org/wiki/display/AST/Asterisk+13+Application_Authenticate > > You can either give it a single PIN to use for all calls, Authenticate

The Authenticate application will do this for you. https://wiki.asterisk.org/wiki/display/AST/Asterisk+13+Application_Authenticate You can either give it a single PIN to use for all calls, Authenticate using a value in the Asterisk Database, Or use a plain text file for the PIN's On Mon, Jul 6, 2015 at 2:43 PM, Motty Cruz <motty.cruz at gmail.com> wrote: > Hello All, > >

Hello, I would to allow users to place calls overseas such as India and Malaysia but only with a security code. if they don't have a security code I want to be able to drop the calls. can someone point me to a right direction to achieve this goal? Thanks, Motty -------------- next part -------------- An HTML attachment was scrubbed... URL:

Hello, I would like to setup a mechanism to trigger an alarm if user is deal too many numbers within a very short period of time. Safeguard against users hacked accounts. can someone help? Thanks,

I?ve seen the following exploits of Asterisk / FreePBX boxes: 1) Default PlcmSpIp username and password for Polycom provisioning 2) Insecure SIP usernames and secrets 3) FreePBX GUI accessable from the internet 4) OS remote exploit (maybe ssh/ssl exploit) Mitigation options: 1) Don?t use an easy to guess or default password on provisioning servers. 2) Use secure secrets. Users never

It's very unlikely that this was an employee calling Mom for 66 hours (I'm assuming these calls appeared on a single bill). It's also unlikely that someone "inside" would benefit financially from making these calls. (Follow the money!) Don't discount the possibility that you've overlooked something in the firewall. Meanwhile, does the client need to do international

Le 28/01/2015 22:03, Steven McCann a ?crit : > Hello, Hi > > I'm investigating a situation where there was a hundreds of minutes of > calls from an internal SIP extension to an 855 number in Cambodia, > resulting in a crazy ($25,000+) bill from the phone company. I'm > investigating, but can anyone provide some feedback on what's happened > here? I'm

Did you have a look at the phone it self already? Is call forwarding activated or something and can you call the phone/extension from externally? I have seen this in the past where an employee enabled call forwarding on the phone and once at home he or family called the phone which forwarded the call to abroad. Good luck. Michel. Op 29-01-15 om 12:51 schreef dk at donkelly.biz: > It's

Hmm the calls are made during the day (and sometimes very early in the morning). Right now it looks like someone actually made these calls. If that is the case it's somewhat comforting to know the system wasn't compromised. However, the $25,000 phone bill still remains. Yikes. $6.25 per minute to Cambodia seems quite steep to me. On Wed, Jan 28, 2015 at 6:07 PM, Duncan Turnbull <duncan

You don't mention if the phone is remote, or local. Although you do mention it had a default user/pass. If the UI of the phone was/is accessible from the I'net, the GUI does have the ability to place a call from it, that is one way the calls could have been placed. From: asterisk-users-bounces at lists.digium.com [mailto:asterisk-users-bounces at lists.digium.com] On Behalf Of Steven

Do you have DISA setup? We're seeing lots of attackers running scripts that send digits until they strike a DISA, misconfigured mailbox, etc. (Assuming it wasn't a stupid employee forwarding an inbound call to a 9xxxxxxx number etc). Have a look at SecAst (www.generationd.com) - it detects callers sending too many digits, monitors digit dialing speeds, etc. to help identify and block

> Hmm the calls are made during the day (and sometimes very early in the > morning). Right now it looks like someone actually made these calls. If > that is the case it's somewhat comforting to know the system wasn't > compromised. However, the $25,000 phone bill still remains. Yikes. $6.25 > per minute to Cambodia seems quite steep to me. Since the Mitel had a default

On 10/28/2015 06:37 PM, Pete Mundy wrote: > Hi Motty, > > Isn't the whole point of the nonce in a SIP registration to ensure the > secret doesn't go on the wire in plain-text? Is this not enough, or > are you looking to hide the username too? > > (if so, fair 'nuf, just wondering why :) > > Pete > > Ps, if so then I think TLS is the missing part of

Hello, I'm investigating a situation where there was a hundreds of minutes of calls from an internal SIP extension to an 855 number in Cambodia, resulting in a crazy ($25,000+) bill from the phone company. I'm investigating, but can anyone provide some feedback on what's happened here? I'm investigating how this happened as well as what types of arrangements can be made with the

Hello, I would like to add area code if clients dial 7 digits, it that possible? currently clients dial prefix 9 plus local number, however my SIP provider is requiring to dial 10 digits. is it possible to add area code? Thanks, Motty

Hello, i'm looking for suggestions to monitor Asterisk Server? I installed Nagios but no success, I do prefer not to install any web server on the server running Asterisk. Thanks in advance. -Motty -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.digium.com/pipermail/asterisk-users/attachments/20130509/24815a66/attachment.htm>

Hello, I hope to be in the right list. my question is the following. I can''t seem to get multipathing configure on XCP 1.6. In XenCenter I was able to enable "Multipath" however, in the LUN under general tab I see " multipath 1 of 1 active", the the CLI I do the following command xe --m node session it list only one session. Can someone help me please? Thanks in

Hello, I am searching for a solution to encrypt authentication from Asterisk server to clients. Searching srtp seem to encrypt traffic, I just want client authentication with encryption. Can someone point to the right direction? has anybody used ZRTP? experience with ZRTP? Thanks, _motty

here is what I have: exten => _9XXXXXXX,1,Set(l_HomeAreaCode=381) exten => _9XXXXXXX,n,Set(dialnumber=${l_HomeAreaCode}${EXTEN:-1}) exten => _9XXXXXXX,n,Dial(SIP/SIP-Provider/${dialnumber},80) not having success; "Got SIP reponse 503" Service Unavailable" On 04/27/2015 02:19 PM, Bryant Zimmerman wrote: > Motty > Yes > From your dial plan accept 9 + 7 digits

Hello, I would like to encrypt password between Asterisk servers and clients. is there an easy way to do so? I am running Asterisk 1.8.22.0 built on CentOS 6.3 Thanks, .Motty -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.digium.com/pipermail/asterisk-users/attachments/20150729/68b59f7c/attachment.html>