[cisco-voip] has anyone seen this !

Kelemen Zoltan keli at carocomp.ro
Fri Jun 6 07:57:39 EDT 2008 

I had bitten this bullet in January ( 
https://puck.nether.net/pipermail/cisco-voip/2008-January/029569.html ) 
and I'm still perplexed how can Cisco leave this as-is with SIP and 
H.323 wide open for public as default settings, while being well aware 
of the situation and it's possible consequences.

I've been discussing this issue with some other colleagues as well in 
the branch and I know  this has happened to plenty of other people, in 
some case causing very serious monetary damage.

regards,
  Zoltan

Aman Chugh wrote:
> It was SIP ,  disabled sip on the wan port using an ACL to stop calls 
> going out.
>  
> Aman
>
>  
> On 6/6/08, *James Edmondson* <biged7600 at gmail.com 
> <mailto:biged7600 at gmail.com>> wrote:
>
>     Do you happen to have custom scripts on the CME box? I had this
>     problem as whoever developed the script left the hole open to dial
>     anynumber from the AA. 
>
>     On Thu, Jun 5, 2008 at 2:31 PM, Jorge L. Rodriguez Aguila
>     <jorge.rodriguez at netxar.com <mailto:jorge.rodriguez at netxar.com>>
>     wrote:
>
>         I would recommend that you do Two things immediately. Install
>         COR to limit calls and second implement Access List to Kill
>         H.323 coming from the internet.
>
>          
>
>         Jorge
>
>          
>
>         *From:* cisco-voip-bounces at puck.nether.net
>         <mailto:cisco-voip-bounces at puck.nether.net>
>         [mailto:cisco-voip-bounces at puck.nether.net
>         <mailto:cisco-voip-bounces at puck.nether.net>] *On Behalf Of
>         *Aman Chugh
>         *Sent:* Thursday, June 05, 2008 2:13 PM
>         *To:* cisco voip
>         *Subject:* [cisco-voip] has anyone seen this !
>
>          
>
>          
>
>          
>
>         I have a site with CME and CUE , the internet link is also
>         terminated on my CME router, apparently some one has hacked
>         into the router and is using the router calling numbers in
>         cuba and somalia.  This has caused a huge bill from the phone
>         company.We have TAC case openned for this, When we shut the
>         internet link this stops .
>
>          
>
>         Aman
>
>
>         _______________________________________________
>         cisco-voip mailing list
>         cisco-voip at puck.nether.net <mailto:cisco-voip at puck.nether.net>
>         https://puck.nether.net/mailman/listinfo/cisco-voip
>
>
>
>
>     -- 
>     James
>     _______________________________________________
>     cisco-voip mailing list
>     cisco-voip at puck.nether.net <mailto:cisco-voip at puck.nether.net>
>     https://puck.nether.net/mailman/listinfo/cisco-voip
>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> cisco-voip mailing list
> cisco-voip at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-voip
>

More information about the cisco-voip mailing list