[cisco-voip] has anyone seen this !

Aman Chugh aman.chugh at gmail.com
Fri Jun 6 23:49:39 EDT 2008 

Yes , exactly I was told the same thing  and customer is facing a huge bill.


On 6/6/08, Kelemen Zoltan <keli at carocomp.ro> wrote:


> I had bitten this bullet in January (
> https://puck.nether.net/pipermail/cisco-voip/2008-January/029569.html )
> and I'm still perplexed how can Cisco leave this as-is with SIP and H.323
> wide open for public as default settings, while being well aware of the
> situation and it's possible consequences.
>
> I've been discussing this issue with some other colleagues as well in the
> branch and I know  this has happened to plenty of other people, in some case
> causing very serious monetary damage.
>
> regards,
>  Zoltan
>
> Aman Chugh wrote:
>
>> It was SIP ,  disabled sip on the wan port using an ACL to stop calls
>> going out.
>>  Aman
>>
>>  On 6/6/08, *James Edmondson* <biged7600 at gmail.com <mailto:
>> biged7600 at gmail.com>> wrote:
>>
>>    Do you happen to have custom scripts on the CME box? I had this
>>    problem as whoever developed the script left the hole open to dial
>>    anynumber from the AA.
>>    On Thu, Jun 5, 2008 at 2:31 PM, Jorge L. Rodriguez Aguila
>>    <jorge.rodriguez at netxar.com <mailto:jorge.rodriguez at netxar.com>>
>>    wrote:
>>
>>        I would recommend that you do Two things immediately. Install
>>        COR to limit calls and second implement Access List to Kill
>>        H.323 coming from the internet.
>>
>>
>>        Jorge
>>
>>
>>        *From:* cisco-voip-bounces at puck.nether.net
>>        <mailto:cisco-voip-bounces at puck.nether.net>
>>        [mailto:cisco-voip-bounces at puck.nether.net
>>        <mailto:cisco-voip-bounces at puck.nether.net>] *On Behalf Of
>>        *Aman Chugh
>>        *Sent:* Thursday, June 05, 2008 2:13 PM
>>        *To:* cisco voip
>>        *Subject:* [cisco-voip] has anyone seen this !
>>
>>
>>
>>
>>        I have a site with CME and CUE , the internet link is also
>>        terminated on my CME router, apparently some one has hacked
>>        into the router and is using the router calling numbers in
>>        cuba and somalia.  This has caused a huge bill from the phone
>>        company.We have TAC case openned for this, When we shut the
>>        internet link this stops .
>>
>>
>>        Aman
>>
>>
>>        _______________________________________________
>>        cisco-voip mailing list
>>        cisco-voip at puck.nether.net <mailto:cisco-voip at puck.nether.net>
>>        https://puck.nether.net/mailman/listinfo/cisco-voip
>>
>>
>>
>>
>>    --    James
>>    _______________________________________________
>>    cisco-voip mailing list
>>    cisco-voip at puck.nether.net <mailto:cisco-voip at puck.nether.net>
>>    https://puck.nether.net/mailman/listinfo/cisco-voip
>>
>>
>> ------------------------------------------------------------------------
>>
>> _______________________________________________
>> cisco-voip mailing list
>> cisco-voip at puck.nether.net
>> https://puck.nether.net/mailman/listinfo/cisco-voip
>>
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20080607/1ff9429d/attachment.html>

More information about the cisco-voip mailing list