<div>It was SIP , disabled sip on the wan port using an ACL to stop calls going out.</div>
<div> </div>
<div>Aman<br><br> </div>
<div><span class="gmail_quote">On 6/6/08, <b class="gmail_sendername">James Edmondson</b> <<a href="mailto:biged7600@gmail.com">biged7600@gmail.com</a>> wrote:</span>
<blockquote class="gmail_quote" style="PADDING-LEFT: 1ex; MARGIN: 0px 0px 0px 0.8ex; BORDER-LEFT: #ccc 1px solid">Do you happen to have custom scripts on the CME box? I had this problem as whoever developed the script left the hole open to dial anynumber from the AA. <br>
<br>
<div class="gmail_quote">
<div><span class="e" id="q_11a5a3f2cfab6a1e_1">On Thu, Jun 5, 2008 at 2:31 PM, Jorge L. Rodriguez Aguila <<a onclick="return top.js.OpenExtLink(window,event,this)" href="mailto:jorge.rodriguez@netxar.com" target="_blank">jorge.rodriguez@netxar.com</a>> wrote:<br>
</span></div>
<blockquote class="gmail_quote" style="PADDING-LEFT: 1ex; MARGIN: 0px 0px 0px 0.8ex; BORDER-LEFT: #ccc 1px solid">
<div><span class="e" id="q_11a5a3f2cfab6a1e_3">
<div lang="ES" vlink="purple" link="blue">
<div>
<p><span lang="EN-US" style="FONT-SIZE: 11pt; COLOR: #1f497d">I would recommend that you do Two things immediately. Install COR to limit calls and second implement Access List to Kill H.323 coming from the internet.</span></p>
<p><span lang="EN-US" style="FONT-SIZE: 11pt; COLOR: #1f497d"> </span></p>
<p><span lang="EN-US" style="FONT-SIZE: 11pt; COLOR: #1f497d">Jorge</span></p>
<p><span lang="EN-US" style="FONT-SIZE: 11pt; COLOR: #1f497d"> </span></p>
<div style="BORDER-RIGHT: medium none; PADDING-RIGHT: 0in; BORDER-TOP: #b5c4df 1pt solid; PADDING-LEFT: 0in; PADDING-BOTTOM: 0in; BORDER-LEFT: medium none; PADDING-TOP: 3pt; BORDER-BOTTOM: medium none">
<p><b><span lang="EN-US" style="FONT-SIZE: 10pt">From:</span></b><span lang="EN-US" style="FONT-SIZE: 10pt"> <a onclick="return top.js.OpenExtLink(window,event,this)" href="mailto:cisco-voip-bounces@puck.nether.net" target="_blank">cisco-voip-bounces@puck.nether.net</a> [mailto:<a onclick="return top.js.OpenExtLink(window,event,this)" href="mailto:cisco-voip-bounces@puck.nether.net" target="_blank">cisco-voip-bounces@puck.nether.net</a>] <b>On Behalf Of </b>Aman Chugh<br>
<b>Sent:</b> Thursday, June 05, 2008 2:13 PM<br><b>To:</b> cisco voip<br><b>Subject:</b> [cisco-voip] has anyone seen this !</span></p></div>
<div>
<p> </p>
<div>
<p> </p></div>
<div>
<p> </p></div>
<div>
<p>I have a site with CME and CUE , the internet link is also terminated on my CME router, apparently some one has hacked into the router and is using the router calling numbers in cuba and somalia. This has caused a huge bill from the phone company.We have TAC case openned for this, When we shut the internet link this stops .</p>
</div>
<div>
<p> </p></div>
<div>
<p>Aman</p></div></div></div></div><br></span></div>_______________________________________________<br>cisco-voip mailing list<br><a onclick="return top.js.OpenExtLink(window,event,this)" href="mailto:cisco-voip@puck.nether.net" target="_blank">cisco-voip@puck.nether.net</a><br>
<a onclick="return top.js.OpenExtLink(window,event,this)" href="https://puck.nether.net/mailman/listinfo/cisco-voip" target="_blank">https://puck.nether.net/mailman/listinfo/cisco-voip</a><br><br></blockquote></div><br><br clear="all">
<br>-- <br><span class="sg">James </span><br>_______________________________________________<br>cisco-voip mailing list<br><a onclick="return top.js.OpenExtLink(window,event,this)" href="mailto:cisco-voip@puck.nether.net">cisco-voip@puck.nether.net</a><br>
<a onclick="return top.js.OpenExtLink(window,event,this)" href="https://puck.nether.net/mailman/listinfo/cisco-voip" target="_blank">https://puck.nether.net/mailman/listinfo/cisco-voip</a><br><br></blockquote></div><br>