[VoiceOps] Phone hack

PE peeip989 at gmail.com
Fri Sep 27 13:46:02 EDT 2013


We have a customer whose users work from home over the local broadband
carrier. They have 3 users who have complained of similar circumstances,
where they are receiving multiple calls from caller ID such as "100(100)",
"101(101)",  and "1001(1001)". We show no record of these calls, either
from CDR's, logs, or SIP captures, so it seems that there is an outside
party sending SIP directly to the (Polycom) handsets.

Anyone seen this? Any idea if there is a particular security hole being
attempted? Assuming the users cannot control their broadband router, any
suggestions on how to better lock this down?

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/voiceops/attachments/20130927/0958c87c/attachment.html>

More information about the VoiceOps mailing list