Dismiss Notice
We would like to remind you that we’re updating our login process for all 3CX forums whereby you will be able to login with the same credentials you use for the Partner or Customer Portal. Click here to read more.

Caller number is a string instead of a number

Discussion in 'Windows' started by netengine, Nov 23, 2016.

Thread Status:
Not open for further replies.
  1. netengine

    Joined:
    Nov 23, 2016
    Messages:
    2
    Likes Received:
    0
    Hello team,

    since 3-4 weeks we get sometimes calls where we here nohting (nobody on the other side of the line).
    The caller number is always a string:
    [CM503001]: Call(C:291): Incoming call from Line:10000<<test to <sip:80@192.168.0.242:5060>
    [CM503001]: Call(C:291): Incoming call from Line:10000<<a'or'3=3-- <sip:80@192.168.0.242:5060>

    The string is always diferent but often it has the "(something) 'or' (something) = (something)".

    Does anyone know what these is? What can i do to prevent it?

    Sorry for my bad english (i didnt know how to do a thread at the german forum).

    Regards!
     
  2. agp

    agp 3CX Team

    Joined:
    Aug 19, 2015
    Messages:
    151
    Likes Received:
    22
    This looks like a common SQL Injection attack.
     
  3. netengine

    Joined:
    Nov 23, 2016
    Messages:
    2
    Likes Received:
    0
    @agp Thanks for the answer. How can i prevent this?
     
  4. leejor

    leejor Well-Known Member

    Joined:
    Jan 22, 2008
    Messages:
    11,126
    Likes Received:
    330
    Does this actually come in on a trunk from a provider, or is it a direct SIP call? If it is a direct SIP call, and you have to have that option (allow direct SIP calls) enabled, in 3CX, for other call types then there would be an originating IP that could be blacklisted. If the call comes in on a trunk from a provider, you might want to talk to them about the possibility of blocking (or tracing) numbers without a proper numeric CID.

    Are they always calling the same extension? If so, and you can stop them any other way, you may have to eliminate that extension depending on how annoying the problem becomes.
     
Thread Status:
Not open for further replies.