- Joined
- Oct 29, 2009
- Messages
- 12
- Reaction score
- 0
I'm having a problem where someone is dialing into our phone system and making unauthorized call and I can't figure out what I have configured wrong. From my investigation it doesn't look like they are breaking into a voice mail account but instead somehow dialing directly when they come in without leaving the number they are dialing. Any insight would be appreciated.
Here is a log for one of the calls. You can see that they spent 30 minutes on the phone to who knows where....
My system is configured on an internal only machine that cannot get to the Internet so they must dial in on our business line that is connected via a PRI. I use a Patton Smartnode as my PRI connector and I also have some backup POTS lines coming in via a Grandstream GXW4108. As you can guess the patton is on port 10008 and the grandstream lines are on ports 10000 - 10007.
Any ideas on what I have configured wrong or where I should look?
Thanks again
Dave Chesnut
Here is a log for one of the calls. You can see that they spent 30 minutes on the phone to who knows where....
Code:
15:25:15.972|.\Line.cpp(330)|Log2||LineCfg::getInboundTarget:[CM503012]: Inbound out-of-office hours rule (unnamed) for 10008 forwards to DN:801<br>
15:25:15.972|.\CallCtrl.cpp(160)|Log2||CallCtrl::onIncomingCall:[CM503001]: Call(10129): Incoming call from 6316722489@(Ln.10008@SS-PRI-1) to <sip:[email protected]:5060><br>
15:25:15.987|.\CallCtrl.cpp(445)|Log2||CallCtrl::onSelectRouteReq:[CM503004]: Call(10129): Route 1: Ext:Ext.801@[Dev:sip:[email protected]:40600;rinstance=8490613811777535]<br>
15:25:16.034|.\Target.cpp(429)|Log2||Target::makeOneInvite:[CM503025]: Call(10129): Calling Ext:Ext.801@[Dev:sip:[email protected]:40600;rinstance=8490613811777535]<br>
15:25:16.190|.\CallCtrl.cpp(566)|Log2||CallCtrl::onLegConnected:[CM503007]: Call(10129): Device joined: sip:[email protected]:5060<br>
15:25:16.190|.\CallCtrl.cpp(566)|Log2||CallCtrl::onLegConnected:[CM503007]: Call(10129): Device joined: sip:[email protected]:40600;rinstance=8490613811777535<br>
15:25:25.175|.\CallCtrl.cpp(445)|Log2||CallCtrl::onSelectRouteReq:[CM503004]: Call(10129): Route 1: Unknown:00@(Ln.10008@SS-PRI-1)@[Dev:sip:[email protected]:5060]<br>
15:25:25.175|.\CallCtrl.cpp(445)|Log2||CallCtrl::onSelectRouteReq:[CM503004]: Call(10129): Route 2: PSTNline:00@(Ln.10000@Grandstream_GXW4108)@[Dev:sip:[email protected]:5060;transport=udp,Dev:sip:[email protected]:5068;transport=udp,Dev:sip:[email protected]:5070;transport=udp,Dev:sip:[email protected]:5072;transport=udp,Dev:sip:[email protected]:5074;transport=udp,Dev:sip:[email protected]:5062;transport=udp]<br>
15:25:25.237|.\Target.cpp(429)|Log2||Target::makeOneInvite:[CM503025]: Call(10129): Calling Unknown:00@(Ln.10008@SS-PRI-1)@[Dev:sip:[email protected]:5060]<br>
15:25:25.440|.\CallCtrl.cpp(566)|Log2||CallCtrl::onLegConnected:[CM503007]: Call(10129): Device joined: sip:[email protected]:5060<br>
15:57:17.322|.\Call.cpp(981)|Log2||Call::Terminate:[CM503008]: Call(10129): Call is terminated
My system is configured on an internal only machine that cannot get to the Internet so they must dial in on our business line that is connected via a PRI. I use a Patton Smartnode as my PRI connector and I also have some backup POTS lines coming in via a Grandstream GXW4108. As you can guess the patton is on port 10008 and the grandstream lines are on ports 10000 - 10007.
Any ideas on what I have configured wrong or where I should look?
Thanks again
Dave Chesnut