07-19-2013 08:52 AM - edited 03-16-2019 06:27 PM
We had our SIP trunk connected to our CUCM 8.5 hacked into last month for two days before the phone carrier issues blocks to stop the calls. When I look in CDR it shows only the calls as coming from an unknown but in a rapid fire format. I did some research to help determine how this occured. I checked unity to ensure that the restriction tables are setup correctly which they are. This piece I do not understand is our voice network is not on the Internet. What are the ways our voice network can get hacked if not thru the internet and not internally?
07-20-2013 12:14 AM
Most likely is from the internet, even if it is not clear to you how. Other possibily is that somehow you can get dialtone calling from PSTN.
07-20-2013 01:26 AM
Hi,
In additon to paolo, may due to following reasons,
1. you didn't use the trustlist of the sip provider ip address in your gateway
2. your firewall may have a general rule to allow outside sip traffic to internal gateway, give a specific access rule to allow the sip traffic from the provider to your gateway.
Please rate if this helps.
Thanks
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: