Great Office - Hummig KG Posted December 8, 2013 Report Share Posted December 8, 2013 Hello everyone, I'm getting lots of eMails from our PBX with following message (where xx.xxx.xxx.xxx is the IP of my PBX): Source address for "205" <sip:email@example.com:5060>;tag=8351913a6a365 has changed from udp:220.127.116.11:5061 to udp:18.104.22.168:5082 The attachment enclosed shows: REGISTER sip:xx.xxx.xxx.xxx:5060 SIP/2.0Via: SIP/2.0/UDP 22.214.171.124:5082;branch=z9hG4bK8351913a65d52461352a4d206;rportFrom: "205" <sip:firstname.lastname@example.org:5060>;tag=8351913a6a365To: "205" <sip:email@example.com:5060>Call-ID: firstname.lastname@example.orgCSeq: 1 REGISTERContact: "205" <sip:email@example.com:5082>User-Agent: VaxSIPUserAgent/3.1Expires: 1800Max-Forwards: 70Content-Length: 0 So far nothing fancy, except, that there is no extension 205 at all! A few minutes I get the same eMail, but with other extension numbers all not set up on this PBX. I've checked the call history and there are no calls from those extensions, but I get nervous that obvoiusly someone is hacking my pbx. How to get rid of this situation? Is it possible that someone can register an extension just by SIP-Connect without creating the extension before at admin's interface? Regards Quote Link to comment Share on other sites More sharing options...
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.