Is it possible for someone to help me with an issue I am having as far as trying to locate the individuals who hacked into our Trixbox PBX and charged up close to $1,000.00? Thank you.
It’s probably too late to locate them if you haven’t turned on security logging, but to avoid it happening again:
- Use the latest release of Asterisk, e.g. 11.6
- In logger.conf, enable security logging, e.g. security=security
- Implement fail2ban to monitor the security file, in this case “security” in the log file location.
Good luck!
Ian
They are also almost certainly in a country in which it would be difficult to bring a civil , or criminal, prosecution.