I haven’t used asterisk or voip for that matter in a while… Looks like sip as become a target!
Anyway First of all one of my sip user on my asterisk got hacked witch is totally my fault because I didn’t put a strong password and opened the sip port on firewall… This is solved, now my sip client can only connect if they are on the local network or vpn. My problem is there is a script somewhere on my network that keep trying to connect to my asterisk server. I installed shorewall on the asterisk server and keep having those attempt to connect in sip on the server. The problem is those attempts comes from ips outside my network. But my network firewall don’t allow sip connection and anyway don’t see those attempts. So I believe that those attempts come from somewhere inside my network. But I just can’s seem to find from where.
So does anyone here ever had this problem? And how did they solved it?