here and there I read sip show channels displays ongoing calls on my asterisk system. So I tried it and see this:
Peer User/ANR Call ID Format Hold Last Message Expiry Peer
220.127.116.11 ********** 4b46347f5c19016 0x0 (nothing) No <guest>
18.104.22.168 ********** 07c9493462243a5 0x0 (nothing) No <guest>
22.214.171.124 ********** 57dffc0f7b77d12 0x0 (nothing) No <guest>
3 active SIP dialogs
The IP 126.96.36.199 belongs to sipgate (my SIP provider). I was wondering if this is normal!? According to this there are 3 ongoing calls going through my system BUT I know there are none - at least not from any of my phones.
Currently I am very concerned about the security of my system. A friend of mine found his system hacked. His provider stopped the thing at approx. 1000$ on the bill.
I suggest that you do some simple things to help secure your system.
- Make sure that MySQL is disabled for all connections but local connections (If using Astersik Realtime)
- If you’re going to run SIP phones over the internet use a STRONG password, I’m talking about one you have to copy and pasted, becuase it’s soooo long and crazy. For example, I set passwords by random button mashing.(so I end up with passwords like ###%GWG$%Yrfwt45WGwet32^^*fgfdsgsg$56$#%^4365 ) Yes it’s annoying if you have to input it manually, but it’s less annoying than giving 1000$ to some sons-of-bitches that rip you off.
- Change your default passwords. THIS IS A BIGGIE. A lot of people just run an base asterisk install. They have the original passwords for everything from FreePBX down to the MySQL server. CHANGE THE DEFAULT PASSWORDS. CHANGE THEM NOW.
If you’re not on calls, you shouldn’t have open channels.