A Kerio Operator customer reported that a remote extension at a salesman's house was receiving phantom calls from an extension that doesn't exist. Kerio support asked that they turn on both asterisk debug logs and start a packet-sniffer limited to port 5060. This was done, but nothing was seen going to the salesman's phone. They noted:
There are many botnets out there trying to spoof SIP accounts. Please make sure the phone is configured to accept SIP requests from Operator only and try configuring these options:
[Accounts->Account1->SIP Settings->Security Settings]
Check SIP User ID for Incoming INVITE = yes
Accept Incoming SIP from Proxy Only = yes
Proper security on VoIP systems goes beyond the local network if you have remote extensions at user's homes. You probably don't control their router, so thinking about issues like this is important.
Got something to add? Send me email.
Increase ad revenue 50-250% with Ezoic
More Articles by Anthony Lawrence
Find me on Google+
© 2015-04-13 Anthony Lawrence