интересные записи в логфайле-попытка взлома?

сегодня увидел в логе следующую запись:
[Jul 30 13:29:23] VERBOSE[19971] logger.c: -- Executing [011442073479999@from-sip-external:1] NoOp("SIP/113.105.152.104-00000055", "Received incoming SIP connection from unknown peer to 011442073479999") in new stack
[Jul 30 13:29:23] VERBOSE[19971] logger.c: -- Executing [011442073479999@from-sip-external:2] Set("SIP/113.105.152.104-00000055", "DID=011442073479999") in new stack
[Jul 30 13:29:23] VERBOSE[19971] logger.c: -- Executing [011442073479999@from-sip-external:3] Goto("SIP/113.105.152.104-00000055", "s,1") in new stack
[Jul 30 13:29:23] VERBOSE[19971] logger.c: -- Goto (from-sip-external,s,1)
[Jul 30 13:29:23] VERBOSE[19971] logger.c: -- Executing [s@from-sip-external:1] GotoIf("SIP/113.105.152.104-00000055", "1?from-trunk,011442073479999,1") in new stack
[Jul 30 13:29:23] VERBOSE[19971] logger.c: -- Goto (from-trunk,011442073479999,1)
[Jul 30 13:29:23] VERBOSE[19971] logger.c: -- Executing [011442073479999@from-trunk:1] Set("SIP/113.105.152.104-00000055", "__FROM_DID=011442073479999") in new stack
[Jul 30 13:29:23] VERBOSE[19971] logger.c: -- Executing [011442073479999@from-trunk:2] NoOp("SIP/113.105.152.104-00000055", "Received an unknown call with DID set to 011442073479999") in new stack
[Jul 30 13:29:23] VERBOSE[19971] logger.c: -- Executing [011442073479999@from-trunk:3] Goto("SIP/113.105.152.104-00000055", "s,a2") in new stack
[Jul 30 13:29:23] VERBOSE[19971] logger.c: -- Goto (from-trunk,s,2)
[Jul 30 13:29:23] VERBOSE[19971] logger.c: -- Executing [s@from-trunk:2] Answer("SIP/113.105.152.104-00000055", "") in new stack
[Jul 30 13:29:24] VERBOSE[19971] logger.c: -- Executing [s@from-trunk:3] Wait("SIP/113.105.152.104-00000055", "2") in new stack
[Jul 30 13:29:26] VERBOSE[19971] logger.c: -- Executing [s@from-trunk:4] Playback("SIP/113.105.152.104-00000055", "ss-noservice") in new stack
[Jul 30 13:29:26] VERBOSE[19971] logger.c: -- <SIP/113.105.152.104-00000055> Playing 'ss-noservice.gsm' (language 'en')
[Jul 30 13:29:30] VERBOSE[19971] logger.c: -- Executing [s@from-trunk:5] SayAlpha("SIP/113.105.152.104-00000055", "011442073479999") in new stack
[Jul 30 13:29:30] VERBOSE[19971] logger.c: -- <SIP/113.105.152.104-00000055> Playing 'digits/0.gsm' (language 'en')
[Jul 30 13:29:31] VERBOSE[19971] logger.c: -- <SIP/113.105.152.104-00000055> Playing 'digits/1.gsm' (language 'en')
[Jul 30 13:29:31] VERBOSE[19971] logger.c: -- <SIP/113.105.152.104-00000055> Playing 'digits/1.gsm' (language 'en')
[Jul 30 13:29:32] VERBOSE[19971] logger.c: -- <SIP/113.105.152.104-00000055> Playing 'digits/4.gsm' (language 'en')
[Jul 30 13:29:33] VERBOSE[19971] logger.c: -- <SIP/113.105.152.104-00000055> Playing 'digits/4.gsm' (language 'en')
[Jul 30 13:29:34] VERBOSE[19971] logger.c: -- <SIP/113.105.152.104-00000055> Playing 'digits/2.gsm' (language 'en')
[Jul 30 13:29:34] VERBOSE[19971] logger.c: -- <SIP/113.105.152.104-00000055> Playing 'digits/0.gsm' (language 'en')
[Jul 30 13:29:35] VERBOSE[19971] logger.c: -- <SIP/113.105.152.104-00000055> Playing 'digits/7.gsm' (language 'en')
[Jul 30 13:29:36] VERBOSE[19971] logger.c: -- <SIP/113.105.152.104-00000055> Playing 'digits/3.gsm' (language 'en')
[Jul 30 13:29:36] VERBOSE[19971] logger.c: -- <SIP/113.105.152.104-00000055> Playing 'digits/4.gsm' (language 'en')
[Jul 30 13:29:37] VERBOSE[19971] logger.c: -- <SIP/113.105.152.104-00000055> Playing 'digits/7.gsm' (language 'en')
[Jul 30 13:29:38] VERBOSE[19971] logger.c: -- <SIP/113.105.152.104-00000055> Playing 'digits/9.gsm' (language 'en')
[Jul 30 13:29:39] VERBOSE[19971] logger.c: -- <SIP/113.105.152.104-00000055> Playing 'digits/9.gsm' (language 'en')
[Jul 30 13:29:40] VERBOSE[19971] logger.c: -- <SIP/113.105.152.104-00000055> Playing 'digits/9.gsm' (language 'en')
[Jul 30 13:29:40] VERBOSE[19971] logger.c: -- <SIP/113.105.152.104-00000055> Playing 'digits/9.gsm' (language 'en')
[Jul 30 13:29:41] VERBOSE[19971] logger.c: -- Executing [s@from-trunk:6] Hangup("SIP/113.105.152.104-00000055", "") in new stack
[Jul 30 13:29:41] VERBOSE[19971] logger.c: == Spawn extension (from-trunk, s, 6) exited non-zero on 'SIP/113.105.152.104-00000055'
[Jul 30 13:29:41] VERBOSE[19971] logger.c: -- Executing [h@from-trunk:1] Hangup("SIP/113.105.152.104-00000055", "") in new stack
[Jul 30 13:29:41] VERBOSE[19971] logger.c: == Spawn extension (from-trunk, h, 1) exited non-zero on 'SIP/113.105.152.104-00000055'
[Jul 30 13:29:43] WARNING[3018] chan_sip.c: Maximum retries exceeded on transmission 784487884-00692289128-900338826@113.105.152.104 for seqno 102 (Critical Response) -- See doc/sip-retransmit.txt.

это попытка взлома с последующим пробросом трафика?

2010-07-30 14:32

ded

Сообщений: 6521

Re: интересные записи в логфайле-попытка взлома?

Конечно!
Пробивают, не лопухнулись ли Вы открыв allow anonymous = yes
Пока что интеллигентно их нафик посылает Playback("SIP/113.105.152.104-00000055", "ss-noservice")

А вообще можно почитать тут топик Китайский фильтр, косоглазые наглеют.

2010-07-30 15:04

alex2512

Откуда: Москва

Сообщений: 114

Re: интересные записи в логфайле-попытка взлома?

я подстраховался с сотовой, межгородом и международкой запретив выход на эти направления на коммутаторе потока. замумукаются сидеть и названивать. правда в москву могут звонить. ну да она у нас безлимитка. пока смотрю на занятость каналов коммутатора, все споки. но для спокойствия все таки закрою анонимные звонки.
параметр allow anonymous = yes не будет влиять на входящие с PRI?

2010-07-30 15:11

alex2512

Откуда: Москва

Сообщений: 114