Link to home
Start Free TrialLog in
Avatar of BeGentleWithMe-INeedHelp
BeGentleWithMe-INeedHelpFlag for United States of America

asked on

troubleshooting a spoofed caller ID on an internal PBX system

I got called in on this phone issue.  THey have voip PBX box (positron) and SIP trunk lines.

they had put the pbx box on the DMZ and supposedly was hacked.  Now their caller ID for outgoing calls says a totally wrong phone number.

I put the PBX box behind the firewall and set port forwarding as per positron's instructions.

caller id is still wrong.

positron says it's not them and we are waiting for a call back from the SIP provider.  is it with them? something we shoudl be able to change by logging in to sip provider? or they need to correct it?

or is that controlled somewhere else?
Avatar of BeGentleWithMe-INeedHelp
BeGentleWithMe-INeedHelp
Flag of United States of America image

ASKER

weird - the sip provider tech support guy called me from his sip phone on the same sip provider's service to  my cell and his call showed up as the same spoofed phone number as my client is sending out.  how can it not be a problem with the sip provider?  He says the sip phone has menues to change the outgoing caller ID info!?  I thought spoofing caller ID was harder than just change it in your phone?  People would spend the work day playing games : )
SOLUTION
Avatar of arnold
arnold
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
THe tech support guy called his cell phone from his sip phone and it showed the correct info.  He called another cell phone on a different provider here (we are in US, he's in Canada) and it showed the wrong caller ID also.

He puts me on hold, talks to some people and says that there's another client of theirs that is having the same problem and it's a problem with the ECOM (sp?)  database here in the US and that it's out of their hands but they have a ticket in with the firm that maintains the ecom database to fix it?

Sound like BS? Or legitimate?  2 clients and their own phone is giving out the 214 area code number.  Did the provider get hacked?

Is ECOM the correct spelling?  ever hear of that?  you talk of translation?  When the sip provider hands off the call to the POTS line provider, it has the caller ID packet.  Then that's where the ecom database comes into play to transliate it into the wrong caller ID?  So the ecom database company got hacked?

you say the sip provider is the one that DOES enforce (prevent) spoofing? I suppose a better word would be 'could' enforce?  Any requirement by some organization / gov't department to require enforcement? I would think not because there's web services that specifically let you spoof, right?

THANKS!


This wrong caller ID for my client has been going on for 2 weeks and the sip provider was using the fact that the PBX was in the DMZ / not locked down as the cause.  The PBX vendor says the box is clean (I don't even see where I could change / edit caller ID from the PBX box).
ASKER CERTIFIED SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial