Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Mysterious SIP Brute force

Posted on 2014-02-18
4
Medium Priority
?
409 Views
Last Modified: 2014-02-19
Strangely I keep getting SIP 5060 mysterious phone calls, with 'Unrecognized RTP' from Santa Monica and New York, what would the purpose of those be?
They must be randomly trying IP's on port 5060, but why?
0
Comment
Question by:Silas2
  • 2
  • 2
4 Comments
 
LVL 20

Expert Comment

by:agonza07
ID: 39868157
Lots of hackers out there in the world, and bunch of programs just scanning the internet.

I had a brand new phone installation a while back, and before I could bring up the firewall, I already had someone hacking my phone system making calls to Jamaica...
0
 

Author Comment

by:Silas2
ID: 39868366
Yes, but how could they hack thru a sip phone? I'm just curious. They phone into it, are they then trying to piggy-back off my registration? They would have to find some way of taking control of the phone wouldn't they?
A rogue incoming call can't do anything can it?
Is there some buffer overflow attack on SIP phones?
0
 
LVL 20

Accepted Solution

by:
agonza07 earned 500 total points
ID: 39868634
Check this out.

http://blog.sipvicious.org/

In this case, however, things are a bit different. While launching an INVITE scan on a vulnerable PBX system can be useful for the hacker, doing the same thing on an IP Phone (or VoIP Phone) just makes it ring. While some phones will only ring when the correct number is called, others ring when any number (or rather, any SIP address) is specified in the INVITE message. So the attackers/hackers/cyber-criminals ended up getting phones to ring. I think this is a mistake that they were making, possibly because they are not differentiating between a phone and a PBX system
0
 

Author Comment

by:Silas2
ID: 39870317
Yes, thanks,  that's probably it.
0

Featured Post

Free Backup Tool for VMware and Hyper-V

Restore full virtual machine or individual guest files from 19 common file systems directly from the backup file. Schedule VM backups with PowerShell scripts. Set desired time, lean back and let the script to notify you via email upon completion.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

As companies replace their old PBX phone systems with Unified IP Communications, many are finding out that legacy applications such as fax do not work well with VoIP. Fortunately, Cloud Faxing provides a cost-effective alternative that works over an…
Skype is a P2P (Peer to Peer) instant messaging and VOIP (Voice over IP) service – as well as a whole lot more.
Whether it be Exchange Server Crash Issues, Dirty Shutdown Errors or Failed to mount error, Stellar Phoenix Mailbox Exchange Recovery has always got your back. With the help of its easy to understand user interface and 3 simple steps recovery proced…
As many of you are aware about Scanpst.exe utility which is owned by Microsoft itself to repair inaccessible or damaged PST files, but the question is do you really think Scanpst.exe is capable to repair all sorts of PST related corruption issues?
Suggested Courses

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question