[App_rpt-users] Re : Bogus SIP registrations

Dwaine Garden VE3GIF DwaineGarden at rogers.com
Sun Jun 23 17:02:52 EDT 2013


I had the Chinese hackers dial 911 multiple times.

pete M <petem001 at hotmail.com> wrote:

>China hacker or china gov tha try to connect to you.. thats where the ip is located..
>
>--- Message initial ---
>
>De : "KB0KZR" <kb0kzr at matthouse.com>
>Envoyé : 23 juin 2013 16:03
>A : app_rpt-users at ohnosec.org
>Objet : [App_rpt-users] Bogus SIP registrations
>
>All--
>
>While diagnosing another problem (which I will post about in a little bit
>if I can't get it figured out, but I wanted to keep separate threads
>separate) -- suddenly somebody started sending me a ton of bogus SIP
>registrations.  The source-IP is 210.73.202.76 for whatever that may be
>worth.  I thought about firewalling it, but I don't think SIP is required
>at all for app_rpt to work?  So I disabled chan_sip entirely in
>modules.conf.
>
>Just throwing it out there as something to consider for other app_rpt
>nodes...  I don't know of any security flaws in chan_sip, but I figured
>since it isn't being used there's no reason to run it.
>
>-Matt-
>
>_______________________________________________
>App_rpt-users mailing list
>App_rpt-users at ohnosec.org
>http://ohnosec.org/cgi-bin/mailman/listinfo/app_rpt-users
>_______________________________________________
>App_rpt-users mailing list
>App_rpt-users at ohnosec.org
>http://ohnosec.org/cgi-bin/mailman/listinfo/app_rpt-users


More information about the App_rpt-users mailing list