I also much prefer carrier prepay accounts or accounts with low credit limits for exactly this reason. Oh, you blew through $100 overnight and suspended the account - great!
We have not had many issues to date but there are a whole lot of ways to get hacked with VoIP fraud - many, many ways, and it’s difficult to avoid them all. Limiting the losses if/when it happens is helpful. Mark > On Sep 6, 2020, at 9:19 AM, can...@believewireless.net > <p...@believewireless.net> wrote: > > Flow Routes has pretty good security for this. If they notice international > calls all of a sudden to a certain country, they shut that country > off in your portal. Another thing to do is block international traffic for > most customers or require a pin code to make the call. > > I've noticed most of these attempts happen on the weekends and holidays when > they assume IT people won't be around. > > We had the same issue happen years ago with Level 3 and we aren't as > proactive about it. > > Another option is to tunnel customer/remote SIP traffic back to an Asterisk > box on a private IP. Then NAT the SIP traffic to/from your > provider and lock it down to that specific IP. > > On Sat, Sep 5, 2020 at 7:52 PM Adam Moffett <dmmoff...@gmail.com > <mailto:dmmoff...@gmail.com>> wrote: > I think I'm doing something similar. Firewall only allows Asterisk IP to > talk to customer IPs and carrier IPs. Other SIP traffic is dropped. > > I have no serious incentive to do it another way. > > > > On 9/5/2020 1:45 PM, ch...@wbmfg.com <mailto:ch...@wbmfg.com> wrote: >> We had asterisk running, we had SIP trunks to a company called Xmission in >> Salt Lake city. >> Something internally here got hijacked and started sending SIP traffic to >> Xmission. We got a huge bill before anyone noticed. >> >> So what we did was to put the SIP trunks on their own static IP. That is >> the only thing on that globally routable IP connects to. >> Xmission uses that IP to send us terminating traffic. We use that IP to >> send traffic to Xmission. >> >> I would rather go back to using that IP for everything here, but we don’t >> want a repeat of history. >> Is it worth trying to do? Or just leave it alone? >> >> > -- > AF mailing list > AF@af.afmug.com <mailto:AF@af.afmug.com> > http://af.afmug.com/mailman/listinfo/af_af.afmug.com > <http://af.afmug.com/mailman/listinfo/af_af.afmug.com> > -- > AF mailing list > AF@af.afmug.com > http://af.afmug.com/mailman/listinfo/af_af.afmug.com
-- AF mailing list AF@af.afmug.com http://af.afmug.com/mailman/listinfo/af_af.afmug.com
