Difference between revisions of "Lots of calls made by System Admin user"
From Kolmisoft Wiki
Jump to navigationJump to search
m |
|||
Line 7: | Line 7: | ||
This can be hacking attempt. | This can be hacking attempt. | ||
YOU DO NOT HAVE TO WORRY ABOUT THIS, BECAUSE ALL THESE CALLS FAILED. | '''YOU DO NOT HAVE TO WORRY ABOUT THIS, BECAUSE ALL THESE CALLS FAILED.''' | ||
THEY FAILED BECAUSE THEY ARE UNAUTHENTICATED. | '''THEY FAILED BECAUSE THEY ARE UNAUTHENTICATED.''' | ||
'''YOU DO NOT TAKE ANY LOSS.''' | |||
'''IGNORE SUCH CALLS UNLESS YOU KNOW THE IP THEY COME FROM - SO YOU CAN BAN THIS IP USING iptables.''' | |||
<br><br> | <br><br> | ||
Revision as of 08:33, 10 June 2012
You can see lots of System Admin calls in logs, because all NON-AUTHENTICATED calls from outside are registered in System Admin user logs.
So it is not actually calls made by System Admin user.
These calls are not authenticated and made not by System Admin.
This can be hacking attempt.
YOU DO NOT HAVE TO WORRY ABOUT THIS, BECAUSE ALL THESE CALLS FAILED.
THEY FAILED BECAUSE THEY ARE UNAUTHENTICATED.
YOU DO NOT TAKE ANY LOSS.
IGNORE SUCH CALLS UNLESS YOU KNOW THE IP THEY COME FROM - SO YOU CAN BAN THIS IP USING iptables.
Other symptoms
In Asterisk CLI you can find such messages:
app_mor_authentication.c: User not found by accountcode