Difference between revisions of "Lots of calls made by System Admin user"

From Kolmisoft Wiki
Jump to navigationJump to search
 
(One intermediate revision by the same user not shown)
Line 7: Line 7:
This can be hacking attempt.
This can be hacking attempt.


<br><br>
'''YOU DO NOT HAVE TO WORRY ABOUT THIS, BECAUSE ALL THESE CALLS FAILED.'''
'''YOU DO NOT HAVE TO WORRY ABOUT THIS, BECAUSE ALL THESE CALLS FAILED.'''


Line 13: Line 15:
'''YOU DO NOT TAKE ANY LOSS.'''
'''YOU DO NOT TAKE ANY LOSS.'''


'''IGNORE SUCH CALLS UNLESS YOU KNOW THE IP THEY COME FROM - SO YOU CAN BAN THIS IP USING iptables.'''
'''IGNORE SUCH CALLS UNLESS YOU KNOW THE IP THEY COME FROM - [[How to block someone's IP | SO YOU CAN BAN THIS IP USING iptables]].'''


<br>
<br>
Such calls look like this:
Such calls look like this:
<br>
[[File:hgc200calls.png]]
[[File:hgc200calls.png]]



Latest revision as of 08:36, 10 June 2012

You can see lots of System Admin calls in logs, because all NON-AUTHENTICATED calls from outside are registered in System Admin user logs.

So it is not actually calls made by System Admin user.

These calls are not authenticated and made not by System Admin.

This can be hacking attempt.




YOU DO NOT HAVE TO WORRY ABOUT THIS, BECAUSE ALL THESE CALLS FAILED.

THEY FAILED BECAUSE THEY ARE UNAUTHENTICATED.

YOU DO NOT TAKE ANY LOSS.

IGNORE SUCH CALLS UNLESS YOU KNOW THE IP THEY COME FROM - SO YOU CAN BAN THIS IP USING iptables.


Such calls look like this:
Hgc200calls.png




Other symptoms

In Asterisk CLI you can find such messages:

app_mor_authentication.c: User not found by accountcode