Difference between revisions of "Lots of calls made by System Admin user"
From Kolmisoft Wiki
Jump to navigationJump to search
(6 intermediate revisions by 2 users not shown) | |||
Line 4: | Line 4: | ||
These calls are not authenticated and made not by System Admin. | These calls are not authenticated and made not by System Admin. | ||
This can be hacking attempt. | |||
<br><br> | |||
'''YOU DO NOT HAVE TO WORRY ABOUT THIS, BECAUSE ALL THESE CALLS FAILED.''' | |||
'''THEY FAILED BECAUSE THEY ARE UNAUTHENTICATED.''' | |||
'''YOU DO NOT TAKE ANY LOSS.''' | |||
'''IGNORE SUCH CALLS UNLESS YOU KNOW THE IP THEY COME FROM - [[How to block someone's IP | SO YOU CAN BAN THIS IP USING iptables]].''' | |||
<br> | |||
Such calls look like this: | |||
<br> | |||
[[File:hgc200calls.png]] | |||
<br><br> | |||
==Other symptoms == | |||
In Asterisk CLI you can find such messages: | |||
'''app_mor_authentication.c: User not found by accountcode''' |
Latest revision as of 08:36, 10 June 2012
You can see lots of System Admin calls in logs, because all NON-AUTHENTICATED calls from outside are registered in System Admin user logs.
So it is not actually calls made by System Admin user.
These calls are not authenticated and made not by System Admin.
This can be hacking attempt.
YOU DO NOT HAVE TO WORRY ABOUT THIS, BECAUSE ALL THESE CALLS FAILED.
THEY FAILED BECAUSE THEY ARE UNAUTHENTICATED.
YOU DO NOT TAKE ANY LOSS.
IGNORE SUCH CALLS UNLESS YOU KNOW THE IP THEY COME FROM - SO YOU CAN BAN THIS IP USING iptables.
Other symptoms
In Asterisk CLI you can find such messages:
app_mor_authentication.c: User not found by accountcode