I successfully configured freepbx with 4 extensions that can be accessed both via LAN and remote.
For some kind of problems I had with remote extensions (that I solved thanks to this forum) I initially put asterisk server on DMZ in our router so all ports problems went out.
I left this situation for 2 days and I find some calls from 1011 extension (non existent extension on our pbx) to some numbers out, strange numeration.
Fortunately we have no credits on our VOIP so the calls dropped with the message of the carrier that informs the zero credit situation.
My question is: I have freepbx firewall active and no firewall on router, is it possible for an hacker to access via ssh or via other method?
Exten 1011 doesn’t exists in my dialplan, how can generate a call? I tried to generate call on asterisk cli, via ssh, and I successfully generate call between extension or between extension and external number but how can an intruder generate a call without knowing ssh password and freepbx admin access?
Am I forgetting something? Have I left something open?
After these 2 days I fixed all ports on router (5060/5061/10000-20000) from external to asterisk server and now it seems that these calls disappeared.
Could the DMZ generate this security-leaking situation?
PS: below you can find Call Log Stats screenshot