Some of our PBX’s are hacked, or not???
When I do wireshark, I see the next invite
220.127.116.11 -> 18.104.22.168 SIP/SDP Request: INVITE sip:[email protected], with session description
825240219700 is the number that is being dialed.
22.214.171.124 is the hackers IP address
Without a registered sip phone he is trying to dial out.
How is this possible??
Is have set “allow sip guest” to no
I am clewless now.
Hope someone can explain this to me.