Help with hackers

I am receiveing a lot of incomming Sip connections from outside. Fur business purposes my system is on a public network. I tried to secured as much as I could but really I ma not an expert. I beleive failban has contented them so far but I am not really sure. Please see
– Executing [[email protected]:1] NoOp(“SIP/38.105.99.4-0000006d”, “Received incoming SIP connection from unknown peer to 011972592581502”) in new stack
– Executing [[email protected]:2] Set(“SIP/XX.XX.XX.X-0000006d”, “DID=011972592581502”) in new stack
– Executing [[email protected]:3] Goto(“SIP/XX.XX.XX.X-0000006d”, “s,1”) in new stack
– Goto (from-sip-external,s,1)
– Executing [[email protected]:1] GotoIf(“SIP/XX.XX.XX.X-0000006d”, “0?checklang:noanonymous”) in new stack
– Goto (from-sip-external,s,5)
– Executing [[email protected]:5] Set(“SIP/XX.XX.XX.X-0000006d”, “TIMEOUT(absolute)=15”) in new stack
Channel will hangup at 2014-05-15 15:23:04.119 EDT.
– Executing [[email protected]:6] Log(“SIP/XX.XX.XX.X-0000006d”, "WARNING,“Rejecting unknown SIP connection from 208.69.231.210"”) in new stack
[2014-05-15 15:22:49] WARNING[34631]: Ext. s:6 @ from-sip-external: “Rejecting unknown SIP connection from 208.69.231.210”
– Executing [[email protected]:7] Answer(“SIP/XX.XX.XX.X-0000006d”, “”) in new stack
== Spawn extension (from-sip-external, s, 7) exited non-zero on ‘SIP/XX.XX.XX.X-0000006d’
– Executing [[email protected]:1] Hangup(“SIP/XX.XX.XX.X-0000006d”, “”) in new stack
== Spawn extension (from-sip-external, h, 1) exited non-zero on ‘SIP/XX.XX.XX.X-0000006d’

Also looking at the CDR reports I can see the connections intents.
Call Detail Record

2014-05-15 15:22:49 1400181769.392 0123456 Answer s [from-sip-external] ANSWERED 00:00
2014-05-15 15:21:33 1400181693.391 UNKNOWN Hangup s [app-blacklist-check] ANSWERED 00:08
2014-05-15 15:14:44 1400181284.390 9000 Answer s [from-sip-external] ANSWERED 00:01

I would like to know if they have alreay compromised my system. I would take it out from the Public IP asap. I will look for help from an expert but for now I would like to know if there has been any theft.

Thanks !!!

set Allow Anonymous Inbound SIP Calls to no in Asterisk sip settings.

More securly “set ‘Allow Anonymous Inbound SIP Calls’ and ‘allow SIP guests’ to no in Asterisk sip settings.”

Ok Thanks I had annonymous Sip calls set to no but I had SIP guest to yes both are set to no now. But would that suffice??

Thankjs
CR

It will, do you use fail2ban? that will definitely also help.

You could also use iptables/firewall to completely block external sip or just from a certain IP. VPN is the best bet if you really want users to connect from outside.