I had a system this afternoon that was unable to place calls (SIP Trunk) that was able to recieve calls. I could not log into the GUI, I could ssh into it. Eventually I rebooted and found in the CDR that there were thousands of calls of 10 -15 seconds duration. No destination indicated. No new administrator user like the last time. Allow SIP guests was allowed, I unchecked that. I ran the security commands from the last time and it alerted that MGKnight had been detected. I updated everything.
Please give us versions of everything. There are no known vulnerabilities at this time. We of course would not hide this from you if we knew about a new vulnerability. Anyways please give the information that is needed.
I would not even consider that anything was being hidden. I am very heartened by the honesty and the owning of any issues that might arise by the Schmooze group. I seem to be on the leading edge of things lately and was just wondering out loud, so to speak. The system is at 220.127.116.11 all up to date. Everytime I need to get into a system I update. Here is a screen shot of the CDR
Those are inbound calls that are happening because you have allow guest or allow anonymous
Got it, should have known better. Thanks