That page doesn’t appear to secure against people coming in on the Obi-to-Obi number. I believe someone came in through this a couple of times last night to my FreePBX to sniff around. They didn’t come in over my DID, and the Obi-to-Obi number is the only way I can imagine they could have come in.
Can someone add instructions to close down the Obi-to-Obi calling method to the above Wiki page, plus detail them here?
Yes. From the OBI’s extension, and not from my one and only DID or any other extensions. I already mostly concluded that turning off ObiTalk was the correct thing to do and did so + rebooted the device this morning. I don’t have edit privileges on the Wiki near as I can tell, so can’t add that info to the page.