I am using FreePBX for door entry phones, and recently I’ve been getting random calls on a single softphone from an unknown random extension like 254703313643. When I answer, it’s silent and cuts off.
The door phones are connected directly via wired LAN. The soft phones connect into FreePBX via port forwarding. The soft phone app is Groundwire by Acrobits.
External SIP port = 32256
RTSP ports = 5466-5470
In the FreePBX logs I see nothing whatsoever to suggest I am being hacked. Firewall is active and shows no errors.
The softphone connects into Acrobits server i believe, in that the registrations shown in FreePBX logs are coming from IPs owned by Acrobits. This essentially provides push notifications for the iOS device.
Oh you are using the Sangoma provided soft phones. Alright then do you have your SIP service on the PBX open to the world and listening on the default 5060 port?
Do you see these show up in asterisk console at all? If so it would seem that you may have to look at changing the default SIP listening ports to something else or closing your firewall to limit direct connections to your PBX from connections that you don’t want to be hitting it.