Random calls from unknown extension

Hi,

I am using FreePBX for door entry phones, and recently I’ve been getting random calls on a single softphone from an unknown random extension like 254703313643. When I answer, it’s silent and cuts off.

The door phones are connected directly via wired LAN. The soft phones connect into FreePBX via port forwarding. The soft phone app is Groundwire by Acrobits.

External SIP port = 32256
RTSP ports = 5466-5470

In the FreePBX logs I see nothing whatsoever to suggest I am being hacked. Firewall is active and shows no errors.

Any ideas?

Thanks.

You need to turn off “Allow Anonymous Inbound SIP Calls” and “Allow SIP Guests” under Settings -> Asterisk SIP settings.

Thanks - however, these settings are already disabled

Is your softphone directly exposed to the internet? These calls may be going directly to the endpoint.

Do you see these calls in the call log of your phone system?

The softphone connects into Acrobits server i believe, in that the registrations shown in FreePBX logs are coming from IPs owned by Acrobits. This essentially provides push notifications for the iOS device.

There are no logs whatsoever in FreePBX.

Oh you are using the Sangoma provided soft phones. Alright then do you have your SIP service on the PBX open to the world and listening on the default 5060 port?

Im using Groundwire which is owned by Acrobits.

SIP port is public facing, but changed to the port mentioned initially.

Do you see these show up in asterisk console at all? If so it would seem that you may have to look at changing the default SIP listening ports to something else or closing your firewall to limit direct connections to your PBX from connections that you don’t want to be hitting it.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.