FreePBX | Register | Issues | Wiki | Portal | Support

[Resolved] Ayuda urgente - Fraude


(Adrián Val) #1

buenos días,

He recibido llamadas de fraude de mi pbx. Después de revisar toda la seguridad, he comprovado que llamando al teléfono, suena el IVR y seguidamente marco *2 + numeroteléfono y se desvía.
Entiendo que la solución rápida es desactivar el *2 en FeatureCodes, pero suelo usar ese código.

Alguna ayuda¿??¿?

El tdmf del trunk es rfc2833, he provado de cambiarlo a inband pero luego no me reconoce los números del IVR


(Dave Burgess) #2

PBX Version?
Inbound route options?
Context of the Inbound Route for the inbound number?


(Lorne Gaetz) #3

Si tu nececitas auyda urgente, Sangoma tiene support pagado con ingenieros que hablan español mas major que yo.


(Adrián Val) #4

Hellow cynjut, thanks for your reply.
PBX Version? The pbx version is 12.0.76.6
Inbound route options? Do you mean destination?? Is Time condition and then IVR
Context of the Inbound Route for the inbound number? I don’t know what do you mean.
I attach you an image of inbound route. I have 2 inbounds
https://drive.google.com/open?id=1NX9Q0FkiJnd5hXeaBIR9PvAxkYDql257


(Avayax) #5

Here is a long thread about that exploit if you’re interested: Hacker makes international calls through my FreePBX IVR

Do you need the party calling in to be able to dial the *2?
If not remove the “T” option from your trunk.


#6

If your phones or SIP apps have a Transfer button or soft key, use those and disable *2 and other in-call transfer features.

If you really need *2, recent versions of FreePBX have an option in Advanced Settings “Disallow transfer features for inbound callers”. If your system does not show that, consider upgrading. Otherwise, remove the T and t dial options from your trunks and the T option from your extensions.


(Adrián Val) #7

Yes, thanks. I found the same bug on another forum.
Guys, can you tell me what it means T, t and r on Asterisk Dial Options and Asterisk Outbound Trunk dial Options ??
Because I left blank and transfer calls didn’t work
Now, it’s working fine but I don’t understand.

Thanks


(Avayax) #8

There is no bug.

The T option allows the calling party to transfer the called party using the In-Call Asterisk Blind Transfer transfer feature code.

The t option allows the called party to transfer the calling party using the In-Call Asterisk Blind Transfer transfer feature code.

The r option indicates ringing to the calling party, even if the called party isn’t actually ringing. Pass no audio to the calling party until the called channel has answered.

So you either remove the T option on your trunk or you set “Disallow transfer features for inbound callers” in advanced settings.


(Gerardo Barajas) #9

Tienes algun log de cuando marcas *2 ??


(Adrián Val) #10

Thanks!!!


(Adrián Val) #11

No tenia ningún log… pero 100% era marcando el *2. Lo desactivé y no ha vuelto a pasar.
Gracias por molestarte en contestar :smiley: