Despite locking my firewall down to restric all traffic on SIP channels to my trunk providers IP I still have suspicious activity showing up on mt CDR records.
Can someone tell me if this is someone hacking my system?
I dont have any extentions in the 5000 range on the system.
2014-01-22 19:27:04 1390418824.708 SIP admin Answer s ANSWERED 00:00
2014-01-22 19:18:49 1390418329.707 SIP admin Answer s ANSWERED 00:00
2014-01-22 19:10:32 1390417832.706 SIP 5556 Answer s ANSWERED 00:00
2014-01-22 19:02:11 1390417331.705 SIP 5556 Answer s ANSWERED 00:01
2014-01-22 18:53:23 1390416803.704 SIP 5556 Answer s ANSWERED 00:00
Also, if this is the case then what else do I need to do to stop this activity?
I tried blocking anonymous SIP calls on the settings but this appeared to stop genuine calls?