"unknown" <unknown> calls

General Help
1

On occasion, I get as many as 50-60 bogus calls that look like this:

2011-12-01 17:03:20,SIP/76.74.253.98-0000035f,unknown,""“unknown”" “,600,ANSWERED,6
2011-12-01 17:03:28,SIP/76.74.253.98-0000037b,unknown,”"“unknown”" “,200,BUSY,1
2011-12-01 17:03:30,SIP/76.74.253.98-00000383,unknown,”"“unknown”" “,200,BUSY,1
2011-12-01 17:03:32,SIP/76.74.253.98-0000038b,unknown,”"“unknown”" “,200,BUSY,1
2011-12-01 17:03:34,SIP/76.74.253.98-00000393,unknown,”"“unknown”" “,200,BUSY,1
2011-12-01 17:03:36,SIP/76.74.253.98-0000039b,unknown,”"“unknown”" “,200,BUSY,1
2011-12-01 17:03:38,SIP/76.74.253.98-000003a3,unknown,”"“unknown”" ",200,BUSY,1

I think this is because my SIP trunker (Callcentric) requires “Allow Anonymous Inbound SIP Calls” setting.

I realize someone may be looking for a vulnerability. Nothing has happened, but it is a bit of an annoyance.

Can anything be done to prevent these?

2

You are correct in your statement of “its happening because anonymous calls are allowed” …

Most of time, allowing anonymous calls is not required.

3

My reading seems to indicate that the “Allow Anonymous Inbound SIP Calls” allows your trunker to use a range of servers (IP addresses).

Following the advise in this thread:
http://www.fonality.com/trixbox/forums/trixbox-forums/sip-and-iax-trunks-and-providers/callcentric-incoming-call-problem

I have at least now added my DID to my trunk so people attempting to hack my stuff will at least need to know my DID.

I will research this more and find out if it is possible to configure my trunk(s) so they are aware of all the Callcentric IP’s. Doubtful, but work investigating.

Thank you for confirming my suspicions.