Yeah, I did a couple of tests to both your +1954 and +44203 numbers and the transfer functions were indeed blocked. Unfortunately, when attempting to check for voicemail issues, I was surprised that Kremena answered the line and I apologize for hanging up on her. I did not try the +44800.
If your system was not very busy at the time, manually inspect the preceding minute. Or, maybe you can find a fraudulent call made at a time when the system would be idle. Otherwise, search the preceding few minutes for 5963 and for 3984.
Ouch. You have Soundpoint IP 301, 500, etc.? If they are looking for e.g. 0004f2123456.cfg, that is very easy to exploit because the bad guys know the range of Poly MAC addresses and can just iterate through them until they get a hit. If they did this recently, you should find the attempts in /var/log/messages*.
The easiest fix may be to put the files in a folder with a ‘secret’ name, rather than directly in /tftpboot. This is probably sufficient protection from the criminals who scan every IPv4 address looking for a system to exploit, but may not be adequate if your breach was an inside job.
That makes no sense. If they specify the required authentication, headers, etc., you can configure pjsip to do that.
If they give you reasonable notice, even a few days, that shouldn’t be too bad. As you probably remember, Flowroute changed servers some months ago and sent out multiple notices, starting 90 days before the change. If they won’t do that, there may be a workaround if their portal allows you to specify the user part of the SIP URI to which they send calls. You could then have a custom ‘anonymous’ context that drops the call if the username doesn’t match. (You would fetch the called DDI from the To header.)
Unfortunately, what you need is good rates from the UK. I have an account with Voxbeam. It’s in USD but you can get one in UKP. Sample outbound rates on their Platinum (best) route are London fixed, $0.0025/min.; other fixed, $0.0051; major mobile (EE, Orange, Telefonica, Three, Vodafone), $0.0078-0.0092, billed in 1-second increments. However, their inbound rates are IMO way high at $11.50/mo./channel + $0.40/mo./number (no charge for incoming calls). They also offer numbers for $0.80/mo., limited to 2 channels, capped at 10,000 minutes/mo., with a $0.01/min. charge for overage. How many concurrent incoming calls do you have at peak times?
You might also look at AnveoDirect, a Voxbone (no relation to Voxbeam and recently acquired by Bandwith) reseller. $6.50/mo./channel + $0.64/mo./number, or $0.004/min. + $1.00/mo./number. I believe that their pricing is typical of Voxbone resellers.