Our v5.1 5000 was hacked earlier this month. The scumbags racked up $1,800 worth of calls about a week ago- between 9pm and 3am.
Any thoughts how this happened?
Are you using SIP devices?
We have 3 CAT F SIP licenses...
Are you actually using them? Or are they just on the system created as extensions?
If you are not using them, turn of the SIP listening port. If you are using them change the password for each device, in the controller and the device. The problem is the "Cook Book" usually used to set up SIP devices uses the extension number as the password. Good for setup but change the password after setup is working. Not changing it can lead to a very expensive phone bill. Ask me how I know this? SIP attacks are on the rise. Be aware!
Thanks. We also had a SIP trunk license. These for testing. We are an interconnect...how Ironic!!