Attempts to hack Asterisk – What do these lines means

Home » Asterisk Users » Attempts to hack Asterisk – What do these lines means
Asterisk Users 1 Comment

Hi Everyone,

Like always, here are IPs from China that try to hack an Asterisk server.
Can someone please explain what is happening or what the hacker is trying to
reach:

02/10/2010 11:10 SIP/113.105.152.51-000000fb sip “sip” s ANSWERED 13
02/10/2010 11:10 SIP/113.105.152.51-000000fe sip “sip” s ANSWERED 13
02/10/2010 11:10 SIP/113.105.152.51-000000fc sip “sip” s ANSWERED 13
02/10/2010 11:10 SIP/113.105.152.51-000000fd sip “sip” s ANSWERED 13
02/10/2010 11:10 SIP/113.105.152.51-000000ff sip “sip” s ANSWERED 13
02/10/2010 11:10 SIP/113.105.152.51-00000100 sip “sip” s ANSWERED 13
02/10/2010 11:17 SIP/222.73.204.198-00000101 sip “sip” s ANSWERED 13
02/10/2010 11:17 SIP/222.73.204.198-00000102 sip “sip” s ANSWERED 13
02/10/2010 11:17 SIP/222.73.204.198-00000103 sip “sip” s ANSWERED 13
02/10/2010 11:17 SIP/222.73.204.198-00000104 sip “sip” s ANSWERED 13
02/10/2010 11:17 SIP/222.73.204.198-00000105 sip “sip” s ANSWERED 13
02/10/2010 11:17 SIP/222.73.204.198-00000106 sip “sip” s ANSWERED 13
02/10/2010 11:17 SIP/222.73.204.198-00000107 sip “sip” s ANSWERED 13
02/10/2010 11:17 SIP/222.73.204.198-00000108 sip “sip” s ANSWERED 13
02/10/2010 11:17 SIP/222.73.204.198-00000109 sip “sip” s ANSWERED 13

Thanks

One thought on - Attempts to hack Asterisk – What do these lines means

  • Seems like anonymous SIP calls which end up in from-sip-external context
    with a dead end. This is usually how hackers start their hack attempts.

    Zeeshan A Zakaria