Computers & Electronics

Voip.ms & OBi100 VoIP - 150 Sip scanner calls per day.....

  • Last Updated:
  • Mar 10th, 2015 12:58 am
Tags:
None
[OP]
Deal Addict
Feb 1, 2008
1495 posts
132 upvotes

Voip.ms & OBi100 VoIP - 150 Sip scanner calls per day.....

Hey guys, so I have a Obi100 with voip.ms all hooked up. Over the past year or so these sip scanners have gotten ridiculous where now I am getting around 118-150 calls per day of random numbers like 1011, 9822, 0006 etc :mad: . Can those of you with a similar setup please advise on how to get rid of these or what settings I need to add to my Obi or voip.ms to minimize the amount of fake calls.

Thanks
7 replies
Sr. Member
Oct 24, 2006
648 posts
77 upvotes
Toronto
Change your sip port to something other than 5060.. Also, is your router forwarding sip?
Deal Fanatic
User avatar
Mar 3, 2002
9417 posts
3302 upvotes
cruisx wrote: Hey guys, so I have a Obi100 with voip.ms all hooked up. Over the past year or so these sip scanners have gotten ridiculous where now I am getting around 118-150 calls per day of random numbers like 1011, 9822, 0006 etc :mad: . Can those of you with a similar setup please advise on how to get rid of these or what settings I need to add to my Obi or voip.ms to minimize the amount of fake calls.

Thanks
For reference, the latest firmware for your ATA can be found here: http://www.obitalk.com/forum/index.php?topic=9.0


1. Are you port forwarding from the router to the ATA or using DMZ? Let's not do that unless you have no other choice. Disable any port forwarding in the router to the ATA, especially UDP port 5060. If you find disabling port forwarding creates 1-way audio issues (or other weird problems), try disabling SIP ALG in your router.

2. If you used the OBitalk web portal to configure your ATA, you need to continue using www.obitalk.com for now. Enter the expert menu (advanced configuration; it's an "E" icon). Otherwise, dial ***1, and enter the IP you're told into your web browser.

3. Navigate to Voice Services-->SP(voip.ms) Service-->X_UserAgentPort
Change this to something between 30000 and 60000

(Submit/save and reboot)

4. Create a white list of authorized IP addresses of the VoiP.ms SIP servers you're using (and want to connect with your OBi ATA):
Service Providers>ITSP Profile voip.ms>SIP>X_AccessList (enter valid SIP server IP addresses).

toronto.voip.ms is 184.75.215.106, for example. Separate voip.ms SIP server IP addresses that you use with this ITSP (voip.ms) profile with commas in X_AccessList. Basically, you need to know what the IP addresses are of the SIP servers you're using.

(submit/save and reboot)


5. Stick/Add {>('yourauthusernamegoeshere'):ph} in your inbound call route. Voice Services-->SP(voip.ms)-->X_InboundCallRoute
Use Oleg's method: http://www.obitalk.com/forum/index.php?topic=5467.0 (step 4 from that link)

If you don't know what yourauthusername is, navigate to Voice Services-->SP(voip.ms)-->SIP Credentials-->AuthUserName

Here's an example of what an X_InboundCallRoute might look like with that part added:

{(MTelemarketers):},{>('yourauthusernamegoeshere'):ph}

The first section can be whatever you currently have in X_InboundCallRoute. The bolded part is what you need to add.

(submit/save and reboot)

To learn about MTelemarketers and blocking Telemarketers, visit http://www.toao.net/503-blocking-telema ... an-obi-ata
(this part is unrelated to stopping sip scanners)

For OBi200 and OBi202 steps 4 and 5 are a lot simpler:

4. Enable X_AcceptSipFromRegistrarOnly to accept inbound SIP requests only if they came from the same IP address of the current Registered proxy (found under Voice Services > SP(whatever one you're using) Service-->SP Service)

5. Enable X_EnforceRequestUserID to accept SIP invite requests only if the request userid matches AuthUserName or X_ContactUserID (found under Voice Services > SP(whatever one you're using) Service-->SIP Credentials)




The combination of steps 4 and 5 will stop sip scanner calls completely. But nothing beats a good firewall.

Good luck!
Deal Fanatic
User avatar
Jan 6, 2011
5833 posts
1358 upvotes
GTA
Have you guys ever gotten your own mobile number calling your own VoIP?

Someone basically called my voip with the CallerID of my mobile and I didn't make the call, I wondered what went on!?
Deal Fanatic
User avatar
Mar 3, 2002
9417 posts
3302 upvotes
LongLiveRFD wrote: Someone basically called my voip with the CallerID of my mobile and I didn't make the call, I wondered what went on!?
CallerID of the call was likely spoofed (faked/forged)

It's possible to make outbound caller IDs whatever you want, provided the voip service allows caller id spoofing (and some annoying ones do).
Deal Fanatic
User avatar
Jan 6, 2011
5833 posts
1358 upvotes
GTA
Webslinger wrote: CallerID of the call was likely spoofed (faked/forged)

It's possible to make outbound caller IDs whatever you want, provided the voip service allows caller id spoofing (and many do).
The unassuming part is, they knew I am the same person owning the mobile and VoIP. It's rare I provide both, unless it's very trust worthy sites. Certainly hope this is not the onset of an ID theft attempt.
jhardydj wrote: Collections love to do this.
Everytime picked up the line was silent and then dropped.

@Op: I don't mean to hijack the thread. I too have the OBi ATA and has been concerned about security measures.
Deal Fanatic
User avatar
Mar 3, 2002
9417 posts
3302 upvotes
LongLiveRFD wrote: The unassuming part is, they knew I am the same person owning the mobile and VoIP. It's rare I provide both, unless it's very trust worthy sites. Certainly hope this is not the onset of an ID theft attempt.
It could be a robo dialer script that automatically spoofs a similar number to the one that it's dialing. Who blocks his or her own number (or area code and prefix), after all? Telemarketers are also using spoofing outgoing numbers that appear to either look like you're calling yourself--or that look similar to your own phone number.

It could be anyone. Some random idiot could randomly spoof 519-888-8888 and then just call that phone number for the lulz.

It might be your friend. It might be someone who dislikes you. It could be a thief/scammer (hopefully not). It could be collections.

It could be dog. Then you can pretend to be Liam Neeson.
;)

Image

Top

Thread Information

There is currently 1 user viewing this thread. (0 members and 1 guest)