September 21, 2018, 01:08:23 pm *
Welcome, Guest. Please login or register.
News:
 
   Forum Home   Search Login Register OBiTALK  
Pages: 1 ... 6 7 [8] 9 10
  Print  
Author Topic: SIP scanners  (Read 775844 times)
Mango
Hero Member
*****
Posts: 548


« Reply #140 on: September 20, 2013, 08:10:17 pm »

Yes, there were some reports some time ago that Obihai was implementing some of the methods suggested by users in this thread.  Smiley
Logged

carl
Sr. Member
****
Posts: 457


« Reply #141 on: September 20, 2013, 09:11:48 pm »

Since there are a few people who still do report the same problems I wonder whether Obi 202 is now less susceptible than obi100 or 110 and or whether those having problems did all the firmware upgrades.
Logged
Mango
Hero Member
*****
Posts: 548


« Reply #142 on: September 20, 2013, 09:14:12 pm »

It's entirely possible.  Anyone with an OBi202 connected directly to a modem (no double-NAT) want to test the type of NAT that its router employes?

http://www.dslreports.com/forum/remark,22292023
Logged

ddgiant
Newbie
*
Posts: 2


« Reply #143 on: February 01, 2014, 02:50:34 am »

I know it has been a while since any one posted in here but I have just received what I think is more SIP scanners.

From my call history they are showing "from 'abc' sp1(abc)" and "from 'us' sp1(us)"

My question is if I tweak my string as shown below, should that block these?

{(?|x|xx|xxx|xxxx|xxxxx|xxxxxx|us@@|abc@@):},{ph,ph2}

Thanks for all of your time and advise.
Logged
ianobi
Hero Member & Beta Tester
*****
Posts: 1828


« Reply #144 on: February 01, 2014, 05:42:55 am »

ddgiant – welcome to the forum.

You are on the right lines, but the format is a bit more tricky. For example “abc” followed by something or nothing would be “abc@.”  The dot is important!

The following string should work:

{(?|x|xx|xxx|xxxx|xxxxx|xxxxxx|u’s’@.|abc@.):},{ph,ph2}

A further complication is that the “s” is a reserved character, so it needs to be enclosed by single apostrophes.

There are other ways to defeat scanners as detailed here:

http://www.obitalk.com/forum/index.php?topic=5467.msg35387#msg35387

The “Oleg Method” is highly recommended.

Logged
giqcass
Hero Member & Beta Tester
*****
Posts: 1437


« Reply #145 on: February 01, 2014, 06:09:12 am »

I'm a big supporter of the “Oleg Method” myself.  It ended all sip scanner activity from ringing my phone.  Using  the “Oleg Method” the sip scanner would need your Ip address, port number, and user name to ring your phone.
Logged

Register at e164.org and friends can use Sipbroker to call you from a regular telephone for free from almost any country.
DDNS hack for OBi
Old OBi? Want Ring.to?
ddgiant
Newbie
*
Posts: 2


« Reply #146 on: February 01, 2014, 07:12:51 am »

Thanks for both of your quick reply's.  The last time I had to deal with this was before the Oleg method.

I just want to make sure I am re-setting this correctly due to a lot of talk in these forms that I do not deal with regularly so it is a little confusing to me.

I have 2 SP services (Callcentric for E911 and GV for everything else)

SP1 I will change my X_InboundCallRoute from {(?|x|xx|xxx|xxxx|xxxxx|xxxxxx|u's'@.|abc@.):},{ph,ph2} to{>17771234567:ph1,ph2} (I just changing back to default will not set this)
SP2 I will change my X_InboundCallRoute from {(?|x|xx|xxx|xxxx|xxxxx|xxxxxx|u's'@.|abc@.):},{ph,ph2} to {>gmailaddres@gmail.com} is this correct?

If the Google voice one is not correct then is there an easy fix, or being I know Google is dropping the protocol I am using, maybe it is time to do my change over to 100% callcentric.
Logged
azrobert
Hero Member & Beta Tester
*****
Posts: 3568


« Reply #147 on: February 01, 2014, 09:47:00 am »

GoogleVoice doesn't use the SIP protocol, so you don't need to block SIP scanners on the GV trunk.
Logged
ianobi
Hero Member & Beta Tester
*****
Posts: 1828


« Reply #148 on: February 01, 2014, 09:55:43 am »

For Callcentric on sp1 this {>17771234567:ph1,ph2} should work fine.

As azrobert says, you should not need to worry about GV on sp2. You can see from your Call History that the scanner calls are coming in on sp1.

Personally, I like to use the Oleg Method and change the UserAgentPorts away from 5060, 5061 etc as these are the ones most often targeted by scanners. Some may say it's overkill, but I like a "belt and braces" approach to this problem   Smiley
Logged
gderf
Sr. Member
****
Posts: 490



« Reply #149 on: February 01, 2014, 10:09:59 am »

On my Obi200 the "Oleg Method" is applied automatically when configured via OBiTALK. There is no need to do this manually.
Logged

Help me OBiHai PhoneOBi. You’re my only hope.
jazzy
Jr. Member
**
Posts: 55


« Reply #150 on: February 03, 2014, 01:04:10 pm »

I use Obi100 and receive incoming calls from an IPKALL number, registered
with Getonsip.  Receiving calls just fine, but now I want to add method #4
to thwart sip scanners.

I thought I understood what string to place in my inbound call routing.

So I did this:

X_InboundCallRoute:   {>('my_auth_user_name'):ph}

the authusername I'm using comes right from my SIP credentials
from the SIP Credentials page on the Obi
and yes, authusername are alpha/numeric

Can this method work with my Getonsip account with the IPKall # ?

currently calls do not ring my Obi with this string in the Inboundcallroute.
Suggestions?
Logged
gderf
Sr. Member
****
Posts: 490



« Reply #151 on: February 03, 2014, 02:13:39 pm »

I have

{>123456789:ph}

Where 123456789 is my_auth_user_name
Logged

Help me OBiHai PhoneOBi. You’re my only hope.
jazzy
Jr. Member
**
Posts: 55


« Reply #152 on: February 03, 2014, 03:24:56 pm »

My authusername is Alphanumric.

when I place this in the X inbound call route
{>('myauthusername28'):ph}   the attached phone does not ring.

I'm getting myauthusername28 right from SP2 SIP credentials
authusername. Sp2 is using Getonsip (from an IPKALL # )

Does method #4 not work with authusernames from Getonsip?



Logged
gderf
Sr. Member
****
Posts: 490



« Reply #153 on: February 03, 2014, 04:00:18 pm »

Why don't you try it without the parentheses and single quotes?
Logged

Help me OBiHai PhoneOBi. You’re my only hope.
drgeoff
Hero Member & Beta Tester
*****
Posts: 3645


« Reply #154 on: February 03, 2014, 04:11:06 pm »

My authusername is Alphanumric.

when I place this in the X inbound call route
{>('myauthusername28'):ph}   the attached phone does not ring.

I'm getting myauthusername28 right from SP2 SIP credentials
authusername. Sp2 is using Getonsip (from an IPKALL # )

Does method #4 not work with authusernames from Getonsip?




Your format is correct so the next suspect is that the username you expect is not coming in.  Have a look at your call history to see what is shown against an incoming call.  Or perhaps call status during an incoming call call throw some light.  Revert your InboundCallRoute to ph for those test calls.
« Last Edit: February 03, 2014, 04:13:48 pm by drgeoff » Logged
jazzy
Jr. Member
**
Posts: 55


« Reply #155 on: February 03, 2014, 04:49:06 pm »

Why don't you try it without the parentheses and single quotes?


no difference, attached phone still does not ring.
Logged
jazzy
Jr. Member
**
Posts: 55


« Reply #156 on: February 03, 2014, 04:58:59 pm »

My authusername is Alphanumric.

when I place this in the X inbound call route
{>('myauthusername28'):ph}   the attached phone does not ring.

I'm getting myauthusername28 right from SP2 SIP credentials
authusername. Sp2 is using Getonsip (from an IPKALL # )

Does method #4 not work with authusernames from Getonsip?




Your format is correct so the next suspect is that the username you expect is not coming in.  Have a look at your call history to see what is shown against an incoming call.  Or perhaps call status during an incoming call call throw some light.  Revert your InboundCallRoute to ph for those test calls.

Call history in the Obi?  When calling in via my cell, the Obi call history shows my CID of the cell phone. No user name.  what username might I be looking for?

Maybe this will help. I do not have my GV# ring the Obi.
My GV# forwards to an IPKALL #
The Obi picks up that IPKall number on SP2 using Getonsip credentials.
I currently call out on SP1 ( GV ) at least until May 2014

Testing  incoming options for when GV no longer supports XMMP, but want to be sure to
thwart the sip scanners. 
Logged
drgeoff
Hero Member & Beta Tester
*****
Posts: 3645


« Reply #157 on: February 03, 2014, 05:36:29 pm »

Yes, on reflection I think the Call History only shows "high level" stuff and not far enough down into the nitty-gritty.  I'm not even sure if Call Status will have what we are looking for.

Syslog will show the low-level detail but that is a bit more work to set up the server on a PC and then configure the Obi to use it.  Also, the log will have many other messages as well as those for an incoming SIP invite.

It is way past my bed-time!  I'll be off-line now until morning, UK time.
Logged
azrobert
Hero Member & Beta Tester
*****
Posts: 3568


« Reply #158 on: February 03, 2014, 05:58:28 pm »

Here is a trick you can do to determine the username.
Temporarily add {sp1($2)} to the beginning of your SP2 X_InboundCallRoute, then call your SP2 phone number.
$2 is a variable that contains the username of SP2.
The above rule will attempt to bridge the inbound call out SP1 using the username as the outbound phone number.
This call will obviously fail, but the call history will show the username as the outbound number.
Logged
jazzy
Jr. Member
**
Posts: 55


« Reply #159 on: February 03, 2014, 08:58:38 pm »

@azrobert  you da man! 

Make the trick described above happen and of course the call failed, but
I did see  a 'peer number' show up.  It was my alpha numeric user ID, not exactly as the one
in the SIP credentials of SP2 ( it was missing the 'getonsip_' )

Replaced {ph} with {>'my_user_id':ph} and the attached phone now rings!  Cheesy

BTW I originally replaced {ph} with {>('my_user_id'):ph} but phone did not ring.

So if any one else uses Getonsip, just delete the 'getonsip_' and put in the rest of your user id.


Logged
Pages: 1 ... 6 7 [8] 9 10
  Print  
 
Jump to:  

Powered by SMF 1.1.11 | SMF © 2006-2009, Simple Machines LLC