Phones with preconfigured extensions starting with CC

All installation and configuration problems and questions

Moderators: gerski, enjay, williamconley, Op3r, Staydog, gardo, mflorell, MJCoate, mcargile, Kumba, Michael_N

Phones with preconfigured extensions starting with CC

Postby AngeloLorenzo » Thu Mar 06, 2014 4:44 pm

Hello all,

I'm new to Vicidial and Asterisk and I've been tasked by my client to figure out what is going on. Long story short, we have Flowroute and he thinks someone is siphoning off minutes/credit from our Flowroute account as we are pretty modest with call time but we'll see sudden $6-7 dips in usage.

From what I gather in Flowroute is that on a certain date we used 600+ minutes, but in Vicidial's admin GUI I go to reports it shows our agents have used 0 minutes.

In Flowroute if I download the call log, every call on every day looks like it originates from the IP address our Vicidial server. On days that I know we make calls, I see our outbound caller ID as our office number and a random distribution of phone numbers our sales agent is calling. What is strange is that on "spike days" our calls have a caller ID of 0000000000 and it seems to be robo-dialing a set of numbers in one US area code. In other words, calls are originating from our Vicidial install but aren't tied to any of our active admins or agents and their extensions.

What throws me off a bit is that under Admin > phone listings we have a number of what appear to be preconfigured SIP and IAX2 extensions with extensions like cc105 and cc300. Are these worth disabling? I feel like they're preconfigured for a reason which I'm not wholly aware of because I'm not an Asterisk admin. My client also says he erased a few extension/accounts from previous sales agents - do you all think that might be a source into the system?

I'm competent to give you any information you need but telephony is not my expertise.

I'm really here for damage control... he hired a lot of people from odesk and other services to set up his small business infrastructure and we're working through their incompetence and finding hidden backdoor access these people have programmed in to other parts of our setup. It has been a nightmare.
AngeloLorenzo
 
Posts: 2
Joined: Thu Mar 06, 2014 3:51 pm

Re: Phones with preconfigured extensions starting with CC

Postby deficit » Tue Mar 11, 2014 2:07 pm

Throw away your install and start from scratch.. Sorry but that's the only way you are going to be secure in removing any access your previous odesk providers may have.. Or look to have a professional hosted server..
deficit
 
Posts: 30
Joined: Thu Jul 11, 2013 2:01 pm

Re: Phones with preconfigured extensions starting with CC

Postby Acidshock » Tue Mar 11, 2014 5:57 pm

Reset your registration password on flowroute. Then setup the system to do IP based authentication. I hate to use registration based methods on carriers. All it takes is some exploit for someone to gain access to your account and run the bill up on you. Good news is the guys at Flowroute are really good about catching that stuff if things go crazy.

After that make sure to reset all registration passwords, vicidial passwords, etc... Also if you don't need the server exposed to outside networks then lock it down. If you need access from outside then make sure you don't have any of the phpMyAdmin or vtiger files on it.
VERSION: 2.14-698a | BUILD: 190207-2301 | Asterisk:13.24.1-vici | Vicibox 8.1.2
Acidshock
 
Posts: 430
Joined: Wed Mar 03, 2010 3:19 pm


Return to Support

Who is online

Users browsing this forum: Google [Bot] and 102 guests