I know there are some trixbox experts here so hope someone can help me.
The problem is hackers have been using my trixbox to make outbound calls at my expense.
They seem to be using the IVR to make calls to overseas destinations.
I don't know how they are doing it.
They seem to be calling in to the IVR with a bogus caller ID (I have anon sip calls disabled) and from there are able to make an out going call.
I only have one IAX2 trunk setup with 2talk.
My trixbox is not open to the internet and I have a firewall, so I don't think they are getting in that way.
They managed to make a call to Sierra Leone which is strange since I have restrict calls to expensive overseas destinations turned on in 2talk settings so they should not have been able to do that at all.
I have disabled DISA completely in the hope of stopping them.
Once the hackers know there is a IP PBX connected to a phone number they don't stop trying it seems.
Hope someone can help.