Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


ForumsVoIPCalls to Somalia on mynetfone
freitasm

BDFL - Memuneh
80658 posts

Uber Geek
+1 received by user: 41071

Administrator
ID Verified
Trusted
Geekzone
Lifetime subscriber

#177836 15-Aug-2015 18:18
Send private message

I have a mynetfone number (Melbourne) configured as a second line on my Fritz!Box (with Snap). This is the default outgoing number - so we can have free calls to in-laws living in Melbourne and they can have local calls to us.

I noticed in my invoice this month three calls to Somalia (total $19) but the Fritz!Box call log doesn't show any activities on those dates.

I see the Fritz!Box has inbound port 5060 open. I have asked mynetfone to change our SIP password on the chance it could have been a brute force attempt or something else (a leak?)

Ideas?




Referral links: Quic Broadband (free setup code: R587125ERQ6VE) | Samsung | AliExpress | Wise | Sharesies 

 

Support Geekzone by subscribing (browse ads-free), or making a one-off or recurring donation through PressPatron.

 

Create new topic
speed
296 posts

Ultimate Geek
+1 received by user: 101


  #1367090 15-Aug-2015 18:24
Send private message

Is mynetfone able to provide a report of the IP addresses that your account has registered from, or the source IPs of these particular calls?

Knowing that would assist you in deciding to focus on further local investigations (if it did come from your local Snap IP) or whether to simply focus on your account security (ie if the calls were from IP space far far away).

Pete



2tapry
27 posts

Geek
+1 received by user: 8


  #1367225 15-Aug-2015 22:57
Send private message

Haven't followed it because I don't have a Fritz but I suspect this will help:

http://forums.whirlpool.net.au/forum-replies.cfm?t=2433387

chevrolux
4962 posts

Uber Geek
+1 received by user: 2638
Inactive user


  #1367231 15-Aug-2015 23:20
Send private message

Fritz do an 'internal' port forward of 5060 to the gateway. I have always disabled it by editing the config file but it's all a bit of a screw around for most punters to muck around with. Probably one of the reasons WxC never picked them up as their certified hardware.

Was the password quite basic? Even if there was a brute force attack, with a decent password you should notice the traffic increase (although in reality i guess it would be relatively minimal) before they break the password.



freitasm

BDFL - Memuneh
80658 posts

Uber Geek
+1 received by user: 41071

Administrator
ID Verified
Trusted
Geekzone
Lifetime subscriber

  #1367243 16-Aug-2015 00:14
Send private message

The Fritz is not accessible from outside my LAN. Sbiddle tested some calls through it but couldn't get anything past. When I mentioned "brute force" I didn't mean against the Fritz but against the mynetfone SIP server itself.

Alternatively, because there are only three calls listed on my mynetfone account I could even raise a billing problem - mynetfone put these three calls on my account but they didn't originate from my device as there are no records of activity on the day listed.

Worst case I can just close my account with mynetfone and that's it.




Referral links: Quic Broadband (free setup code: R587125ERQ6VE) | Samsung | AliExpress | Wise | Sharesies 

 

Support Geekzone by subscribing (browse ads-free), or making a one-off or recurring donation through PressPatron.

 

Batman
Mad Scientist
30014 posts

Uber Geek
+1 received by user: 6217

Trusted
Lifetime subscriber

  #1367270 16-Aug-2015 09:14
Send private message

might be a long shot - some phone companies include sms and minutes to australia. and i believe Virgin (and Vodafone and maybe Optus) allows generous month "credits" to be used for international calls and sms

freitasm

BDFL - Memuneh
80658 posts

Uber Geek
+1 received by user: 41071

Administrator
ID Verified
Trusted
Geekzone
Lifetime subscriber

  #1367289 16-Aug-2015 09:20
Send private message

Sorry, what's the relation to outgoing calls to Somalia?




Referral links: Quic Broadband (free setup code: R587125ERQ6VE) | Samsung | AliExpress | Wise | Sharesies 

 

Support Geekzone by subscribing (browse ads-free), or making a one-off or recurring donation through PressPatron.

 

 
 
 
 

Move to New Zealand's best fibre broadband service (affiliate link). Free setup code: R587125ERQ6VE. Note that to use Quic Broadband you must be comfortable with configuring your own router.
sbiddle
30853 posts

Uber Geek
+1 received by user: 9996

Retired Mod
Trusted
Biddle Corp
Lifetime subscriber

  #1367291 16-Aug-2015 09:21
Send private message

freitasm: The Fritz is not accessible from outside my LAN. Sbiddle tested some calls through it but couldn't get anything past. When I mentioned "brute force" I didn't mean against the Fritz but against the mynetfone SIP server itself.

Alternatively, because there are only three calls listed on my mynetfone account I could even raise a billing problem - mynetfone put these three calls on my account but they didn't originate from my device as there are no records of activity on the day listed.

Worst case I can just close my account with mynetfone and that's it.



Your Fritz!box SIP proxy is visible on port 5060 on your public IP, but a few very quick tests of trying to route calls via this failed.

freitasm

BDFL - Memuneh
80658 posts

Uber Geek
+1 received by user: 41071

Administrator
ID Verified
Trusted
Geekzone
Lifetime subscriber

  #1367295 16-Aug-2015 09:35
Send private message

Thanks - and from what I read you can't really close that port. As I said, nothing showing in the logs...

Let's see what mynetfone support says about where the calls came from and if nothing then I will just close that account.




Referral links: Quic Broadband (free setup code: R587125ERQ6VE) | Samsung | AliExpress | Wise | Sharesies 

 

Support Geekzone by subscribing (browse ads-free), or making a one-off or recurring donation through PressPatron.

 

Batman
Mad Scientist
30014 posts

Uber Geek
+1 received by user: 6217

Trusted
Lifetime subscriber

  #1367299 16-Aug-2015 09:43
Send private message

freitasm: Sorry, what's the relation to outgoing calls to Somalia?



If you closed your account with mynetfone this could be an alternative way of communicating with the in-laws If both parties have the right mobile service in their respective countries?

freitasm

BDFL - Memuneh
80658 posts

Uber Geek
+1 received by user: 41071

Administrator
ID Verified
Trusted
Geekzone
Lifetime subscriber

  #1367313 16-Aug-2015 09:55
Send private message

Oh, I see. It is convenient but worst case scenario just use Skype to call their landlines.




Referral links: Quic Broadband (free setup code: R587125ERQ6VE) | Samsung | AliExpress | Wise | Sharesies 

 

Support Geekzone by subscribing (browse ads-free), or making a one-off or recurring donation through PressPatron.

 

freitasm

BDFL - Memuneh
80658 posts

Uber Geek
+1 received by user: 41071

Administrator
ID Verified
Trusted
Geekzone
Lifetime subscriber

  #1367932 17-Aug-2015 14:28
Send private message

Not sure yet how these calls happened but they have now put an international block on my line - which is ok since we only use it inside Australia.

Still interested to know if there is a flaw somewhere on these Fritz - sbiddle couldn't place a call from outside but not say someone knows of a vulnerability and used it. 




Referral links: Quic Broadband (free setup code: R587125ERQ6VE) | Samsung | AliExpress | Wise | Sharesies 

 

Support Geekzone by subscribing (browse ads-free), or making a one-off or recurring donation through PressPatron.

 

Create new topic








Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Updates »

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.








RSS feeds
Main feed
Forums feed
Copyright
©2002-2026 Geekzone®
Site features
Geekzone BI dashboard
Geekzone Badges
Geekzone Status Page

 

Site Information
Subscribe to Geekzone
Privacy Statement
Forum Usage Guidelines (FUG)
Advertising
Trademark and copyright