When your system has been hacked, then the absence of CDR records is just possibly that have been well hacked and they are likely cleverer than you or FreePBX ;- )
Check with your VSP for usage
↧
Config.php hacked - need to replace
↧
Config.php hacked - need to replace
Yup, slapping a NoCDR() in the hack dialplan will do exactly that, stop a CDR from being created for the call.
↧
↧
Config.php hacked - need to replace
You guys have to get used to how it all works, accepting traffic from UDP:5060 is just waiting for sh*t to happen, 9999 out of 10000 attempts come from there so two suggestions:-
a) don’t do it
b) if you do , ask yourself why you did
↧
Config.php hacked - need to replace
UDP traffic from outside the LAN was not allowed - just the admin page was exposed. A seperate physical firewall prevented that. Just ports 443 (admin) and the user page were exposed to the Internet. Now just the user page on port 4443.
The config.php file was modified this morning, shortly before I got the notice from the system. The contents had been modified so that it would delete certain files when the admin page was accessed, but those files don’t appear to have been deleted. It had hard coded authentication information as well. Unfortunately I didn’t save it off before killing it.
I’ve found no “NoCDR()” entries on any dial plans, but I did I find one suspicious custom destination that pointed to a phone number in the Dominican Republic. They do have customers down there, so I’ll talk to them in the morning and and see if they really wanted a speed dial that dialed that number. For the moment it is deleted. I will also have them check the call records with AT&T tomorrow to be sure nothing is going on. If it is then obviously further action is warranted.
↧
System Recordings not working
I have tried both amportal chown and fwconsole chown and there is no difference. What is the exact directory where the system recording files are stored?
↧
↧
Managed to add the beep to *80 intercom/paging calls with Digium Phones, DPMA and FreePBX
This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.
↧
Config.php hacked - need to replace
Web compromise is a different problem, we have all been assured that FreePBX code is safe, please document the intrusions
↧
Config.php hacked - need to replace
Yes, as long as you had updated the modules that had the XSS exploits in them. Based on this entire thread, this morning (or at least very recently) the OP saw a security alert email showing that those modules had yet to be updated since their releases late December.
However, there are documented exploits that require users to be on certain versions of modules in order to ensure it is safe.
Addon: So basically if you haven’t bothered to update your system since the last week of December or earlier in December (there were two rounds of fixes for different modules) you are not safe.
↧
Config.php hacked - need to replace
Luckily that’s automatic for all users, or is it ?
↧
↧
Config.php hacked - need to replace
Not always. Both automatic updates and automatic security updates can be turned off or (I would have to check) need to be enabled to be used. I know automatic updates needs to be turned on, not sure if the security ones happen automatically.
But those would be if you installed a new system. If you did a 13 --> 14 upgrade those settings wouldn’t be automatically set. So it would depend on the environment I would say.
↧
Config.php hacked - need to replace
That’s great comfort to everyone
↧
PJSIP Issue - Yealink T27G - TLS - Will Not Connect
@K1m1z This response is very helpful. I have been away for a while. I’m hoping to look into this more this week.
Thank you again for such a researched answer.
↧
Config.php hacked - need to replace
On new installs these are enabled by default.
↧
↧
Ring group mark answered else doesn't work
Yes frequently we are updating our phones.
Would you suggest downgrading or buying new phones?
Downgrading: Is the old firmware still available?
New phones: Which one can you suggest?
↧
Sngrep with tls support
Back in October, @lgaetz said this.
I’ve never looked at recompiling this tool, but the current version knows about the -k option, but says this.
Any chance of getting this a version compiled for TLS included? I ask first because, IMO making a feature request should be after a discussion if it is even feasible.
Looking at the project page, it doesn’t seem like it would be a big deal. The distro uses openssl already, does it not? The required package is libssl and should reside in openssl-devel which is in the sng-updates repo.
↧
Freepbx firewall - connection to database failed
Hello, everyone. I have errors in /tmp/firewall.log about failure to connect to database, when FreePBX tries to execute hooks such as voipfirewalld. The script itself is encrypted. How can I check the connection settings are correct?
↧
Manually Update MariaDB on FreePBX 14 with Asterisk 16
Nobody who can tell me if may i update the mariadb manually?
Or does billsimons answer told me to update mariadb manually via the yum-repo? I think so …
↧
↧
Freepbx firewall - connection to database failed
HI ,
The Database settings are taken from the file “/etc/freepbx.conf”
And voipfirewalld is not a encrypted file, It is generated using PHAR , You can see all the associated source files from build.php which is there in the …/admin/modules/firewall/phar directory
Thanks for using FreePBX
Philip Joseph
↧
IVR not in queues breakdown
IVR’s (with only single digit) not showing in ivr breakdown dropdown in queues - caller announcements
Only showing option none
↧
IVR not in queues breakdown
@Lionel Can you please provide more details.?
↧