I got a call from SIPVicious last night
When I got up this morning my phone was ringing, I walked over to it and observed the caller ID. I had no idea what sipvicious was. I just stared at my phone groggy and waited for the voicemail to take it. But it never did. Usually after 15 seconds of ringing the call will goto the voicemail. But it just kept ringing for many minutes. Hours actually....
I unplugged my phone to stop the ringing, maybe I should have picked it up and see what I could hear but not wanting to deal with BS in the morning I just unplugged it. And then researched what came up on the caller ID a little later.
SIPVicious is an application that has been used in increasing reconnaissance attacks against IP and VoIP phones and PBX systems. It was originally used as an auditing tool for scanning phone systems.
https://tools.kali.org/sniffingspoofing/sipvicious
I walked into the other room where I have a wireless phone handset paired with my VOIP phone. It was hot to the touch and nearly had a dead battery. My phone must have been ringing for many hours last night as we slept. Making the handset get hot and battery drained. Amazing no one in the house noticed.
I contacted my voice provider and asked them how to handle this situation. They quickly got back to me stating if I changed my SIP source port it may stop such scan tools from probing my phone. So I went into my Panasonic web interface and found the field and changed it to a random port. I double checked the replacement port number is not used for something important, it was not.
After this change I checked the voice providers interface and verified that my phone was still registered and indeed picked up the SIP port change. I took it a step further and replaced my SIP password with a strong generated one. I had no idea what I set it as years ago, and reading Sipvicious can attempt to brute force and dictionary attack SIP logins. I do not think that happened to me, but just in case I changed it and updated my records.
As far as I know this is the first attack on my phone since owning it and using 3rd party VOIP service for the last 3 years. Just a DDOS attack making my phone line busy, but now ive adjusted my SIP port it should not happen again so easily.
Regardless of these strange issues I rarely encounter, I save alot of money every month running my own IP phone and using a third party SIP provider. Ive made about 3 and a half hours of calls this month (216 minutes) and it cost me a little over $3.30. If I used my internet providers phone service it would cost me upwards of $20-40 a month plus rental costs for their special voice modem (MTA). I have saved alot of money over the last few years running my own VOIP phones. Maybe ill take it to the next step one day running my own PBX, though for now I dont mind paying a few dollars to make hours of calls.
Addresses below to help me buy better camera equipment and support me to travel to locations to do photo and video and overall great blogs in new places.
| Coin | Address |
|---|---|
 BTC: | bc1qhfmvd2gywg4fvrgy2kkkkyqta0g86whkt7j8r7 |
 LTC: | ltc1qdyzm5cwgt8e2373prx67yye6y9ewk0l8jf3ys9 |
 DASH: | XkSqR5DxQL3wy4kNbjqDbgbMYNih3a7ZcM |
 ETH: | 0x045f409dAe14338669730078201888636B047DC3 |
 DOGE: | DSoekC21AKSZHAcV9vqR8yYefrh8XcX92Z |
 ZEN: | znW9mh62WDSCeBXxnVLCETMx59Ho446HJgq |
Always something..to be on guard on .... in this tech world we live in...
So true.. when I put myself out on the internet with my IP phone or servers. Theres always someone knocking at my edoor.. haha
Do we really have a private life with technology, I strongly doubt.
Haha well depends how much people want to opt into some of the tech. I enjoy a twist or turn once in awhile as long as they are harmless.
I don't think they are totally harmless unless the government is not just ready to get you. People use VPN and think they are invisible but it's all a farce, we all know that when it comes to the crunches, VPN does not even matter.
The only harm done by these calls are an annoyance and it drains my battery on my phone..
Hehe I dont think its the government doing this, just some person somewhere in the world scanning for SIP connected devices. Since changing port that hopefully stop it.
VPNs are good if the provider your using do not retain logs. Otherwise yeah it's just a farce.
I never said it is the government, I was just trying to emphasize the fact that someone somewhere knows how to get to you if they are desperate and knowledgeable enough as long as you use technology.
I will never trust any code that is not open source.
Yeah well I can put as many barriers in their way to make it as hard as I can for them.
Sure. I agree with that