Skip to end of metadata
Go to start of metadata

Your OfficeRoute/Omega Lite could be exposed to attacks of malicious applications (robots) from Internet. They search for "victims" to make outgoing calls to some paid services. That way owner of the device could get an enormous bill for calls through his account (usually, at the VoIP operator). Robot looks for a device that should respond to its INVITE and tries various prefixes in front of the called party number. If it finds the right one to root the call to the PSTN, it repeats the call till someone finds the enormous bill on his account.

You could protect your device by setting acceptable source addresses of messages which are sent to listen ports of SIP lines. It could be done in Network – Filtering. It could be a little more complicated if IP addresses of you VoIP providers are being changed from time to time.

From the firmware version 2.3.13 you can protect your device easily, just with smart LCR settings.

  1. From the version 2.3.13, all calls from outside to the SIP internal line are denied by default (see settings in Network – Filtering).
  2. Define the unique prefix that will be forwarded to the PSTN (over SIP line to the VoIP provider). By default it is 0. You need to reject any call coming from the network using the SIP line intended for the VoIP provider, i.e. addressing its listen port. It means that you have to reject calls starting with prefix 0. So you can change 0 to e.g. 9 in Normalisation, if it comes from the provider's SIP line. There would be no rule for 9 in LCR and this call would be rejected. IMPORTANT: Do not put the rule for "any prefix" (.*) in the LCR.

At the other side choose hard–to–match passwords for user accounts in your OFR/OL. This will protect it from robots trying to register to your SIP proxy.