VoIP botnets
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Plusnet Community
- :
- Forum
- :
- Help with my Plusnet services
- :
- Broadband
- :
- Re: VoIP botnets
VoIP botnets
07-11-2017 4:21 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
How can I configure my new Plusnet (Hub One) router to stop bot calls from 1000, 1003, etc. numbers - I'm getting at least 20 /day. All the research I've done tells me I can change router settings and IP addresses to stop this but to what? I'm using an Android smartphone with a Freedompop sim. All other comms are fine but these annoying dead numbers are just probing my network. I had no problem with the old technicolor router. Call blockers from the playstore do not work.
Re: VoIP botnets
07-11-2017 5:10 PM - edited 07-11-2017 5:11 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
The BT Home hub 5 ( of which the Hub one is a clone ) has a major flaw. https://thecomputerperson.wordpress.com/2015/04/03/bt-home-hub-5b-5-b-and-the-sip-flaw/ If you have an active SIP connection using SRC & DEST ports of 5060 ( the normal SIP port ) then it will open port 5060 to incoming traffic from anywhere. You MAY be able to prevent it IF you can change the SRC port on your smartphone SIP connection to something other than 5060. Obviously you can't change the DST port as that will be fixed for the SIP server you are using.
Superusers are not staff, but they do have a direct line of communication into the business in order to raise issues, concerns and feedback from the community.
Re: VoIP botnets
07-11-2017 5:46 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Thanks for that quick reply MisterW. I'll give it a try and let you know if it works. It looks like it may be a flaw in the original router setup.
Re: VoIP botnets
09-11-2017 3:28 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Got an app Net Swiss Tools which scanned my phone and when I type in port 5060 it states its closed. Is there a firmware fix from Plusnet available for the Hub One router? Or do I need a different router?
Re: VoIP botnets
09-11-2017 3:33 PM - edited 09-11-2017 3:38 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
AFAIK there is no fix for the Hub One router, or the BT HH 5 on which it's based
TBH a lot of routers have problems with SIP(voip) traffic. Many have what's known as a SIP ALG(Application Layer Gateway) which attempts to help route incoming SIP traffic. Unfortunately many of the implementations are 'broken' and I suspect the HH5 is one of those. On some routers you can disable the ALG but you can't on the HH5.
Superusers are not staff, but they do have a direct line of communication into the business in order to raise issues, concerns and feedback from the community.
Re: VoIP botnets
09-11-2017 7:30 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
I had this problem a couple of years ago with a SIPGate VOIP account.
Sipgate gave me a pointer to their help page on this problem. It may be of use
In my case it was not a router change that was needed. I changed the ATA settings to disallow direct IP calls, and (my "phone" is an OBI ATA) used its facility to only allow inbound calls from the VOIP providers ID. That solved the problem completely for me.
What app are you using on the Android phone to connect to the VOIP provider? There may be something in it's settings that will allow you to switch the inbound port to something else and possibly disallow direct IP calls.
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page