The other day I tried to call and got an "All channels busy" message. When I checked the FreePBX dashboard, I saw that between 50 an 80 channels were busy. I called my SIP provider, and they told me that they could only see one channel busy (the one we were talking on), yet me dashboard continued to show me many busy channels.
I started the Asterisk CLI and found a lot of activity there. It seems that there is at least one rogue party out there that is probing Asterisk setups for vulnerabilities. I have "anonymousguest" set to "No", and from what I got from the SIP provider, there is no real calling going on, but it is annoying to find out that someone is trying to break the system. Here is what I typically see:
-- Executing [971046406820677@from-sip-external:1] NoOp("SIP/myIP-00001aa9", "Received incoming SIP connection from unknown peer to 971046406820677") in new stack
-- Executing [971046406820677@from-sip-external:2] Set("SIP/myIP-00001aa9", "DID=971046406820677") in new stack
-- Executing [971046406820677@from-sip-external:3] Goto("SIP/myIP-00001aa9", "s,1") in new stack
-- Goto (from-sip-external,s,1)
-- Executing [s@from-sip-external:1] GotoIf("SIP/myIP-00001aa9", "0?checklang:noanonymous") in new stack
-- Goto (from-sip-external,s,5)
-- Executing [s@from-sip-external:5] Set("SIP/myIP-00001aa9", "TIMEOUT(absolute)=15") in new stack
Channel will hangup at 2015-06-29 16:10:59.841 MDT.
-- Executing [s@from-sip-external:6] Answer("SIP/myIP-00001aa9", "") in new stack
== Spawn extension (from-sip-external, s, 6) exited non-zero on 'SIP/myIP-00001aa9'
-- Executing [h@from-sip-external:1] Hangup("SIP/myIP-00001aa9", "") in new stack
== Spawn extension (from-sip-external, h, 1) exited non-zero on 'SIP/myIP-00001aa9'
(replaced my IP address with "myIP").
Is there any danger here? Is there a way to stop this completely? As it is right now, I am getting one of these every couple of minutes or so.