sipvicious?

Off topic talk about anything and everything

Moderators: Pilot, Bill Smith

Post Reply
User avatar
danwestness
MagicJack Newbie
Posts: 7
Joined: Tue Mar 18, 2008 4:23 am

sipvicious?

Post by danwestness »

I keep receiving phone calls on my MagicJack line from a number that pops up as "100" with name "sipvicious"... when i answer, there is nobody there, but it's really annoying because it's 11PM on a Sunday night and my house phone keeps ringing... i think i'm going to have to unplug it.

I haven't even given the phone number to anybody, so i don't know who this is... anybody else getting this, or am i the only one?
Stewart
Dan Should Pay Me
Posts: 663
Joined: Tue Nov 13, 2007 2:58 pm

Post by Stewart »

See http://sipvicious.org/blog/ . A 'symmetric NAT' (typical of most modern home routers) will block it. Alternatively, you can start another softphone or other program that listens on UDP port 5060 before starting MJ, forcing MJ to use a different port (which should be free from the attack). Or, you might be able to block it in Windows firewall by customizing the scope for the MJ process.
User avatar
danwestness
MagicJack Newbie
Posts: 7
Joined: Tue Mar 18, 2008 4:23 am

Post by danwestness »

ok, i looked through the sipvicious website, but don't really understand what it is... can somebody explain?
LikeMagic
Dan Should Pay Me
Posts: 613
Joined: Tue Jan 01, 2008 9:11 pm
Location: LikeMagic Pacific NW

Post by LikeMagic »

I thought it was obvious that it is a hacker website that shares Voip attacking tool. You're its victim, remember?
HendersonMike
Dan isn't smart enough to hire me
Posts: 274
Joined: Wed Apr 09, 2008 9:36 pm
Location: Henderson, Nevada state, usA

Post by HendersonMike »

LikeMagic wrote:I thought it was obvious that it is a hacker website that shares Voip attacking tool. You're its victim, remember?
Soooooooo blatantly obvious!
Maintenance of YOUR machine IS everything
MY Newer Newest Setup
Alternative MJ Forum
mufon
Dan isn't smart enough to hire me
Posts: 296
Joined: Fri Jan 25, 2008 9:50 am
Location: HIghland Village, Texas
Contact:

Post by mufon »

Stewart wrote:See http://sipvicious.org/blog/ . A 'symmetric NAT' (typical of most modern home routers) will block it. Alternatively, you can start another softphone or other program that listens on UDP port 5060 before starting MJ, forcing MJ to use a different port (which should be free from the attack). Or, you might be able to block it in Windows firewall by customizing the scope for the MJ process.
Actually most home type routers are cone NAT's, symmetric being a NAT router that does a one-to-one port mapping relationship from public IP to private IP. Symmetric NATting forwards an inbound port to the same port number on the assigned private IP. This is typical of business class routers such as Cisco where a company "owns" a block of public IP's and then translates them to an equivalent block of internal IP's, particularly where server hosts are involved. A DMZ network can be setup in this fashion, unlike the "DMZ Host" functionality of home routers, these DMZ networks allow one to one port mapping without port translation, the advantage being that stateful packet inspection as well as other packet filtering can be applied during the IP address translation, yet maintaining the one on one port mapping relationship. SJ phone software, which is the software that MJ is based upon, frequently identifies a cone NAT as a symmetric NAT, but this is erroneous.
"Looking for a new job. I have worked for Adelphia, Enron, Health South, Worldcom, and most recently British Petroleum."
Post Reply