One of my public IP was hacked last night kindly guide me how do i check that hackers IP and what data they have accessed and how to prevent these kind of attacks in future.
Also what indication do you have that you were hacked. Starting there is a good point.
i am using voip services and i haven't dial any international number but my SIP provider called and informed me that lots of international calls were made from your side in few days but i haven't dial any than how comes it possible? kindly guide me how do i check in my security appliance and how to prevent such attack in future.
Are you using SIP trunking (so you have a udp/5060 NATed through to your phone system) or SIP registration?
I had a client who was using Nextiva for their phone service. They had a great feature where one could forward a voicemail from one user to another. When that feature stopped working, I called Nextiva and they reported that they disabled it because it could be used to initiate calls from inside the voicemail system.
The hack worked by someone calling a company phone late at night and getting the users voice mail. The hacker would use a dictionary hack to determine the pin, and then once inside the voice mail system they could make out bound calls.
Check with your phone provider to see if there is any way to make out bound calls from outside the system. If there is, that may be your security hole.