[arm-allstar] Fwd: Hacked?

Justin Reed celltech161 at gmail.com
Sat Mar 4 22:07:51 EST 2017

On 3/4/2017 8:03 PM, "Doug Crompton via arm-allstar" wrote:
> Justin,
>    For any of this you have to determine where it was coming from. Was the
> guy connected directly to you or coming to you from somewhere else. I call
> them the weekend bandits. These things usually happen on the weekend when
> everyone is home and playing.
> You can turn off your phone portal at allstarlink.org and if that does not
> work you could disable it in iax.conf.

I disabled the phone portal and the web transceiver at allstarlink.org. 
Hopefully that prevents future occurrences.
> It does require a pin number which
> is in your account profile. I doubt anyone is coming into your system
> directly as they would have to know that pin.
Actually, I can't find where the pin is for the [allstar-sys] stanza, 
and this is the type of connection that was showing up at the CLI.
>   They could be coming into
> another system and appearing in your list though. The only recourse you
> would have would be to disconnect the offending node. lsnodes is a good
> tool to find problems. You can see an entire list and then go to the bubble
> map to see how the connections are being made.
I looked at the bubble and it was definitely originating at my node.  
Thanks for the help. Hopefully killing the phone portal stopped it. I'd 
like to learn more about setting a PIN for [allstar-sys].


More information about the arm-allstar mailing list