On Wed, 6 Oct 2010, Matthew Huff wrote:
Digital all the way through. No sip. No outside access to the PBX subnet either. Just a mininute ago our telco has verified that the calls are not orginating from out phone system. It's a simple caller id spoofing. People don't realize that caller id can be spoofed and therefore are 100% sure that we are makign the harrasing calls.
Some do. Anyone with control of a phone system with digital lines (i.e. asterisk with PRI) can trivially set callerID to whatever they want. There are perfectly legitimate, and not so legitimate uses for this. However, SIP scanning and brute forcing has become really common, so it's about as likely that a phone system has been compromised as someone is forging callerID to one of its numbers. ---------------------------------------------------------------------- Jon Lewis, MCP :) | I route Senior Network Engineer | therefore you are Atlantic Net | _________ http://www.lewis.org/~jlewis/pgp for PGP public key_________