Scam telemarketers spoofing our NOC phone number for callerid

Joe Greco jgreco at ns.sol.net
Wed Oct 6 11:38:39 CDT 2010


> On Wed, 6 Oct 2010, Matthew Huff wrote:
> 
> > Digital all the way through. No sip. No outside access to the PBX subnet 
> > either. Just a mininute ago our telco has verified that the calls are 
> > not orginating from out phone system. It's a simple caller id spoofing. 
> > People don't realize that caller id can be spoofed and therefore are 
> > 100% sure that we are makign the harrasing calls.
> 
> Some do.  Anyone with control of a phone system with digital lines (i.e. 
> asterisk with PRI) can trivially set callerID to whatever they want. 

That's not correct; what is true is that *some* LEC's do not filter
the callerID submitted and so this is *sometimes* true.  There are
many examples where a LEC does not accept random callerID's from a
PRI customer.  Sometimes this is even problematic, for example, when
the LEC helpfully inserts the callerID *they* think is correct and
it's actually wrong.

> There are perfectly legitimate, and not so legitimate uses for this.

Yes.  It's very useful, for example, to be able to generate your cell
phone's callerID from your PBX, since people have a habit of dialing
you from the number you called, even if you specifically asked them to
use a different callback number.

> However, SIP scanning and brute forcing has become really common, so it's 
> about as likely that a phone system has been compromised as someone is 
> forging callerID to one of its numbers.

Correct.

... JG
-- 
Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net
"We call it the 'one bite at the apple' rule. Give me one chance [and] then I
won't contact you again." - Direct Marketing Ass'n position on e-mail spam(CNN)
With 24 million small businesses in the US alone, that's way too many apples.




More information about the NANOG mailing list