Sorry to hear this happened to you, I feel your pain http://forum.linuxmce.org/index.php/topic,12011.0.html
I am sorry you lost money too, man. Thanks for the link though. It contains good advice. From the information that you guys have provided, I think the following measures are appropriate:
- Configure fail2ban to stop brute force against SIP extensions. (According to wiki)
- Employ a restrictive set of dial patterns for your outgoing route
- Subscribe to a dial plan with a limited number of monthly minutes or credits or whatever
I did none of these, which gave me a good security lesson worth $300. Btw, the only reason it did not cost me $30000 or $300000 is that my VOIP provider automatically detected the calls as an "unusual usage" and blocked all outgoing international calls for my phone number. I did not know they had this functionality, they do not advertise it. But I am happy they did that.
I am still confused that gufw says the firewall is disabled. And that external calls work even if I removed the rule for port 5060 in the web admin. Any ideas on that?
all the best