Just an FYI in case anyone has encountered this.
You may have seen/received calls on your SIP device over the last couple of days (this isnâ€™t limited to Trixbox, FreePBX, or A@H, by the way - this is anything that speaks SIP) with a caller ID of â€˜John Doe <4000>â€˜. This does seem to be a world first - Itâ€™s someone, or something, actively scanning the entire internet for misconfigured SIP devices. Thereâ€™ve been a lot of reports of this, as well as a lot of discussion on IRC. The most important thing is that most people donâ€™t have anything significant to worry about. The second thing is that itâ€™s going to happen again and again, as more people come up with this idea.
Personally my Asterisk's sever has not been hit, but my Primus ATA has.
I thought of you folks and thought since I see no posts regarding this matter, I best inform you.