Linphone desktop for single user calls to and from a registered VOIP provider.
General information
Device: hp elitedesk 800
OS: Kubuntu 22.04.2 LTS
Version of the App: Installed: 4.2.5-3build1
Expected behaviour
I want my desktop to be secure, and not receive nuisance calls, nor make unauthorised outbound calls.
I want to be able to see from the GUI, all active registrations, not just those configured in the gui.
To Reproduce
Start linphone.
Receive random incoming SIP calls from all over the planet on odd SIP addresses, eg 1001@1.1.1.1 (sip vicious)
Observe linphone trying to make automated expensive outbound calls to other countries.
Port 5060 UDP is open to the outside world. I don't know why. There are two NAT routers in succession, openwrt and a Huawei domestic router, neither have port forwards. OpenWRT has port 5060 drop except for SIP providor.
Neither have UPNP or ALG or Port Trigger enabled. What other mechanisms might allow Linphone to request a port open?
Is this a compromised Linphone, that is making outbound connections on it's own, thereby opening a state?
Additional context
`2023-04-18 15:37:05:205 [linphone/belle-sip] MESSAGE channel [0x55e2853aade0]: keep alive sent to [UDP://46.101.2.___:5253]
2023-04-18 15:37:05:205 [linphone/belle-sip] MESSAGE channel [0x55e28537a3b0]: keep alive sent to [UDP://193.107.216.___:5070]
`
Random freaker somewhere in the Eu sends invite...
Wireshark:
Source: 151.106.32.173
Destination: 10.1.1.10 local lan address
Protocol: SIP/SDP
Request: INVITE sip:901139066229096@(my public ip):5060; transport=UDP
User-Agent: Gateway Phonoway 1.5
Context
Linphone desktop for single user calls to and from a registered VOIP provider.
General information
Expected behaviour
I want my desktop to be secure, and not receive nuisance calls, nor make unauthorised outbound calls.
I want to be able to see from the GUI, all active registrations, not just those configured in the gui.
To Reproduce
Start linphone. Receive random incoming SIP calls from all over the planet on odd SIP addresses, eg 1001@1.1.1.1 (sip vicious) Observe linphone trying to make automated expensive outbound calls to other countries. Port 5060 UDP is open to the outside world. I don't know why. There are two NAT routers in succession, openwrt and a Huawei domestic router, neither have port forwards. OpenWRT has port 5060 drop except for SIP providor. Neither have UPNP or ALG or Port Trigger enabled. What other mechanisms might allow Linphone to request a port open? Is this a compromised Linphone, that is making outbound connections on it's own, thereby opening a state?
Additional context
`2023-04-18 15:37:05:205 [linphone/belle-sip] MESSAGE channel [0x55e2853aade0]: keep alive sent to [UDP://46.101.2.___:5253]
2023-04-18 15:37:05:205 [linphone/belle-sip] MESSAGE channel [0x55e28537a3b0]: keep alive sent to [UDP://193.107.216.___:5070] `
Random freaker somewhere in the Eu sends invite... Wireshark: Source: 151.106.32.173 Destination: 10.1.1.10 local lan address Protocol: SIP/SDP Request: INVITE sip:901139066229096@(my public ip):5060; transport=UDP User-Agent: Gateway Phonoway 1.5