Welcome to Smart Home Forum by FIBARO
Dear Guest,
as you can notice parts of Smart Home Forum by FIBARO is not available for you. You have to register in order to view all content and post in our community. Don't worry! Registration is a simple free process that requires minimal information for you to sign up. Become a part of of Smart Home Forum by FIBARO by creating an account.
As a member you can:
- Start new topics and reply to others
- Follow topics and users to get email updates
- Get your own profile page and make new friends
- Send personal messages
- ... and learn a lot about our system!
Regards,
Smart Home Forum by FIBARO Team
Question
miras 0
...bo moja systematycznie komunikuje się z hostem w Egipcie przy pomocy protokołu SIP.
Protokół ten jest wykorzystywany np w telefonii VOIP.
Przypadkiem podsłuchałem pakiety wysyłane z i do centrali. Okazuje się że prowadzi one "dość rozwiązłe życie". O ile część komunikacji nie jest aż tak "podejrzana" o tyle komunikacja SIP systematycznie prowadzona z adresem IP w Egipcie budzi moje podejrzenia tym bardziej że jest to komunikacja zazwyczaj wykorzystywana do transmisji głosu. Głęboko i żarliwie wierzę że w mojej centrali nie ma mikrofonu.
Myślę że zdecydowanie nalezą się tu wyjaśnienia ze strony FIBARO.
Poniżej wycinek z takiej komunikacji oraz whois adresu 146.0.231.230
21:51:18.393158 IP xx.xx.xx.13.5060 > 146.0.231.230.7349: SIP, length: 495
21:51:18.578511 IP xx.xx.xx.13 > 216.58.209.36: ICMP echo request, id 20050, seq 1, length 64
21:51:18.919285 IP xx.xx.xx.13.5060 > 146.0.231.230.7349: SIP, length: 457
21:51:19.445632 IP xx.xx.xx.13.5060 > 146.0.231.230.7349: SIP, length: 496
21:51:19.972003 IP xx.xx.xx.13.5060 > 146.0.231.230.7349: SIP, length: 461
21:51:20.344570 IP xx.xx.xx.13.22 > 218.65.30.108.62099: Flags [P.], seq 2066:2134, ack 1514, win 131, options [nop,nop,TS val 95700065 ecr 1982038313], length 68
21:51:20.498129 IP xx.xx.xx.13.5060 > 146.0.231.230.7349: SIP, length: 497
21:51:20.537985 IP xx.xx.xx.13 > 216.58.209.36: ICMP echo request, id 20069, seq 1, length 64
21:51:21.024764 IP xx.xx.xx.13.5060 > 146.0.231.230.7349: SIP, length: 461
21:51:21.266686 IP xx.xx.xx.13.22 > 218.65.30.108.62099: Flags [.], ack 1598, win 131, options [nop,nop,TS val 95700295 ecr 1982041595], length 0
21:51:21.550871 IP xx.xx.xx.13.5060 > 146.0.231.230.7349: SIP, length: 495
21:51:21.664235 IP xx.xx.xx.13 > 216.58.209.36: ICMP echo request, id 20088, seq 1, length 64
inetnum: 146.0.231.228 - 146.0.231.231
netname: VELIANET-DE-SAMERELHADEDY
descr: Samer Elhadedy
country: DE
org: ORG-SE96-RIPE
admin-c: SE4359-RIPE
tech-c: SE4359-RIPE
status: ASSIGNED PA
remarks: ticket.velia.net 76330
mnt-by: FGK-MNT
created: 2016-10-14T13:57:30Z
last-modified: 2016-10-14T13:57:30Z
source: RIPE # Filtered
organisation: ORG-SE96-RIPE
org-name: Samer Elhadedy
org-type: OTHER
address: 1 meet hebish
address: 31911 tanta
address: Egypt
phone: +20 1146911220
admin-c: SE4359-RIPE
tech-c: SE4359-RIPE
abuse-c: SE4359-RIPE
mnt-ref: FGK-MNT
mnt-by: FGK-MNT
created: 2016-09-13T21:48:20Z
last-modified: 2016-09-13T21:48:20Z
source: RIPE # Filtered
role: Samer Elhadedy
address: 1 meet hebish
address: 31911 tanta
address: Egypt
phone: +20 1146911220
nic-hdl: SE4359-RIPE
mnt-by: FGK-MNT
created: 2016-09-13T21:48:20Z
last-modified: 2016-09-13T21:48:20Z
source: RIPE # Filtered
abuse-mailbox: [email protected]
% Information related to '146.0.224.0/19AS29066'
route: 146.0.224.0/19
descr: velia.net
origin: AS29066
mnt-by: FGK-MNT
created: 2015-08-13T15:07:20Z
last-modified: 2015-08-13T15:07:20Z
11 answers to this question
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.