A hack of your partner-originator and launch of parallel VoIP proxy¶
There are known cases, when your partner's server gets hacked.
Then attacker launches SIP-proxy on port which differs from standard 5060, which works simultaneously with partner's softswitch which works on standard port 5060.
This hack is extremely dangerous, because your partner could have no idea that his server has been hacked, and some alien application has been launched.
Because his softswitch which works on standard port 5060, continues to work as usual.
But alien application will use IP address of a partner's server to authorize as originator on servers of his partners, including you, and bridge huge amount of calls.
Originator will notice that something's wrong only when he receives invoice from his partners.
For example, if invoice is sent once a month, the hackers could have terminated a fantastic sum of traffic during the month.
These calls won't be logged on a partner's software, and he might refuse to admit he was hacked and he might refuse to pay the invoice.