If they're not hitting your SBC then as Dimos mentioned it is most likely someone internal. Notify the network security team so they can investigate or perhaps it is them doing an attack and pen initiative on the network to check for vulnerabilities.
You should also note the source IP address for these requests and see if you can isolate the machine/person performing this action.
Regards,
Mike.
------------------------------
Michael Silverman
Tykans Group Inc
------------------------------
Original Message:
Sent: 12-21-2023 01:32
From: Dimos Mantas
Subject: SipVicious Calls coming into Genesys Softphone
Someone within your network ia probably using this
https://github.com/EnableSecurity/sipvicious
------------------------------
Dimos Mantas
Piraeus Direct Service
Original Message:
Sent: 12-20-2023 17:16
From: Dawn Maciejewski
Subject: SipVicious Calls coming into Genesys Softphone
Hi,
We started noticing SIP Invites coming to and from on the Genesys Softphone windows application.
To: "sipvicious"<sip:100@1.1.1.1>
From: "sipvicious"<sip:100@1.1.1.1>
How do we block these? I don't find the calls coming in through our SBC
Is there a way to configure Genesys Softphone application to only accept calls from a list of servers?
#SIP/VolP
------------------------------
Dawn Maciejewski
NiSource Corporate Services Company
------------------------------