SPA9000 Web Admin Access - How to enable?

trotty1970 · ‎11-01-2011

My SPA9000 appears to have been hacked in someway. We are getting 14 or 15 calls in very quick succession from unknown number. This happens early every morning UK time. Just realised that the SPA9000 has been uploading huge volumes of data but no download.

In order to increase security I unchekced the Enable web admin access box next to the administrator password. I did this thinking it was for the WAN access which is of course wrong. Now I can't get back into the SPA.

I tried option 7932 on the IVR but that just turns on and off the whole web server. I still have access to the user server. Can anyone help me get admin access back please?

Also does anyone know what my SPA might have been uploading or what these calls are all about?

Thanks.

Alberto Montilla · ‎11-08-2011

Dear Sir;

I responded to the WebUI issue on an more recent discussion.

With regards of the calls, these may be phantom calls, basically attacks to try the system to make calls out, which SPA9000 does not allow for.

There are two methods to block these calls:

Set "Restrict Source IP:" to YES, so basically it will not allow any message which does not come from Proxy. This should be enough for your case. Parameter is located on the "Line X" you are using. Set it for all lines or disable any line you dont use.
Set AUTH Invite to YES. This may not be supported by your service provider, so dont use it unless you are sure SP supports it. With (1) it should be enough.

Regards
Alberto