Anybody Having Trouble Today?

[tritch]

I couldn't agree more. Looking at the uptime on my ATA it looks like another reboot occurred yesterday afternoon around 2:10 pm.

As a non-provisoned BYOD user, I'm not sure if this applies to your case but it might be wise to take a quick look at the data traffic to the ATA (Wireshark, etc.) using the timestamp of the reboot as a basis of analysis. I say this because you have UDP ports 5004-65000 open (much like myself until recently).

I recently started having strange random reboots on my ATA, sometimes frequently every day. By accident, I just happened to be watching the ATA when suddenly the ATA activity light started to rapidly flash along with the DSL activity light, then the ATA self-rebooted followed by 2 similar events and self-reboots all in about 30 second time span. The activity looked similar to a DoS attack and I suspected somebody was trying to hack the ATA. I installed a debug logger and waited a few hours for another ATA reboot. Sure enough it happened again, and the debug log revealed I was being hit by a "sipvicious" scan tool followed by hundreds of attempts to crack my password using unused open SIP ports. In my case, it was hitting unused ports 5064, 5074 and 5075. The IP address of the hacker was coming from China. Fortunately, I have a fairly complex password, so nothing was compromised. I also have international calling blocked in vPanel as a safeguard. What's amazing is that I released/renewed my public IP on the DSL modem and within a few hours I was hit again!!

Needless to say, I had to close up a lot of the open UDP ports in the router that were not being used by Voipo to stop the attacks. I did leave some ports open that I felt were needed to avoid any potiential dead air issues.

These are the only UDP ports that I have open now:
5004, 5012, 5079 and 35000-65000.

So far so good.....no more reboots and service is working great with no issues.