A mind boggling issue with Enfora MT2500

Nikiu5 years ago

I have this device from an old provider and thought of configuring it to work with traccar self hosted server. I did all the necessary changes to the device as IP, Port, Protocol (TCP) and everything needed. However, when it manages to talk to my server, all I get on the log is this:

2019-08-26 06:31:39  INFO: [f5297c70: enfora < 77.247.110.66] HEX: 4f5054494f4e53207369703a313030403231372e37332e3133342e313037205349502f322e300d0a5669613a205349502f322e302f5544502037372e3234372e3131302e36363a353039343b6272616e63683d7a39684734624b2d323931303632353639383b72706f72740d0a436f6e74656e742d4c656e6774683a20300d0a46726f6d3a2022736970766963696f7573223c7369703a31303040312e312e312e313e3b7461673d36343339333433393338333633363632333133333339333030313331333533343336333933323332333833320d0a4163636570743a206170706c69636174696f6e2f7364700d0a557365722d4167656e743a20667269656e646c792d7363616e6e65720d0a546f3a2022736970766963696f7573223c7369703a31303040312e312e312e313e0d0a436f6e746163743a207369703a3130304037372e3234372e3131302e36363a353039340d0a435365713a2031204f5054494f4e530d0a43616c6c2d49443a203230313136303939363439383836313733343330333130320d0a4d61782d466f7277617264733a2037300d0a0d0a
2019-08-26 06:31:39  WARN: Unknown device - 643934393836366 (77.247.110.66)

On the HEX Decoder it shows as:

OPTIONS sip:100@217.73.134.107 SIP/2.0
Via: SIP/2.0/UDP 77.247.110.66:5094;branch=z9hG4bK-2910625698;rport
Content-Length: 0
From: "sipvicious"<sip:100@1.1.1.1>;tag=64393439383636623133393001313534363932323832
Accept: application/sdp
User-Agent: friendly-scanner
To: "sipvicious"<sip:100@1.1.1.1>
Contact: sip:100@77.247.110.66:5094
CSeq: 1 OPTIONS
Call-ID: 201160996498861734303102
Max-Forwards: 70

Can anyone makes any sense out of this?

Nikiu5 years ago

After googling extensively, I think some SIP scanner tries to connect to the server, through the 5008 open port for enfora. What I don't understand is why the HEX message comes with "enfora" at the header. If it was a random scanner, why would it show up as enfora, the very GPS device I'm struggling to make work?

Nikiu5 years ago

It seems the server puts automatically the string "enfora" as the message comes from that port, 5008 in our case. The rest is whatever the SIP Scanner is trying to broadcast in order to find vulnerable servers.

On the other hand, my device seems dead on the server side. It doesn't transmit at all. Please OP, close this thread.