-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Randy R wrote: > On Sun, Apr 18, 2010 at 5:38 PM, Stuart Sheldon <s...@actusa.net> wrote: >>> I a related question, if the IP addresses were spoofed, how could a >>> response be directed back? Don't the register attempts, because they > >> If the IP addresses were spoofed, it would be simply a DoS attack. > > This is what I thought, so when people say "yeah, but they could be > spoofed" this isn't a valid argument. > > A huge number of requests going to your server with an originating EC2 > IP needs to be shut down first, questions asked after. > > Only Amazon can fix this. They have not only the IP info but also full > customer data, including banking info. > > What possible excuse can they provide? Is this why they are silent? > There's no good excuse other than, "it would cut into our profits". > > Maybe we could get GigaOm interested or some other high-visibility blog. > > /r >
For what it's worth, here is my Blog Article from the incident... http://www.stuartsheldon.org/blog/2010/04/sip-brute-force-attack-originating-from-amazon-ec2-hosts/ Stu -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iQIcBAEBCAAGBQJLyy0SAAoJEFKVLITDJSGSMaYQAKVTy6en4zsbekcjXTSjMo6z SSwBL95mSpgGRU6nAOKIjs5UUczFS8MtReag7hqW7e1ZtwwlXz88KP+c7yNZVw9+ 6HIjAf+PdaxRmDQ/bUpcXy+4Nnl6RRzVnE5oY33/ZWJrAjBfLb/eQCFQOqAdgxDr xsTGCPts/CJWeQrni6g4pdYFf3P4BvxsyoGw5vpF8rXipujaK1V0zxT6dE+XDNYZ aqrLlZtGvF7oTLtYCAt6g/C7VG7RJDNbuxGKG0q8GfHeU3xXEjYytH6jq26yiCSi FvP6vH0CzOInyYohPEXuxej2rLADf6c3JqXidadXX87l5XLb947pooMK+gmyRv8m AjsoOryMs43V48q5y1F25LVV8pnw83xEUZyxfa4/JNx4Fr4PvuMdVs0UDZbjWdCD ncf47IVQKztWfM3vcbyFXyfgDHrAnGUwZ/VxPpQ9/0VGsrC8V9rujQCI3UVk2/7v RHFK97ddmPvrAr8Gml+wnjTROSyY5n8ds762ZfyN3rel7e7w5gynpa+G9pcNqgSX MzdKRiC10hF4X6ZMXOski1UIXm+x7r+8uY8p+/8l6A4sdXohCUhXTcYLMnDBzgob fsmxb6WKKkaGTLv7jWLukfZVYcppk+B4M8hFgAvVqMWBRI3eZmZTKvmzDs9yjaqw kcF4NwJOpLXsG3w9vs7F =kLEJ -----END PGP SIGNATURE----- -- _____________________________________________________________________ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users