[EMAIL PROTECTED] (Suresh Ramasubramanian) writes:
> Portscans on the internet are a fact of life - unpleasant, yes, but you
> can safely ignore them, and instead, concentrate on keeping your systems
> secured.
that is certainly what the malware authors and users hope that we'll all do,
so lis
On 1 Nov 2003, at 17:23, Sean Donelan wrote:
I have acted as a diplomat de jure negotating resumption of traffic
between people blocking these network ranges and organizations in
Japan in
the past. In addition to Japan, the 211 netblock is assigned to
organizations in other Asia Pacific countr
After having read many of these posts I realized there are chips out there now,
oboard that do last mile protection at the gate level which eliminates any of
this and the products can come preconfigured for this or not depends on what
you want to pay for.
-Henry[EMAIL PROTECTED] wrote:
>This
On Sat, Nov 01, 2003 at 03:15:18PM -0500, Suresh Ramasubramanian wrote:
> perhaps short for secure tunnel - an ssl tunnel that takes your sip
> traffic through http or something, and proxying them through a remote
> server?
Simple Traversal of UDP through NAT, for details see:
http://www.ietf.o
> I'm thinking
> about blocking
> the entire /8, as noone on our network needs any contact with
> Asia.
Sorry to reply to my own email, but due to a few off-list replies I feel the
need to state:
I'm not speaking of Dell's network - it's another, much smaller company.
Sean Donelan writes on 11/1/2003 5:23 PM:
Its your network (or maybe your employer's network) to do whatever you
choose. You may want to consider blocking smaller ranges than the
entire /8.
Or go the opposite extreme and nullroute 0/0.
Portscans on the internet are a fact of life - unpleasant, y
On Sat, 1 Nov 2003 [EMAIL PROTECTED] wrote:
> We're seeing an incredible amount of port- and proxy-scans from 211.0.0.0/8,
> and 0 legitimate packets from the same range. I'm thinking about blocking
> the entire /8, as noone on our network needs any contact with Asia (I belive
> those addresses ar
Dave Howe wrote:
>
> Brian Bruns wrote:
> > My favorite quote is...
> >
> > BG: Until we had this concept of Web services, software on the
> > Internet couldn't talk to other software on the Internet. The only
> > thing that worked was you could move bits - that's TCP/IP -
> > or you could put up
Brian Bruns wrote:
> My favorite quote is...
>
> BG: Until we had this concept of Web services, software on the
> Internet couldn't talk to other software on the Internet. The only
> thing that worked was you could move bits - that's TCP/IP -
> or you could put up screens - that's HTML - but so
Hey gang,
We're seeing an incredible amount of port- and proxy-scans from 211.0.0.0/8,
and 0 legitimate packets from the same range. I'm thinking about blocking
the entire /8, as noone on our network needs any contact with Asia (I belive
those addresses are all in Asia - correct me if I'm wrong).
for a STUN server, which I still can't find a copy of. Fortunately it's
unnecessary. It works, as long as I don't try to contact another phone
behind another NAT.
That is the very essence of why I think NAT in the long run is a bad idea...
What good is a phone that can't contact another phone. One
On Sat, 2003-11-01 at 14:30, james wrote:
> We use the Grandstream via sipphone.com for office to office calls.
> It is using the RTSP. Just doing some cheap testing before we integrate
> this into our Soft Switch, PBX and the PSTN.
>
> The Sipphone has a "STUN" server function that makes doing
james writes on 11/1/2003 2:30 PM:
The Sipphone has a "STUN" server function that makes doing SIP behind
NAT/PAT workable. I am a little hazy on its function as I am testing and
perhaps short for secure tunnel - an ssl tunnel that takes your sip
traffic through http or something, and proxying the
On Sat, 2003-11-01 at 11:57, Michel Py wrote:
> but on other SIP phones such as the
> popular $70 Grandstream if you know the IP address and port of the
> remote SIP phone you want to join you can dial it directly.
>
> Michel.
We use the Grandstream via sipphone.com for office to office calls.
I predict the next generation of VOIP to:
a) run over encrypted tunnels.
b) have a server based out of the US..
c) meet massive resistance from the EffBeeEye..
a) will change the issues being debated here.
--
A host is a host from coast to [EMAIL PROTECTED]
& no one will talk to a host tha
> Joe Abley wrote:
> There's no useful way to use H.323 through a NAT though,
> at least that I have seen working.
In enterprises this has never been a problem as H.323 works fine over
any kind of tunnel that goes over NAT and that's already there for other
purposes (VPN for example). I have mult
I think Paul Timmins covered it rather well.
Owen
--On Saturday, November 1, 2003 11:56 AM -0600 Shawn Morris
<[EMAIL PROTECTED]> wrote:
Owen DeLong wrote:
That probably means they are not using SIP, but, instead are using
either H.323 or some other proprietary ugliness. That's unfortunate.
S
On 1 Nov 2003, at 12:43, Owen DeLong wrote:
That probably means they are not using SIP, but, instead are using
either H.323 or some other proprietary ugliness. That's unfortunate.
You can use SIP through a NAT, if you can hack the NAT to poke
particular ranges of ports back to devices on the i
Owen DeLong wrote:
That probably means they are not using SIP, but, instead are using
either H.323 or some other proprietary ugliness. That's unfortunate.
SIP has to include the IP address of the RTP destination in it's payload.
As such, you can't use SIP cleanly across NAT unless the NAT box kno
On Sat, 2003-11-01 at 12:33, Shawn Morris wrote:
> Vonage's SIP implementation is not broken by NAT and in fact Vonage
> recommends that you purchase a SOHO router that does NAT.
Vonage also has a financial interest in ensuring you're unable to
connect using RTP and SIP to anyone else but them.
That probably means they are not using SIP, but, instead are using
either H.323 or some other proprietary ugliness. That's unfortunate.
SIP has to include the IP address of the RTP destination in it's payload.
As such, you can't use SIP cleanly across NAT unless the NAT box knows
to proxy the SIP
If you take all of this together we have Microsoft is going to supply us with
code that does not work that will allows programmers who know what they are
doing to talk to any windows system in the world.
Cool.
On Fri, 31 Oct 2003, Andrew D Kirch wrote:
>
> You guys missed it, Gates is utterly r
Owen DeLong wrote:
If you are telling me that Joe User will never use VOIP, then you are
somking from a different internet hooka than the folks at Vonage. I don't
know which of you is right, but, I know Vonage has enough customers to
say that at least some number of Joe User's are using SIP and R
23 matches
Mail list logo
