For those of you who reported DOS type attacks from sipvicious scans on
your public SIP ports, looks like the author has taken pity on you and
has a tool that could block repeated attacks, thus freeing up your
bandwidth for calls. it looks like python is already installed on sipx,
so, all you would need is his tool.
"If you had been following the Asterisk or VoIP provider blogs and
forums, you might have noticed people complaining
<http://jcs.org/notaweblog/2010/04/11/properly_stopping_a_sip_flood/>
about bandwidth
<http://www.voiptechchat.com/voip/457/amazon-ec2-sip-brute-force-attacks-on-rise/>
saturation due to SIP scans
<http://isc.sans.edu/diary.html?storyid=8641>. Some people had been
using Amazon EC2 based servers to look for SIP servers such as Asterisk,
which have weak passwords. As a result of these scans, organizations
were getting a considerable amount of bandwidth used - leading to denial
of service (DoS). Why did this happen?"
<http://blog.sipvicious.org/2010/06/how-to-crash-sipvicious-introducing.html>
--
Michael Scheidell, CTO
Phone: 561-999-5000, x 1259
> *| *SECNAP Network Security Corporation
* Certified SNORT Integrator
* 2008-9 Hot Company Award Winner, World Executive Alliance
* Five-Star Partner Program 2009, VARBusiness
* Best in Email Security,2010: Network Products Guide
* King of Spam Filters, SC Magazine 2008
______________________________________________________________________
This email has been scanned and certified safe by SpammerTrap(r).
For Information please see http://www.secnap.com/products/spammertrap/
______________________________________________________________________
_______________________________________________
sipx-users mailing list
sipx-users@list.sipfoundry.org
List Archive: http://list.sipfoundry.org/archive/sipx-users/