[asterisk-users] Being attacked by an Amazon EC2 ...

Stuart Sheldon stu at actusa.net
Sun Apr 11 15:16:44 CDT 2010


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

We reported abuse Saturday morning... As of yet, no change in traffic.

I have sent requests upstream to filter all UDP/5060 traffic from EC-2
range to stop the DDOS that we are under, but have only gotten 2 of our
4 providers to comply.

At this point, I guess well all just ride it out...

Stu


Tom Stordy-Allison wrote:
> Hi,
> 
> This is exactly what I've just joined this mailing list about.
> 
> Has anyone has any luck getting Amazon to stop the instances? I'm stuck with around 700Kbps of my 2.5Mbps inbound in use as my firewall blocks the requests as below. 
> 
> Cheers,
> 
> Tom
> 
> -----Original Message-----
> From: asterisk-users-bounces at lists.digium.com [mailto:asterisk-users-bounces at lists.digium.com] On Behalf Of Norbert Zawodsky
> Sent: 11 April 2010 20:57
> To: asterisk-users at lists.digium.com
> Subject: Re: [asterisk-users] Being attacked by an Amazon EC2 ...
> 
> Am 11.04.2010 17:05, schrieb Mark Smith:
>> Same this end from 184.73.17.150.
>> Use this little piece of iptables magic to block the whole of Amazon's EC2 ip-
>> range.
>>
>> iptables -F
>> iptables -A INPUT -m iprange --src-range 216.182.224.0-216.182.239.255 -j DROP
>> iptables -A INPUT -m iprange --src-range 72.44.32.0-72.44.63.255 -j DROP
>> iptables -A INPUT -m iprange --src-range 67.202.0.0-67.202.63.255 -j DROP
>> iptables -A INPUT -m iprange --src-range 75.101.128.0-75.101.255.255 -j DROP
>> iptables -A INPUT -m iprange --src-range 174.129.0.0-174.129.255.255 -j DROP
>> iptables -A INPUT -m iprange --src-range 204.236.192.0-204.236.255.255 -j DROP
>> iptables -A INPUT -m iprange --src-range 184.73.0.0-184.73.255.255 -j DROP
>> iptables -A INPUT -m iprange --src-range 216.236.128.0-216.236.191.255 -j DROP
>> iptables -A INPUT -m iprange --src-range 184.72.0.0-184.72.63.255 -j DROP
>> iptables -A INPUT -m iprange --src-range 79.125.0.0-79.125.127.255 -j DROP
>> service iptables save
>>
>> This sorts it out in the short-term until Amazon realise their service is 
>> being utilised by arseholes.
>>
>>
>>
>>
>>   
> Hi Mark!
> 
> your little iptables magic is a very good idea! Implementation took < 1
> minute :-)
> I'll use it until a better idea comes up ... (which I don't expect
> within a short term)
> 
> Thank you!
> 
> Norbert
> 

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iQIcBAEBCAAGBQJLwi4rAAoJEFKVLITDJSGSrY4QAL1KGKvm1vZIskueMyV0Heau
3/IbbdHNYxWIj6xTm9bYH9b7DzQjiRx88Ox3vFppnXf3AR9+qD0hUSaaQwJBwNJp
LJ33vCqXGURjbib9tJkjzNJo3pz7FUS6rzwffpoVrzXmobrPJRmHSFswB3gKmXO5
UD6UrbY/SHuq1oJZG07F4cTyA2Dssq/T7eQiNG9ZcH3w4BW7ZBurbELFDIzfjF81
5d5/n7+9f4fg8R95YjBM+qnZYK74Ht2JPr27XmFxn2XGOrCgPyWe605j4fGm9sr8
LIpnDx/KN9cLQpGyzauF7xuv9TZj1F81RVYFg3Gms6k8MsPj0B6tKguASiSb8efq
d9goqG0lrQEcef/B2PLGD3yOjenpSDGFk9dLItWxnaJX3l0QhuK8nlNkuRiqTyrT
Vp74ky5ewDb+YxoowA/gfosyWLx/YfaN9N6fizUXabJZPffzAI7PqAEChZje14r4
lobsN4BWFTt80IqfEdmwQUcMiyktXmtkTsN1YbS7GYKbAPeNdArpvCFar8yKSla6
JsbCFSUelmodj4mU85ZmgHBup6u5NTiq4Z5FVUQvFrL5P79J9IGr9ewiz+/DzyDK
2f2MA/6P9a3hoBauGdU+FBvSP4TMp75Ntho28IHyRIz2Zz3FHedAcuIPavO+AbHv
EQ4ocAwQBX6fJvpYQwIm
=I4n1
-----END PGP SIGNATURE-----



More information about the asterisk-users mailing list