[asterisk-users] Being attacked by an Amazon EC2 ...
Darrick Hartman
dhartman at djhsolutions.com
Mon Apr 12 12:17:53 CDT 2010
On 04/12/2010 12:05 PM, Randy R wrote:
> On Mon, Apr 12, 2010 at 6:51 PM, Darrick Hartman
> <dhartman at djhsolutions.com> wrote:
>> I don't think anyone else brought up the Spamhaus DROP project. It's a
>> blacklist of IP addresses and address ranges which are known to ONLY be
>> used for malicious purposes.
>>
>> http://www.spamhaus.org/drop/
>>
>
> Because this is in Amazon's interest, THEY should set up a way to
> report these. Once you detect (in a script) that this is in their
> range, a redirect would feed their own log with all the data they'd
> need to proceed. This would work well, especially if they made you
> register your calling IP to them, or authenticate. That way your
> server and IP is on record and the report authenticated. Isn't this
> reasonable?
Randy,
That only addresses EC2 (and assumes that Amazon has any interest in
protecting their reputation). What about attacks that come from other
locations? Granted it's pretty easy to buy time on an EC2 server so
this may be the primary source for a period of time.
Darrick
--
Darrick Hartman
DJH Solutions, LLC
http://www.djhsolutions.com
More information about the asterisk-users
mailing list