[asterisk-users] Being attacked by an Amazon EC2 ...
Steve Murphy
murf at parsetree.com
Wed Apr 21 10:33:43 CDT 2010
On Wed, Apr 21, 2010 at 9:23 AM, Stuart Sheldon <stu at actusa.net> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
>
> Randy R wrote:
> > On Wed, Apr 21, 2010 at 2:55 PM, Fred Posner <fred at teamforrest.com>
> > wrote:
> >> On Apr 21, 2010, at 4:50 AM, Gordon Henderson wrote:
> >>
> >>> On Tue, 20 Apr 2010, Frank Bulk wrote:
> >>>
> >>>> Please take note of their posting:
> >>>> https://aws.amazon.com/security/ which discusses the issue and
> >>>> what they're doing to improve response.
> >>> And is anyone on the list worthy of being considered a
> >>> "significant SIP provider" to be honoured with the privilege of
> >>> working with them?
> >>>
> >>> Gordon
> >>>
> >> None of the carriers I deal with have been contacted. Of course,
> >> them only contacting "significant" providers... does that mean it's
> >> ok if the attacks happen to non-significant providers or
> >> end-points?
> >>
> >> ---fred http://qxork.com
> >
> > If it got to their BS/PR page/blog it means they're hearing about
> > complaints on the net as well as people like you submitting. Everyone
> > please keep posting where you can and sooner or later, someone big
> > will pick up the story.
> >
> > Funny, I'd think the most "worthy" people to comment on this issue
> > are on this list. That's the feedback they should be looking for and
> > working on at Amazon EC2.
> >
> > /r
> >
>
> We might me reading their PR wrong... Maybe there were large SIP
> providers that were compromised due to this attack... Maybe they are
> keeping that quiet at the request of those providers... It could also be
> that the aliens in hiding in Colorado are behind the whole thing! ... Oh
> no! I've said too much!!! LOL...
>
> It could actually be the case that this whole issue went beyond what we
> are seeing, and they are trying to protect one of their Whale customers...
>
> Needless to say, what about the SSH brute force attacks that originate
> from their network? What about the SPAM that flows like a fountain from
> their net blocks?
>
> This was nothing more then PR hype...
>
> Stu
>
>
Assuming that every such spamming/hacking/attack site is funded on a
stolen identity/CC number, it will soon sink into Amazon that they are
getting a bad rep, and losing money on such problems, as all such charges
are reversed when the identity theft is discovered... How they overcome
the problem, should be a tribute to the marvelous power of human ingenuity.
murf
--
Steve Murphy
ParseTree Corp
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.digium.com/pipermail/asterisk-users/attachments/20100421/309e6fb1/attachment.htm
More information about the asterisk-users
mailing list