[asterisk-users] Being attacked by an Amazon EC2 ...
Hans Witvliet
hwit at a-domani.nl
Tue Apr 13 07:04:46 CDT 2010
On Tue, 2010-04-13 at 09:47 +0100, Gordon Henderson wrote:
> On Tue, 13 Apr 2010, Alyed wrote:
>
> > Think we need some solution WITHIN the Asterisk core. Roderick A. suggested
> > something that looks nice using iptables, some others have pointed out using
> > RBL or fail2ban, but the best would be to have some generic solution not
> > dependant on third party programs.
>
> I'd strongly disagree with this. (And I was the OP of this thread and had
> my home/office network connection taken down due to it)
>
> But then, I'm an old worldy Unix sysadmin and the philosophy of having a
> program do one thing well is still etched into my core...
>
> http://en.wikipedia.org/wiki/Unix_philosophy
>
> So get asterisk to do what it does well, then get something else that does
> what you need to do just as well - built-in to Linux are the iptables
> firewall rules. Use them! They are very effective and do work. (And you
> have a choice!)
I'll agree with you here.
Any aditional security within * is fine, but if someone is simply
drowning your bandwith, action must be taken at a lower level.
Otherwise you endup re-inventing the wheel for D.o.s. attackes for voip,
mail, ssh, ldap, http, rsync, (or any other service you might be
running)
So a proper job for ip(6)tables, imho
More information about the asterisk-users
mailing list