[asterisk-users] FW: Under heavy attack
Danny Nicholas
danny at debsinc.com
Tue Nov 2 10:16:10 CDT 2010
-----Original Message-----
From: asterisk-users-bounces at lists.digium.com
[mailto:asterisk-users-bounces at lists.digium.com] On Behalf Of C F
Sent: Tuesday, November 02, 2010 10:06 AM
To: Asterisk Users Mailing List - Non-Commercial Discussion
Subject: Re: [asterisk-users] FW: Under heavy attack
Joel, after sending my previous posts I did realize your points might
have some validity - and hence I owe you an apology - and that is if
you are a telco or hosted pbx provider then strict fail2ban is not
that good of a solution. While I was talking strictly from a PBX
vendors point of view, where fail2ban is a must and the answer to most
problems.
On Mon, Nov 1, 2010 at 8:20 PM, Joel Maslak <jmaslak at antelope.net> wrote:
> Be careful, telcos may make the users responsible if they have insecure
> PBXes...right now they often write off much of the charges.
> But I do agree that there would be a lot less garbage on the net if
everyone
> was liable for their insecurity. Heck, there would be no SIP attacks if
> everyone's systems were secure - there would be no gain in trying to
exploit
> reasonably unexploitable systems.
>
> On Nov 1, 2010, at 11:54 AM, jon pounder <jonp at inline.net> wrote:
>
> On 11/01/2010 01:44 PM, Nyamul Hassan wrote:
>
>
> I think the only real solution here is to make people take more
> responsibility for their actions
> - find and punish the actual abusers
> - make users liable for damages caused by infected PC's - defaults from an
> isp should be everything locked down but with user able to request more
> ports being opened at no extra cost, if a user asks for it they then take
on
> responsibility for the use of that port.
>
>
>
> LOL
>
> On Mon, Nov 1, 2010 at 23:33, Cary Fitch <caryf at usawide.net> wrote:
>>
>> I was going to point out a failing of the attackers, but figured they
read
>> the list and dont need any more tips.
>>
>>
>>
>> Cary Fitch
>>
>>
>>
>> ________________________________
>>
>> From: asterisk-users-bounces at lists.digium.com
>> [mailto:asterisk-users-bounces at lists.digium.com] On Behalf Of Zeeshan
>> Zakaria
>> Sent: Monday, November 01, 2010 12:13 PM
>>
>> To: Asterisk Users Mailing List - Non-Commercial Discussion
>> Subject: Re: [asterisk-users] FW: Under heavy attack
>>
>>
>>
>> And obviously these attackers read our emails on lists like this and
>> adjust their sick strategies accordingly.
>>
>> Zeeshan A Zakaria
>>
>> --
>> www.ilovetovoip.com
>> www.pbxforall.com (beta)
>>
>> On 2010-11-01 12:02 PM, "Jamie A. Stapleton"
>> <jstapleton at computer-business.com> wrote:
>>
>> Only 100? We had a single server over 300.
>>
>>
>>
>> From: asterisk-users-bounces at lists.digium.com
>> [mailto:asterisk-users-bounces at lists.digium.com] On Behalf Of Zeeshan
>> Zakaria
>> Sent: Saturday, October 30, 2010 9:49 PM
>>
>> To: Asterisk Users Mailing List - Non-Commercial Discussion
>>
>> Subject: Re: [asterisk-users] Under heavy attack
>>
>>
>>
>> My count has reached 100 for the day. The server serves doesn't serve
>> international calls anywa...
>>
>> Sat, Oct 30, 2010 at 9:33 PM, Joel Maslak <jmaslak at antelope.net> wrote:
>>
>> No. It seems that opening ...
>>
I'm still on old-fashion copper-wire and "have yet to experience the joy" of
SIP Trunk-"ing" and the type of issues discussed in this thread. My thought
to share here is that outgoing calls should be "easy" for thoroughly
authenticated users and impossible for others...
Probably more can-o-worms than help. Sorry if this is so.
More information about the asterisk-users
mailing list