subject:"RE\: \[EXTERNAL\] VoIP Provider DDoSes"

RE: [EXTERNAL] VoIP Provider DDoSes

2021-09-22 Thread Brian Turnbow via NANOG

Hi >Something you may want to consider is to put ACLs as far upstream as possible >from your SBCs and only allow through what you need to the SBCs. For example, >apply a filter only permitting UDP 5060 and your RTP port range to your SBCs >and then blocking everything else. This is free and s

Re: [EXTERNAL] VoIP Provider DDoSes

2021-09-21 Thread Compton, Rich A

mpton, Rich A" Cc: NANOG list Subject: Re: [EXTERNAL] VoIP Provider DDoSes CAUTION: The e-mail below is from an external source. Please exercise caution before opening attachments, clicking links, or following guidance. *nods* We have a Metaswitch SBC. So as long as the pipe isn't full

Re: [EXTERNAL] VoIP Provider DDoSes

2021-09-21 Thread Mike Hammett

dwest-ix.com - Original Message - From: "Rich A Compton" To: "Mike Hammett" , "NANOG" Sent: Tuesday, September 21, 2021 4:59:06 PM Subject: Re: [EXTERNAL] VoIP Provider DDoSes Most of the larger DDoS mitigation appliances can block malformed SIP tra

Re: [EXTERNAL] VoIP Provider DDoSes

2021-09-21 Thread Compton, Rich A

Most of the larger DDoS mitigation appliances can block malformed SIP traffic and also can block volumetric/state exhaustion UDP floods. A lot of VoIP companies have Session Border Controllers (SBCs) to protect public facing VoIP services. SBCs are more application aware. Kind of like a proxy

RE: [EXTERNAL] VoIP Provider DDoSes

Re: [EXTERNAL] VoIP Provider DDoSes

Re: [EXTERNAL] VoIP Provider DDoSes

Re: [EXTERNAL] VoIP Provider DDoSes

4 matches

Site Navigation

Mail list logo

Footer information