> *From: *"Ray Orsini"
> *To: *"Mike Hammett" , "NANOG"
> *Sent: *Wednesday, September 22, 2021 8:15:51 AM
> *Subject: *Re: EXTERNAL: Re: VoIP Provider DDoSes
>
> Yes there are. I was about to message Steve about the correction. Corer
rsini"
To: "Mike Hammett" , "NANOG"
Sent: Wednesday, September 22, 2021 8:15:51 AM
Subject: Re: EXTERNAL: Re: VoIP Provider DDoSes
Yes there are. I was about to message Steve about the correction. Corero and
path.net are options. There are others.
OIT Website
behalf of Mike Hammett
> *Date: *Wednesday, September 22, 2021 at 9:29 AM
> *To: *Terrance Devor
> *Cc: *NANOG list
> *Subject: *[EXTERNAL] Re: VoIP Provider DDoSes
>
>
>
> *CAUTION:* The e-mail below is from an external source. Please exercise
> caution before opening
rsing?
>
>
> -
> Mike Hammett
> Intelligent Computing Solutions
> http://www.ics-il.com
>
> Midwest-IX
> http://www.midwest-ix.com
>
> --
> *From: *"Terrance Devor"
> *To: *"Mike Hammett"
> *Cc:
o/twitter>
> [image: YouTube] <https://go.oit.co/youtube>
>
> *How are we doing? We'd love to hear your feedback. https://go.oit.co/review*
> <https://go.oit.co/review>
> --
> *From:* NANOG on behalf of Mike
> Hammett
> *Sent:
Subject: [EXTERNAL] Re: VoIP Provider DDoSes
CAUTION: The e-mail below is from an external source. Please exercise caution
before opening attachments, clicking links, or following guidance.
Fail2Ban on a couple of dozen servers may not be sufficient to address 400 gigs
of traffic.
-
Mike Hammett
e Hammett"
Cc: "NANOG"
Sent: Wednesday, September 22, 2021 10:24:07 AM
Subject: Re: VoIP Provider DDoSes
Fail2Ban and give ourselves a pat on the back..
On Wed, Sep 22, 2021 at 9:12 AM Mike Hammett < na...@ics-il.net > wrote:
https://twit.tv/shows/security-now/episod
ider of large pipe VoIP protocol DDoS
> protection."
>
> Are any of the cloud DDoS mitigation services offering a service like this.
>
> --
> *From: *"Mike Hammett"
> *To: *"NANOG"
> *Sent: *Tuesday, September 21, 2
love to hear your feedback. https://go.oit.co/review
From: NANOG on behalf of Mike Hammett
Sent: Wednesday, September 22, 2021 9:08:22 AM
To: NANOG
Subject: EXTERNAL: Re: VoIP Provider DDoSes
CAUTION: This email originated from outside of the organization. Do not click
links or open attach
like this.
- Original Message -
From: "Mike Hammett"
To: "NANOG"
Sent: Tuesday, September 21, 2021 4:19:42 PM
Subject: VoIP Provider DDoSes
As many may know, a particular VoIP supplier is suffering a DDoS.
https://twitter.com/voipms
Are your garden variet
Hi
>Something you may want to consider is to put ACLs as far upstream as possible
>from your SBCs and only allow through what you need to the SBCs. For example,
>apply a filter only permitting UDP 5060 and your RTP port range to your SBCs
>and then blocking everything else. This is free and s
- Original Message -
From: "Eric Kuhnke"
To: "Mike Hammett"
Cc: "NANOG"
Sent: Tuesday, September 21, 2021 6:09:07 PM
Subject: Re: VoIP Provider DDoSes
Unlike http based services which can be placed behind cloudflare or similar,
harder to protect sip tru
Brandon,
Actually, i work for a company that just purchased a start up that deals
with DDOS for WebRTC, Websockets and grpc.
Mike,
I could see that, especially since HTTP 3.0 is UDP.
On Tue, Sep 21, 2021 at 9:47 PM Brandon Svec via NANOG
wrote:
> Never heard of that one. WebRTC is maybe easie
On 9/21/21 6:46 PM, Brandon Svec via NANOG wrote:
Never heard of that one. WebRTC is maybe easier to protect from DDOS?
I was just kidding/2. But webrtc don't have a signaling protocol. It can
be SIP but it can be completely home brewed too.
Mike
Brandon
On Sep 21, 2021, at 5:37 PM,
Never heard of that one. WebRTC is maybe easier to protect from DDOS?
Brandon
> On Sep 21, 2021, at 5:37 PM, Michael Thomas wrote:
>
> Which makes SIPoHTTP an inevitability.
>
> Mike
On 9/21/21 4:09 PM, Eric Kuhnke wrote:
Unlike http based services which can be placed behind cloudflare or
similar, harder to protect sip trunking servers.
The provider in question makes use of third party hosting services for
each of their cities' POPs. It is my understanding that for the m
Unlike http based services which can be placed behind cloudflare or
similar, harder to protect sip trunking servers.
The provider in question makes use of third party hosting services for each
of their cities' POPs. It is my understanding that for the most part they
do not run their own infrastruc
mpton, Rich A"
Cc: NANOG list
Subject: Re: [EXTERNAL] VoIP Provider DDoSes
CAUTION: The e-mail below is from an external source. Please exercise caution
before opening attachments, clicking links, or following guidance.
*nods* We have a Metaswitch SBC.
So as long as the pipe isn't full
dwest-ix.com
- Original Message -
From: "Rich A Compton"
To: "Mike Hammett" , "NANOG"
Sent: Tuesday, September 21, 2021 4:59:06 PM
Subject: Re: [EXTERNAL] VoIP Provider DDoSes
Most of the larger DDoS mitigation appliances can block malformed SIP tra
proxy based
firewall just for VoIP.
-Rich
From: NANOG on behalf of
Mike Hammett
Date: Tuesday, September 21, 2021 at 3:31 PM
To: NANOG list
Subject: [EXTERNAL] VoIP Provider DDoSes
CAUTION: The e-mail below is from an external source. Please exercise caution
before opening attachments, clicking
Simwood's blog has a few articles from the past couple weeks with
commentary on the attacks to voip providers in the UK.
https://blog.simwood.com/2021/09/voip-ddos-fail-to-prepare/
On Tue, Sep 21, 2021 at 2:31 PM Mike Hammett wrote:
> As many may know, a particular VoIP supplier is suffering a D
As many may know, a particular VoIP supplier is suffering a DDoS.
https://twitter.com/voipms
Are your garden variety DDoS mitigation platforms or services equipped to
handle DDoSes of VoIP services? What nuances does one have to be cognizant of?
A WAF doesn't mean much to SIP, IAX2, RTP, etc.
22 matches
Mail list logo
