A quick anecdote. One of our hosting providers (Hetzner) had a DDoS mitigation tool which blackholed our servers when they reached about 1500 concurrent call legs with RTP. That's about 75kpps in, which was presumably - and not entirely unreasonably - set as a threshold for DDoS attack detection.
So, Mike, I'd observe that DDoS mitigation platforms may not even be equipped to handle regular IP telephony traffic, let alone deal with DDoS attacks :-) --Dave On Mon, Sep 27, 2021 at 12:26 AM Alex Balashov via VoiceOps < [email protected]> wrote: > It’s pretty bad out there. voip.ms are definitely not the only ones being > hit. I’ve got a customer that’s been getting hit for a week, though > seemingly no ransom demand and may not be the same outfit. > > > On Sep 26, 2021, at 4:54 PM, Mike Hammett <[email protected]> wrote: > > > > I sent this to NANOG recently, not even thinking that this list may get > a better ROI. > > > > As many may know, a particular VoIP supplier is suffering a DDoS. > https://twitter.com/voipms > > > > Are your garden variety DDoS mitigation platforms or services equipped > to handle DDoSes of VoIP services? What nuances does one have to be > cognizant of? A WAF doesn't mean much to SIP, IAX2, RTP, etc. > > > > > > > > ----- > > Mike Hammett > > Intelligent Computing Solutions > > http://www.ics-il.com > > > > > > > > Midwest Internet Exchange > > http://www.midwest-ix.com > > > > > > > > _______________________________________________ > > VoiceOps mailing list > > [email protected] > > https://puck.nether.net/mailman/listinfo/voiceops > > -- > Alex Balashov | Principal | Evariste Systems LLC > > Tel: +1-706-510-6800 / +1-800-250-5920 (toll-free) > Web: http://www.evaristesys.com/, http://www.csrpswitch.com/ > > _______________________________________________ > VoiceOps mailing list > [email protected] > https://puck.nether.net/mailman/listinfo/voiceops >
_______________________________________________ VoiceOps mailing list [email protected] https://puck.nether.net/mailman/listinfo/voiceops
