Over the last two weeks, we have had at least two incidents where our
asterisk server got flooded (a hundred or more per second) by SIP
packets. Once from 114.31.50.10, second time from 173.212.200.146. We
became aware of the problem when bandwidth started suffering because
asterisk got very
On Thu, 2010-10-28 at 09:41 +0200, Per Jessen wrote:
Over the last two weeks, we have had at least two incidents where our
asterisk server got flooded (a hundred or more per second) by SIP
packets. Once from 114.31.50.10, second time from 173.212.200.146. We
became aware of the problem when
Am 28.10.2010 09:41, schrieb Per Jessen:
Over the last two weeks, we have had at least two incidents where our
asterisk server got flooded (a hundred or more per second) by SIP
packets. Once from 114.31.50.10, second time from 173.212.200.146. We
became aware of the problem when bandwidth
Norbert Zawodsky wrote:
Am 28.10.2010 09:41, schrieb Per Jessen:
Over the last two weeks, we have had at least two incidents where
our asterisk server got flooded (a hundred or more per second) by SIP
packets. Once from 114.31.50.10, second time from 173.212.200.146.
We became aware of
Ishfaq Malik wrote:
On Thu, 2010-10-28 at 09:41 +0200, Per Jessen wrote:
Over the last two weeks, we have had at least two incidents where
our asterisk server got flooded (a hundred or more per second) by SIP
packets. Once from 114.31.50.10, second time from 173.212.200.146.
We became
Am 28.10.2010 12:14, schrieb Per Jessen:
Ishfaq Malik wrote:
On Thu, 2010-10-28 at 09:41 +0200, Per Jessen wrote:
Over the last two weeks, we have had at least two incidents where
our asterisk server got flooded (a hundred or more per second) by SIP
packets. Once from 114.31.50.10, second
On Thu, 28 Oct 2010, Norbert Zawodsky wrote:
Am 28.10.2010 12:14, schrieb Per Jessen:
Ishfaq Malik wrote:
On Thu, 2010-10-28 at 09:41 +0200, Per Jessen wrote:
Over the last two weeks, we have had at least two incidents where
our asterisk server got flooded (a hundred or more per second) by
Norbert Zawodsky wrote:
Per,
(didn't want to be unfriendly to you !)
Not at all.
As you say, you don't like anything to modify your firewal. My
words!
Someone (don't remember who when) on this list showed me a very
clever trick (=iptables rule) to drop the packets if too many
Gordon Henderson wrote:
On Thu, 28 Oct 2010, Norbert Zawodsky wrote:
Am 28.10.2010 12:14, schrieb Per Jessen:
Ishfaq Malik wrote:
On Thu, 2010-10-28 at 09:41 +0200, Per Jessen wrote:
Over the last two weeks, we have had at least two incidents
where our asterisk server got flooded (a
Fail2Ban
Regards
- Original Message -
From: Per Jessen p...@computer.org
To: asterisk-users@lists.digium.com
Sent: Thursday, October 28, 2010 2:41 AM
Subject: [asterisk-users] being bombarded with SIP packets
Over the last two weeks, we have had at least two incidents where our
Two incidents in two weeks is not bad. I get 2-4 a day. There must be many
here with even more than that. You should start considering some safety
practices like disabling long distance and international calls by default,
put a cap on long distance and international calls even for genuine users,
On 10/28/2010 3:41 AM, Per Jessen wrote:
2) if you've got some iptables rules for limiting inbound SIP by rate?
exactly what i was going through; here's how i reacted (throttles both
SSH and SIP Register:
First, I completely blocked all non-North American Amazon EC2 networks
- I won't be
12 matches
Mail list logo
