On Fri, 27 Aug 2010, Bryant Zimmerman wrote: > Hey all > > We are seeing intrusion attempts coming from address 201.47.236.122 > today They were hitting our switches trying to get in. So we blocked > them at our firewall. > > Just wanted to put the word out so you all can protect your self.
You must be new here... This sort of thing has been going on for months - years. Read the archives )-: Right now, I have a telco in Romania deliberately trying to hack into several of my client sites - they must have bandwidth to spare, as even with firewalling, they're still going strong. At least, I'm assuming it's a telco - it's definitely a telephone/ISPs company's computer that is the source and it doesn't look like a generic server/cloud type VPS thing either. It seems to be owned by "iLink Telecom" whoever they are - so I'm assuming this is a dodgy eastern European telco trying to steal free calls from the rest of the world. The sad thing is that they're running the old, fucked-up version of sipvicious - the one that keeps on trying, even when it's firewalled out. It's been going on to several of my sites for over 3 days now - it peaked on one site at 1.5Mb/sec, but it's averaging 400-500Kbps to each site right now. The site is 85.120.71.160 which maps to terminators.micos.ro. Hm. just noticed this morning that there are at least 2 separate attacks to one particular host of mine. Ah well. All their succeeding in doing is wasting their own bandwidth. Hope they have to pay for it. Gordon -- _____________________________________________________________________ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
