There you go. This confirms that SIP signaling determines where the calls
should go. I would take their word with a grain of salt specially with their
whole support center our of India. No disrespect, but it is bad service
overall.
-Bruce
On Sat, Apr 10, 2010 at 6:32 PM, Joshua Colp
out* of india.
On Sun, Apr 11, 2010 at 2:26 AM, bruce bruce bruceb...@gmail.com wrote:
There you go. This confirms that SIP signaling determines where the calls
should go. I would take their word with a grain of salt specially with their
whole support center our of India. No disrespect, but
On Sat, 10 Apr 2010 22:34:28 +0100 (BST), Gordon Henderson
gordon+aster...@drogon.net wrote:
Just a heads-up ... my home asterisk server is being flooded by someone
from IP 184.73.17.150 which is an Amazon EC2 instance by the looks of it -
they're trying to send SIP subscribes to one account -
On Sun, 11 Apr 2010, David Quinton wrote:
On Sat, 10 Apr 2010 22:34:28 +0100 (BST), Gordon Henderson
gordon+aster...@drogon.net wrote:
Just a heads-up ... my home asterisk server is being flooded by someone
from IP 184.73.17.150 which is an Amazon EC2 instance by the looks of it -
they're
On Sun, 11 Apr 2010 08:09:02 +0100 (BST), Gordon Henderson
gordon+aster...@drogon.net wrote:
Look what they did to my latency, Gordon:-
http://f8lure.mouselike.org/archived_graphs/westek.bizorg.co.uk_day10.png
Oddly enough my latency wasn't being affected at all - however what I was
seeing
Hi James,
Thanks for the help. 3.10 registers into my SIP server just as a normal SIP
client.
Yes, qualify=yes. I just tried setting that to no on my end, and I still get
the message. I'll try turning it off on 3.10 too tomorrow and capture some
trace too
Adrian
Hi All,
I've two
- Original Message -
On Sun, 11 Apr 2010, David Quinton wrote:
On Sat, 10 Apr 2010 22:34:28 +0100 (BST), Gordon Henderson
gordon+aster...@drogon.net wrote:
Just a heads-up ... my home asterisk server is being flooded by
someone from IP 184.73.17.150 which is an Amazon EC2
Gordon Henderson a écrit :
Just a heads-up ... my home asterisk server is being flooded by someone
from IP 184.73.17.150 which is an Amazon EC2 instance by the looks of it -
they're trying to send SIP subscribes to one account - and they're
flooding the requests in - it's averaging some
On Sun, 11 Apr 2010, --[ UxBoD ]-- wrote:
In the end I set up OSSEC (http://www.ossec.net) and wrote a rule that
would monitor for failed SIP registrations. If a few occurred within a
short space of time the Active Response kicks in and blocks the IP
address using IPTables. -- Thanks, Phil
My experience is that as long as the hackers are getting any kind of
response from your server, they'll keep their attack on, in a hope that
they'll get into your system sooner or later. After all it is just some
computers doing the work for them, no human is phycally getting tired here.
This is
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi, Alyed.
On Sun, 11 Apr 2010, Alyed wrote:
Daniel, you are having a problem often seen in pre 1.4.14 versions.
Before this release srvlookup=no was the default for sip.conf and
guess the same for iax.conf . So if you are working with a
On Sun, 11 Apr 2010, Zeeshan Zakaria wrote:
My experience is that as long as the hackers are getting any kind of
response from your server, they'll keep their attack on, in a hope that
they'll get into your system sooner or later. After all it is just some
computers doing the work for them,
Hello to everyone!
Same here (Vienna, Austria).
I had this attack yesterday 6am (local time) from IP 216.105.128.63
whois 216.105.128.63 returns:
OrgName:Globalvision
OrgID: ACSIN-3
Address:78 Global Drive
Address:Suite 101
City: Greenville
StateProv: SC
PostalCode:
Hi!
My phones (SNOMs) all are on the same LAN within a 192.168.X.X adress
range. I wonder if everything would become a little bit more secure if
define them with host=192.168.X.X in sip.conf instead of
host=dynamic. I tried it as a quick shot but it didn't work as they
still try to register.
I don't k know if there is a tool to sniff passwords, but did you check in
/va/log/asterisk/full? Maybe wireshark can be used for this purpose, but
it'll be not that straight forward.
Interestingly I checked log of my server and found out that I was also under
attack yesterday by an Amazon cloud
On Apr 11, 2010, at 10:06 AM, Zeeshan Zakaria wrote:
I don't k know if there is a tool to sniff passwords, but did you check in
/va/log/asterisk/full? Maybe wireshark can be used for this purpose, but
it'll be not that straight forward.
Interestingly I checked log of my server and found
--[ UxBoD ]-- uxbod at splatnix.net writes:
- Original Message -
On Sun, 11 Apr 2010, David Quinton wrote:
On Sat, 10 Apr 2010 22:34:28 +0100 (BST), Gordon Henderson
gordon+asterisk at drogon.net wrote:
Just a heads-up ... my home asterisk server is being flooded by
Its a good idea tos setup Fail2ban, instructions for which are on
voip-info.org. It at least blocks such IP addresses, hopefully prompting the
attackers to move their attack somewhere else and leave you alone.
I personally use Fail2ban, it works but wont keep you from flooding your line.
My
Hi!
Asterisk in Debian/Lenny claims to be bristuffed, not? At least the
the Debian patch tracking system shows the bristuff-patches:
[1] http://bit.ly/bRRHe7
We have a QuadBRI-Card and recently needed support from Junghanns.net
but they refused telling us there is no bristuff installed because
I always report at least. This is still better than not bringing it to their
attention. I once worked in the NOC of a big data centre of a major ISP, and
we often get calls regarding IPs from our data centers involved in spams and
hacks, but unless there were a number of complaints, nobody had
On Sun, Apr 11, 2010 at 07:45:34PM +0200, Darshaka Pathirana wrote:
Hi!
Asterisk in Debian/Lenny claims to be bristuffed, not? At least the
the Debian patch tracking system shows the bristuff-patches:
[1] http://bit.ly/bRRHe7
We have a QuadBRI-Card and recently needed support from
Am 11.04.2010 17:05, schrieb Mark Smith:
Same this end from 184.73.17.150.
Use this little piece of iptables magic to block the whole of Amazon's EC2 ip-
range.
iptables -F
iptables -A INPUT -m iprange --src-range 216.182.224.0-216.182.239.255 -j DROP
iptables -A INPUT -m iprange
Hi,
This is exactly what I've just joined this mailing list about.
Has anyone has any luck getting Amazon to stop the instances? I'm stuck with
around 700Kbps of my 2.5Mbps inbound in use as my firewall blocks the requests
as below.
Cheers,
Tom
-Original Message-
From:
Norbert Zawodsky norbert at zawodsky.at writes:
Am 11.04.2010 17:05, schrieb Mark Smith:
Same this end from 184.73.17.150.
Use this little piece of iptables magic to block the whole of Amazon's EC2
ip-
range.
iptables -F
iptables -A INPUT -m iprange --src-range
FWIW, we're seeing similar attacks. The below is what I posted on NANOG
earlier, which summarizes Amazon's stellar abuse response. I've also received
an off-list e-mail from someone who was getting hit with 6Gbps of traffic from
them (and was not able to reach anyone there either).
Time to
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
We reported abuse Saturday morning... As of yet, no change in traffic.
I have sent requests upstream to filter all UDP/5060 traffic from EC-2
range to stop the DDOS that we are under, but have only gotten 2 of our
4 providers to comply.
At this
Yeah - I've reported it to the EC2 abuse address about 10 hours ago, with no
response as of yet.
I'm waiting on my ISP to see if they can block anything further upstream.
I should be lucky it's not 6Gbps like some!
Cheers,
Tom
-Original Message-
From:
On Apr 11, 2010, at 4:06 PM, Tom Stordy-Allison wrote:
Hi,
This is exactly what I've just joined this mailing list about.
Has anyone has any luck getting Amazon to stop the instances? I'm stuck with
around 700Kbps of my 2.5Mbps inbound in use as my firewall blocks the
requests as
HI,
I tried to install asterisk and mISDN via
http://www.asterisk.org/downloads/yum
My machine is running with kernel-2.6.18-164.15.1.el5.i686
# grep kernel /var/log/yum.log
Mar 21 16:09:28 Installed: kernel-2.6.18-164.15.1.el5.i686
Mar 21 16:09:42 Installed:
Thanks James,
What i need is to make the fax machines connected to the audiocodes mediant
1000 be able to send and receive fax throught Asterisk (connected to a pri)
I know it's not reliable, but it should work at leaste, what should i do on
Asterisk and Mediant to make this work?
Im quite
Hi asterisk-users
I'm really having big problems with this configuration, has anyone attached
a fax machine to a FXS port of a digium tdm410P card succesfully?
What changes should i do on asterisk to make this work ok?
I just want to use this fax machine as a fax and not to voice!
Thanks!
Hi Guys,
Has anyone experienced this? Can I have a PRI guru weigh in on this?
Thanks,
Bruce
On Sat, Apr 10, 2010 at 3:46 PM, bruce bruce bruceb...@gmail.com wrote:
Hi Guys,
I am calling out 416-999- on Channel 1 of PRI and then calling
416-999- on Channel 2 of PRI. When the two
On Sun, 11 Apr 2010, Mark Smith wrote:
Same this end from 184.73.17.150.
Use this little piece of iptables magic to block the whole of Amazon's EC2 ip-
range.
iptables -F
iptables -A INPUT -m iprange --src-range 216.182.224.0-216.182.239.255 -j DROP
iptables -A INPUT -m iprange
The context that I'm using for the local extensions is not [general].
Sorry quite didn't get what you mean. Nevertheless I I think it is a matter
of NAT/firewall management.
Alyed
2010/4/11 Daniel Bareiro daniel-lis...@gmx.net
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi, Alyed.
On
Hi all,
I have a problem with my asterisk. When i start asterisk, i got the
following
--
/usr/sbin/safe_asterisk: line 152: 23241 Segmentation fault (core
dumped) nice -n $PRIORITY ${ASTSBINDIR}/asterisk -f ${CLIARGS}
35 matches
Mail list logo
