This belongs on its own topic. My jira is to have sipx provide UA and IP source info placed in a text file to be harvested by a firewall script OUTSIDE of sipx to be its own auto protected.
That with rate limiting and having a blacklist of ip and UA (to identify ua sipvicious and others) alongside cps limiting at an external fireawall is the most proactive approach. The above mentioned (and continued discussion) of this and related types DOES NOT BELONG ON THIS THREAD. This thread (subject) has to do with the sipfoundry hosted services that are potentially harvested. You should start a new thread. ============================ Tony Graziano, Manager Telephone: 434.984.8430 Fax: 434.984.8431 Email: [email protected] LAN/Telephony/Security and Control Systems Helpdesk: Telephone: 434.984.8426 Fax: 434.984.8427 Helpdesk Contract Customers: http://www.myitdepartment.net/gethelp/ ----- Original Message ----- From: [email protected] <[email protected]> To: [email protected] <[email protected]> Sent: Fri Oct 15 10:48:08 2010 Subject: Re: [sipx-users] Mailing lists harvested for sip attacks On 10/15/10 10:44 AM, R P Herrold wrote: > and reporting attacks across a link that is being defended > from a DDoS is not likely to be so effective for the obvious reporting is batch. they have several scripts for several log formats. checking is against a batch downloaded CIDR or IP netblock in several firewall formats. sans.org is pretty big, and has defended itself against DOS attacks several times. just a suggestion, Im not doing any of the above yet, but just a suggestion for discussion. -- Michael Scheidell, CTO o: 561-999-5000 d: 561-948-2259 ISN: 1259*1300 > *| *SECNAP Network Security Corporation * Certified SNORT Integrator * 2008-9 Hot Company Award Winner, World Executive Alliance * Five-Star Partner Program 2009, VARBusiness * Best in Email Security,2010: Network Products Guide * King of Spam Filters, SC Magazine 2008 ______________________________________________________________________ This email has been scanned and certified safe by SpammerTrap(r). For Information please see http://www.secnap.com/products/spammertrap/ ______________________________________________________________________ _______________________________________________ sipx-users mailing list [email protected] List Archive: http://list.sipfoundry.org/archive/sipx-users/
