On 10/15/2010 11:30 AM, Michael Scheidell wrote: > It might be time to gather all the suggestions together and post on > the wiki under the security heading, mostly for newbies, but also for > some of us old timers to refer to. > Maybe a quick outline of the problem(s) and overview of solutions > (eg: generic port scanning for port 5060, specific attempted use of > 'siptrap' uri's?), > Problem of DOS attacks and Toll Fraud (with a big warning about the > 'DISA.. Dial Authorization codes) > AA's and extension numbers, generic web site, xss, sql injection attacks. > Some solutions: > Tony's suggestions for pfsense rate limiting, > Gerald's for voipblacklist (Gerald, I like this one. can you get me > contact information for admin?) > Emerging Threats blocks of DSHIELD listed ip's, their list of RBN's > (Russian Business Network) EC2 (list of amazon ec2 ip's) > Links to snort (and ids that can watch for attacks by ip, and or user > strings) And don't forget fail2ban which is the most important IMO.
-- Regards -------------------------------------- Gerald Drouillard Technology Architect Drouillard & Associates, Inc. http://www.Drouillard.biz _______________________________________________ sipx-users mailing list [email protected] List Archive: http://list.sipfoundry.org/archive/sipx-users/
