Just passing this info on, in case it's of any interest to folks with an externally accessible SIP server. Just after 9:30PM PST tonight, someone attempted to call a few numbers in a brute-force type fashion. What's interesting is, looking at our logs, they simply sent the requests in question to EVERY IP Address in our /20 range, within a few seconds.
The offending IP address was 80.248.216.28, and the attempted invites were as follows: <sip:[email protected]> <sip:[email protected]> <sip:[email protected]> <sip:[email protected]> <sip:[email protected]> <sip:[email protected]> <sip:[email protected]> <sip:[email protected]> <sip:[email protected]> <sip:[email protected]> <sip:[email protected]> <sip:[email protected]> <sip:[email protected]> <sip:[email protected]> <sip:[email protected]> <sip:[email protected]> <sip:[email protected]> <sip:[email protected]> <sip:[email protected]> <sip:[email protected]> <sip:[email protected]> <sip:[email protected]> <sip:[email protected]> <sip:[email protected]> <sip:[email protected]> <sip:[email protected]> <sip:[email protected]> <sip:[email protected]> <sip:[email protected]> <sip:[email protected]> <sip:[email protected]> <sip:[email protected]> <sip:[email protected]> <sip:[email protected]> <sip:[email protected]> <sip:[email protected]> <sip:[email protected]> <sip:[email protected]> <sip:[email protected]> <sip:[email protected]> <sip:[email protected]> <sip:[email protected]> <sip:[email protected]> <sip:[email protected]> <sip:[email protected]> <sip:[email protected]> <sip:[email protected]> If anyone is interested, I have more detailed information available. Cheers, ...Steve... Stephen Beaudry Manager, Servers, Network and Telecomm Infrastructure IT Services Royal Roads University 2005 Sooke Rd. Victoria, BC V9B 5Y2 (250) 391-2600 ext.4149 [email protected]<mailto:[email protected]>
_______________________________________________ sipx-users mailing list [email protected] List Archive: http://list.sipfoundry.org/archive/sipx-users/
