We've never seen evidence of issues other than just making phones ring. I assume it's some script kiddies trying to find an open SIP proxy.
The routers in use are owned by our ISP partner and managed by them. Typical mid-grade routers like a 1900 series. I'm not aware of an ability to filter SIP as an application with those, though I've been pretty removed from Cisco hands-on for some time. Filtering based on port would not help us. On Fri, Nov 20, 2015 at 2:13 PM, Alex Balashov <[email protected]> wrote: > On 11/20/2015 04:09 PM, Calvin Ellison wrote: > > challenge to BYE should mitigate that particular targeted attack. >> > > Spoofed sequential (in-dialog) requests strike me as less of a concern > than initial requests, since, in order for the BYE to match an existing > dialog in the phone's UAS, the attacker would have to spoof a valid From > & To-tag, Call-ID, CSeq, etc. > > > -- > Alex Balashov | Principal | Evariste Systems LLC > 303 Perimeter Center North, Suite 300 > Atlanta, GA 30346 > United States > > Tel: +1-800-250-5920 (toll-free) / +1-678-954-0671 (direct) > Web: http://www.evaristesys.com/, http://www.csrpswitch.com/ > _______________________________________________ > VoiceOps mailing list > [email protected] > https://puck.nether.net/mailman/listinfo/voiceops >
_______________________________________________ VoiceOps mailing list [email protected] https://puck.nether.net/mailman/listinfo/voiceops
