similar to: Protect yourself

Hi, Got some great news a few days ago from Sandro Gauci (@SandroGauci) and we'll be talking about this with him this Friday at 1PM. SIPVicious, the free security tools for SIP scanning, now include a new tool: svcrash. It is aimed at helping system administrators stop bandwidth consuming scans making use of svwar and svcrack. Here is the announcement on SIPViscious blog:

Hi, I've recently had a fairly prolonged SIP registration attack, 18 hours in this case and often with 200 attempts per second, and suspect I've had a number of these in the past. The main symptom I noticed previously was, because Asterisk was responding to each registration request it received, it was very quickly using up my 448 kbps upload limit for my home ADSL connection: any

... using it as a tool and understanding what it does... So one part of it's toolset identifys valid SIP accounts - and I was under the impression that alwaysauthreject=yes was supposed to stop this... However, it sends a request for a highly probably non-existent account, then sends requests for probably existing accounts and I guess compares the results - account not found vs. bad

Hi, Given the recent increase in SIP brute force attacks, I've had a little idea. The standard scripts that block after X attempts work well to prevent you actually being compromised, but once you've been 'found' then the attempts seem to keep coming for quite some time. Older versions of sipvicious don't appear to stop once you start sending un-reachables (or straight

My firewall and asterisk pjsip config only has "permit" options for my ITSP's (SIP trunk) IPs. Here's the script that sets it up. -------------------------------------------------- #!/bin/bash EXIF="eth0" /sbin/iptables --flush /sbin/iptables --policy INPUT DROP /sbin/iptables --policy OUTPUT ACCEPT /sbin/iptables -A INPUT -i lo -j ACCEPT /sbin/iptables -A INPUT -m

Greetings all, I have been seeing a lot of [Jan 2 16:36:31] NOTICE[7519]: chan_sip.c:23149 handle_request_invite: Sending fake auth rejection for device 100<sip:100 at 108.161.145.18>;tag=2e921697 in my logs lately. Is there a way to automatically ban IP address from attackers within asterisk ? Thank you

Hi all, I need to use BCB6 with Wine to develop a software that uses two ocxs built with MS Visual C++. I set ole32, oleaut, typelib to native for bcb, else it doesn't start correclty. After that, BCB start up, I can design the forms, write the code, but I have two problems that block me: a) when I press the Execute button, the units are compiled, but the linker hangs up with all the cpu used

Having read over the ruby pdf generation (simple reporting) options, I think Pdf::Writer will do just fine... ..if the following is possible On page 13 of (the really expansive) ::Writer manual, Replacement Tags are detailed. Before I jump into this tomorrow, I''m hoping for some triage sage advice. Finally, the question : "Would utilizing Replacement Tags be a suitable

is there a dowload for mac users? __________________________________ Yahoo! Mail - PC Magazine Editors' Choice 2005 http://mail.yahoo.com

On Sat, 16 Jul 2016 08:53:27 +0200 Luigi Rosa <lists at luigirosa.com> wrote: > > Mark Foley wrote on 16/07/2016 07:43: > > Our office had a user leave. Another user is taking over her duties and needs reference to the > > departing user's email. I've copied that entire departed user's Maildir structure to the current > > user: > > > > mv

Say, I just picked this up on my messages! There are a whole host of these requests! Anyone know whow there people are? Is there a way to report them? Any suggestions as to how to block them? [Aug 23 10:34:16] NOTICE[1010] chan_sip.c: Registration from '"912" <sip:1 at 41.1.1.1>' failed for '184.106.217.112' - Wrong password [Aug 23 10:34:16] NOTICE[1010]

Hey, I'm going thru logs, and I see some very common and interesting things that the hackers are looking for. In a whole bunch of scans, I've noticed that the first guess or two for sip accounts is usually a 10-digit number. I'm asking myself, why these numbers? Are they looking for a voip trunk? Or is it just like a serial number for the scan? What? Here's some examples:

Hi, Embarrassed as I am to write this, I am hoping for some advice. One of our very first PBX installs, now six years old, was "taken advantage of" over the past few weeks. A victim of sipvicious, I assume, that managed to guess one of the SIP passwords. 4000 calls to various middle eastern destinations have been placed, which ended up being sent over our customer's PSTN

Asterisk Project Security Advisory - AST-2011-013 Product Asterisk Summary Possible remote enumeration of SIP endpoints with differing NAT settings Nature of Advisory Unauthorized data disclosure Susceptibility Remote

Hi all, I''ve started porting the Win32::Shortcut Perl module over to Ruby. I''ve done some initial work and committed it to CVS (look under win32utils - I goofed and made a toplevel dir as well - it''s empty). Anyway, everything compiles fine, but when I do "s = Shortcut.new" I get a weird error: test.rb:11:in `initialize'': undefined method

>There's plenty of areas for improvements that don't require incompatible changes like this one. can u please tell me what do I do to make it more exact waveform coder for music rather than speech. I understand that its meant for speech, but I was just using it for music... I am interested in getting the residual as small as possible using speex. Can you please tell me the areas to

Our office had a user leave. Another user is taking over her duties and needs reference to the departing user's email. I've copied that entire departed user's Maildir structure to the current user: mv olduser/Maildir/.* curuser/Maildir/.olduser I did change permission and ownership on curuser/Maildir/.olduser to be the target user. I did not bring over the olduser/Maildir/dovecot*

Hello all. I was recently the victim of a SIP flood attack. I'm wondering what is the best method to prevent such things in the future. Many thanks Greg -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.digium.com/pipermail/asterisk-users/attachments/20101003/2e254523/attachment.htm

Hello, We had been seeing SIP-guessing attacks on our Asterisk server here. While it wasn't that hard to write a once-a-minute cron job to spank the lusers, that runs once a minute and creates little spikes in the usage and I/O graphs, and is slower to respond than I'd really prefer. I felt that it'd be much cooler to get something more comprehensive put together. We don't use

Hi all, Lately, I've seen an increase in the number of attacks against my system from the so-called "Friendly Scanner." When one of these script kiddies targets my server, all I see for symptoms is a few of my trunks become lagged due to server load and a stream of messages on the console that resemble this: [Aug 2 20:27:50] == Using SIP VIDEO CoS mark 6 [Aug 2 20:27:50] ==