Stay in touch VUC Mailing List : VUC FaceBook Page : iTunes
24/7 Leave a message or send an SMS : (518) VUC-VOIP (882-8647) : IRC #vuc

VUC Info: Next session - Future Topics - HOW TO Connect

Posts Tagged computer security

Amazon EC2 Flood Attacks from the Cloud

Posted by Zeeek/Randulo in VoIP

Podcast: Download

Audio : Download file (EC2Attacks.mp3)


Part of this article is an edited summary of material from VoipTechChat.com

Complaints of rampant SIP Brute Force Attacks coming from servers with Amazon EC2 IP Addresses cause many admins to simply drop all such traffic. Generally, SIP brute force attacks attempt to register various peer names to a system and/or attempt to guess passwords of known/guesses peers or endpoints. The object is theft of resources.

The complaints mentioned this weekend show an excessive amount of traffic; with some providers claiming 6GB of traffic dedicated to such attacks. Since we ourselves received an attack from an Amazon hosted server, we also reported and complained to the Amazon NOC/Abuse depts.

There are various techniques to assist with minimizing DDoS and Brute Force attacks, such as limiting access via the public internet, using strong passwords, not mapping extension name to peer/endpoint name, limiting simultaneous calls, and aggressively monitoring usage. Automatic blocking of abusive IP’s (fail2ban, blockhosts, etc.) can also assist with minimizing damage.

References: EC2 Abuse Report Form

VOIPSA

VUC official position: EC2 abuse costs victims time and money. Amazon is 100% accountable for what their customers do with their resources and must react swiftly to complaints.

VUC 60 second rant: This week saw a new feature rolled out, the Voipusers One Minute Issue Talk (VOMIT) where all listeners are encouraged to phone in their VoIP-related rants. Call and leave yours at (518) VUC VOIP or (518) 882-8647.

Follow  @voipusers on Twitter.

, , , , , , , , , , , , , , , , , , , , , , , , , , ,

3 Comments

Beginning OpenVPN 2.0.9

Posted by Zeeek/Randulo in Books, VoIP

Podcast: Download

Audio : Download file (TS-320846.mp3)

Audio : Download file (TS-315633.mp3)

OpenVPN_2.0.9
The VPN topic will be of interest to all on the VUC so we’re inviting Markus Feilner, author of “Beginning OpenVPN 2.0.9“.

Two copies of this book to give away today

The following is from the preface of the book, co-authored by Norbert Graf:
OpenVPN is an outstanding piece of software that was invented by James Yonan in the year 2001 and has steadily been improved since then. No other VPN solution offers a comparable mixture of enterprise-level security, usability, and feature richness. We have been working with OpenVPN for many years now, and it has always proven to be the best solution. This book is intended to introduce OpenVPN software to network specialists and VPN newbies alike. OpenVPN works where most other solutions fail and exists on almost any platform. Thus, it is an ideal solution for problematic setups and an easy approach for the inexperienced.
On the other hand, the complexity of classic VPN solutions, especially IPsec, gives the impression that VPN technology in general is difficult and a topic only for very experienced (network and security) specialists. OpenVPN proves that this can be different, and this book aims to document that.
I want to provide both a concise description of OpenVPN’s features and an easy-to-understand introduction for the inexperienced. Though there may be many other possible ways to success in the scenarios described, the ones presented have been tested in many setups and have been selected for simplicity reasons.
LINKS
 Next scheduled session in your time zone
Freenode.net IRC web client, just add your pseudo and you're on #vuc
 VUC Google Group

  VUC linkedin group (business contacts)
Links mentioned in IRC Feb 5, 2010
[6:19pm] NerdUno: Here are some good OpenVPN tutorials: http://pbxinaflash.com/forum/showthread.php?t=4856
[6:21pm] steely_glint: ecrist - http://www.phonefromhere.com/vuc/
[6:31pm] ecrist: Why TCP Over TCP Is A Bad Idea:  http://sites.inka.de/~bigred/devel/tcp-tcp.html
[6:32pm] kfife:        http://www.packtpub.com/openvpn/book
[6:34pm] Zeeek:        http://www.linux4afrika.de/vision.html?L=0
[6:40pm] mfeilner:        http://www.linux-magazine.com/Issues/2009/99/SAFE-CALL
[6:41pm] mfeilner:        http://www.feilner-it.net
[6:42pm] mfeilner:        http://www.openvpn.eu
[6:43pm] mfeilner:        http://www.openvpn.eu/index.php?id=23&L=0

[7:39pm] Skibum: BTW more info on Bria 3 is available at: http://www.counterpath.com/bria.html
[8:00pm] mjgraves:        http://gigaset.com/chagall/provider/general/chagall223_02.bin
[8:21pm] JimCifarelli:        http://www.embeddedarm.com/about/resource.php?item=408

Part 2: Bria Tests and more

, , , , , , , , , , , , , ,

No Comments