VoIP Users Conference » computer security http://www.voipusersconference.org Live every Friday at 12 Noon Eastern time Sat, 04 Feb 2012 06:43:49 +0000 en hourly 1 http://wordpress.org/?v=3.3.1 http://www.voipusersconference.org/feed/podcast/ This is a weekly live meeting of people all over the world who are interested in sharing knowledge and experiences about telephony over the Internet. Guests include authors, innovators, programmers and Internet personalities. The conference is reached by phoning in using SIP, Skype or a web page widget shown on the main web site http://vuc.me @voipusers clean @voipusers itunes@voipusersconference.org itunes@voipusersconference.org (@voipusers) VOIP allows you to do almost anything with incoming and outgoing telephone lines. telephony,communications,international,asterisk,freeswitch,freepbx,skype VoIP Users Conference » computer security http://www.voipusersconference.org/wp-content/uploads/powerpress/_vuc144.jpg http://www.voipusersconference.org Amazon EC2 Flood Attacks from the Cloud http://www.voipusersconference.org/2010/amazon-ec2-flood-attacks/ http://www.voipusersconference.org/2010/amazon-ec2-flood-attacks/#comments Wed, 14 Apr 2010 23:00:57 +0000 VUC http://www.voipusersconference.org/?p=1946


Part of this article is an edited summary of material from VoipTechChat.com

Complaints of rampant SIP Brute Force Attacks coming from servers with Amazon EC2 IP Addresses cause many admins to simply drop all such traffic. Generally, SIP brute force attacks attempt to register various peer names to a system and/or attempt to guess passwords of known/guesses peers or endpoints. The object is theft of resources.

The complaints mentioned this weekend show an excessive amount of traffic; with some providers claiming 6GB of traffic dedicated to such attacks. Since we ourselves received an attack from an Amazon hosted server, we also reported and complained to the Amazon NOC/Abuse depts.

There are various techniques to assist with minimizing DDoS and Brute Force attacks, such as limiting access via the public internet, using strong passwords, not mapping extension name to peer/endpoint name, limiting simultaneous calls, and aggressively monitoring usage. Automatic blocking of abusive IP’s (fail2ban, blockhosts, etc.) can also assist with minimizing damage.

References: EC2 Abuse Report Form

VOIPSA

VUC official position: EC2 abuse costs victims time and money. Amazon is 100% accountable for what their customers do with their resources and must react swiftly to complaints.

VUC 60 second rant: This week saw a new feature rolled out, the Voipusers One Minute Issue Talk (VOMIT) where all listeners are encouraged to phone in their VoIP-related rants. Call and leave yours at (518) VUC VOIP or (518) 882-8647.

Follow  @voipusers on Twitter.

]]> http://www.voipusersconference.org/2010/amazon-ec2-flood-attacks/feed/ 3 @voipusers,abuse,accountable,Amazon,amazon elastic compute cloud,amazon.com,attack,attacks,blockhosts,brute force,cloud,cloud infrastructure Part of this article is an edited summary of material from VoipTechChat.com - Complaints of rampant SIP Brute Force Attacks coming from servers with Amazon EC2 IP Addresses cause many admins to simply drop all such traffic. Generally, (http://www.voipusersconference.org/wp-content/uploads/2010/04/cloud.jpg) Part of this article is an edited summary of material from VoipTechChat.com (http://www.voiptechchat.com/voip/457/amazon-ec2-sip-brute-force-attacks-on-rise/) Complaints of rampant SIP Brute Force Attacks coming from servers with Amazon EC2 IP Addresses cause many admins to simply drop all such traffic. Generally, SIP brute force attacks attempt to register various peer names to a system and/or attempt to guess passwords of known/guesses peers or endpoints. The object is theft of resources. The complaints mentioned this weekend show an excessive amount of traffic; with some providers claiming 6GB of traffic dedicated to such attacks. Since we ourselves received an attack from an Amazon hosted server, we also reported and complained to the Amazon NOC/Abuse depts. There are various techniques to assist with minimizing DDoS and Brute Force attacks, such as limiting access via the public internet, using strong passwords, not mapping extension name to peer/endpoint name, limiting simultaneous calls, and aggressively monitoring usage. Automatic blocking of abusive IP’s (fail2ban, blockhosts, etc.) can also assist with minimizing damage. References: EC2 Abuse Report Form (https://www.amazon.com/gp/html-forms-controller/AWSAbuse/) VOIPSA (http://www.voipsa.org/) VUC official position: EC2 abuse costs victims time and money. Amazon is 100% accountable for what their customers do with their resources and must react swiftly to complaints. VUC 60 second rant: This week saw a new feature rolled out, the Voipusers One Minute Issue Talk (VOMIT) where all listeners are encouraged to phone in their VoIP-related rants. Call and leave yours at (518) VUC VOIP or (518) 882-8647. Follow  @voipusers (http://twitter.com/voipusers) on Twitter. @voipusers clean 1:48:26 Beginning OpenVPN 2.0.9 http://www.voipusersconference.org/2010/book-beginning-openvpn-2-0-9/ http://www.voipusersconference.org/2010/book-beginning-openvpn-2-0-9/#comments Fri, 05 Feb 2010 00:00:21 +0000 VUC http://www.voipusersconference.org/?p=1411

OpenVPN_2.0.9
The VPN topic will be of interest to all on the VUC so we’re inviting Markus Feilner, author of “Beginning OpenVPN 2.0.9“.

Two copies of this book to give away today

The following is from the preface of the book, co-authored by Norbert Graf:
OpenVPN is an outstanding piece of software that was invented by James Yonan in the year 2001 and has steadily been improved since then. No other VPN solution offers a comparable mixture of enterprise-level security, usability, and feature richness. We have been working with OpenVPN for many years now, and it has always proven to be the best solution. This book is intended to introduce OpenVPN software to network specialists and VPN newbies alike. OpenVPN works where most other solutions fail and exists on almost any platform. Thus, it is an ideal solution for problematic setups and an easy approach for the inexperienced.
On the other hand, the complexity of classic VPN solutions, especially IPsec, gives the impression that VPN technology in general is difficult and a topic only for very experienced (network and security) specialists. OpenVPN proves that this can be different, and this book aims to document that.
I want to provide both a concise description of OpenVPN’s features and an easy-to-understand introduction for the inexperienced. Though there may be many other possible ways to success in the scenarios described, the ones presented have been tested in many setups and have been selected for simplicity reasons.
LINKS
 Next scheduled session in your time zone
Freenode.net IRC web client, just add your pseudo and you're on #vuc
 VUC Google Group

  VUC linkedin group (business contacts)
Links mentioned in IRC Feb 5, 2010
[6:19pm] NerdUno: Here are some good OpenVPN tutorials: http://pbxinaflash.com/forum/showthread.php?t=4856
[6:21pm] steely_glint: ecrist - http://www.phonefromhere.com/vuc/
[6:31pm] ecrist: Why TCP Over TCP Is A Bad Idea:  http://sites.inka.de/~bigred/devel/tcp-tcp.html
[6:32pm] kfife:        http://www.packtpub.com/openvpn/book
[6:34pm] Zeeek:        http://www.linux4afrika.de/vision.html?L=0
[6:40pm] mfeilner:        http://www.linux-magazine.com/Issues/2009/99/SAFE-CALL
[6:41pm] mfeilner:        http://www.feilner-it.net
[6:42pm] mfeilner:        http://www.openvpn.eu
[6:43pm] mfeilner:        http://www.openvpn.eu/index.php?id=23&L=0

[7:39pm] Skibum: BTW more info on Bria 3 is available at: http://www.counterpath.com/bria.html
[8:00pm] mjgraves:        http://gigaset.com/chagall/provider/general/chagall223_02.bin
[8:21pm] JimCifarelli:        http://www.embeddedarm.com/about/resource.php?item=408

Part 2: Bria Tests and more

]]> http://www.voipusersconference.org/2010/book-beginning-openvpn-2-0-9/feed/ 0 Books,computer network security,computer networking,computer security,computing,encryption,internet privacy,Markus Feilner,OpenVPN,packt,security,tunneling protocols The VPN topic will be of interest to all on the VUC so we're inviting Markus Feilner, author of "Beginning OpenVPN 2.0.9". Two copies of this book to give away today - The following is from the preface of the book, (http://www.voipusersconference.org/wp-content/uploads/2009/12/OpenVPN_2.0.9.png) The VPN topic will be of interest to all on the VUC so we're inviting Markus Feilner (https://www.packtpub.com/author_view_profile/id/76), author of "Beginning OpenVPN 2.0.9". Two copies of this book to give away today The following is from the preface of the book, co-authored by Norbert Graf (https://www.packtpub.com/author_view_profile/id/432): OpenVPN is an outstanding piece of software that was invented by James Yonan in the year 2001 and has steadily been improved since then. No other VPN solution offers a comparable mixture of enterprise-level security, usability, and feature richness. We have been working with OpenVPN for many years now, and it has always proven to be the best solution. This book is intended to introduce OpenVPN software to network specialists and VPN newbies alike. OpenVPN works where most other solutions fail and exists on almost any platform. Thus, it is an ideal solution for problematic setups and an easy approach for the inexperienced. On the other hand, the complexity of classic VPN solutions, especially IPsec, gives the impression that VPN technology in general is difficult and a topic only for very experienced (network and security) specialists. OpenVPN proves that this can be different, and this book aims to document that. I want to provide both a concise description of OpenVPN's features and an easy-to-understand introduction for the inexperienced. Though there may be many other possible ways to success in the scenarios described, the ones presented have been tested in many setups and have been selected for simplicity reasons. LINKS Next scheduled session (http://vuc.me/next) in your time zone Freenode.net IRC web client (http://vuc.me/irc), just add your pseudo and you're on #vuc VUC Google Group (http://vuc.me/mailinglist) VUC linkedin group (http://vuc.me/linkedin) (business contacts) Links mentioned in IRC Feb 5, 2010 [6:19pm] NerdUno: Here are some good OpenVPN tutorials: http://pbxinaflash.com/forum/showthread.php?t=4856 [6:21pm] steely_glint: ecrist - http://www.phonefromhere.com/vuc/ [6:31pm] ecrist: Why TCP Over TCP Is A Bad Idea:  http://sites.inka.de/~bigred/devel/tcp-tcp.html [6:32pm] kfife: http://www.packtpub.com/openvpn/book [6:34pm] Zeeek: http://www.linux4afrika.de/vision.html?L=0 [6:40pm] mfeilner: http://www.linux-magazine.com/Issues/2009/99/SAFE-CALL [6:41pm] mfeilner: http://www.feilner-it.net [6:42pm] mfeilner: http://www.openvpn.eu [6:43pm] mfeilner: http://www.openvpn.eu/index.php?id=23&L=0 [7:39pm] Skibum: BTW more info on Bria 3 is available at: http://www.counterpath.com/bria.html [8:00pm] mjgraves: http://gigaset.com/chagall/provider/general/chagall223_02.bin [8:21pm] JimCifarelli: http://www.embeddedarm.com/about/resource.php?item=408 Part 2: Bria Tests and more @voipusers clean