[VoiceOps] Fraud fun
Alex Balashov
abalashov at evaristesys.com
Wed May 18 12:46:38 EDT 2011
Ghetto, but goes a long way in helping harden individual Asterisk
servers on which one has no choice but to leave the SIP call agent open
to the public Internet:
iptables -A INPUT -p UDP --dport 5060 -m string --string
'friendly-scanner' -j DROP
On 05/18/2011 12:42 PM, Spencer wrote:
> I'm not sure what your requirements are but, we recently blocked all
> non-ARIN IP space from reaching our registrars. We had something similar
> happen and this has essentiallyeliminated the fraudulent calls we saw.
>
> Thanks,
> Spencer
>
> ------------------------------------------------------------------------
> Message: 1
> Date: Tue, 17 May 2011 15:53:15 -0700
> From: Darren Schreiber <d at d-man.org <mailto:d at d-man.org>>
> To: "VoiceOps at voiceops.org <mailto:VoiceOps at voiceops.org>"
> <VoiceOps at voiceops.org <mailto:VoiceOps at voiceops.org>>
> Subject: [VoiceOps] Fraud fun
> Message-ID: <C9F84A6B.2097A%d at d-man.org <mailto:d at d-man.org>>
> Content-Type: text/plain; charset="us-ascii"
>
> Hi folks,
> We have been hit twice in the past two days with calls to
> 011-252-XXXXXXXX (calls to Somalia I believe, and the originating IP is
> from Pakistan)
>
> It's the same user each time, I think he had a weak password, but it
> cost us over $100, which isn't too bad (we catch it quick) but I'd like
> to get it closer to $0. :-)
>
> Any good recommendations for IP ranges to block from incoming connections?
>
> Thanks,
>
> Darren Schreiber
> CEO / Co-Founder
>
> 2600hz | www.2600hz.com <http://www.2600hz.com><http://www.2600hz.com/>
> sip:darren at 2600hz.com <mailto:darren at 2600hz.com>
> tel:415-886-7901
>
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL:
> <https://puck.nether.net/pipermail/voiceops/attachments/20110517/f0aaf5b7/attachment-0001.html>
>
>
>
>
>
> _______________________________________________
> VoiceOps mailing list
> VoiceOps at voiceops.org
> https://puck.nether.net/mailman/listinfo/voiceops
--
Alex Balashov - Principal
Evariste Systems LLC
260 Peachtree Street NW
Suite 2200
Atlanta, GA 30303
Tel: +1-678-954-0670
Fax: +1-404-961-1892
Web: http://www.evaristesys.com/
More information about the VoiceOps
mailing list