[VoiceOps] Fraud fun

anorexicpoodle anorexicpoodle at gmail.com
Wed May 18 15:55:22 EDT 2011


its funny, I have used this approach on several personal servers that
got an undeserved amount of attention from APNIC. Originally I followed
similar methodology of simply blocking, but after a while I began having
fun and using the script to have IP tables NAT all of the attackers back
at one of them randomly. Admittedly these were mostly attacks against
TCP based services. 

It was a lot like having an ant farm full of scammers and software
pirates. 

Sorry for getting sorta off-topic....

-anorexicpoodle

On Wed, 2011-05-18 at 13:03 -0400, Alex Balashov wrote:

> On 05/18/2011 12:59 PM, J. Oquendo wrote:
> > On 5/18/2011 12:46 PM, Alex Balashov wrote:
> >> Ghetto, but goes a long way in helping harden individual Asterisk
> >> servers on which one has no choice but to leave the SIP call agent
> >> open to the public Internet:
> >
> > http://www.infiltrated.net/scripts/moreghetto.txt
> >
> > You could also use the VABL to block known idiots:
> >
> > wget -qO - www.infiltrated.net/vabl.txt | awk '{print "iptables -A INPUT
> > -s "$1" -j DROP" |"sort"}' | uniq | sh
> >
> 
> Indeed.
> 
> I'm a huge fan of http://countries.nerd.dk as a place to get a list of 
> all non-ARIN net block assignments and firewalling those off.
> 


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/voiceops/attachments/20110518/d6a1fecf/attachment.html>


More information about the VoiceOps mailing list