[VoiceOps] Hackers Crash Clay Co. Phones ...

Frank Bulk frnkblk at iname.com
Mon Aug 18 15:58:03 EDT 2014 

That sounds like call-blocking, which is not allowed...

Frank

-----Original Message-----
From: VoiceOps [mailto:voiceops-bounces at voiceops.org] On Behalf Of Mark R
Lindsey
Sent: Monday, August 18, 2014 2:49 PM
To: ryandelgrosso at gmail.com
Cc: voiceops at voiceops.org
Subject: Re: [VoiceOps] Hackers Crash Clay Co. Phones ...

Ryan, does it seem as though TDoS will be most effectively addressed by the
origination companies?  i.e., the guys with the TDM trunks to the local
tandems, such as incumbents, Verizon, Level(3).

It seems to me that some use of statistics could probably make reasonable
guesses about whether a given PSTN origination call is likely to be
legitimate (for a call from A to B). For example, I'll bet you could make a
good start looking at numbers and geographic areas:

	-- Has telephone number A called to telephone number B before? Or
B->A ?

	-- Has GeographicArea(A) called to telephone number B before? Or
GeographicArea(B) -> A?

The more you know about telephone numbers A and B, the more you could guess
about the likelihood that a given call is legitimate.

And getting good at this should be a competitive advantage, just as
effective anti-spam is an advantage elsewhere. Vendors that build the edge
gear -- in particular, the SBC and TDM SS7 gateway vendors -- should be
leading the way. 

And wholesale carriers could take some advantage and make it broadly
available. For example, let's say Verizon came along and said, "Here's a
reason to port your numbers from Level(3) to us: When you're under attack,
we're going to be smart about the ways we selectively admit calls to your
network."



>>> mark at ecg.co +1-229-316-0013 http://ecg.co/lindsey

On Aug 18, 2014, at 13:52 , Ryan Delgrosso <ryandelgrosso at gmail.com> wrote:

> IP DDOS and TDOS are really two different problems but yes we as ITSP's
and CLECs living in the IP space are absolutely susceptible to both.
> 
> Ive done a fair amount of research into both of these topics and we have
seen varying cases of both, but usually IP DDOS steals the spotlight because
the numbers are bigger and the effects are usually more widespread whereas a
TDOS attack is rarely felt by anyone that doesn't live in the affected
region or isn't actively trying to call the victim, and usually telcos keep
these issues pretty close to the chest.
> 
> I expect this sort of attack is going to increase in magnitude in the
coming 24-36 months as attackers figure out how to wield it. Mark Collier
gave a very interesting talk at one of the CFCA events on this topic, though
the focus was on the enterprise victim, but the lessons are really the same.
There just arent really any good tools to mitigate this sort of attack
today, especially at the carrier level.
> 
> -Ryan
> 
> On 8/18/2014 6:30 AM, Matt Yaklin wrote:
>> 
>> It seems like almost every telephone company can be hit like that
>> except the ?largest?...
>> 
>> A denial of service attack by simply calling so many times it
>> fills up their main trunks.
>> 
>> And we saw how the large IP colo providers handle this for customers
>> who get dos'd. The amount of bandwidth they have is staggering and
>> they still cannot guarantee you will stay up if a ?skilled? attacker
>> wants you down. So you keep throwing money at it until you are
>> so well established online that you look at your monthly bill and
>> want to puke.
>> 
>> matt
>> 
>> On Mon, 18 Aug 2014, Frank Bulk wrote:
>> 
>>> 
>>>
http://www.wibw.com/home/headlines/Hackers-Behind-Phone-Outage-In-Clay-Count
y-271463051.html?ref=051 
>>> 
>>> Painful issue for Big River Telephone!
>>> 
>>> Frank
>>> 
>>> 
>>> 
>> _______________________________________________
>> VoiceOps mailing list
>> VoiceOps at voiceops.org
>> https://puck.nether.net/mailman/listinfo/voiceops
> 
> _______________________________________________
> VoiceOps mailing list
> VoiceOps at voiceops.org
> https://puck.nether.net/mailman/listinfo/voiceops


_______________________________________________
VoiceOps mailing list
VoiceOps at voiceops.org
https://puck.nether.net/mailman/listinfo/voiceops

More information about the VoiceOps mailing list