[VoiceOps] Bandwidth - Monday Outage

Pete Eisengrein peeip989 at gmail.com
Mon Sep 27 19:51:55 EDT 2021 

Bandwidth is a $2.5B publicly traded company... how is this not national
news?

On Mon, Sep 27, 2021 at 5:44 PM Ryan Delgrosso <ryandelgrosso at gmail.com>
wrote:

> Would it? Or would SIP/TLS supplant that?
>
> The VZ VPN requirement was a bad solution to a paranoid delusion that
> really didnt solve anything.
>
> As were all being dragged kicking and screaming into TLS based peering for
> the sake of SHAKEN/STIR why not fully embrace what it provides?
> On 9/27/2021 2:35 PM, Aryn Nakaoka 808.356.2901 wrote:
>
> If its SIP based, Verizon standard to run a VPN would become a norm.
>
>
>
>
> Aryn Nakaoka
> anakaoka at trinet-hi.com
> Direct: 808.356.2901
> 518 Holokahana Lane
> Honolulu, Hi 96817
>
> AlohaTone Mobile: https://youtu.be/PdUyuf0hTYY
>
> A Better Solution https://www.trinet-hi.com/abettersolution.pdf
> <https://www.trinet-hi.com/abettersolution.pdf>
> Aloha Tone PBX  https://www.youtube.com/watch?v=96YWPY9wCeU
>
> CONFIDENTIALITY NOTICE:  The information contained in this email and any
> attachments may be privileged, confidential and protected from disclosure.
> Any disclosure, distribution or copying of this email or any attachments by
> persons or entities other than the intended recipient is prohibited. If you
> have received this email in error, please notify the sender immediately by
> replying to the message and deleting this email and any attachments from
> your system. Thank you for your cooperation.
>
>
> On Mon, Sep 27, 2021 at 11:27 AM Ryan Delgrosso <ryandelgrosso at gmail.com>
> wrote:
>
>> Do we know this is a SIP/RTP targeted volumetric attack and those arent
>> just collateral damage in a more plebian attack aimed ad portals/apis or
>> routers?
>>
>> I can understand them being tight lipped but some transparency helps the
>> situation.
>>
>> I wonder if DHS is involved yet?
>>
>> On 9/27/2021 1:48 PM, Jay Hennigan via VoiceOps wrote:
>> > On 9/27/21 13:30, Darren via VoiceOps wrote:
>> >> I know it’s hard to be patient but I can’t imagine they’re NOT all
>> >> hands on deck.
>> >>
>> >> The reality is probably that the DDoS attack is now so big, they
>> >> can’t handle it on their own, so they’re scrambling to contract out
>> >> with another provider who can handle it. That would explain why the
>> >> BGP routes they advertise have shifted. These DDoS products typically
>> >> take weeks to setup, so they’re likely having to scramble. I’ll be
>> >> surprised if this does NOT continue tomorrow (unfortunately).
>> >
>> > From my understanding this is not your typical volumetric DDoS but
>> > something specific to SIP or VoIP and thus the typical scrubbing
>> > services aren't going to be effective against the voice side of things.
>> >
>> > Obviously they are keeping things close to the vest in order not to
>> > give too much information to the bad guys but I agree that it may take
>> > some time to resolve.
>> >
>> >> *From: *VoiceOps <voiceops-bounces at voiceops.org> on behalf of Carlos
>> >> Alvarez <caalvarez at gmail.com>
>> >> *Date: *Monday, September 27, 2021 at 1:23 PM
>> >
>> >> Generic SIP client here, and the ongoing "continue to investigate"
>> >> notices are infuriatingly like "we have no damn clue what we're
>> >> doing."  Try explaining to customers why it's not "our fault*" and
>> >> that there's no way to estimate a repair time.
>> >
>> > I think the ongoing "continue to investigate" messages are fine.
>> > They're obviously dealing with a major incident and trying their best
>> > to keep their customers informed. This IMHO beats silence.
>> >
>> >> *Our fault for choosing them I guess, but not something we can fix in
>> >> minutes.
>> >
>> > The same thing could and has affected others. Voip.ms has been dealing
>> > with a similar attack for at least a week. We've had excellent service
>> > from Bandwidth for years and I trust that they will be able to get
>> > through this as well as anyone.
>> >
>> > It's the nature of the legacy PSTN that redundant providers or fast
>> > failover for inbound calling isn't (yet) a thing.
>> >
>> _______________________________________________
>> VoiceOps mailing list
>> VoiceOps at voiceops.org
>> https://puck.nether.net/mailman/listinfo/voiceops
>>
> _______________________________________________
> VoiceOps mailing list
> VoiceOps at voiceops.org
> https://puck.nether.net/mailman/listinfo/voiceops
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/voiceops/attachments/20210927/fe8eba5e/attachment-0001.htm>

More information about the VoiceOps mailing list