<html><head></head><body dir="ltr" lang="en-US" style="background-color: rgb(255, 255, 255); line-height: initial;"> <div style="width: 100%; font-size: initial; font-family: Calibri, 'Slate Pro', sans-serif, sans-serif; color: rgb(31, 73, 125); text-align: initial; background-color: rgb(255, 255, 255);">Hi,</div><div style="width: 100%; font-size: initial; font-family: Calibri, 'Slate Pro', sans-serif, sans-serif; color: rgb(31, 73, 125); text-align: initial; background-color: rgb(255, 255, 255);"><br></div><div style="width: 100%; font-size: initial; font-family: Calibri, 'Slate Pro', sans-serif, sans-serif; color: rgb(31, 73, 125); text-align: initial; background-color: rgb(255, 255, 255);">You are talking PSTN --> customer call flow scenario in CLEC setting. Usually a class 4/5 switch is set to "transparently" pass all incoming calls from PSTN side to whatever customers trunk or line the DID or range is pointed to. And then either that resource gets full due to call volume or your switch starts failing or lagging due to CPS.</div><div style="width: 100%; font-size: initial; font-family: Calibri, 'Slate Pro', sans-serif, sans-serif; color: rgb(31, 73, 125); text-align: initial; background-color: rgb(255, 255, 255);"><br></div><div style="width: 100%; font-size: initial; font-family: Calibri, 'Slate Pro', sans-serif, sans-serif; color: rgb(31, 73, 125); text-align: initial; background-color: rgb(255, 255, 255);">You have two options however:</div><div style="width: 100%; font-size: initial; font-family: Calibri, 'Slate Pro', sans-serif, sans-serif; color: rgb(31, 73, 125); text-align: initial; background-color: rgb(255, 255, 255);"><br></div><div style="width: 100%; font-size: initial; font-family: Calibri, 'Slate Pro', sans-serif, sans-serif; color: rgb(31, 73, 125); text-align: initial; background-color: rgb(255, 255, 255);">If you were to pass all your traffic through a SIP proxy, like Kamallio or OpenSIPS like Alex suggested, that proxy can be programmed to do any kind of fancy call admissions control, dynamic filtering, number pattern etc. This however means you put an extra box in the call path between your PSTN switch and a customer.</div><div style="width: 100%; font-size: initial; font-family: Calibri, 'Slate Pro', sans-serif, sans-serif; color: rgb(31, 73, 125); text-align: initial; background-color: rgb(255, 255, 255);"><br></div><div style="width: 100%; font-size: initial; font-family: Calibri, 'Slate Pro', sans-serif, sans-serif; color: rgb(31, 73, 125); text-align: initial; background-color: rgb(255, 255, 255);">Alternatively, you may try to see if all your PSTN switches can do some kind of external dip or routing query on incoming calls (radius, SIP refer etc). If they can, you can set a server or a cluster that would answer all those dips and decide on per-call basis wether the call should be admitted or not. So think external "brain" for your switches. This way call admission controll decision is made externally, but enforced right at your PSTN switch, and you don't have extra box in the call path. Making it somewhat more elegant.</div><div style="width: 100%; font-size: initial; font-family: Calibri, 'Slate Pro', sans-serif, sans-serif; color: rgb(31, 73, 125); text-align: initial; background-color: rgb(255, 255, 255);"><br></div><div style="width: 100%; font-size: initial; font-family: Calibri, 'Slate Pro', sans-serif, sans-serif; color: rgb(31, 73, 125); text-align: initial; background-color: rgb(255, 255, 255);">This is pretty high-level, but if I understood your topology right, these are basically your two options.</div><div style="width: 100%; font-size: initial; font-family: Calibri, 'Slate Pro', sans-serif, sans-serif; color: rgb(31, 73, 125); text-align: initial; background-color: rgb(255, 255, 255);"><br></div><div style="width: 100%; font-size: initial; font-family: Calibri, 'Slate Pro', sans-serif, sans-serif; color: rgb(31, 73, 125); text-align: initial; background-color: rgb(255, 255, 255);">-Victor</div> <div style="width: 100%; font-size: initial; font-family: Calibri, 'Slate Pro', sans-serif, sans-serif; color: rgb(31, 73, 125); text-align: initial; background-color: rgb(255, 255, 255);"><br style="display:initial"></div> <div style="font-size: initial; font-family: Calibri, 'Slate Pro', sans-serif, sans-serif; color: rgb(31, 73, 125); text-align: initial; background-color: rgb(255, 255, 255);">Sent from my BlackBerry 10 smartphone.</div> <table width="100%" style="background-color:white;border-spacing:0px;"> <tbody><tr><td colspan="2" style="font-size: initial; text-align: initial; background-color: rgb(255, 255, 255);"> <div style="border-style: solid none none; border-top-color: rgb(181, 196, 223); border-top-width: 1pt; padding: 3pt 0in 0in; font-family: Tahoma, 'BB Alpha Sans', 'Slate Pro'; font-size: 10pt;"> <div><b>From: </b>Matthew Yaklin</div><div><b>Sent: </b>Monday, May 15, 2017 10:44</div><div><b>To: </b>voiceops@voiceops.org</div><div><b>Subject: </b>[VoiceOps] Mitigating or stopping TDOS attacks - any advice?</div></div></td></tr></tbody></table><div style="border-style: solid none none; border-top-color: rgb(186, 188, 209); border-top-width: 1pt; font-size: initial; text-align: initial; background-color: rgb(255, 255, 255);"></div><br><div id="_originalContent" style="">
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<style type="text/css" style="display:none;"><!-- P {margin-top:0;margin-bottom:0;} --></style>
<div id="divtagdefaultwrapper" dir="ltr" style="font-size: 12pt; color: rgb(0, 0, 0); font-family: Calibri, Arial, Helvetica, sans-serif, EmojiFont, "Apple Color Emoji", "Segoe UI Emoji", NotoColorEmoji, "Segoe UI Symbol", "Android Emoji", EmojiSymbols;">
<p>Hello all,</p>
<p><br>
</p>
<p>I am curious what others have in place or actions they take when a customer is the target of a TDOS attack?</p>
<p>TDOS being Telephony Denial of Service. An attack where the perp uses whatever means to flood a customer's telephone service with unwanted calls. </p>
<p><br>
</p>
<p>Say you are a multi state CLEC. You have multiple brands of switches (Meta, Taqua, DMS, Genband, etc...) as well as ACME and Perimeta SBCs in use. You have legacy TDM as well as SIP trunks. Your customers are served via legacy and modern methods. You have
hosted PBX as well (Broadsoft). Many customers are on your LAN but many are on the internet. So that is our situation. Or you can be bigger or smaller. No matter the size I would welcome how you handle it.</p>
<p><br>
</p>
<p>We have asked our manufacturers for advice but they <span>have only provided the basic number blocking available by default on the switch. Meta and Genband have provided little other than pointing to existing features. If you have any thoughts on whether
there is something we can provide based upon SIP messaging or other creative solutions that would be awesome!</span></p>
<p><span><br>
</span></p>
<p><span>So I welcome a discussion on this and any advice other operators can give.</span></p>
<p><span><br>
</span></p>
<p><span>Thank you very much,</span></p>
<p><span><br>
</span></p>
<p><span>Matt</span></p>
<p><br>
</p>
<p><br>
</p>
</div>
<br><!--end of _originalContent --></div></body></html>