<div dir="ltr">I never watch news, but I would have expected my news cycle addict friends to be asking me by now. Hmm. There have to be some three letter agencies fully involved, too.<div><br><div><br></div></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Mon, Sep 27, 2021 at 4:57 PM Pete Eisengrein <<a href="mailto:peeip989@gmail.com">peeip989@gmail.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr">Bandwidth is a $2.5B publicly traded company... how is this not national news?</div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Mon, Sep 27, 2021 at 5:44 PM Ryan Delgrosso <<a href="mailto:ryandelgrosso@gmail.com" target="_blank">ryandelgrosso@gmail.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<div>
<p>Would it? Or would SIP/TLS supplant that? <br>
</p>
<p>The VZ VPN requirement was a bad solution to a paranoid delusion
that really didnt solve anything. <br>
</p>
<p>As were all being dragged kicking and screaming into TLS based
peering for the sake of SHAKEN/STIR why not fully embrace what it
provides? <br>
</p>
<div>On 9/27/2021 2:35 PM, Aryn Nakaoka
808.356.2901 wrote:<br>
</div>
<blockquote type="cite">
<div dir="ltr">If its SIP based, Verizon standard to run a VPN
would become a norm.
<div><br>
</div>
<div><br clear="all">
<div>
<div dir="ltr">
<div dir="ltr">
<div dir="ltr">
<div dir="ltr">
<div dir="ltr">
<div dir="ltr">
<div dir="ltr">
<div dir="ltr">
<div dir="ltr">
<div dir="ltr">
<div dir="ltr">
<div dir="ltr">
<div dir="ltr">
<div><font size="2"><br>
</font></div>
<div><font size="2"><br>
</font></div>
<div><font size="2">Aryn Nakaoka<br>
<a href="mailto:anakaoka@trinet-hi.com" target="_blank">anakaoka@trinet-hi.com</a><br>
Direct: 808.356.2901<br>
</font></div>
<div><font size="2">518 Holokahana
Lane</font></div>
<div>Honolulu, Hi<font size="2"> 96817<br>
</font></div>
<div>
<div>
<div><font size="2"><br>
</font></div>
<font size="2">AlohaTone
Mobile: <a href="https://youtu.be/PdUyuf0hTYY" target="_blank">https://youtu.be/PdUyuf0hTYY</a></font></div>
<div><font size="2"><br>
</font></div>
<div><font size="2">A Better
Solution <a href="https://www.trinet-hi.com/abettersolution.pdf" target="_blank">https://www.trinet-hi.com/abettersolution.pdf <br>
</a></font>
<div><font size="2">Aloha Tone
PBX <a href="https://www.youtube.com/watch?v=96YWPY9wCeU" target="_blank">https://www.youtube.com/watch?v=96YWPY9wCeU</a><br>
</font></div>
<div><font size="2"><br>
</font></div>
</div>
<div>
<div><font size="2">CONFIDENTIALITY
NOTICE: The information
contained in this email
and any attachments may be
privileged, confidential
and protected from
disclosure. Any
disclosure, distribution
or copying of this email
or any attachments by
persons or entities other
than the intended
recipient is prohibited.
If you have received this
email in error, please
notify the sender
immediately by replying to
the message and deleting
this email and any
attachments from your
system. Thank you for your
cooperation.<br>
</font></div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<br>
</div>
</div>
<br>
<div class="gmail_quote">
<div dir="ltr" class="gmail_attr">On Mon, Sep 27, 2021 at 11:27
AM Ryan Delgrosso <<a href="mailto:ryandelgrosso@gmail.com" target="_blank">ryandelgrosso@gmail.com</a>>
wrote:<br>
</div>
<blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">Do
we know this is a SIP/RTP targeted volumetric attack and those
arent <br>
just collateral damage in a more plebian attack aimed ad
portals/apis or <br>
routers?<br>
<br>
I can understand them being tight lipped but some transparency
helps the <br>
situation.<br>
<br>
I wonder if DHS is involved yet?<br>
<br>
On 9/27/2021 1:48 PM, Jay Hennigan via VoiceOps wrote:<br>
> On 9/27/21 13:30, Darren via VoiceOps wrote:<br>
>> I know it’s hard to be patient but I can’t imagine
they’re NOT all <br>
>> hands on deck.<br>
>><br>
>> The reality is probably that the DDoS attack is now
so big, they <br>
>> can’t handle it on their own, so they’re scrambling
to contract out <br>
>> with another provider who can handle it. That would
explain why the <br>
>> BGP routes they advertise have shifted. These DDoS
products typically <br>
>> take weeks to setup, so they’re likely having to
scramble. I’ll be <br>
>> surprised if this does NOT continue tomorrow
(unfortunately).<br>
><br>
> From my understanding this is not your typical volumetric
DDoS but <br>
> something specific to SIP or VoIP and thus the typical
scrubbing <br>
> services aren't going to be effective against the voice
side of things.<br>
><br>
> Obviously they are keeping things close to the vest in
order not to <br>
> give too much information to the bad guys but I agree
that it may take <br>
> some time to resolve.<br>
><br>
>> *From: *VoiceOps <<a href="mailto:voiceops-bounces@voiceops.org" target="_blank">voiceops-bounces@voiceops.org</a>>
on behalf of Carlos <br>
>> Alvarez <<a href="mailto:caalvarez@gmail.com" target="_blank">caalvarez@gmail.com</a>><br>
>> *Date: *Monday, September 27, 2021 at 1:23 PM<br>
><br>
>> Generic SIP client here, and the ongoing "continue to
investigate" <br>
>> notices are infuriatingly like "we have no damn clue
what we're <br>
>> doing." Try explaining to customers why it's not
"our fault*" and <br>
>> that there's no way to estimate a repair time.<br>
><br>
> I think the ongoing "continue to investigate" messages
are fine. <br>
> They're obviously dealing with a major incident and
trying their best <br>
> to keep their customers informed. This IMHO beats
silence.<br>
><br>
>> *Our fault for choosing them I guess, but not
something we can fix in <br>
>> minutes.<br>
><br>
> The same thing could and has affected others. Voip.ms has
been dealing <br>
> with a similar attack for at least a week. We've had
excellent service <br>
> from Bandwidth for years and I trust that they will be
able to get <br>
> through this as well as anyone.<br>
><br>
> It's the nature of the legacy PSTN that redundant
providers or fast <br>
> failover for inbound calling isn't (yet) a thing.<br>
><br>
_______________________________________________<br>
VoiceOps mailing list<br>
<a href="mailto:VoiceOps@voiceops.org" target="_blank">VoiceOps@voiceops.org</a><br>
<a href="https://puck.nether.net/mailman/listinfo/voiceops" rel="noreferrer" target="_blank">https://puck.nether.net/mailman/listinfo/voiceops</a><br>
</blockquote>
</div>
</blockquote>
</div>
_______________________________________________<br>
VoiceOps mailing list<br>
<a href="mailto:VoiceOps@voiceops.org" target="_blank">VoiceOps@voiceops.org</a><br>
<a href="https://puck.nether.net/mailman/listinfo/voiceops" rel="noreferrer" target="_blank">https://puck.nether.net/mailman/listinfo/voiceops</a><br>
</blockquote></div>
_______________________________________________<br>
VoiceOps mailing list<br>
<a href="mailto:VoiceOps@voiceops.org" target="_blank">VoiceOps@voiceops.org</a><br>
<a href="https://puck.nether.net/mailman/listinfo/voiceops" rel="noreferrer" target="_blank">https://puck.nether.net/mailman/listinfo/voiceops</a><br>
</blockquote></div>