Building The Net

Amazon Brute Force SIP Attacks – Dave Michels Interviews Me.

Shortly After my “SIP Brute Force Attack Originating From Amazon EC2 Hosts” post, Dave Michels interviewed me for an article Dark Side of the Cloud. This is that interview:

Dave:   What do you believe the intent was of the attacks? Free long distance?

Stu: Certainly free long distance would be one reason… But there are many other reasons to hijack a SIP account. I’m sure that organized crime would pay for a block of active SIP logins. They could use them to circumvent surveillance, or possibly use them for fraudulent boiler room calls about extended warranties and such.

Remember, most folks still believe that the Telephone System is secure… They tend to believe someone who is calling them.

Read more »

SIP Brute Force Attack Originating From Amazon EC2 Hosts.

I woke up Saturday morning to find strangely high network activity on some of our inbound connections. After a quick review, it turned out that most of the traffic was going into several of our hosted PBX systems. After a little more digging, I discovered that several systems on the Amazon EC2 network were preforming brute force attacks, against our VoIP servers. They were attempting to guess user names and passwords for our SIP clients. I immediately blocked all traffic from the attacking IPs and examined the logs. Thankfully, I found that non of the attacks had succeeded in guessing passwords.

Read more »

Upgrading to Windows 7

Windows 7 is out! And as usual, Microsoft is pushing the idea that: “Windows 7 is the greatest operating system ever created”. Well, I would argue that point, but if you are a hardcore windows user, you most likely will be drinking from the Microsoft Cool-Aid fountain, and will purchase the Windows 7 upgrade.

The first thing you’ll notice is that if you aren’t running Vista, you will be installing Windows 7 as a fresh install. Even if you are running Vista, most experts recommend that you install from scratch regardless. So what does that mean to Windows users? You will be starting fresh! A fresh start! A new tomorrow!

Read more »

What is GNUPG?

GNUPG is the open source alternative to PGP. It allows you to sign and / or encrypt digital information that you are sending to others. They then can verify / decrypt the data. It uses the asymmetric cryptography model for signing data and can use both symmetric and asymmetric cryptography for data encryption.

Why use GNUPG

GNUPG creates an additional layer of security and authenticity of data that you transmit or receive. This helps verify and protect your identity on the web. Using GNUPG for encryption also protects sensitive information during transmission to others, as well as protecting data on storage media.

Read more »

The temptation of the cloud…

In today’s everything digital world, it seems like a natural thing to store your data where you can get to it from anywhere. But who is insuring that all those photos, contacts, videos, calendar entries, and other digital info will be there in ten years? Or in five years? Or even next year? Actually, who is making sure it will be there and accessible tomorrow? With Microsoft/Danger’s announcement of a total data storage failure on the T-Mobile Sidekick Network:

Read more »

This story might not be for everyone.

I often have trouble thinking of things to write about that will fit in to the “Everyone can benefit from” category. This little blog post is really aimed at IT folks and their families. It is an effort in explaining some of the strange thought processes we as IT people need to use in our jobs, and how they leak into our home and social lives sometimes.

Read more »

Thousands report receiving health care email from White House without requesting it.

Over the last few days, news agencies have been reporting that the office of the president used a third party email service to deliver a political email to email accounts that were not subscribed or ever requested government email. This has lead to all sorts of questions regarding if tax payer money was used, or if the White House over stepped it’s bounds by sending what many are calling “SPAM” emails under the presidential umbrella.

This event has brought to the forefront a company that is engaged in managing mass emails for different government agencies called Gov Delivery. Caught in the middle of this whole thing, Gov Delivery is doing it’s best to protect both it’s clients, and it’s own back end. But I think everyone is missing the real story here.

Read more »

Who’s really behind the idea.

First off, let me be clear that this was not my idea. I was told about this whole concept by Mike Rubel @ Cal Tech. He’s the rocket scientist behind this whole idea. Now that we have our “Credit Where Credit is Due” portion out of the way, let’s get into the whole rsync backup concept.

Read more »

Linux Firewall Presentation Notes…

Here are the notes regarding what I covered in my presentation to the Simi Conejo Linux User Group. The actual presentation covered these subjects in more detail then I was able to fit in here, but you should get the general idea of the concepts covered by reading this all the way through. If you would like me to present this presentation for your organization or group, please contact me via email.

Read more »

How to build a Linux Firewall… Join us and Learn!

I will be speaking at the Simi Conejo Linux Users Group (SCLug) on August 15th 2009.

I will be demonstrating how to setup a Linux based PC with multiple network interfaces to act as a firewall. The presentation will cover the following topics:

1. Linux as a stateful firewall.
2. Using policy based routing to select between multiple  routes.
3. Performing source and destination network address translation.
4. Performing load balancing between multiple internet connections.

I plan to start with a base Debian install, and take the group step by step through setting up NAT for both static and DHCP internet connections. I’ll then move to setting up a second internet connection, and demonstrate the use of policy routing to choose an outbound route for different types of connections. Once we’ve covered policy routing, I”ll finish up with session based load balancing across both connections.

If you are going to be in the East Ventura County area on the 15th, I encourage you to join us!

The presentation will be held at the Simi Valley YMCA at 2:00PM on August 15th, 2009.

I look forward to seeing you there!

— Stu