Monday, 19. April 2010
Amazon Brute Force SIP Attacks – Dave Michels Interviews Me.
Shortly After my “SIP Brute Force Attack Originating From Amazon EC2 Hosts” post, Dave Michels interviewed me for an article Dark Side of the Cloud. This is that interview:
Dave:Â Â What do you believe the intent was of the attacks? Free long distance?
Stu: Certainly free long distance would be one reason… But there are many other reasons to hijack a SIP account. I’m sure that organized crime would pay for a block of active SIP logins. They could use them to circumvent surveillance, or possibly use them for fraudulent boiler room calls about extended warranties and such.
Remember, most folks still believe that the Telephone System is secure… They tend to believe someone who is calling them.
Read more »
Sunday, 11. April 2010
SIP Brute Force Attack Originating From Amazon EC2 Hosts.
I woke up Saturday morning to find strangely high network activity on some of our inbound connections. After a quick review, it turned out that most of the traffic was going into several of our hosted PBX systems. After a little more digging, I discovered that several systems on the Amazon EC2 network were preforming brute force attacks, against our VoIP servers. They were attempting to guess user names and passwords for our SIP clients. I immediately blocked all traffic from the attacking IPs and examined the logs. Thankfully, I found that non of the attacks had succeeded in guessing passwords.
Read more »
Friday, 12. March 2010
The Technology of SCALE8x – A Post Event Review. PART – 2
This is the second installment all about the technologies used for SCALE8x. The first installment dealt with the services that the technology group has setup and maintains for the event year round. This installment will cover the pre-show setup that went into the technologies that were used at the show.
Read more »
Monday, 22. February 2010
The Technology of SCALE8x – A Post Event Review. PART – 1
Every February in Los Angeles CA, a group of dedicated volunteers get together to put on what many believe to be the largest all volunteer organized open source technology conventions in the US. This three day event features talks and exhibits specifically targeted at Open Source users, programmers, and system administrators.
Read more »
Monday, 11. January 2010
Adventures in IPv6… Or how I spent my Xmas Vacation!
Whether you are a network administrator, an end user, or someone that falls in between, you are going to be hearing a lot about IPv6 in the coming years. If you’re in the business of delivering network services, then you need to get up to speed on this… Because before you know it, you will have a client or end user come up to you with a problem that IPv6 is involved in.
Read more »
Saturday, 15. August 2009
Linux Firewall Presentation Notes…
Here are the notes regarding what I covered in my presentation to the Simi Conejo Linux User Group. The actual presentation covered these subjects in more detail then I was able to fit in here, but you should get the general idea of the concepts covered by reading this all the way through. If you would like me to present this presentation for your organization or group, please contact me via email.
Read more »
