OpenSource

Block unwanted SIP traffic efficiently

Block unwanted SIP traffic

Blocking SIP traffic manually is a reactive procedure, in the absence of smart tools, being pro-active is nearly impossible, it is common if you’re only reacting to a SIP attack then the damage of different types is already done.

The Challenge of blocking SIP traffic

It is no secret that attackers are pretty smart programmers, commonly attackers use sophisticated tools that scan virtually any network and perform the SIP attacks automatically.

in this context, the same attacker IP address is usually seen by several servers and networks, once these tools identify a vulnerability it’ll start attacking you immediately.

When manually blocking unwanted SIP traffic, our internal data shows that we are more likely to perform SIP blocking after an alert is triggered, for example, alarms start triggering on your resources for Disk space, CPU, Memory utilization while the legit traffic has not increased.

Another operational challenge is when a SIP provider has many nodes that they manually manage, blocking an IP address one node means you have to re-deploy the same rules across the board. Management by hand is a time-consuming process whereas software-defined Automation is fast

Case Study

Recently while working with a vendor and had the sngrep tool open, we noticed many hits coming from unknown IPs, all the attempts were rejected by TCXC‘s `Authentication, Authorizations ` module, however, those attempts still consumed Disk space, CPU, and memory as they kept coming.

We went ahead and blocked the unwanted IP address manually in IP tables and repeated the same across our servers, that’s when we thought it would be a good opportunity to verify and test if this attacker’s IP was already detected by APIBan’s SIP honeypots, an open-source project that we recently heard about at Tadhack 2021.

Continue reading…

Dave Horton, creator of jambonz open-source CPaaS demonstrates how to get up and running with TCXC and jambonz.

Dave Horton, the creator of jambonz, an open-source CPaaS project with bring your own everything, in the below video to Dave demonstrates to #TADHack21 developers how get up and running with jambonz and TelecomsXChange (TCXC).

Continue reading…

Get up and running with jambonz CPaaS and TCXC at TADHack 2021

Dave Horton, the creator of Jambonz open-source CPaaS with bring your own everything demonstrates to the TADHack 21 participants this video how to get up and running with Jambonz and TelecomsXChange.

Continue reading…

How to interconnect Kamalio/OpenSIPS to hundreds of carriers in Minutes !

Building a VoIP networks with kamalio/OpenSIPS is pretty cool, the boring stuff comes later when your working towards connecting it with carriers to terminate Voice calls to the PSTN. You got to reach out to the carriers, explain to them your use case answer traffic projections question , contracts , payment terms … (YUCK!). Then repeat with every carrier.

Continue reading…

%d bloggers like this: