Skip to Content.
Sympa Menu

isn-discuss - Re: [isn-discuss] anybody use ITAD

Subject: Discussion List for Freenum/ITAD Subscriber Number (ISN) Project

List archive

Re: [isn-discuss] anybody use ITAD


Chronological Thread 
  • From: Christan <>
  • To: "" <>, John Covert <>
  • Cc: "" <>
  • Subject: Re: [isn-discuss] anybody use ITAD
  • Date: Tue, 5 Sep 2017 21:07:15 +0000 (UTC)
  • Ironport-phdr: 9a23:pZE8EBLwUWqveIlxOdmcpTZWNBhigK39O0sv0rFitYgfKv3xwZ3uMQTl6Ol3ixeRBMOAuqIC07KempujcFRI2YyGvnEGfc4EfD4+ouJSoTYdBtWYA1bwNv/gYn9yNs1DUFh44yPzahANS47xaFLIv3K98yMZFAnhOgppPOT1HZPZg9iq2+yo9ZDeZwZFiCChbb9uMR67sRjfus4KjIV4N60/0AHJonxGe+RXwWNnO1eelAvi68mz4ZBu7T1et+ou+MBcX6r6eb84TaFDAzQ9L281/szrugLdQgaJ+3ART38ZkhtMAwjC8RH6QpL8uTb0u+ZhxCWXO9D9QKsqUjq+8ahkVB7oiD8GNzEn9mHXltdwh79frB64uhBz35LYbISTOfFjfK3SYMkaSHJPUMhRTSxPHICyYIkBD+QcMulXs47zqkAUoheiHwSjH/nixiNKi3LwwKY00/4hEQbD3AE4Ad8OsG7UrNTuNKcOS++1yrTDwDLZYP9I3Df855PFcxA7rvGMWrJwdtDdxlUoFwPAlFmQrIPkMiqT2+8QvWab6O9gWviui24hswxxoDivydsoionOgYIV0UrI+jl+wIYwI9CzVU11Yca8HZZRtiyWLZZ6T8IsTm1ypSo3yb0LtYS1cSUFzpks2gTRZOadc4eS5xLuTOaRLil8hHJiYL+/nBGy8U6hyuLgWMS4zVhHojNYntXRrHwCyxvT6s6cSvt45EetwzOP2BrS6uFAO0w0k7TUJ4M7zr8wjJUTsUPDHijslErqi6+Wc10o+umu6+v5frXrvp6ROo5uhg3jM6kjlNazDfk7PwUORWSW9+ux2KXm/ULjQbVKivM2krPesJDfPckUvLC1Awpa04s46xewFTem0NMfnXUdMF1FfxeHg5LsO1DBOPz4F+uwg0ywkDd3wPDLJrzhAo7LLnTajbjhfK195FJByAoo1tBS/JZUCrAaIPLvQU/9qsbUDh4/Mwyo3ennEtN92Z0CWW6RGKOWLr7dsULbrt4odqONf4lQtDfmIOU+/Nbgl3I0n0IYO66z0tFfPHGjGLFqIl6SfGH3qtkbHGoMow94S/bl3hnKczlTYT6ZWLwx/C1zXImhE4rZWqimh6KMxjv9GYdZMDN8B0iIAEvvIq6EQfYXdCuUaptoyDkUfamoS4gmkxqpsUn/2+w0APDT/3gztYjiz8R84aWHnEs35RRlBsSa1CeGSGQym3NeFGx+57x2vUEokgTL6qN/mfENUIULv/4=

Thanks to everyone.

I will try to implement and testing, i'm from Guatemala, I'll make a signature with Snort and Kamailio, maybe first month use an Asterisk out of production and see how the attackers try to gain access in the system and tune Snort.


El Martes, 5 de septiembre, 2017 11:58:11, James Cloos <> escribió:


>>>>> "JC" == John Covert <> writes:

JC> If you firewall SIP from all but a few whitelisted addresses, then
JC> there is no point at all to ISN dialing via an ITAD number which
JC> your employees put on their business cards, is there?

The pbx firewalls.  The sip proxy is in the whitelist and blocks
attacks.

For example, if you dial 8463*368 the naptr converts that to
sip:8463* which a SRV sends to gate.jhcloos.com.

Gate looks at the INVITEd URI, recognizes 8463* as
legitimate and passes it on to an asterisk, which reports the current
UTC time.

If you want to accept general sip calls you need to avoid the constant
attacks.  Sip proxies like kamailio do a significantly better job of
that than pbxes like asterisk.  If only because they are programable.

(My testing ISNs are listed at: http://jhcloos.com/sip-itad-isn/ )

-JimC

--
James Cloos <
>        OpenPGP: 0x997A9F17ED7DAEA6






Archive powered by MHonArc 2.6.19.

Top of Page