nanog mailing list archives
Re: [EXTERNAL] VoIP Provider DDoSes
From: Mike Hammett <nanog () ics-il net>
Date: Tue, 21 Sep 2021 17:39:18 -0500 (CDT)
*nods* We have a Metaswitch SBC.
So as long as the pipe isn't full, an SBC is the buffer one needs? If the pipe is filled, pump it through {insert DDoS
mitigation service here}?
-----
Mike Hammett
Intelligent Computing Solutions
http://www.ics-il.com
Midwest-IX
http://www.midwest-ix.com
----- Original Message -----
From: "Rich A Compton" <Rich.Compton () charter com>
To: "Mike Hammett" <nanog () ics-il net>, "NANOG" <nanog () nanog org>
Sent: Tuesday, September 21, 2021 4:59:06 PM
Subject: Re: [EXTERNAL] VoIP Provider DDoSes
Most of the larger DDoS mitigation appliances can block malformed SIP traffic and also can block volumetric/state
exhaustion UDP floods. A lot of VoIP companies have Session Border Controllers (SBCs) to protect public facing VoIP
services. SBCs are more application aware. Kind of like a proxy based firewall just for VoIP.
-Rich
From: NANOG <nanog-bounces+rich.compton=charter.com () nanog org> on behalf of Mike Hammett <nanog () ics-il net>
Date: Tuesday, September 21, 2021 at 3:31 PM
To: NANOG list <nanog () nanog org>
Subject: [EXTERNAL] VoIP Provider DDoSes
CAUTION: The e-mail below is from an external source. Please exercise caution before opening attachments, clicking
links, or following guidance.
As many may know, a particular VoIP supplier is suffering a DDoS. https://twitter.com/voipms
Are your garden variety DDoS mitigation platforms or services equipped to handle DDoSes of VoIP services? What nuances
does one have to be cognizant of? A WAF doesn't mean much to SIP, IAX2, RTP, etc.
-----
Mike Hammett
Intelligent Computing Solutions
http://www.ics-il.com
Midwest-IX
http://www.midwest-ix.com The contents of this e-mail message and
any attachments are intended solely for the
addressee(s) and may contain confidential
and/or legally privileged information. If you
are not the intended recipient of this message
or if this message has been addressed to you
in error, please immediately alert the sender
by reply e-mail and then delete this message
and any attachments. If you are not the
intended recipient, you are notified that
any use, dissemination, distribution, copying,
or storage of this message or any attachment
is strictly prohibited.
Current thread:
- Re: [EXTERNAL] VoIP Provider DDoSes Compton, Rich A (Sep 21)
- Re: [EXTERNAL] VoIP Provider DDoSes Mike Hammett (Sep 21)
- Re: [EXTERNAL] VoIP Provider DDoSes Compton, Rich A (Sep 21)
- RE: [EXTERNAL] VoIP Provider DDoSes Brian Turnbow via NANOG (Sep 22)
- Re: [EXTERNAL] VoIP Provider DDoSes Compton, Rich A (Sep 21)
- Re: [EXTERNAL] VoIP Provider DDoSes Mike Hammett (Sep 21)