Fred Posner · @fredposner
117 followers · 615 posts · Server fosstodon.org

Continued exploit of open relay REGISTER attack occurring, with increased activity over the last 12 hours. Most IP addresses have already been seen, and vast majority of systems (doing the relaying) are Ingate Systems (the SIParator SBC). No response from Ingate.

Help protect your systems with (apiban.org)-- a free service, thanks to our sponsors.

#sip #apiban

Last updated 1 year ago

Fred Posner · @fredposner
117 followers · 596 posts · Server fosstodon.org

Posted to LinkedIn regarding the continued open relay REGISTER attack seen by honeypots.

linkedin.com/posts/qxork_apiba

#sip #apiban

Last updated 1 year ago

Fred Posner · @fredposner
111 followers · 556 posts · Server fosstodon.org

I really like the GitHub sponsor feature... nice, simple way to help an open source project you're using keep on keeping' on (as Joe Dirt would say).

For example. I love simplecss.com... and @kev made it easy to sponsor.

(By the way... you can sponsor if you're finding it helpful, or even if you're not... you can still sponsor)

#apiban

Last updated 1 year ago

Fred Posner · @fredposner
111 followers · 548 posts · Server fosstodon.org

Seeing a huge spike in REGISTER traffic attacking SIP servers out there. Many seem to be using Ingate SIParator SBC as an open relay.

APIBAN (apiban.org) is a free service to help protect you from these attacks.

Also, a good analysis of the last attack (written by Ivan Kwabena Nyarko) can be found here:
kwancro.com/post/another-open-

#sip #security #apiban #voip

Last updated 1 year ago

Fred Posner · @fredposner
103 followers · 485 posts · Server fosstodon.org

My slides from this year's Kamailio World 2023 presentation "Using APIBAN in Production"

pgpx.io/kw2023/

#Kamailio #apiban

Last updated 1 year ago

Fred Posner · @fredposner
103 followers · 483 posts · Server fosstodon.org

There's a great new post from Ivan Nyarko discussing the open relay attacks we saw recently hitting (and impacting some smaller carriers):

kwancro.com/post/another-open-

Ivan is amazing at analyzing this data and his write-ups are simply a great read.

#sip #apiban #voip

Last updated 1 year ago

Fred Posner · @fredposner
101 followers · 477 posts · Server fosstodon.org

Very honored to be on this week's Weekly:

youtube.com/watch?v=2uBafByhUE

I talk about , , , and (as well as the upcoming ClueCon in Chicago).

#cluecon #apiban #Kamailio #kamailioworld #freeswitch

Last updated 1 year ago

Fred Posner · @fredposner
94 followers · 423 posts · Server fosstodon.org

Running a server? Please check that you're not an open relay.

APIBAN has seen a dramatic increase in open relay servers being exploited (impacting some b2b providers).

Ivan Nyarko has a great tool to help test your server:
kwanlabs.com

#sip #security #apiban

Last updated 1 year ago

Fred Posner · @fredposner
94 followers · 422 posts · Server fosstodon.org

A huge amount of unwanted / traffic coming out of Japan over the last few days. Since the 29th, over 2700 active ip addresses were added to the block list.

Some example networks:

122.214.163.128/25
122.219.179.0/25
59.87.14.0/25
122.219.179.128/25
58.13.250.128/25
59.87.50.0/25

If you're using , these have already been blocked. Not using APIBAN? Think again... it's free (thanks to our sponsors). apiban.org

#sip #voip #apiban

Last updated 1 year ago

Fred Posner · @fredposner
83 followers · 351 posts · Server fosstodon.org

Crazy amount of attacks on SIP today from over 2300 different IP addresses.

#apiban #sip #voip #security

Last updated 1 year ago

Fred Posner · @fredposner
81 followers · 336 posts · Server fosstodon.org

Greatly enhanced the infrastructure for APIBAN. Must be getting older as this was done before it was an emergency ;)

If you're not using APIBAN to protect your SIP servers, why not? It's free after all.

apiban.org

#sip #voip #Kamailio #asterisk #freeswitch #apiban

Last updated 1 year ago

Fred Posner · @fredposner
77 followers · 269 posts · Server fosstodon.org

I'll be speaking at / this year and look forward to meeting those attending and answering any questions you may have about , , etc.

If you're attending and would like to meet up, please let me know.

#astricon #itexpo #Kamailio #apiban

Last updated 2 years ago

Fred Posner · @fredposner
60 followers · 143 posts · Server fosstodon.org

My video about APIBAN from has been posted to their YouTube channel:

youtu.be/eDyBaZRQ05E

#cluecon #apiban #sip

Last updated 2 years ago

Fred Posner · @fredposner
60 followers · 143 posts · Server fosstodon.org

My very good friend Ivan Nyarko (who has not come to Mastodon yet) has been supporting APIBAN from when it was just an idea.

He generously provides honeypots and above that… collects, analyzes, and even publishes the data:

kwancro.com/honeypotdata/

His site even now has a link to buy him a coffee (and help support his honeypot addiction).

Enjoy.

#sip #apiban #voip

Last updated 2 years ago